| go.gkrtmc.com/rd.html?go=https://slutsaga.com/jpt?pub_id=51935&cid=38_51935_8150_f9f3aa21d26807e6bf836835180f9e52&source= | 172.255.248.105 | 200 OK | 255 B |
URL HTTP/1.1go.gkrtmc.com/rd.html?go=https://slutsaga.com/jpt?pub_id=51935&cid=38_51935_8150_f9f3aa21d26807e6bf836835180f9e52&source= IP172.255.248.105:0
File typeHTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Hash997bfcab4e7a51023ff8da026ed4374a 35d15ad133e52c1b9dea0b3696a8719521387a9e 070d804ff334e0de872b9ac4c28c1bc578a043771099d2e9556782974ed560a3
GET /rd.html?go=https://slutsaga.com/jpt?pub_id=51935&cid=38_51935_8150_f9f3aa21d26807e6bf836835180f9e52&source= HTTP/1.1
Host: go.gkrtmc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 25 Dec 2022 09:15:09 GMT
Content-Type: text/html
Last-Modified: Fri, 13 Aug 2021 14:56:49 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"61168831-149"
Cache-Control: no-store, no-cache
Content-Encoding: gzip
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hash7e300ca7d2d586dd1ca0c185ef6b0da5 3914cfd3b7aa6e1d1117bf509319479e489ed2a4 91c8810ad137faf4393f7d15f9c619c06d124a7aaebfa21290dca614db2c7757
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "91C8810AD137FAF4393F7D15F9C619C06D124A7AAEBFA21290DCA614DB2C7757"
Last-Modified: Thu, 22 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11180
Expires: Sun, 25 Dec 2022 12:21:29 GMT
Date: Sun, 25 Dec 2022 09:15:09 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hash9cce060ddc316540d079e6816a1e7412 709a74969d1996d2b35ef0f7f34ae18455169f1e 6d58b895476c9ab451d8fc51df98809adca445bc6e9d720430e80a0c85242879
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6D58B895476C9AB451D8FC51DF98809ADCA445BC6E9D720430E80A0C85242879"
Last-Modified: Sun, 25 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20015
Expires: Sun, 25 Dec 2022 14:48:44 GMT
Date: Sun, 25 Dec 2022 09:15:09 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hash6b1d63d9d906daa309dc263b4991bbe9 04680ddd86781d46dfe6a9671571b3ad1f3758f3 46fff7230b88de4cd81dfb0feb783d2dec27e49041f9257d2fb891030781bf6c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "46FFF7230B88DE4CD81DFB0FEB783D2DEC27E49041F9257D2FB891030781BF6C"
Last-Modified: Fri, 23 Dec 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7692
Expires: Sun, 25 Dec 2022 11:23:21 GMT
Date: Sun, 25 Dec 2022 09:15:09 GMT
Connection: keep-alive
|
|
| firefox.settings.services.mozilla.com/v1/ | 35.241.9.150 | 200 OK | 939 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/ IP35.241.9.150:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hash30db107dcf4380cef05efea409c2e6a3 96e6a306fbc07299aba64e5c14e2bfca35872fa9 b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Content-Type, Content-Length, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 25 Dec 2022 08:34:54 GMT
content-type: application/json
age: 2415
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain | 34.160.144.191 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain IP34.160.144.191:0
File typePEM certificate\012- , ASCII text Hashb1fcd419a4245617397846e8d17233f6 2a037ce244587640b27ead9a0ec2af4f862d91b2 e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 7hY1ffEDzcsL0Ghcmg2u6akGeWVC2g8L/ozmwrEv4oCu2mF2Tw2/ZBZm0xe5xFOGankVxMrveUY7v32dHPilYQ==
x-amz-request-id: YN21TGWSGQJQGNZP
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 25 Dec 2022 08:54:50 GMT
age: 1219
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 25 Dec 2022 09:15:09 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| go.gkrtmc.com/favicon.ico | 172.255.248.105 | 404 Not Found | 123 B |
URL HTTP/1.1go.gkrtmc.com/favicon.ico IP172.255.248.105:0
File typeHTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Hashc728bf241d9141b8d3100ae5140e09c5 07f0da1bdfadd0354b090781f1e3264ac22b6c39 34f3447a0b669f7c583609861bd783e8940b379cf642df02901cee86233a355a
GET /favicon.ico HTTP/1.1
Host: go.gkrtmc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://go.gkrtmc.com/rd.html?go=https://slutsaga.com/jpt?pub_id=51935&cid=38_51935_8150_f9f3aa21d26807e6bf836835180f9e52&source=
HTTP/1.1 404 Not Found
Server: nginx
Date: Sun, 25 Dec 2022 09:15:09 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
|
|
| e1.o.lencr.org/ | 23.33.119.27 | 200 OK | 345 B |
IP23.33.119.27:0 ASN#20940 Akamai International B.V.
Hashc8710b018cb3fa940248a410fba79d12 34c415480e46ef6d5d0e2d4bfb48ce56e38a6de6 0722083f88e88057ce566596a09504b7cf4e8084115d3fe4660405cbd20b64cd
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "0722083F88E88057CE566596A09504B7CF4E8084115D3FE4660405CBD20B64CD"
Last-Modified: Thu, 22 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8465
Expires: Sun, 25 Dec 2022 11:36:14 GMT
Date: Sun, 25 Dec 2022 09:15:09 GMT
Connection: keep-alive
|
|
| slutsaga.com/jpt?pub_id=51935 | 104.21.52.132 | 301 Moved Permanently | 162 B |
URL HTTP/2slutsaga.com/jpt?pub_id=51935 IP104.21.52.132:0
File typeHTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Hash4f8e702cc244ec5d4de32740c0ecbd97 3adb1f02d5b6054de0046e367c1d687b6cdf7aff 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /jpt?pub_id=51935 HTTP/1.1
Host: slutsaga.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://go.gkrtmc.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Sun, 25 Dec 2022 09:15:09 GMT
content-type: text/html
location: http://slutsaga.com/jpt/?pub_id=51935
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gNaVSSAM16xT7O1VfpOzlm3uodakO7%2FpdeXreoZ%2FS9BTzdPD0NipIYJjZXb4v7KQjfw9T39bAvBrEZDHBf1oMvjs9BDsEcH4vXmSQrW5nuplbQ8uL5fbAP7b%2BIrfU14%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77f07879185e0b02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| e1.o.lencr.org/ | 23.33.119.27 | 200 OK | 345 B |
IP23.33.119.27:0 ASN#20940 Akamai International B.V.
Hashc8710b018cb3fa940248a410fba79d12 34c415480e46ef6d5d0e2d4bfb48ce56e38a6de6 0722083f88e88057ce566596a09504b7cf4e8084115d3fe4660405cbd20b64cd
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "0722083F88E88057CE566596A09504B7CF4E8084115D3FE4660405CBD20B64CD"
Last-Modified: Thu, 22 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8465
Expires: Sun, 25 Dec 2022 11:36:14 GMT
Date: Sun, 25 Dec 2022 09:15:09 GMT
Connection: keep-alive
|
|
| ocsp.pki.goog/gts1c3 | 216.58.211.3 | 200 OK | 472 B |
IP216.58.211.3:0
Hash5100021a7f8224edae91cf7c15ece4b2 2b0877c1cde0483463babb806f610158761489c7 701becec3ebad5661cfc231ad96cd17d95c4453206036fd3d05a246db72debef
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Dec 2022 09:15:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US | 35.241.9.150 | 200 OK | 329 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP35.241.9.150:0
File typeJSON data\012- , ASCII text, with very long lines (329), with no line terminators Hash0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, ETag, Pragma, Last-Modified, Expires, Alert, Content-Type, Retry-After, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 25 Dec 2022 08:33:29 GMT
age: 2500
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 216.58.211.3 | 200 OK | 472 B |
IP216.58.211.3:0
Hash5100021a7f8224edae91cf7c15ece4b2 2b0877c1cde0483463babb806f610158761489c7 701becec3ebad5661cfc231ad96cd17d95c4453206036fd3d05a246db72debef
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Dec 2022 09:15:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 216.58.211.3 | 200 OK | 471 B |
IP216.58.211.3:0
Hash9527d889a5b94c28b4dcd8809ffba513 b2ee81348df6ebc3f72fcd64b7767df0a1903fb5 9d3cfbc6c96f2da85420d44bdd58f8e860487d3cbf1ffda4d21477b566f23059
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Dec 2022 09:15:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hashd7938ab2263405a708c44813f3e16cb8 3ba9f4363ecc2834ea1211f761ce2d04e0077ab3 8a8ef4218bcd8ecb1f12ecdb74f3f453a7093be8dd3c233615577dcc9b40fa92
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6111
Cache-Control: max-age=92010
Content-Type: application/ocsp-response
Date: Sun, 25 Dec 2022 09:15:10 GMT
Etag: "63a6c129-1d7"
Expires: Mon, 26 Dec 2022 10:48:40 GMT
Last-Modified: Sat, 24 Dec 2022 09:06:49 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471
|
|
| fonts.gstatic.com/s/nunito/v25/XRXV3I6Li01BKofINeaB.woff2 | 216.58.207.227 | 200 OK | 36 kB |
URL HTTP/2fonts.gstatic.com/s/nunito/v25/XRXV3I6Li01BKofINeaB.woff2 IP216.58.207.227:0
File typeWeb Open Font Format (Version 2), TrueType, length 35904, version 1.0\012- data Hashc26b97e7f5bb7a34d190703522d75e16 69d9e5aea0544dbaf9b78c1b65139c03eceece8f 96217f1d27fb909f92b4a6b35a0d3d6775f2f0b4d136d27aee88547d3ed87357
GET /s/nunito/v25/XRXV3I6Li01BKofINeaB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://slutsaga.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 35904
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 23 Dec 2022 13:33:15 GMT
expires: Sat, 23 Dec 2023 13:33:15 GMT
cache-control: public, max-age=31536000
age: 157315
last-modified: Mon, 18 Jul 2022 19:34:47 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 216.58.211.3 | 200 OK | 471 B |
IP216.58.211.3:0
Hash9527d889a5b94c28b4dcd8809ffba513 b2ee81348df6ebc3f72fcd64b7767df0a1903fb5 9d3cfbc6c96f2da85420d44bdd58f8e860487d3cbf1ffda4d21477b566f23059
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 25 Dec 2022 09:15:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| push.services.mozilla.com/ | 52.26.112.186 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP52.26.112.186:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: cT41TFB7g167FclJMTlFHQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: U2cK5bKcEBjzKxv7wYvRpqekFXE=
|
|
| ocsp.sca1b.amazontrust.com/ | 54.230.245.39 | 200 OK | 471 B |
URL HTTP/1.1ocsp.sca1b.amazontrust.com/ IP54.230.245.39:0
Hashab3688cb526ecaec1dc8d8929d84d26c 5500d485ee6868345a9eb1ecae55b3312b5b770a cd9405eca225f2c5dc22d4f88969e8b17ada1f2b9b515ab5aa9fd3f0302e6028
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=132902
Date: Sun, 25 Dec 2022 09:15:10 GMT
Etag: "63a7671e-1d7"
Expires: Mon, 26 Dec 2022 22:10:12 GMT
Last-Modified: Sat, 24 Dec 2022 20:54:54 GMT
Server: ECS (bsa/EB22)
X-Cache: Miss from cloudfront
Via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: LfXSJoAqEWRwKAESUrey3PQim6E_AenjCTMclE3jO_ilMBhDTfJuXg==
Age: 4518
|
|
| ocsp.sca1b.amazontrust.com/ | 54.230.245.39 | 200 OK | 471 B |
URL HTTP/1.1ocsp.sca1b.amazontrust.com/ IP54.230.245.39:0
Hashd6336809f1ef2146f7ebba4ba5f5383c 24f1ebe3568cc6410c379bbf18f4d094d9661bed daded789783161ca610b7705e5408ef2a0b298dd4168e682904a88fb88c90c78
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=129275
Date: Sun, 25 Dec 2022 09:15:11 GMT
Etag: "63a75ffd-1d7"
Expires: Mon, 26 Dec 2022 21:09:46 GMT
Last-Modified: Sat, 24 Dec 2022 20:24:29 GMT
Server: ECS (dcb/7ECB)
X-Cache: Miss from cloudfront
Via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 7QmGu7rB3brL0Pa--OaGDRO4hWepiar_IWIf1lCOSSaJDrl_7GSWTQ==
Age: 2717
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 5.6 kB |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hashb38385ee03edb4a4611f037141e45fe0 211f77407fc7abcd30862e6f3b72b6410c8493fa 5ac9b2fdf6331e098619fe484dd711dabb250e7dfdeb2c63432f52d0f6ccd1c7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "060DE67922DB1F612B7F4C173F11E8714C8329D20FBEC45A421BCEFE7451F388"
Last-Modified: Thu, 22 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3241
Expires: Sun, 25 Dec 2022 10:09:12 GMT
Date: Sun, 25 Dec 2022 09:15:11 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hash6ce699bd0db3ee9d3a4ef6dcf941f9f1 14d813942d74d801024c42e2a4628ecd9306d2ad 060de67922db1f612b7f4c173f11e8714c8329d20fbec45a421bcefe7451f388
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "060DE67922DB1F612B7F4C173F11E8714C8329D20FBEC45A421BCEFE7451F388"
Last-Modified: Thu, 22 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3241
Expires: Sun, 25 Dec 2022 10:09:12 GMT
Date: Sun, 25 Dec 2022 09:15:11 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hash6ce699bd0db3ee9d3a4ef6dcf941f9f1 14d813942d74d801024c42e2a4628ecd9306d2ad 060de67922db1f612b7f4c173f11e8714c8329d20fbec45a421bcefe7451f388
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "060DE67922DB1F612B7F4C173F11E8714C8329D20FBEC45A421BCEFE7451F388"
Last-Modified: Thu, 22 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3241
Expires: Sun, 25 Dec 2022 10:09:12 GMT
Date: Sun, 25 Dec 2022 09:15:11 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hash6ce699bd0db3ee9d3a4ef6dcf941f9f1 14d813942d74d801024c42e2a4628ecd9306d2ad 060de67922db1f612b7f4c173f11e8714c8329d20fbec45a421bcefe7451f388
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "060DE67922DB1F612B7F4C173F11E8714C8329D20FBEC45A421BCEFE7451F388"
Last-Modified: Thu, 22 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3241
Expires: Sun, 25 Dec 2022 10:09:12 GMT
Date: Sun, 25 Dec 2022 09:15:11 GMT
Connection: keep-alive
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98850704-5690-44ef-82a6-a47115c815b5.png | 34.120.237.76 | 200 OK | 14 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98850704-5690-44ef-82a6-a47115c815b5.png IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashaabf647f1b24d12d0bb809b1f84d433e 977626b728fa873144fef657bbe35345e82dac03 1695305ac78989c748b3a4edc5e5f1ac6f09bbea197b79a0d56aa4fc88734a46
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98850704-5690-44ef-82a6-a47115c815b5.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13469
x-amzn-requestid: b0d46c6a-beb1-4b33-929d-5cb524819f4f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dbpyhFlsoAMFT7w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a15676-3a82b1a8304f4fd926987f31;Sampled=0
x-amzn-remapped-date: Tue, 20 Dec 2022 06:30:14 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: cB3VUPzOfV8QQoWBdXTXq4FcqBlLhsyV41NCZXmCitwT4ddV9TgZxg==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Dec 2022 19:50:42 GMT
age: 48269
etag: "977626b728fa873144fef657bbe35345e82dac03"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6def946e-ca37-4055-a79d-e4fd17348141.jpeg | 34.120.237.76 | 200 OK | 9.4 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6def946e-ca37-4055-a79d-e4fd17348141.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash705d92ffb96d42078df40e83330119e6 3c437aae4b268e81847b6f1a5709955321278976 cab0287cb0532176f9a13b4b5ef95ee9b423e154f43354f432fd1d07c027ae79
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6def946e-ca37-4055-a79d-e4fd17348141.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9441
x-amzn-requestid: 5514e463-af68-4267-ba45-a5750f6e064b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: diVuuHgWIAMFdnw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a4032a-6a83c3243688cfdc6507fefd;Sampled=0
x-amzn-remapped-date: Thu, 22 Dec 2022 07:11:38 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 0HUIFqWH5uFJOJTwRpuPoPbTbTsYUgXrtH9i8VeR8g1m24-KNenTsQ==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Dec 2022 07:27:44 GMT
age: 6447
etag: "3c437aae4b268e81847b6f1a5709955321278976"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F56bb5c4c-562b-4642-9cd4-78925d347a41.jpeg | 34.120.237.76 | 200 OK | 6.7 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F56bb5c4c-562b-4642-9cd4-78925d347a41.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash61baabceea232439bd5bdcf7209a68a2 103c8d7b8ebf39b80c6a10dcacd078d693a22614 f8a62313eb2e816c1153ebf035f942d92ca128a8b027ef7181fdc6577cc2ff3d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F56bb5c4c-562b-4642-9cd4-78925d347a41.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6663
x-amzn-requestid: 500e9324-327f-46ff-956e-31a44becd4f9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dq6x_GbOoAMF1Hw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a771a6-1068bb6a1ccbcf03146797aa;Sampled=0
x-amzn-remapped-date: Sat, 24 Dec 2022 21:39:50 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: IPMWc5x49l2HSw39btCrFj3UGKiFTLFTTS_iO8j8dBqBIKm4EuhnoQ==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Dec 2022 21:45:50 GMT
age: 41361
etag: "103c8d7b8ebf39b80c6a10dcacd078d693a22614"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe24b39e5-aa1e-4c82-bf1b-43f6492ecb7d.jpeg | 34.120.237.76 | 200 OK | 5.6 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe24b39e5-aa1e-4c82-bf1b-43f6492ecb7d.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash59583d85ae634ddba0650411ad64e5e2 840860ecc29bce0039ff2622724bde34e0888907 3a27e023ec7fd0ae01405191ec61cd3082def8f4d8eb9b9d5091ae68801ba860
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe24b39e5-aa1e-4c82-bf1b-43f6492ecb7d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5582
x-amzn-requestid: 200b0084-b13c-4032-8741-7fbde21e16a8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dq6x_FhBoAMFT2w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a771a6-141eae7b1b776163639ccef5;Sampled=0
x-amzn-remapped-date: Sat, 24 Dec 2022 21:39:50 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: IMfOjqpmUUaADDbY6kSO6BcDY6ypC_Yip4C8npLx0ew_V2Kn4UMogw==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Dec 2022 21:45:50 GMT
age: 41361
etag: "840860ecc29bce0039ff2622724bde34e0888907"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdff11bcb-6715-457b-92be-f1c7020c6796.jpeg | 34.120.237.76 | 200 OK | 8.8 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdff11bcb-6715-457b-92be-f1c7020c6796.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash6f96b5fa65527fa5e1dbe1a1a9534474 09a9538870eed1237b899041653db46ff030245e ea1041dd5c1165698394e096652519c6bd7335b1f70a66cfb7cce58c119d221f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdff11bcb-6715-457b-92be-f1c7020c6796.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8776
x-amzn-requestid: 0a8b81a7-e0f0-4cbb-9062-ec3ea9a9af9e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dq6zXFcSoAMF09Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a771ae-31ea416764a7905e34158521;Sampled=0
x-amzn-remapped-date: Sat, 24 Dec 2022 21:39:58 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: POCg5_H-0-l3_xT7nqqNFJdATxg_FSf31c5_I4XJ0PXN9hptCyzDfg==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Dec 2022 21:45:50 GMT
age: 41361
etag: "09a9538870eed1237b899041653db46ff030245e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F595e7d96-be75-4b9a-90c4-0bf54201af29.jpeg | 34.120.237.76 | 200 OK | 5.8 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F595e7d96-be75-4b9a-90c4-0bf54201af29.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash0c167a4e28aa4703a19db780772c5ec7 0104bf74dad395141d1b206300ae5e79574ffed6 a7ba2b4892975967b2cd037ce3a8abcb7d6929425059f7de7998af726140387e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F595e7d96-be75-4b9a-90c4-0bf54201af29.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5815
x-amzn-requestid: 49ac0c47-e04f-4cba-ab14-aabeed72f9b0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dSqCtH7zoAMFhfQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639dbd44-237c068711574a264db6d69b;Sampled=0
x-amzn-remapped-date: Sat, 17 Dec 2022 12:59:48 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: WCazgCWQapThQMBWsA5dsF9JV_n415XgRZpeB0uKOYp_a80_-gxMPw==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Dec 2022 21:45:57 GMT
age: 41354
etag: "0104bf74dad395141d1b206300ae5e79574ffed6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| ocsp2.globalsign.com/gsalphasha2g2 | 104.18.21.226 | 200 OK | 1.4 kB |
URL HTTP/1.1ocsp2.globalsign.com/gsalphasha2g2 IP104.18.21.226:0
Hash0b359d131e31aeb110c8580f70b0a95a 8c0680ef0a390fa5ab0167899734ce1a6f140794 dfb1498ced75509d8e80452484bba2c84fa3932474c5702deff34fda6274aaf2
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 25 Dec 2022 09:15:11 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Thu, 29 Dec 2022 08:15:15 GMT
ETag: "8c0680ef0a390fa5ab0167899734ce1a6f140794"
Last-Modified: Sun, 25 Dec 2022 08:15:16 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1718
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77f078864f5a0b55-OSL
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hash6c0c34cfeabfea2e7b8ec300d64ff7d7 ce5d717a6d759c50d57f07b049fb0fd689faf217 738cecd5ceb754d8c3241de73ead5b4638d86b9c78305c91efaff37a2ac6ba24
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "738CECD5CEB754D8C3241DE73EAD5B4638D86B9C78305C91EFAFF37A2AC6BA24"
Last-Modified: Thu, 22 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5503
Expires: Sun, 25 Dec 2022 10:46:55 GMT
Date: Sun, 25 Dec 2022 09:15:12 GMT
Connection: keep-alive
|
|
| ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js | 142.250.74.10 | 200 OK | 31 kB |
URL HTTP/2ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js IP142.250.74.10:0
File typeASCII text, with very long lines (65451) Hash81182f4b684635f6bdcbdd907ee66f25 a1f2f151df72ede41397c8131bd47a3ce85575b3 be40946c98d9a78a3c7c9ad097d379ab12549a195bd7a4766919a1d3fd987396
GET /ajax/libs/jquery/3.4.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bkdwbvx.com
Connection: keep-alive
Referer: https://bkdwbvx.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30774
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 20 Dec 2022 11:09:21 GMT
expires: Wed, 20 Dec 2023 11:09:21 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 425151
last-modified: Mon, 13 May 2019 14:37:17 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ajax.aspnetcdn.com/ajax/bootstrap/3.3.7/bootstrap.min.js | 152.199.19.160 | 200 OK | 15 kB |
URL HTTP/2ajax.aspnetcdn.com/ajax/bootstrap/3.3.7/bootstrap.min.js IP152.199.19.160:0
Hash6471851a2e3ebde7c3a7b41e0729bac8 feebdcba0e1b190a98bcc9f0e24a02c3d42bc510 565d5bd3baed2411327265ca4b8d7370fe4ad488c36a24b27726046b67efaa95
GET /ajax/bootstrap/3.3.7/bootstrap.min.js HTTP/1.1
Host: ajax.aspnetcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bkdwbvx.com
Connection: keep-alive
Referer: https://bkdwbvx.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
age: 13592257
cache-control: public,max-age=31536000
content-type: application/javascript
date: Sun, 25 Dec 2022 09:15:12 GMT
etag: "80bdc1e6cb33d21:0"
last-modified: Mon, 31 Oct 2016 23:09:59 GMT
server: ECAcc (ska/F6C5)
timing-allow-origin: *
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 9839
X-Firefox-Spdy: h2
|
|
| fstentr.com/signup/?epcVIP=63.1066.g110&email=&password=&firstname=&lastname=&zip=&act=epc69324.47379-47589.51935.null.null.:VDM122533310.8150&lang=no&f_color=ffffff | 163.171.128.172 | 302 Found | 50 kB |
URL HTTP/2fstentr.com/signup/?epcVIP=63.1066.g110&email=&password=&firstname=&lastname=&zip=&act=epc69324.47379-47589.51935.null.null.:VDM122533310.8150&lang=no&f_color=ffffff IP163.171.128.172:0 ASN#54994 QUANTILNETWORKS
File typegzip compressed data, from Unix\012- data Hasha4caa0b9bba735241316310dbf1c53c8 d43e0c4a4dc1fe9e0c13bef0464b2b7bde65ed6c 09c9d193a5ea4c914c59ee3651f9b5c6ce6df74596a29204e4a4c07b59ec0476
GET /signup/?epcVIP=63.1066.g110&email=&password=&firstname=&lastname=&zip=&act=epc69324.47379-47589.51935.null.null.:VDM122533310.8150&lang=no&f_color=ffffff HTTP/1.1
Host: fstentr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://slutsaga.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sun, 25 Dec 2022 09:15:11 GMT
content-type: text/html; charset=UTF-8
server: PWS/8.3.1.0.8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
location: https://bkdwbvx.com/acct/epc69324/add/?epcVIP=63.1066.g110&email=&password=&firstname=&lastname=&zip=&act=epc69324.47379-47589.51935.null.null.%3AVDM122533310.8150&lang=no&f_color=ffffff&epcCID=w4MfT5G9w0I6Y3Q4i7Uak2DeXbSbD88eU&rtid=61247183361
via: 1.1 PSmglsjLAX2hu177:8 (W), 1.1 PSdgflkfFRA1vg90:11 (W)
x-px: ms PSdgflkfFRA1vg90FRA,ms PSmglsjLAX2hu177LAX(origin)
x-ws-request-id: 63a8149f_CSP-A15498_2719-38483
set-cookie: PHPSESSID=dbb1f2e3e5ddc31dfc5320e942f19349; path=/; secure; SameSite=None
HMF_CI=77d00b75a2e355d448814806ee4d64619ac06858942e23cbf0941889703a6e614d5545ef65af82a8f74847d7210bc0fe85a7bb557a4dc20e0fc384ed7ea7cc6e39; Expires=Tue, 24-Jan-23 09:15:11 GMT; Path=/
X-Firefox-Spdy: h2
|
|
| bkdwbvx.com/common_tpls/compactML/css/epcsaga.css | 207.120.33.37 | 200 OK | 8.8 kB |
URL HTTP/2bkdwbvx.com/common_tpls/compactML/css/epcsaga.css IP207.120.33.37:0
File typeASCII text, with very long lines (1275) Hasha647e09b3974e10f56189e3f800483be b4cb278e0160090c73beb4d007d9b7bff8dac9b4 f3bcf42f7332103637cf82e30adde5fb753fd67f777dc548609cf2228adde180
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /common_tpls/compactML/css/epcsaga.css HTTP/1.1
Host: bkdwbvx.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bkdwbvx.com/acct/epc69324/add/?epcVIP=63.1066.g110&email=&password=&firstname=&lastname=&zip=&act=epc69324.47379-47589.51935.null.null.%3AVDM122533310.8150&lang=no&f_color=ffffff&epcCID=w4MfT5G9w0I6Y3Q4i7Uak2DeXbSbD88eU&rtid=61247183361
Cookie: PHPSESSID=2aa1b4ac22751d055689b919047c7252
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Dec 2022 09:15:12 GMT
content-type: text/css
content-length: 8761
last-modified: Sat, 04 Dec 2021 17:36:33 GMT
etag: W/"61aba721-be1c"
content-encoding: gzip
section-io-cache-id: cc1a63f5b9d13bffa4064fb5ebea40eb
vary: Accept-Encoding
x-varnish: 4513740 3982297
age: 16698
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
section-io-cache: Hit
section-io-id: a38f8ef350c9b2ea69a1696a74060617
X-Firefox-Spdy: h2
|
|
| bkdwbvx.com/common_tpls/images/icons/password.png | 207.120.33.37 | 200 OK | 1.5 kB |
URL HTTP/2bkdwbvx.com/common_tpls/images/icons/password.png IP207.120.33.37:0
File typePNG image data, 26 x 26, 8-bit/color RGB, non-interlaced\012- data Hash6f100f1cdbdce928118ffa4c9293ca5b 6b1a3593e792d4c00187d60560dd03fb42df1156 8c1a6b9e0c63edc7fa86898148dc6493cd56113fabbf85d901f7af4c180fce74
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /common_tpls/images/icons/password.png HTTP/1.1
Host: bkdwbvx.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bkdwbvx.com/acct/epc69324/add/?epcVIP=63.1066.g110&email=&password=&firstname=&lastname=&zip=&act=epc69324.47379-47589.51935.null.null.%3AVDM122533310.8150&lang=no&f_color=ffffff&epcCID=w4MfT5G9w0I6Y3Q4i7Uak2DeXbSbD88eU&rtid=61247183361
Cookie: PHPSESSID=2aa1b4ac22751d055689b919047c7252
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Dec 2022 09:15:12 GMT
content-type: image/png
content-length: 1452
last-modified: Tue, 22 Aug 2017 16:34:59 GMT
etag: "599c5d33-5ac"
section-io-cache-id: 9b1db3c5bd34f88803b4f07e939c4b2a
x-varnish: 4513742 4562572
age: 16803
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
section-io-cache: Hit
section-io-id: 99a17b374e35833c252baea75344971a
X-Firefox-Spdy: h2
|
|
| bkdwbvx.com/common_tpls/images/icons/email.png | 207.120.33.37 | 200 OK | 1.3 kB |
URL HTTP/2bkdwbvx.com/common_tpls/images/icons/email.png IP207.120.33.37:0
File typePNG image data, 26 x 26, 8-bit/color RGB, non-interlaced\012- data Hasha86d99b9176d82a211cfa29b2f0b353f 62947ddfd87e3a21869818885e4bfa4e55ad0c11 f8e82194c97e2a11a8c77fcd55d1ded51a1943b78eefac8475890f665dc620f1
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /common_tpls/images/icons/email.png HTTP/1.1
Host: bkdwbvx.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bkdwbvx.com/acct/epc69324/add/?epcVIP=63.1066.g110&email=&password=&firstname=&lastname=&zip=&act=epc69324.47379-47589.51935.null.null.%3AVDM122533310.8150&lang=no&f_color=ffffff&epcCID=w4MfT5G9w0I6Y3Q4i7Uak2DeXbSbD88eU&rtid=61247183361
Cookie: PHPSESSID=2aa1b4ac22751d055689b919047c7252
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Dec 2022 09:15:12 GMT
content-type: image/png
content-length: 1254
last-modified: Mon, 21 Aug 2017 19:32:05 GMT
etag: "599b3535-4e6"
section-io-cache-id: 2d22076715a3f9fc835a16b7f8f747ec
x-varnish: 19748480 20283963
age: 7130
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
section-io-cache: Hit
section-io-id: cb09c29bf90620f87248c754598435b6
X-Firefox-Spdy: h2
|
|
| bkdwbvx.com/common_tpls/images/icons/fname.png | 207.120.33.37 | 200 OK | 1.6 kB |
URL HTTP/2bkdwbvx.com/common_tpls/images/icons/fname.png IP207.120.33.37:0
File typePNG image data, 26 x 26, 8-bit/color RGBA, non-interlaced\012- data Hash5c846870756544f39604e671d4111b9d 304938c74246e228fa82d8ca40201c3db6098074 d43abf8c5665519a3fe3f7e90298fc17b62e06d8ada1b90a44ea9985a62abb4d
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /common_tpls/images/icons/fname.png HTTP/1.1
Host: bkdwbvx.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bkdwbvx.com/acct/epc69324/add/?epcVIP=63.1066.g110&email=&password=&firstname=&lastname=&zip=&act=epc69324.47379-47589.51935.null.null.%3AVDM122533310.8150&lang=no&f_color=ffffff&epcCID=w4MfT5G9w0I6Y3Q4i7Uak2DeXbSbD88eU&rtid=61247183361
Cookie: PHPSESSID=2aa1b4ac22751d055689b919047c7252
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Dec 2022 09:15:12 GMT
content-type: image/png
content-length: 1649
last-modified: Tue, 28 Nov 2017 20:52:02 GMT
etag: "5a1dcc72-671"
section-io-cache-id: beab54099ca7ea9691878604320dfc63
x-varnish: 19748481 19966098
age: 7139
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
section-io-cache: Hit
section-io-id: bc9cc8e7ae8dce5a3078ec8da6ca4fee
X-Firefox-Spdy: h2
|
|
| bkdwbvx.com/common_tpls/images/icons/address.png | 207.120.33.37 | 200 OK | 1.2 kB |
URL HTTP/2bkdwbvx.com/common_tpls/images/icons/address.png IP207.120.33.37:0
File typePNG image data, 26 x 26, 8-bit/color RGB, non-interlaced\012- data Hashb579e9868402d708e54e1a980166c444 1c58e2890b934c0b1ab057f3ac28bedd2a082d19 67756f8b542c7823bcdba421219c3b8e1ee472748d8c3463534f667271356dfb
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /common_tpls/images/icons/address.png HTTP/1.1
Host: bkdwbvx.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bkdwbvx.com/acct/epc69324/add/?epcVIP=63.1066.g110&email=&password=&firstname=&lastname=&zip=&act=epc69324.47379-47589.51935.null.null.%3AVDM122533310.8150&lang=no&f_color=ffffff&epcCID=w4MfT5G9w0I6Y3Q4i7Uak2DeXbSbD88eU&rtid=61247183361
Cookie: PHPSESSID=2aa1b4ac22751d055689b919047c7252
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Dec 2022 09:15:12 GMT
content-type: image/png
content-length: 1167
last-modified: Mon, 21 Aug 2017 19:32:05 GMT
etag: "599b3535-48f"
section-io-cache-id: 9072489278267ac1161fa4eab6f17eeb
x-varnish: 4513743 4562540
age: 16807
via: 1.1 varnish (Varnish/7.0)
accept-ranges: bytes
section-io-cache: Hit
section-io-id: bde08e14f16ebc550246b375b6781055
X-Firefox-Spdy: h2
|
|
| ka-p.fontawesome.com/releases/v5.15.4/css/pro-v4-font-face.min.css?token=b314bdf1b3 | 104.18.22.52 | 200 OK | 2.6 kB |
URL HTTP/2ka-p.fontawesome.com/releases/v5.15.4/css/pro-v4-font-face.min.css?token=b314bdf1b3 IP104.18.22.52:0
File typeASCII text, with very long lines (27832) Hasheaaabd3f60063923cd5333eb1d7a20a1 0da69706105e28896a1f6eeaa91d5bec1b82f7f1 f863309ec0ac675409167610ff9776fa9c7620d6ee3592cc0c19d0b883ff2f70
GET /releases/v5.15.4/css/pro-v4-font-face.min.css?token=b314bdf1b3 HTTP/1.1
Host: ka-p.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bkdwbvx.com/
Origin: https://bkdwbvx.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Dec 2022 09:15:13 GMT
content-type: text/css
content-length: 2603
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
etag: "610ae215-a2b"
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
cf-cache-status: HIT
age: 2038449
accept-ranges: bytes
server: cloudflare
cf-ray: 77f0788ebe6eb4ed-OSL
X-Firefox-Spdy: h2
|
|
| ka-p.fontawesome.com/releases/v5.15.4/css/pro-v4-shims.min.css?token=b314bdf1b3 | 104.18.22.52 | 200 OK | 4.2 kB |
URL HTTP/2ka-p.fontawesome.com/releases/v5.15.4/css/pro-v4-shims.min.css?token=b314bdf1b3 IP104.18.22.52:0
File typeASCII text, with very long lines (26366) Hash7fd743485fa194e25e2a207bff6c258a 97c999d752b95ee1ed6271a29aa58109dc17281e dd939d69a23f003d49287291f0bcb59df58119d60bc5f14a81cbfd957894f6dc
GET /releases/v5.15.4/css/pro-v4-shims.min.css?token=b314bdf1b3 HTTP/1.1
Host: ka-p.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bkdwbvx.com/
Origin: https://bkdwbvx.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Dec 2022 09:15:13 GMT
content-type: text/css
content-length: 4194
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
etag: "610ae215-1062"
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
cf-cache-status: HIT
age: 2038449
accept-ranges: bytes
server: cloudflare
cf-ray: 77f0788ebe6cb4ed-OSL
X-Firefox-Spdy: h2
|
|
| ka-p.fontawesome.com/releases/v5.15.4/css/pro.min.css?token=b314bdf1b3 | 104.18.22.52 | 200 OK | 54 kB |
URL HTTP/2ka-p.fontawesome.com/releases/v5.15.4/css/pro.min.css?token=b314bdf1b3 IP104.18.22.52:0
File typeASCII text, with very long lines (65397) Hashdc9270247a97f75913a5d8934c24de03 ed9b0fa01b552571f99d529ed355b2ba91cfc48d 847cc3ab1ea736cbbaac34833596335471fc7a888089b501b3c83a323566f0b8
GET /releases/v5.15.4/css/pro.min.css?token=b314bdf1b3 HTTP/1.1
Host: ka-p.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bkdwbvx.com/
Origin: https://bkdwbvx.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Dec 2022 09:15:13 GMT
content-type: text/css
content-length: 54194
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
etag: "610ae215-d3b2"
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
cf-cache-status: HIT
age: 2038449
accept-ranges: bytes
server: cloudflare
cf-ray: 77f0788ebe69b4ed-OSL
X-Firefox-Spdy: h2
|
|
| ocsp2.globalsign.com/gsalphasha2g2 | 104.18.21.226 | 200 OK | 1.4 kB |
URL HTTP/1.1ocsp2.globalsign.com/gsalphasha2g2 IP104.18.21.226:0
Hashcff1bd7a6d31d38c5185a4c42cde113d 05dc297cdd53af1822a114373ca9594988de5a36 8cbeb56b88111af68189254807c75ad596f01fba2a606eb1ad588581e713266a
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 25 Dec 2022 09:15:13 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Thu, 29 Dec 2022 08:41:33 GMT
ETag: "05dc297cdd53af1822a114373ca9594988de5a36"
Last-Modified: Sun, 25 Dec 2022 08:41:34 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1717
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77f078944c0c0b55-OSL
|
|
| js-agent.newrelic.com/552.2d6a2503-1220.js | 151.101.66.137 | 200 OK | 5.9 kB |
URL HTTP/2js-agent.newrelic.com/552.2d6a2503-1220.js IP151.101.66.137:0
File typeASCII text, with very long lines (21423) Hash097ef34c5f5d635a147bca3721bd605b 3b31ef3cfb1d62d9884d631ec2467b9d6b0d46e2 3e05d4e42c1e87b516b525574b20d2570dccc50d1bd1b2956d6421699aa19914
GET /552.2d6a2503-1220.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bkdwbvx.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: Lx7LUNyC193WWpSv5hW/L7UEeNSlDwufm33KpA2sv5a1ht8efI/6s62/R2OVbNZKkoG/gUHXaFI=
x-amz-request-id: VK0V8BCV38T7WVVS
last-modified: Wed, 05 Oct 2022 14:53:43 GMT
etag: "777ac0df4dba632ad1b2955c88dd51ac"
x-amz-version-id: 7EjqUQ3uiXAFqO0VnIOp2ymSTJq3JZwD
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Sun, 25 Dec 2022 09:15:14 GMT
via: 1.1 varnish
x-served-by: cache-bma1665-BMA
x-cache: HIT
x-cache-hits: 5125
x-timer: S1671959714.293700,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 5890
X-Firefox-Spdy: h2
|
|
| js-agent.newrelic.com/290.2d6a2503-1220.js | 151.101.66.137 | 200 OK | 3.4 kB |
URL HTTP/2js-agent.newrelic.com/290.2d6a2503-1220.js IP151.101.66.137:0
File typeASCII text, with very long lines (8544) Hashb9baa2cb6a3b1a3d0fda03cd7db51631 42d37467e05182e3cab2fcb54577dc462adcf50b 31a8b4d47298cae24c66e37256a51474ae88a745fdfec79f99b2d43608e6d822
GET /290.2d6a2503-1220.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bkdwbvx.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: fhmr6WetDM+g2i2QlvVMRpxUR5FtkKdG9L63CCQ3CSWsvtR6j++f9vvc73sttpIYqURa2xyYTRk=
x-amz-request-id: VK0ZFWF8T6343F8V
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
etag: "13898fbb4d7a1f83fc6722c4c12faf40"
x-amz-version-id: C4hj6k9j4I7xXuTBZvcbX78Bf.Ep8KMk
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Sun, 25 Dec 2022 09:15:14 GMT
via: 1.1 varnish
x-served-by: cache-bma1665-BMA
x-cache: HIT
x-cache-hits: 5099
x-timer: S1671959714.438922,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 3424
X-Firefox-Spdy: h2
|
|
| js-agent.newrelic.com/368.2d6a2503-1220.js | 151.101.66.137 | 200 OK | 1.4 kB |
URL HTTP/2js-agent.newrelic.com/368.2d6a2503-1220.js IP151.101.66.137:0
File typeASCII text, with very long lines (3382) Hashfa50a55750d1d0978fca32be5dbc3988 a7f447621d48b3ecf7fc0192b515d506d3d1ad18 c621038fb07e536af8a1ec6d260853dfe69055dc2fb526700919c53b3b7e5f20
GET /368.2d6a2503-1220.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bkdwbvx.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: kwoAxcBtx2IMbi3IHVdur3TxF/StXF2YgQ/J5F/J0LqxQRcevbbS10v8PBtCq89jFlCdbzEZt0Y=
x-amz-request-id: VK0S7FDBAB0EX9VY
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
etag: "16b4f3676c3859e1378a2ccdebbad675"
x-amz-version-id: zC.KoTaM7bjdFj.W4KQMilxtjXXSNPks
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Sun, 25 Dec 2022 09:15:14 GMT
via: 1.1 varnish
x-served-by: cache-bma1665-BMA
x-cache: HIT
x-cache-hits: 5097
x-timer: S1671959714.439272,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 1443
X-Firefox-Spdy: h2
|
|
| js-agent.newrelic.com/775.2d6a2503-1220.js | 151.101.66.137 | 200 OK | 632 B |
URL HTTP/2js-agent.newrelic.com/775.2d6a2503-1220.js IP151.101.66.137:0
File typeASCII text, with very long lines (1169) Hash661520fd0dfebb919d68a69b60ca426f b85ef80a0e0d95bf4904f9ce4fad56c49ae035be ecd489671c6255fee8370fc1f8f4e99519ef8d4c4c0ab06640b0c021642e1db7
GET /775.2d6a2503-1220.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bkdwbvx.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: n5W3M8HU3EdwDhPARC2iiAf1as95kdLfrN2+qdL0W35SMVzIqjIlMR9W7ck8oTAzeIw6lrJi5fM=
x-amz-request-id: VK0MRM6MJ78HXF3Y
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
etag: "1dfdb74c0491489bf04c6deadb56add2"
x-amz-version-id: y1AQ2bnjUbwuFOuSS5MP1vew1dGw.1iz
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Sun, 25 Dec 2022 09:15:14 GMT
via: 1.1 varnish
x-served-by: cache-bma1665-BMA
x-cache: HIT
x-cache-hits: 5081
x-timer: S1671959714.439597,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 632
X-Firefox-Spdy: h2
|
|
| kit.fontawesome.com/b314bdf1b3.js | 104.18.22.52 | 200 OK | 6.2 kB |
URL HTTP/2kit.fontawesome.com/b314bdf1b3.js IP104.18.22.52:0
File typeASCII text, with very long lines (10594) Hash4da61c7e264fa8323632bf77d5f58903 356addd08eadaa8128a19dfcf25779ac4167d00f e7d669057ac0f2511aa31cccaf581311cc576bcc455b101370b4abaaeab87937
GET /b314bdf1b3.js HTTP/1.1
Host: kit.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bkdwbvx.com
Connection: keep-alive
Referer: https://bkdwbvx.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 25 Dec 2022 09:15:13 GMT
content-type: text/javascript
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=60, public, must-revalidate
strict-transport-security: max-age=31536000; preload
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
x-request-id: FyzAirxEebdfk--ceVWC
cf-cache-status: HIT
server: cloudflare
cf-ray: 77f0788d5cd1b4ed-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| geoip.enlistsecureup.com/?v=1 | 163.171.128.172 | 200 OK | 3.1 kB |
URL HTTP/2geoip.enlistsecureup.com/?v=1 IP163.171.128.172:0 ASN#54994 QUANTILNETWORKS
Hash8a66b25c03753aec49a64eff2ea74ff5 fde5f99bd908ce1ee7723008dafdac202b16d091 2a188019c31f658fbcad1d429f794ca19535808d5ab61b27bd75097a2b77ee79
GET /?v=1 HTTP/1.1
Host: geoip.enlistsecureup.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bkdwbvx.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 25 Dec 2022 09:15:14 GMT
content-type: application/javascript
server: waf/4.32.3-0.el6
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
x-via: 1.1 PSmgdfDEN1kz93:5 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1bc200:14 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1je97:15 (Cdn Cache Server V2.0)
x-ws-request-id: 63a814a2_CSP-A15498_3117-27036
set-cookie: HMF_CI=28a945bcb469316e74604b12783282afb1ab50f99c0542a2dde6a037d614a738d5c22dfcd7b9670ad73dd69f5154ca440f908bc4ccbaf8997e7f33b72d24d427e8; Expires=Tue, 24-Jan-23 09:15:14 GMT; Path=/
X-Firefox-Spdy: h2
|
|
| js-agent.newrelic.com/0.2d6a2503-1220.js | 151.101.66.137 | 200 OK | 2.3 kB |
URL HTTP/2js-agent.newrelic.com/0.2d6a2503-1220.js IP151.101.66.137:0
File typeASCII text, with very long lines (5198) Hash852267b16c136b977ccd94900c6c6308 e013e1b2c6de5b625ebbfe2e7cf3cfb09cee6c16 9bb09a133a1b33e9cecb06aa44e1ea67b3ad4ea74df5c6a89b1580064364cced
GET /0.2d6a2503-1220.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bkdwbvx.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: yaLgSlI/o1YgPR64REKW7tJGngFFiymXOCq3qvC8FibvMh/NPjIov1s2Y43sA3Nk7dOb/Jeu8n0=
x-amz-request-id: VK0HGZZCMTDZKH5X
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
etag: "cc9b3d207e9ea2c79974f46bf474e6dd"
x-amz-version-id: 5C7ygpPS6JvoVHQoGDIm5lCTgaPcqmFc
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Sun, 25 Dec 2022 09:15:14 GMT
via: 1.1 varnish
x-served-by: cache-bma1665-BMA
x-cache: HIT
x-cache-hits: 2933
x-timer: S1671959714.439915,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 2349
X-Firefox-Spdy: h2
|
|
| js-agent.newrelic.com/820.2d6a2503-1220.js | 151.101.66.137 | 200 OK | 3.0 kB |
URL HTTP/2js-agent.newrelic.com/820.2d6a2503-1220.js IP151.101.66.137:0
File typeASCII text, with very long lines (7460) Hash7d1295a839190615b34d5a62acceee4f eef26f5c6d2ae14cb81b3a9b669da224faceacd0 4d59d58f31b6638fbc3792a0b5fddca6e8eafc19a0c9e9aabadb5ad4d9197198
GET /820.2d6a2503-1220.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bkdwbvx.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: FgITvf3WklEMWkZwakon8gl0N9aTQ94pdNptn966xzqmGm/5HblQmQGcNcywcu4tvf5sbwoyl9E=
x-amz-request-id: VK0ZG74SYEQQ4TER
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
etag: "897a1a72a47e4f4a24c05aec49af638f"
x-amz-version-id: P6j2S.7Iht6lmVHyZ_zkYmp136j6E8IA
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Sun, 25 Dec 2022 09:15:14 GMT
via: 1.1 varnish
x-served-by: cache-bma1665-BMA
x-cache: HIT
x-cache-hits: 2926
x-timer: S1671959714.440353,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 2979
X-Firefox-Spdy: h2
|
|
| js-agent.newrelic.com/790.2d6a2503-1220.js | 151.101.66.137 | 200 OK | 6.1 kB |
URL HTTP/2js-agent.newrelic.com/790.2d6a2503-1220.js IP151.101.66.137:0
File typeASCII text, with very long lines (17591) Hashb3193d37837e2f200e10db13deff83a9 d8577b8a972583e81cfd8e31436dcd039aa049b2 5ba2e421fa78af3094294f4f8e30ba63225537da3ad68e35fbab63b2d22a0288
GET /790.2d6a2503-1220.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bkdwbvx.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: veWtlyFq4FXZZ3C91QZ1ydEfJVdBNkWk12lPeQHXsOtJd4oL/94W2O+vIrequr5Q4TsFmN49oJA=
x-amz-request-id: VK0VJC72617ZJQFB
last-modified: Wed, 05 Oct 2022 14:53:43 GMT
etag: "af8c077a247e90dff929d7af81c94f57"
x-amz-version-id: TFyNie.wEelbO4xbna5bJ14MRDIkKCak
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Sun, 25 Dec 2022 09:15:14 GMT
via: 1.1 varnish
x-served-by: cache-bma1665-BMA
x-cache: HIT
x-cache-hits: 2048
x-timer: S1671959714.440345,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 6064
X-Firefox-Spdy: h2
|
|
| js-agent.newrelic.com/571.2d6a2503-1220.js | 151.101.66.137 | 200 OK | 1.1 kB |
URL HTTP/2js-agent.newrelic.com/571.2d6a2503-1220.js IP151.101.66.137:0
File typeASCII text, with very long lines (2412) Hashd392a55faa7a0a2a43781a495891c9aa 1998ba6f85354606c186fa1a29285676f0b596f0 33b4cb21373961aa88430ff72406d46e95ceddf50afc086598ea5bdc3a311815
GET /571.2d6a2503-1220.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bkdwbvx.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: Yb3onr5wgE7GyebmH4WnkKwnI2MQKfjQMqMso3BN0Y71/Vtt12keZBjkbAuB5UJTI/GRzVXSccI=
x-amz-request-id: VK0WTM9PM29FXD43
last-modified: Wed, 05 Oct 2022 14:53:42 GMT
etag: "04b00905b32fd8d29459545bc125cff6"
x-amz-version-id: ySPuP7kOqGri8HjzDqW2TYirQNYv9NMF
content-type: application/javascript
server: AmazonS3
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Sun, 25 Dec 2022 09:15:14 GMT
via: 1.1 varnish
x-served-by: cache-bma1665-BMA
x-cache: HIT
x-cache-hits: 2932
x-timer: S1671959714.440380,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 1108
X-Firefox-Spdy: h2
|
|
| bkdwbvx.com/acct/trk/?rtid=61247183361 | 207.120.33.37 | 200 OK | 21 B |
URL HTTP/2bkdwbvx.com/acct/trk/?rtid=61247183361 IP207.120.33.37:0
File typeJSON data\012- , ASCII text, with no line terminators Hash97c664f98ee20a9888221124d52eb132 019fd126dd5b930b347417ceff07a7128c5385c0 45b40acfe2e1e1dad1a335218f7ced0c4b6226a6eb233d873bdc0ad7223fc09b
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /acct/trk/?rtid=61247183361 HTTP/1.1
Host: bkdwbvx.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-NewRelic-ID: VwUCVFRWCBAJV1dSDwkPVV0=
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjMzNTUyNTAiLCJhcCI6IjExMDMwNzg4NDIiLCJpZCI6ImVlMWY5MThkNDljODQ3ODQiLCJ0ciI6ImY0NjBmZjdjYWQzNTFjNjdlYjI1NDY1OTk1MmI5ODYwIiwidGkiOjE2NzE5NTk3MTE3NjV9fQ==
traceparent: 00-f460ff7cad351c67eb254659952b9860-ee1f918d49c84784-01
tracestate: 3355250@nr=0-1-3355250-1103078842-ee1f918d49c84784----1671959711765
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://bkdwbvx.com/acct/epc69324/add/?epcVIP=63.1066.g110&email=&password=&firstname=&lastname=&zip=&act=epc69324.47379-47589.51935.null.null.%3AVDM122533310.8150&lang=no&f_color=ffffff&epcCID=w4MfT5G9w0I6Y3Q4i7Uak2DeXbSbD88eU&rtid=61247183361
Cookie: PHPSESSID=2aa1b4ac22751d055689b919047c7252
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Dec 2022 09:15:14 GMT
content-type: text/json;charset=UTF-8
content-length: 21
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-varnish: 4380339
age: 0
via: 1.1 varnish (Varnish/7.0)
section-io-cache: Miss
section-io-id: 4b9fa42fba759b82ecfdd71e7928573b
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hash6c37895c1f2cdb27c2ea79b509f19e86 f44970a2365bf7ae0dc28a860bc0f1b2ec48ae1f 2d342277f73d5572cea54f1ba230f5051c48ec50a5b3985990b7039cfc979250
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5213
Cache-Control: max-age=139370
Content-Type: application/ocsp-response
Date: Sun, 25 Dec 2022 09:15:14 GMT
Etag: "63a77daf-1d7"
Expires: Mon, 26 Dec 2022 23:58:04 GMT
Last-Modified: Sat, 24 Dec 2022 22:31:11 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471
|
|
| bam.nr-data.net/1/NRJS-53a3e8e5a523894a2ee?a=936088839&v=1220.PROD&to=M1JTNkMACEoAVRcNDAoYZBBYTg9XBVMbShMMRw%3D%3D&rst=4478&ck=0&s=e368c84e2f89fd3b&ref=https://bkdwbvx.com/acct/epc69324/add/&ap=75&be=2837&fe=1412&dc=1406&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1671959707500,%22n%22:0,%22f%22:1964,%22dn%22:1966,%22dne%22:2065,%22c%22:2065,%22s%22:2174,%22ce%22:2392,%22rq%22:2392,%22rp%22:2657,%22rpe%22:2657,%22dl%22:2662,%22di%22:4231,%22ds%22:4243,%22de%22:4247,%22dc%22:4248,%22l%22:4248,%22le%22:4251%7D,%22navigation%22:%7B%7D%7D&at=HxVQQAsaG0Q%3D&jsonp=NREUM.setToken | 162.247.241.14 | 200 OK | 77 B |
URL HTTP/1.1bam.nr-data.net/1/NRJS-53a3e8e5a523894a2ee?a=936088839&v=1220.PROD&to=M1JTNkMACEoAVRcNDAoYZBBYTg9XBVMbShMMRw%3D%3D&rst=4478&ck=0&s=e368c84e2f89fd3b&ref=https://bkdwbvx.com/acct/epc69324/add/&ap=75&be=2837&fe=1412&dc=1406&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1671959707500,%22n%22:0,%22f%22:1964,%22dn%22:1966,%22dne%22:2065,%22c%22:2065,%22s%22:2174,%22ce%22:2392,%22rq%22:2392,%22rp%22:2657,%22rpe%22:2657,%22dl%22:2662,%22di%22:4231,%22ds%22:4243,%22de%22:4247,%22dc%22:4248,%22l%22:4248,%22le%22:4251%7D,%22navigation%22:%7B%7D%7D&at=HxVQQAsaG0Q%3D&jsonp=NREUM.setToken IP162.247.241.14:0
File typeASCII text, with no line terminators Hashf1442f5831dbbe0210da2d7a4180d6b8 2ade23c6c7a001c66f0c0a9a101ec152747b434e c6acf9fb2ecc1b144c51bd0337bbf1c26db3df2f649ac2da5c56db20d93eb3ef
GET /1/NRJS-53a3e8e5a523894a2ee?a=936088839&v=1220.PROD&to=M1JTNkMACEoAVRcNDAoYZBBYTg9XBVMbShMMRw%3D%3D&rst=4478&ck=0&s=e368c84e2f89fd3b&ref=https://bkdwbvx.com/acct/epc69324/add/&ap=75&be=2837&fe=1412&dc=1406&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1671959707500,%22n%22:0,%22f%22:1964,%22dn%22:1966,%22dne%22:2065,%22c%22:2065,%22s%22:2174,%22ce%22:2392,%22rq%22:2392,%22rp%22:2657,%22rpe%22:2657,%22dl%22:2662,%22di%22:4231,%22ds%22:4243,%22de%22:4247,%22dc%22:4248,%22l%22:4248,%22le%22:4251%7D,%22navigation%22:%7B%7D%7D&at=HxVQQAsaG0Q%3D&jsonp=NREUM.setToken HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bkdwbvx.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 25 Dec 2022 09:15:14 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 77f07897cb650b06-OSL
Access-Control-Allow-Origin: *
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
Server: cloudflare
Content-Encoding: gzip
|
|
| bam.nr-data.net/events/1/NRJS-53a3e8e5a523894a2ee?a=936088839&v=1220.PROD&to=M1JTNkMACEoAVRcNDAoYZBBYTg9XBVMbShMMRw%3D%3D&rst=4697&ck=0&s=e368c84e2f89fd3b&ref=https://bkdwbvx.com/acct/epc69324/add/ | 162.247.241.14 | 200 OK | 24 B |
URL HTTP/1.1bam.nr-data.net/events/1/NRJS-53a3e8e5a523894a2ee?a=936088839&v=1220.PROD&to=M1JTNkMACEoAVRcNDAoYZBBYTg9XBVMbShMMRw%3D%3D&rst=4697&ck=0&s=e368c84e2f89fd3b&ref=https://bkdwbvx.com/acct/epc69324/add/ IP162.247.241.14:0
File typeGIF image data, version 89a, 1 x 1\012- data Hashbc32ed98d624acb4008f986349a20d26 2d3df8c11d2168ce2c27e0937421d11d85016361 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
POST /events/1/NRJS-53a3e8e5a523894a2ee?a=936088839&v=1220.PROD&to=M1JTNkMACEoAVRcNDAoYZBBYTg9XBVMbShMMRw%3D%3D&rst=4697&ck=0&s=e368c84e2f89fd3b&ref=https://bkdwbvx.com/acct/epc69324/add/ HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Content-Length: 681
Origin: https://bkdwbvx.com
Connection: keep-alive
Referer: https://bkdwbvx.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 25 Dec 2022 09:15:15 GMT
Content-Type: image/gif
Content-Length: 24
Connection: keep-alive
CF-Ray: 77f07898dc5c0b06-OSL
Access-Control-Allow-Origin: https://bkdwbvx.com
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Vary: Accept-Encoding
Server: cloudflare
|
|
| bkdwbvx.com/common_tpls/js/validate_form_v2.js?jsv=29 | 207.120.33.37 | 200 OK | 0 B |
URL HTTP/2bkdwbvx.com/common_tpls/js/validate_form_v2.js?jsv=29 IP207.120.33.37:0
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /common_tpls/js/validate_form_v2.js?jsv=29 HTTP/1.1
Host: bkdwbvx.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bkdwbvx.com/acct/epc69324/add/?epcVIP=63.1066.g110&email=&password=&firstname=&lastname=&zip=&act=epc69324.47379-47589.51935.null.null.%3AVDM122533310.8150&lang=no&f_color=ffffff&epcCID=w4MfT5G9w0I6Y3Q4i7Uak2DeXbSbD88eU&rtid=61247183361
Cookie: PHPSESSID=2aa1b4ac22751d055689b919047c7252
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Dec 2022 09:15:12 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 01 Nov 2022 21:07:07 GMT
etag: W/"63618a7b-614a"
section-io-cache-id: 3cdfa9689f2fa58e2dd5a370916e568d
x-varnish: 4513741 4658413
age: 16812
via: 1.1 varnish (Varnish/7.0)
section-io-cache: Hit
content-encoding: gzip
section-io-id: b3bde7364b90f0edc98106c546c1c628
X-Firefox-Spdy: h2
|
|
| bkdwbvx.com/common_tpls/js/iframeResizer.contentWindow.min.js | 207.120.33.37 | 200 OK | 0 B |
URL HTTP/2bkdwbvx.com/common_tpls/js/iframeResizer.contentWindow.min.js IP207.120.33.37:0
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /common_tpls/js/iframeResizer.contentWindow.min.js HTTP/1.1
Host: bkdwbvx.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bkdwbvx.com/acct/epc69324/add/?epcVIP=63.1066.g110&email=&password=&firstname=&lastname=&zip=&act=epc69324.47379-47589.51935.null.null.%3AVDM122533310.8150&lang=no&f_color=ffffff&epcCID=w4MfT5G9w0I6Y3Q4i7Uak2DeXbSbD88eU&rtid=61247183361
Cookie: PHPSESSID=2aa1b4ac22751d055689b919047c7252
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Dec 2022 09:15:12 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Thu, 04 Feb 2016 15:06:03 GMT
etag: W/"56b368db-3445"
section-io-cache-id: 3a22a888d04605f4f66864292f3e9a16
x-varnish: 19748482 18732323
age: 7142
via: 1.1 varnish (Varnish/7.0)
section-io-cache: Hit
content-encoding: gzip
section-io-id: 068c70a252a694f3d1f3eb1c7a1a8559
X-Firefox-Spdy: h2
|
|
| slutsaga.com/jpt/?pub_id=51935 | 104.21.52.132 | 200 OK | 0 B |
URL HTTP/2slutsaga.com/jpt/?pub_id=51935 IP104.21.52.132:0
GET /jpt/?pub_id=51935 HTTP/1.1
Host: slutsaga.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://go.gkrtmc.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Dec 2022 09:15:09 GMT
content-type: text/html
last-modified: Mon, 08 Aug 2022 10:12:23 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IzEYoxW8BPwvP%2F%2BPMVwPiN%2B31OBiSh32TIXxomyjXiUjZhzORnk44bIZc1S%2BzZhwXpHqUAmgIXmXn8gd538mFxpMStejWcVN%2BSXL9GPsEC6xGa8eYuTi9oQ3MY49rJc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77f07879d9000b02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=Nunito:wght@400;700&display=swap | 142.250.74.106 | 200 OK | 0 B |
URL HTTP/2fonts.googleapis.com/css2?family=Nunito:wght@400;700&display=swap IP142.250.74.106:0
GET /css2?family=Nunito:wght@400;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://slutsaga.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 25 Dec 2022 09:15:09 GMT
date: Sun, 25 Dec 2022 09:15:09 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| www.landqck.com/ep.php/JK-prmagms:76259/69324:51935.null.null.:VDM122533310.8150 | 44.239.224.184 | 302 Found | 0 B |
URL HTTP/2www.landqck.com/ep.php/JK-prmagms:76259/69324:51935.null.null.:VDM122533310.8150 IP44.239.224.184:0
GET /ep.php/JK-prmagms:76259/69324:51935.null.null.:VDM122533310.8150 HTTP/1.1
Host: www.landqck.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://slutsaga.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sun, 25 Dec 2022 09:15:11 GMT
content-type: text/html; charset=UTF-8
location: https://fstentr.com/signup/?epcVIP=63.1066.g110&email=&password=&firstname=&lastname=&zip=&act=epc69324.47379-47589.51935.null.null.:VDM122533310.8150&lang=no&f_color=ffffff
set-cookie: AWSALB=sgc+xdx2fg/cMr6IR0mtrsuid1mm989DNfdw869ieVNCKMX16lSBdW8lawKNbpbWosaAODYLv0CMdu5K9bJsJClbHRxfm1Ij4MBxLvo0c/vhQxMa9L/fNofokvpj; Expires=Sun, 01 Jan 2023 09:15:11 GMT; Path=/
AWSALBCORS=sgc+xdx2fg/cMr6IR0mtrsuid1mm989DNfdw869ieVNCKMX16lSBdW8lawKNbpbWosaAODYLv0CMdu5K9bJsJClbHRxfm1Ij4MBxLvo0c/vhQxMa9L/fNofokvpj; Expires=Sun, 01 Jan 2023 09:15:11 GMT; Path=/; SameSite=None; Secure
vip_id=69324.47379-47589; expires=Wed, 28-Dec-2022 09:15:11 GMT; Max-Age=259200; path=/
server: Apache
X-Firefox-Spdy: h2
|
|
| bkdwbvx.com/common_tpls/js/form_support.js?v=1101202201 | 207.120.33.37 | 200 OK | 0 B |
URL HTTP/2bkdwbvx.com/common_tpls/js/form_support.js?v=1101202201 IP207.120.33.37:0
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /common_tpls/js/form_support.js?v=1101202201 HTTP/1.1
Host: bkdwbvx.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bkdwbvx.com/acct/epc69324/add/?epcVIP=63.1066.g110&email=&password=&firstname=&lastname=&zip=&act=epc69324.47379-47589.51935.null.null.%3AVDM122533310.8150&lang=no&f_color=ffffff&epcCID=w4MfT5G9w0I6Y3Q4i7Uak2DeXbSbD88eU&rtid=61247183361
Cookie: PHPSESSID=2aa1b4ac22751d055689b919047c7252
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 25 Dec 2022 09:15:12 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Fri, 18 Nov 2022 21:23:38 GMT
etag: W/"6377f7da-ed7"
section-io-cache-id: 6cea231d364e606af835d96fc341ed1d
x-varnish: 19748479 19710568
age: 7126
via: 1.1 varnish (Varnish/7.0)
section-io-cache: Hit
content-encoding: gzip
section-io-id: bbe605e38af3b1e843692947202956b9
X-Firefox-Spdy: h2
|
|
| hotrtr.com/cr.php?cid=920&ACT=69324&TRK=51935.null.null | 44.231.180.243 | 302 Found | 0 B |
URL HTTP/2hotrtr.com/cr.php?cid=920&ACT=69324&TRK=51935.null.null IP44.231.180.243:0
GET /cr.php?cid=920&ACT=69324&TRK=51935.null.null HTTP/1.1
Host: hotrtr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://slutsaga.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sun, 25 Dec 2022 09:15:10 GMT
content-type: text/html; charset=UTF-8
location: https://www.landqck.com/ep.php/JK-prmagms:76259/69324:51935.null.null.:VDM122533310.8150
set-cookie: AWSALB=iz1PrXmR5ElCrYrvzOivYf7EdoNqs8fHabIMZz6EYD4GEoraUvPrt3mG3VHvfo362kne7Qbu9R8Aol/iWgH9QeWJbS0rXqdjX2o2o3TpWBDTpNcA6n3e1sLkFxSl; Expires=Sun, 01 Jan 2023 09:15:10 GMT; Path=/
AWSALBCORS=iz1PrXmR5ElCrYrvzOivYf7EdoNqs8fHabIMZz6EYD4GEoraUvPrt3mG3VHvfo362kne7Qbu9R8Aol/iWgH9QeWJbS0rXqdjX2o2o3TpWBDTpNcA6n3e1sLkFxSl; Expires=Sun, 01 Jan 2023 09:15:10 GMT; Path=/; SameSite=None; Secure
hskp=%3AVDM122533310%2C; expires=Sun, 08-Jan-2023 09:15:10 GMT; Max-Age=1209600
skip=-1671959710%2C2622; expires=Sun, 25-Dec-2022 09:25:10 GMT; Max-Age=600
920_2622_0=1671959710; expires=Mon, 26-Dec-2022 09:15:10 GMT; Max-Age=86400
server: Apache
X-Firefox-Spdy: h2
|
|