firefox.settings.services.mozilla.com/v1/
143.204.55.115200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bdb8b66c705a7b996496d780f50c00b5
403ae92039fcc933870f51f913f78ccaf9652256
c923ed2539f4ce9f4d43743c402fbb2060a52a4cbedbf14c5f5742ab718073d6
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Length, Content-Type, Retry-After, Backoff
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Fri, 21 Oct 2022 15:52:20 GMT
Expires: Fri, 21 Oct 2022 16:07:37 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 8W7DItsuuZ5eDy_9prpRlwOJreZXr2r40bT9Auo6CTNMYLqC0OMoKA==
Age: 599
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 24a97183f836954e0f05c4dc794ff4d1
52778bbe39b9f736c16b5798575d1d96607ce9d0
01f6721f2674f54662fff590fdf7247cc8c58a3f84906cae75527fb7b6dd2436
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "01F6721F2674F54662FFF590FDF7247CC8C58A3F84906CAE75527FB7B6DD2436"
Last-Modified: Wed, 19 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6066
Expires: Fri, 21 Oct 2022 17:43:25 GMT
Date: Fri, 21 Oct 2022 16:02:19 GMT
Connection: keep-alive
soldfly.com/gn/
68.178.247.221200 OK 4.7 kB IP 68.178.247.221:0
ASN #398101 GO-DADDY-COM-LLC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash d4e0a52a27e91e725b422066ba999cc2
93d6428eda8ded04444f9e2439dc06acf5f06f76
ab56ffb12ea5fbbf7d257b6c7e8172600ca86c822cf9d19a91440b3a599de932
Analyzer Verdict Alert urlquery Promotion scam / Brand infringement
fortinet Phishing
GET /gn/ HTTP/1.1
Host: soldfly.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Fri, 21 Oct 2022 16:02:19 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Fri, 02 Sep 2022 14:09:53 GMT
ETag: "3820372-472f-5e7b248ac4e40-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4671
Keep-Alive: timeout=5
Content-Type: text/html
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9dc4f23f82148797f6d8041bdda3c7f7
6841ded3e2dd94fd762316d01efd43f7aafb8354
e229db1854a85b320cee574e805210f3adf5797136ea820c0a0ce9abcd63d4dd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E229DB1854A85B320CEE574E805210F3ADF5797136EA820C0A0CE9ABCD63D4DD"
Last-Modified: Thu, 20 Oct 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6009
Expires: Fri, 21 Oct 2022 17:42:28 GMT
Date: Fri, 21 Oct 2022 16:02:19 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: WS6MM1kam16vUPKbyNiF03X4wQ8Byf8NTaaS+Cc7xUsLkWX4EmlWEl+SakcrdG1VAwOtP08XGpo=
x-amz-request-id: 71WKKPHGBRSYAETG
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 21 Oct 2022 15:37:13 GMT
age: 1506
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 21 Oct 2022 16:02:19 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
randomuser.me/api/portraits/men/7.jpg
172.67.144.77200 OK 5.0 kB URL HTTP/2 randomuser.me/api/portraits/men/7.jpg
IP 172.67.144.77:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 128x128, components 3\012- data
Hash 605af7fa51e2abb4df27027909bf7c4a
d08645e62b586a65649504745645178b41525999
f25b1b7a6a351c0f748d81bf4fcaf8c5a2f8ed036563c2693d4c1ca3718d9d5d
GET /api/portraits/men/7.jpg HTTP/1.1
Host: randomuser.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://soldfly.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 21 Oct 2022 16:02:19 GMT
content-type: image/jpeg
content-length: 4988
last-modified: Tue, 05 Jul 2022 00:27:53 GMT
etag: "62c38589-137c"
expires: Fri, 14 Oct 2022 22:53:57 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 1666780
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vtqoOamP5TwJIbjDglxOHu%2Ftpr3IL2dHLV7ukgrnTer2iVf2OoGLzeMOqWdhnAbFYqxsohFqncutdEP9wK97pu%2Fhfu8pIEIis4QegFbTkyDdnNFHL0FxBRg2TzbzCFD8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75db378a6cffb52d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
randomuser.me/api/portraits/women/16.jpg
172.67.144.77200 OK 6.9 kB URL HTTP/2 randomuser.me/api/portraits/women/16.jpg
IP 172.67.144.77:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 128x128, components 3\012- data
Hash 2d6d19aa420764f4d4343aa57a81ab0c
ba0e62d8ef8830bcadb1f6258e134d0225bf955d
cc6b757fbf1174ae601b39aa711d6dfcda1b236001a2f3a67c4293d73c9fd714
GET /api/portraits/women/16.jpg HTTP/1.1
Host: randomuser.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://soldfly.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 21 Oct 2022 16:02:19 GMT
content-type: image/jpeg
content-length: 6888
last-modified: Tue, 05 Jul 2022 00:27:53 GMT
etag: "62c38589-1ae8"
expires: Sun, 13 Nov 2022 23:23:44 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 140119
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pGFmJQ%2FeZMT2EwiMztgujFHAKESk64aLFASo2ucF6EzUWIp95xIIOLFCAo1z77mfxu8xt8e2yRpo%2B6bEFXRFnjkNyGLT652zWvMtpknw7vIRYWHfHOcRJifiUhgAyGzb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75db378a5cf5b52d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
randomuser.me/api/portraits/men/59.jpg
172.67.144.77200 OK 2.8 kB URL HTTP/2 randomuser.me/api/portraits/men/59.jpg
IP 172.67.144.77:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 128x128, components 3\012- data
Hash ab82a70c4d7efc7199176a584c660a7d
96a17acb548c276ee062bf85e582556fe9035378
57c0787e260e4785a6d858d26ff60a82fd5ae48cbae32fe6e866cb3daf7fe1a4
GET /api/portraits/men/59.jpg HTTP/1.1
Host: randomuser.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://soldfly.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 21 Oct 2022 16:02:19 GMT
content-type: image/jpeg
content-length: 2799
last-modified: Tue, 05 Jul 2022 00:27:53 GMT
etag: "62c38589-aef"
expires: Sun, 13 Nov 2022 22:32:58 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 270706
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oxVV%2BCijw7rUS55lsBFrN2lC257yiEflZlvwdKlD8jFhAxC6XyLAmf7IKFe3YZKOH21zwlL6LHcQhMG9Up2yMgi7n3j6BiD%2B9wCQVUhg36LIiYwsu4xAAaFWkIB8Kzft"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75db378a6cf9b52d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
randomuser.me/api/portraits/women/30.jpg
172.67.144.77200 OK 4.4 kB URL HTTP/2 randomuser.me/api/portraits/women/30.jpg
IP 172.67.144.77:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 128x128, components 3\012- data
Hash 1969da0d3fda3aa29c5f883db4ce670c
733eb61b43d010cac0d4f0165d53314f3c767d6f
8d0417f0910586650f889adf5f72fb8ad336f07247cbfd9da9dd6db02546dd00
GET /api/portraits/women/30.jpg HTTP/1.1
Host: randomuser.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://soldfly.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 21 Oct 2022 16:02:19 GMT
content-type: image/jpeg
content-length: 4440
last-modified: Tue, 05 Jul 2022 00:27:53 GMT
etag: "62c38589-1158"
expires: Mon, 24 Oct 2022 17:51:26 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 1843035
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aRg%2FKNThbdCI%2FyVivn85HcyY2k%2BQFbaBGdxgXpMHtbrwTAuo36U1TOuNDkqTfcCwJrOnUbXcJFdjR%2Fiiw0IaV62oX1m59JKbVdgTJnvi%2BYb8Kkq4hbGfN91jntKx%2BDYS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75db378a6cfeb52d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
randomuser.me/api/portraits/men/54.jpg
172.67.144.77200 OK 5.3 kB URL HTTP/2 randomuser.me/api/portraits/men/54.jpg
IP 172.67.144.77:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 128x128, components 3\012- data
Hash d19b518787fe6e8bd83ce2de827fa34b
9cd09c69251e882df33ebe7f7cbd3176f704bcfc
d1a3e08d4e37d6ee2b7de1db8df87c1dc7acd8ffb004caaf980917de518a60c9
GET /api/portraits/men/54.jpg HTTP/1.1
Host: randomuser.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://soldfly.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 21 Oct 2022 16:02:19 GMT
content-type: image/jpeg
content-length: 5276
last-modified: Tue, 05 Jul 2022 00:27:53 GMT
etag: "62c38589-149c"
expires: Fri, 14 Oct 2022 22:32:56 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 2013169
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YiG2IBHTdarxgEtEBmMFV9mw5wKy9rEBKFR%2BbZ7e0SZOT8XfjvVouKDvyEo%2FiqXURR41VMlZYBJaed10QZ6%2B2ldiHypSSnpTR8xq6vjZfV%2BmerK%2FibWWGX9Wt01bWMn4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75db378a6cfbb52d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
widgets.amung.us/small.js
104.22.75.171200 OK 3.5 kB URL HTTP/1.1 widgets.amung.us/small.js
IP 104.22.75.171:0
File type ASCII text, with very long lines (8514), with no line terminators
Hash 7ba20d7d8e8f534a8d4b3e4848ba40e8
9757fceb751a25322b2f62ae9e8b9918add51baf
8351897e53bf4e0419e84c7a50076de46c03faa8a16baed3cc999374bf95c0db
GET /small.js HTTP/1.1
Host: widgets.amung.us
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://soldfly.com/
HTTP/1.1 200 OK
Date: Fri, 21 Oct 2022 16:02:19 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
last-modified: Mon, 29 Aug 2022 18:12:38 GMT
etag: W/"630d0196-2142"
expires: Sat, 22 Oct 2022 15:37:30 GMT
cache-control: max-age=86400
access-control-allow-origin: *
content-encoding: gzip
CF-Cache-Status: HIT
Age: 1489
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75db378a6ead09b4-ARN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e6c3e0486533b0a2edffeca191cd7785
2d688b3c35b26c69e8490ed21ccb94dbbe5ddd27
0780ccc7e7101d6bbfb981fcfdc6e9642f49b4671e2109bde58362d5be33c5d8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 21 Oct 2022 16:02:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
soldfly.com/gn/en-us/assets/js/w8swl.js
68.178.247.221200 OK 1.6 kB URL HTTP/1.1 soldfly.com/gn/en-us/assets/js/w8swl.js
IP 68.178.247.221:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with very long lines (3648)
Hash 024dd399eecbc969d64efd96a5fb2713
21ea1cb61ff4e370edee51e86b7e93079b6f60ca
643e84876d12cb34ee1f7faba81318e268c42aba3c19bb5c544b5b7f83e95748
Analyzer Verdict Alert fortinet Phishing
GET /gn/en-us/assets/js/w8swl.js HTTP/1.1
Host: soldfly.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://soldfly.com/gn/
HTTP/1.1 200 OK
Date: Fri, 21 Oct 2022 16:02:19 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Fri, 02 Sep 2022 14:00:38 GMT
ETag: "382038a-e41-5e7b22797ad80-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1550
Keep-Alive: timeout=5
Content-Type: application/javascript
soldfly.com/gn/en-us/assets/css/common76cb.css
68.178.247.221200 OK 823 B URL HTTP/1.1 soldfly.com/gn/en-us/assets/css/common76cb.css
IP 68.178.247.221:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with very long lines (1727)
Hash 7e91d166ba72336c2c25ea7eb2b1dcc6
e9ee71c8165617b4d76056bcc7711903b5db412c
c2e037b12b20cdc0c1d5e4a86043fd66d8214c857c3f89964e5cbd7d076722ce
GET /gn/en-us/assets/css/common76cb.css HTTP/1.1
Host: soldfly.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://soldfly.com/gn/
HTTP/1.1 200 OK
Date: Fri, 21 Oct 2022 16:02:19 GMT
Server: Apache
Last-Modified: Fri, 02 Sep 2022 14:00:38 GMT
ETag: "3820394-72b-5e7b22797ad80-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 823
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/css
fonts.googleapis.com/css?family=Ubuntu|Lora
142.250.74.10200 OK 1.1 kB URL HTTP/2 fonts.googleapis.com/css?family=Ubuntu|Lora
IP 142.250.74.10:0
Hash f1ef70d7a227c7e12ecc2161d01d30e1
60cc8dfad8109e9c2bb8168648c5342cf4731aca
ff5069018a4e4f98620c54d7c52120eec6b79f80c5c5888bef81409cf5760d96
GET /css?family=Ubuntu|Lora HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://soldfly.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 21 Oct 2022 16:02:19 GMT
date: Fri, 21 Oct 2022 16:02:19 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
soldfly.com/gn/en-us/assets/css/voucher_color_white7c56.css
68.178.247.221200 OK 1.3 kB URL HTTP/1.1 soldfly.com/gn/en-us/assets/css/voucher_color_white7c56.css
IP 68.178.247.221:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with very long lines (6073), with no line terminators
Hash 73b573b4bc93e117b3751dc2a232d1ca
214e6afb5742f432f4b0a90b81fd29b930db04fc
ed61d52fa0eced742b7e1c3e963fb407b7c15dd3010c2cdbf59a3a989bb2ee18
GET /gn/en-us/assets/css/voucher_color_white7c56.css HTTP/1.1
Host: soldfly.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://soldfly.com/gn/
HTTP/1.1 200 OK
Date: Fri, 21 Oct 2022 16:02:20 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Fri, 02 Sep 2022 14:00:38 GMT
ETag: "3820393-17b9-5e7b22797ad80-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1288
Keep-Alive: timeout=5
Content-Type: text/css
soldfly.com/gn/en-us/assets/css/voucher_brand_tesco90a7.css
68.178.247.221200 OK 1.3 kB URL HTTP/1.1 soldfly.com/gn/en-us/assets/css/voucher_brand_tesco90a7.css
IP 68.178.247.221:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with very long lines (6291), with no line terminators
Hash 35e76e9856479fa9fa5da5347ea1e0a7
86605475e0a75c3edfdfe44d8024e053aca8bee3
8531742a3972751622d93f91408522942e1247a918d7d1330517fff2044518fd
GET /gn/en-us/assets/css/voucher_brand_tesco90a7.css HTTP/1.1
Host: soldfly.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://soldfly.com/gn/
HTTP/1.1 200 OK
Date: Fri, 21 Oct 2022 16:02:20 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Fri, 02 Sep 2022 14:00:38 GMT
ETag: "3820395-1893-5e7b22797ad80-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1305
Keep-Alive: timeout=5
Content-Type: text/css
soldfly.com/gn/en-us/assets/css/voucher_layout_layout-products0cee.css
68.178.247.221200 OK 2.2 kB URL HTTP/1.1 soldfly.com/gn/en-us/assets/css/voucher_layout_layout-products0cee.css
IP 68.178.247.221:0
ASN #398101 GO-DADDY-COM-LLC
Hash 5cd08ce67e7fea2e47e1da7b6c113dee
87dbd70276696395b11b5e168526840e57c359f5
9b76d70fa735c07ab4127ebfbd942a5cc6b2a59302c949c3f6316bdaaae0c5f2
GET /gn/en-us/assets/css/voucher_layout_layout-products0cee.css HTTP/1.1
Host: soldfly.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://soldfly.com/gn/
HTTP/1.1 200 OK
Date: Fri, 21 Oct 2022 16:02:20 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Fri, 02 Sep 2022 14:00:38 GMT
ETag: "3820397-35b4-5e7b22797ad80-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2236
Keep-Alive: timeout=5
Content-Type: text/css
soldfly.com/gn/en-us/assets/js/custom.min.js
68.178.247.221200 OK 3.4 kB URL HTTP/1.1 soldfly.com/gn/en-us/assets/js/custom.min.js
IP 68.178.247.221:0
ASN #398101 GO-DADDY-COM-LLC
File type Unicode text, UTF-8 text, with very long lines (715)
Hash 934e345c8fa779e31ebdefdb2aa8303f
8a2d1f276b5fb78b787dfd97610d82f0132130be
f03b583bd5ac819fc937d3ddd960554511f30258300c4f96b6731044e11ed8e4
Analyzer Verdict Alert urlquery Promotion scam / Brand infringement
fortinet Phishing
GET /gn/en-us/assets/js/custom.min.js HTTP/1.1
Host: soldfly.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://soldfly.com/gn/
HTTP/1.1 200 OK
Date: Fri, 21 Oct 2022 16:02:20 GMT
Server: Apache
Last-Modified: Sat, 10 Sep 2022 20:22:55 GMT
ETag: "3820388-23c1-5e8586d7985c0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3376
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.115200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Fri, 21 Oct 2022 15:43:40 GMT
Expires: Fri, 21 Oct 2022 15:46:36 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: oatk1tXyAhZFYCuDiNMXeHATZG7IpNQ-z3mSRXFI0cwb58_GnPzqfw==
Age: 1120
soldfly.com/gn/en-us/assets/css/voucher_main_style0cee.css
68.178.247.221200 OK 25 kB URL HTTP/1.1 soldfly.com/gn/en-us/assets/css/voucher_main_style0cee.css
IP 68.178.247.221:0
ASN #398101 GO-DADDY-COM-LLC
File type Unicode text, UTF-8 text, with very long lines (61814)
Hash 10c7ae01cda4659db971f9953775ce5f
6fa3b576d229763bf10a31a389cc251de82029db
1364339547342e8ec9c0003c587dd9c462932d5056e79ed9589579f94288a5d5
GET /gn/en-us/assets/css/voucher_main_style0cee.css HTTP/1.1
Host: soldfly.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://soldfly.com/gn/
HTTP/1.1 200 OK
Date: Fri, 21 Oct 2022 16:02:20 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Fri, 02 Sep 2022 14:00:38 GMT
ETag: "382038d-196a2-5e7b22797ad80-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 25053
Keep-Alive: timeout=5
Content-Type: text/css
soldfly.com/gn/ajax/libs/jquery/1-11-3/jquery.min.js
68.178.247.221200 OK 33 kB URL HTTP/1.1 soldfly.com/gn/ajax/libs/jquery/1-11-3/jquery.min.js
IP 68.178.247.221:0
ASN #398101 GO-DADDY-COM-LLC
File type ASCII text, with very long lines (32038)
Hash 52b94c239ac654d524aedfea51652120
5e2f762ca56010473d633225f4c5c34ce2f62197
e7da358d6cfe51b08ebf16f2085a31018016b02db285c8c08984300e599ef9d4
Analyzer Verdict Alert fortinet Phishing
GET /gn/ajax/libs/jquery/1-11-3/jquery.min.js HTTP/1.1
Host: soldfly.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://soldfly.com/gn/
HTTP/1.1 200 OK
Date: Fri, 21 Oct 2022 16:02:20 GMT
Server: Apache
Last-Modified: Fri, 02 Sep 2022 14:00:38 GMT
ETag: "382036a-176f8-5e7b22797ad80-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 33303
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: application/javascript
soldfly.com/gn/logo.png
68.178.247.221200 OK 11 kB IP 68.178.247.221:0
ASN #398101 GO-DADDY-COM-LLC
File type PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced\012- data
Hash 7040ac6f599000c886dd1a387f38b951
7f2dcdab26697f8463ab7c69f134f3940151ee33
7552904ba4d2e4ee84cd397c777201044f2f20b04a0fa7d92d2cd7987d90cc68
GET /gn/logo.png HTTP/1.1
Host: soldfly.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://soldfly.com/gn/
HTTP/1.1 200 OK
Date: Fri, 21 Oct 2022 16:02:20 GMT
Server: Apache
Last-Modified: Fri, 02 Sep 2022 14:00:38 GMT
ETag: "3820374-2a29-5e7b22797ad80"
Accept-Ranges: bytes
Content-Length: 10793
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/png
soldfly.com/gn/jh7p1c.jpg
68.178.247.221200 OK 4.9 kB URL HTTP/1.1 soldfly.com/gn/jh7p1c.jpg
IP 68.178.247.221:0
ASN #398101 GO-DADDY-COM-LLC
File type PNG image data, 80 x 51, 8-bit/color RGBA, non-interlaced\012- data
Hash 5a050ff00d04052e1d1ce8743bac4dba
d7ebb691ce88884f0053f823129ca7a0dc275d9f
0a581c4110a0a5ca3c2c3cba39493e346594c7fc5d033d3bf599518e30466eb9
GET /gn/jh7p1c.jpg HTTP/1.1
Host: soldfly.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://soldfly.com/gn/
HTTP/1.1 200 OK
Date: Fri, 21 Oct 2022 16:02:20 GMT
Server: Apache
Last-Modified: Fri, 02 Sep 2022 14:00:38 GMT
ETag: "382036c-1320-5e7b22797ad80"
Accept-Ranges: bytes
Content-Length: 4896
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/jpeg
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 09f1d552877c07059a3c8debf4187f12
5832bc57522a3fda9a0fec7288076db87d4560c5
de8ad3e1d71f1e4f709bed37590b5e0cdb520db9a246e57d212036af8cfc0f18
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 21 Oct 2022 16:02:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/lora/v26/0QI6MX1D_JOuGQbT0gvTJPa787weuxJBkq0.woff2
216.58.207.195200 OK 19 kB URL HTTP/2 fonts.gstatic.com/s/lora/v26/0QI6MX1D_JOuGQbT0gvTJPa787weuxJBkq0.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 19228, version 1.0\012- data
Hash 4de1acb111366ff5358a27c36bfff049
3e746862c43c9bf6080efa2e67985c6017013db1
df02979a78c233d4f94e6fabbf5620b730e3689c7492feb68506836d0d71417f
GET /s/lora/v26/0QI6MX1D_JOuGQbT0gvTJPa787weuxJBkq0.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://soldfly.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 19228
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 17 Oct 2022 19:36:56 GMT
expires: Tue, 17 Oct 2023 19:36:56 GMT
cache-control: public, max-age=31536000
age: 332724
last-modified: Mon, 15 Aug 2022 18:05:09 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
i.imgur.com/RxS8FXk.png
151.101.84.193200 OK 279 B IP 151.101.84.193:0
File type PNG image data, 13 x 13, 8-bit colormap, non-interlaced\012- data
Hash ee4bde320c95dcf9ea57fe5f8eabff77
cb52950826ebf97148b9269ef04de16ce8b224b1
e55380e114a7050333af45d44453084ef42ad9dba7696ebf692ea4b42a0f1222
GET /RxS8FXk.png HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://soldfly.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Fri, 17 Apr 2020 10:36:52 GMT
etag: "ee4bde320c95dcf9ea57fe5f8eabff77"
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Fri, 21 Oct 2022 16:02:20 GMT
age: 2161024
x-served-by: cache-iad-kiad7000022-IAD, cache-bma1678-BMA
x-cache: HIT, HIT
x-cache-hits: 1624, 1
x-timer: S1666368141.527667,VS0,VE1
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 279
X-Firefox-Spdy: h2
i.imgur.com/geNBckx.png
151.101.84.193200 OK 162 B IP 151.101.84.193:0
File type PNG image data, 12 x 13, 4-bit colormap, non-interlaced\012- data
Hash d7ae9442add710b1066911bfba428234
38b5869fbcb1147c58066b29cb73e29904799754
75a9efd4b12ff81a1fb3a563e4bf66c1d9ff21b9d01a40702ab5a82da152bd61
GET /geNBckx.png HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://soldfly.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Fri, 17 Apr 2020 10:36:52 GMT
etag: "d7ae9442add710b1066911bfba428234"
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Fri, 21 Oct 2022 16:02:20 GMT
age: 2695979
x-served-by: cache-iad-kcgs7200107-IAD, cache-bma1678-BMA
x-cache: HIT, HIT
x-cache-hits: 4608, 1
x-timer: S1666368141.533186,VS0,VE2
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 162
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash a0738b138f262176b9a5984a8afe3127
513e61f1dd78a6c51077165a5e5391119b9d9228
04a69025a549be2708481584eb6a6a361c5541c0490d9c42ccba8161720e6075
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 21 Oct 2022 16:02:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i.imgur.com/FUwlTOP.png
151.101.84.193200 OK 293 B IP 151.101.84.193:0
File type PNG image data, 14 x 13, 8-bit colormap, non-interlaced\012- data
Hash 486bfc9a2b39a465bfa7b1f660a16877
4aa237e6f8a82fd09c452990cd25e27c4fa8e281
ccb07a38f5ebf3d51544fc76bbf00aaf9210e48c8338c204aae3f6d3321872b5
GET /FUwlTOP.png HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://soldfly.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Fri, 17 Apr 2020 10:36:52 GMT
etag: "486bfc9a2b39a465bfa7b1f660a16877"
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Fri, 21 Oct 2022 16:02:20 GMT
age: 1248362
x-served-by: cache-iad-kiad7000128-IAD, cache-bma1678-BMA
x-cache: HIT, HIT
x-cache-hits: 1391, 1
x-timer: S1666368141.530887,VS0,VE10
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 293
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash f47cc320695635b544a761f72f3afc6f
b7cee764dcb0a625e0f8e0b4a4fce04548a1bf76
78608be3d0d6aaaf0364aed316b8676ab28d23c9b6a8ac6c147cf5d16e5cc283
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5568
Cache-Control: max-age=149835
Content-Type: application/ocsp-response
Date: Fri, 21 Oct 2022 16:02:20 GMT
Etag: "63525317-1d7"
Expires: Sun, 23 Oct 2022 09:39:35 GMT
Last-Modified: Fri, 21 Oct 2022 08:06:47 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471
soldfly.com/gn/en-us/assets/css/9eeec628/fonts/proximanovablack/proximanovablack.woff
68.178.247.221200 OK 75 kB URL HTTP/1.1 soldfly.com/gn/en-us/assets/css/9eeec628/fonts/proximanovablack/proximanovablack.woff
IP 68.178.247.221:0
ASN #398101 GO-DADDY-COM-LLC
File type Web Open Font Format, TrueType, length 75196, version 1.1\012- data
Hash 2edf02908800d6535704c20c662727d9
3a0f05c005189721e2587af8565dc136807ae703
9792b461aa580c367d843488154f6aec8f4c706d7696c8408d718fb8ee348c2a
Analyzer Verdict Alert fortinet Phishing
GET /gn/en-us/assets/css/9eeec628/fonts/proximanovablack/proximanovablack.woff HTTP/1.1
Host: soldfly.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://soldfly.com/gn/en-us/assets/css/voucher_brand_tesco90a7.css
HTTP/1.1 200 OK
Date: Fri, 21 Oct 2022 16:02:20 GMT
Server: Apache
Last-Modified: Fri, 02 Sep 2022 14:00:38 GMT
ETag: "3820580-125bc-5e7b22797ad80"
Accept-Ranges: bytes
Content-Length: 75196
Vary: Accept-Encoding
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: font/woff
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 4c011807f77073c15f8a562b31a03be1
f84e89f2922242475337d97823721a359d927b55
b7dec99f89cbabbcf47179d41d4f36be74c43dbe73f92029106f2f67a847c9ca
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 21 Oct 2022 16:02:20 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 19 Oct 2022 17:56:49 GMT
Expires: Wed, 26 Oct 2022 17:56:48 GMT
Etag: "f84e89f2922242475337d97823721a359d927b55"
Cache-Control: max-age=438267,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75db378f5c39b511-OSL
push.services.mozilla.com/
34.214.236.46101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.214.236.46:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Hp901oR8HeEdtsRsAs0fLg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: +fsOi3H6jPaWoZl/QtJJB2p5TQ8=
soldfly.com/gn/sold.png
68.178.247.221200 OK 88 kB IP 68.178.247.221:0
ASN #398101 GO-DADDY-COM-LLC
File type PNG image data, 400 x 360, 8-bit/color RGBA, non-interlaced\012- data
Hash 56f3ec4f0be469af33be41786eef841c
785d673511b51064ed203fe78380ae78219179ba
5feaeb7a45ba665d6eec531a1b4cd189e2469051715964b10b8ac39c0be00713
GET /gn/sold.png HTTP/1.1
Host: soldfly.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://soldfly.com/gn/
HTTP/1.1 200 OK
Date: Fri, 21 Oct 2022 16:02:20 GMT
Server: Apache
Last-Modified: Fri, 02 Sep 2022 14:07:44 GMT
ETag: "382035f-1596e-5e7b240fbec00"
Accept-Ranges: bytes
Content-Length: 88430
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: image/png
t.dtscout.com/i/?l=http%3A%2F%2Fsoldfly.com%2Fgn%2F%23&j=
167.114.209.61200 OK 2.1 kB URL HTTP/1.1 t.dtscout.com/i/?l=http%3A%2F%2Fsoldfly.com%2Fgn%2F%23&j=
IP 167.114.209.61:0
File type ASCII text, with very long lines (2077)
Hash 51bd741af3fcc4984d1a753eebfa1141
534664acf69cbbb5c9b97c96b63dd37bdc580da2
3e9c8e5dcf3cbff9e1b7211551a31fe388f1b8e607fd78a0a34855be65da721c
GET /i/?l=http%3A%2F%2Fsoldfly.com%2Fgn%2F%23&j= HTTP/1.1
Host: t.dtscout.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://soldfly.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.10.3 (Ubuntu)
Date: Fri, 21 Oct 2022 16:02:20 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: close
X-S: mtl1
Set-Cookie: m=1; Domain=dtscout.com; Expires=Fri, 21-Oct-2022 17:25:40 GMT; Max-Age=5000; Path=/; SameSite=None; Secure
oa=1; Domain=dtscout.com; Expires=Fri, 21-Oct-2022 20:02:20 GMT; Max-Age=14400; Path=/; SameSite=None; Secure
df=1666368140; Domain=dtscout.com; Expires=Sun, 29-Jan-2023 16:02:20 GMT; Max-Age=8640000; Path=/; SameSite=None; Secure
X-T: 5.757
Expires: Fri, 21 Oct 2022 16:02:19 GMT
Cache-Control: no-cache
soldfly.com/gn/en-us/assets/css/9eeec628/fonts/proximanovabold/proximanovabold.woff
68.178.247.221200 OK 75 kB URL HTTP/1.1 soldfly.com/gn/en-us/assets/css/9eeec628/fonts/proximanovabold/proximanovabold.woff
IP 68.178.247.221:0
ASN #398101 GO-DADDY-COM-LLC
File type Web Open Font Format, TrueType, length 75196, version 1.1\012- data
Hash 2edf02908800d6535704c20c662727d9
3a0f05c005189721e2587af8565dc136807ae703
9792b461aa580c367d843488154f6aec8f4c706d7696c8408d718fb8ee348c2a
Analyzer Verdict Alert fortinet Phishing
GET /gn/en-us/assets/css/9eeec628/fonts/proximanovabold/proximanovabold.woff HTTP/1.1
Host: soldfly.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://soldfly.com/gn/en-us/assets/css/voucher_brand_tesco90a7.css
HTTP/1.1 200 OK
Date: Fri, 21 Oct 2022 16:02:20 GMT
Server: Apache
Last-Modified: Fri, 02 Sep 2022 14:00:38 GMT
ETag: "3820529-125bc-5e7b22797ad80"
Accept-Ranges: bytes
Content-Length: 75196
Vary: Accept-Encoding
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: font/woff
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 94ee541bb392e5675c1e24c94c197f8b
bce18b05a24f5e2c6743cbbe849a733091586176
82f791c205847646216d72b4ce65bc3587ca69d1da17a3a2afb477640822c4dc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 21 Oct 2022 16:02:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://soldfly.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Fri, 21 Oct 2022 14:41:09 GMT
expires: Fri, 21 Oct 2022 16:41:09 GMT
cache-control: public, max-age=7200
age: 4872
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
t.dtscout.com/pv/?_a=v&_h=soldfly.com&_ss=54986ws348&_pv=1&_ls=0&_u1=1&_u3=1&_cc=no&_pl=d&_cbid=57vp&_cb=_dtspv.c
167.114.209.61200 OK 51 B URL HTTP/1.1 t.dtscout.com/pv/?_a=v&_h=soldfly.com&_ss=54986ws348&_pv=1&_ls=0&_u1=1&_u3=1&_cc=no&_pl=d&_cbid=57vp&_cb=_dtspv.c
IP 167.114.209.61:0
File type ASCII text, with no line terminators
Hash 1991650ab1b0cc8f659c04805433c0d0
bb3e784bddc3bf6a7046028997714ee27fdebf85
b8ae559d25e44863c14cf3508df10e82c922c869f7765034b57cb999bd154c27
GET /pv/?_a=v&_h=soldfly.com&_ss=54986ws348&_pv=1&_ls=0&_u1=1&_u3=1&_cc=no&_pl=d&_cbid=57vp&_cb=_dtspv.c HTTP/1.1
Host: t.dtscout.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://soldfly.com/
Cookie: m=1; oa=1; df=1666368140
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.10.3 (Ubuntu)
Date: Fri, 21 Oct 2022 16:02:21 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: close
X-T: 2.192
X-C: 0
Expires: Fri, 21 Oct 2022 16:02:20 GMT
Cache-Control: no-cache
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 13b2ffd04752d468f707090604f6ed1c
94de24b43698a598b060edea68a4b1b5c6bf9879
98f0ad0db175ed53ed6b048cc4427f902c148adc378d833dcb8cd89d59397aad
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 21 Oct 2022 16:02:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
soldfly.com/favicon.ico
68.178.247.221404 Not Found 1.7 kB IP 68.178.247.221:0
ASN #398101 GO-DADDY-COM-LLC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 12bc9fcd7f59bd4a0c74e0477ccbad55
9c866d208d2bc04fdc136dbc1fef2e889beb9cbf
cdc8b52c9402b72ef9c698027c0d2ea63058ed98b832a31d3ac57c9e7f8b35ed
GET /favicon.ico HTTP/1.1
Host: soldfly.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://soldfly.com/gn/
HTTP/1.1 404 Not Found
Date: Fri, 21 Oct 2022 16:02:21 GMT
Server: Apache
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Length: 1699
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/html
whos.amung.us/pingjs/?k=soldgn&t=Guinea%20%3A%20Free%20credit&c=s&x=http%3A%2F%2Fsoldfly.com%2Fgn%2F%23&y=&a=-1&d=1.078&v=27&r=8220
172.67.8.141200 OK 45 B URL HTTP/1.1 whos.amung.us/pingjs/?k=soldgn&t=Guinea%20%3A%20Free%20credit&c=s&x=http%3A%2F%2Fsoldfly.com%2Fgn%2F%23&y=&a=-1&d=1.078&v=27&r=8220
IP 172.67.8.141:0
File type ASCII text, with no line terminators
Hash b2b7d007c67728dbb84dca7863c514e4
a45af0b29b76671fb4b66b4a6b23d6e72603c5cb
4ab0642207827e6c58d5ae961696b2ae4711bfdbe51c51b418ccb36236db84bf
GET /pingjs/?k=soldgn&t=Guinea%20%3A%20Free%20credit&c=s&x=http%3A%2F%2Fsoldfly.com%2Fgn%2F%23&y=&a=-1&d=1.078&v=27&r=8220 HTTP/1.1
Host: whos.amung.us
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://soldfly.com/
HTTP/1.1 200 OK
Date: Fri, 21 Oct 2022 16:02:21 GMT
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
content-encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75db37931fde0b4d-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash e75aa92c27f466270906c09ecfa32076
615bbc4d2aa932fa7ec36d9ed6e9d42725f75e13
abba25c7438efc436ed5afc0d27a7d6b211c8508589e63d8564fd9b5e57f2c02
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 21 Oct 2022 16:02:21 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 19 Oct 2022 23:33:39 GMT
Expires: Wed, 26 Oct 2022 23:33:38 GMT
Etag: "615bbc4d2aa932fa7ec36d9ed6e9d42725f75e13"
Cache-Control: max-age=458476,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75db37954be1b511-OSL
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 56aa4d33e288d7ec3acf3ac1a61ef7f9
ac2e2f3609cc604dde554e37471567c042bf8191
544823f794ac3e837c81449d896a9dcbe94f4d59a13e293d84b5af44531141d0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "544823F794AC3E837C81449D896A9DCBE94F4D59A13E293D84B5AF44531141D0"
Last-Modified: Wed, 19 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6631
Expires: Fri, 21 Oct 2022 17:52:52 GMT
Date: Fri, 21 Oct 2022 16:02:21 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 56aa4d33e288d7ec3acf3ac1a61ef7f9
ac2e2f3609cc604dde554e37471567c042bf8191
544823f794ac3e837c81449d896a9dcbe94f4d59a13e293d84b5af44531141d0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "544823F794AC3E837C81449D896A9DCBE94F4D59A13E293D84B5AF44531141D0"
Last-Modified: Wed, 19 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6631
Expires: Fri, 21 Oct 2022 17:52:52 GMT
Date: Fri, 21 Oct 2022 16:02:21 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 56aa4d33e288d7ec3acf3ac1a61ef7f9
ac2e2f3609cc604dde554e37471567c042bf8191
544823f794ac3e837c81449d896a9dcbe94f4d59a13e293d84b5af44531141d0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "544823F794AC3E837C81449D896A9DCBE94F4D59A13E293D84B5AF44531141D0"
Last-Modified: Wed, 19 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6631
Expires: Fri, 21 Oct 2022 17:52:52 GMT
Date: Fri, 21 Oct 2022 16:02:21 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 56aa4d33e288d7ec3acf3ac1a61ef7f9
ac2e2f3609cc604dde554e37471567c042bf8191
544823f794ac3e837c81449d896a9dcbe94f4d59a13e293d84b5af44531141d0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "544823F794AC3E837C81449D896A9DCBE94F4D59A13E293D84B5AF44531141D0"
Last-Modified: Wed, 19 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6631
Expires: Fri, 21 Oct 2022 17:52:52 GMT
Date: Fri, 21 Oct 2022 16:02:21 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb97a147f-f3d0-45e2-ab3e-cd90d0626589.jpeg
34.120.237.76200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb97a147f-f3d0-45e2-ab3e-cd90d0626589.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1c6ab9a31e082a0c0eaab2a0f526495a
c30e9954dcef66d4f14ac8618ebf2a1da0b3e12a
ca3a602c8af7b3e87957e54910663ea2bb72d008e14719af0f9fd7bd1a949f3e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb97a147f-f3d0-45e2-ab3e-cd90d0626589.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6551
x-amzn-requestid: 4deffe4d-e687-436e-938c-f8128bb84376
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zql_MG5QoAMFahg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6340e9fa-66d4e2210fda5a80155f2466;Sampled=0
x-amzn-remapped-date: Sat, 08 Oct 2022 03:09:46 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: V5ilfg4GVL-HvWbuZrvFkZynDNCZDiBVNTDWjLdr2ZCLjH04NW3yqw==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Fri, 21 Oct 2022 07:24:29 GMT
age: 31072
etag: "c30e9954dcef66d4f14ac8618ebf2a1da0b3e12a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5eaba338-753d-49fa-b65c-70aa4d08ec7d.jpeg
34.120.237.76200 OK 6.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5eaba338-753d-49fa-b65c-70aa4d08ec7d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 41720951bc9f58ea936fb65b472ef05a
b8739209bdacc59cbf87b49024f73650a9a0f113
9dd1c174c5a45cf4167c4c20752c2575ab4280f869f49dd9056907c9521afe36
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5eaba338-753d-49fa-b65c-70aa4d08ec7d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6730
x-amzn-requestid: 97d867bc-a398-4b2b-8dda-2497a105845e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aSsAnEP3oAMF2lw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6350f39d-3f56509c395ff64a396b5706;Sampled=0
x-amzn-remapped-date: Thu, 20 Oct 2022 07:07:09 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: HnxmItt9LDm9ME1eITiRbQQr9xr7PLXcdTCRGyDVvO2Zo6x9pjavsw==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Fri, 21 Oct 2022 04:53:57 GMT
age: 40104
etag: "b8739209bdacc59cbf87b49024f73650a9a0f113"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e67413c-6e4d-487c-807f-ff21a90aa792.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e67413c-6e4d-487c-807f-ff21a90aa792.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 00f8ff57c0d15e1ce75a788b91dc0bd3
46445de659e1aa0623c7666c98b5f642ffeff89d
95eb2c3d2ab4643affffd59887814a013edacba9f73c633399905d9d0d397b1d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e67413c-6e4d-487c-807f-ff21a90aa792.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10799
x-amzn-requestid: 9b27131b-a0ca-426d-939c-78de0beac51c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aUsKLF9hIAMF97g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6351c0a7-76bf3c356f04a6a672e2f7a1;Sampled=0
x-amzn-remapped-date: Thu, 20 Oct 2022 21:41:59 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 96xd1B3QDqywkAxLGVMbF6P4UJ_gweEBpEc8fcCwUzVhTG6GWA66FA==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 20 Oct 2022 21:50:08 GMT
age: 65533
etag: "46445de659e1aa0623c7666c98b5f642ffeff89d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4f52601f-0c98-4537-a72e-d72f9dbe4167.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4f52601f-0c98-4537-a72e-d72f9dbe4167.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6bd5e942443ffd011faf10dc88d92081
beff4ae9e24599addce8a961c955788045c56645
2c59d984971e73d497975032c23700b5602fccf403f4683a8047f5f42d4e261f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4f52601f-0c98-4537-a72e-d72f9dbe4167.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10973
x-amzn-requestid: 081470ca-0107-4052-be55-9c713105bb27
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aUr-TEKPoAMFZfQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6351c05b-17199f8c0fc0fb7443a902f1;Sampled=0
x-amzn-remapped-date: Thu, 20 Oct 2022 21:40:43 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: h8elwC37DfS3PoG9NuRyfp-bqOoLi9KWeSWvwuY4mFMGG4HHC3jZAg==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 20 Oct 2022 22:17:34 GMT
age: 63887
etag: "beff4ae9e24599addce8a961c955788045c56645"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F66bcc767-1c09-4b79-aee1-3917407a2700.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F66bcc767-1c09-4b79-aee1-3917407a2700.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d369f8641d3489521afd62e112136f5b
088a3290733195efeb1d79dcc995c22b603bece0
b18601499cbb7bbcc1eaa464cec12c0287f8fab52a89e97973bd78fcb26ea918
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F66bcc767-1c09-4b79-aee1-3917407a2700.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9195
x-amzn-requestid: e40418b8-2272-44a3-83d6-9465798793ad
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aUsKLEk4oAMFsSQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6351c0a7-34994aca1e13dcab306bf1a4;Sampled=0
x-amzn-remapped-date: Thu, 20 Oct 2022 21:41:59 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 86MQ2WBrOZ2pH88f27PxZ9f8tuu_9u6qNzyr4LZz6-yNbfjJdjgr0w==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 20 Oct 2022 21:48:08 GMT
age: 65653
etag: "088a3290733195efeb1d79dcc995c22b603bece0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd0e33502-97b5-4327-985f-813c8107dbb8.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd0e33502-97b5-4327-985f-813c8107dbb8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b772335d96ac97ec5b28623955fb026d
7a19bf011359ad768b05dd79cec66787d2dc59fd
c13e7384880ec6fe431f3627eb61529c7fdb934cf0b021b4586ff2dc1c2e1244
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd0e33502-97b5-4327-985f-813c8107dbb8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4786
x-amzn-requestid: 263fe384-2385-48c4-b250-1708a3cdd710
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aUsKKFOYoAMF92Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6351c0a7-46dfbb85286685373b0b5e77;Sampled=0
x-amzn-remapped-date: Thu, 20 Oct 2022 21:41:59 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: xdusXhbeR0jyonK4NDRdcAGEDLLLJ5rL1X3u4seqIpfGaw4yIN5LEg==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 20 Oct 2022 21:50:08 GMT
age: 65533
etag: "7a19bf011359ad768b05dd79cec66787d2dc59fd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
cdn.tynt.com/tc.js
104.18.19.39200 OK 6.7 kB IP 104.18.19.39:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (647)
Hash 1c19de1014ecbb64bf79594584b7e243
e2ab949e99c448f107245a0a39c10e0b30130e9f
5c80cda6336fe83e049aea16c899b4983fa70744beccddd14d75ee0c178c5c77
GET /tc.js HTTP/1.1
Host: cdn.tynt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://soldfly.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 21 Oct 2022 16:02:21 GMT
content-type: application/javascript
last-modified: Thu, 21 Jul 2022 14:57:10 GMT
vary: Accept-Encoding
etag: W/"62d96946-4599"
content-encoding: gzip
cf-cache-status: HIT
age: 175289
expires: Mon, 24 Oct 2022 16:02:21 GMT
cache-control: public, max-age=259200
server: cloudflare
cf-ray: 75db37959a31b509-OSL
X-Firefox-Spdy: h2
soldfly.com/gn/en-us/assets/css/9eeec628/fonts/proximanovaregular/proximanovaregular.ttf
68.178.247.221200 OK 185 kB URL HTTP/1.1 soldfly.com/gn/en-us/assets/css/9eeec628/fonts/proximanovaregular/proximanovaregular.ttf
IP 68.178.247.221:0
ASN #398101 GO-DADDY-COM-LLC
File type TrueType Font data, 17 tables, 1st "FFTM", 24 names, Macintosh\012- data
Size 185 kB (185240 bytes)
Hash 7f775be831ca88d6c0ab6b055f986727
927fa09c4ae3fc44c52239cfa73e5a5e98abb8cb
e9a809715bfd7ca139515f13c1c121e7f18cf43dca83407459353c3843fd159b
Analyzer Verdict Alert fortinet Phishing
GET /gn/en-us/assets/css/9eeec628/fonts/proximanovaregular/proximanovaregular.ttf HTTP/1.1
Host: soldfly.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://soldfly.com/gn/en-us/assets/css/voucher_brand_tesco90a7.css
HTTP/1.1 200 OK
Date: Fri, 21 Oct 2022 16:02:20 GMT
Server: Apache
Last-Modified: Fri, 02 Sep 2022 14:00:38 GMT
ETag: "3820534-2d398-5e7b22797ad80"
Accept-Ranges: bytes
Content-Length: 185240
Vary: Accept-Encoding
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: font/ttf
ic.tynt.com/b/p?id=w!soldgn&lm=0&ts=1666368154482&dn=TC&iso=0&img=sold.png&ct=Urgent!%20pour%20tous%20les%20Guinean%F0%9F%8C%B9&t=Guinea%20%3A%20Free%20credit&cu=https%3A%2F%2Finternet.com%2F
67.202.105.32204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!soldgn&lm=0&ts=1666368154482&dn=TC&iso=0&img=sold.png&ct=Urgent!%20pour%20tous%20les%20Guinean%F0%9F%8C%B9&t=Guinea%20%3A%20Free%20credit&cu=https%3A%2F%2Finternet.com%2F
IP 67.202.105.32:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!soldgn&lm=0&ts=1666368154482&dn=TC&iso=0&img=sold.png&ct=Urgent!%20pour%20tous%20les%20Guinean%F0%9F%8C%B9&t=Guinea%20%3A%20Free%20credit&cu=https%3A%2F%2Finternet.com%2F HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://soldfly.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Fri, 21 Oct 2022 16:02:22 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=w!soldgn&lm=0&ts=1666368154482&dn=TC&iso=0&img=sold.png&ct=Urgent!%20pour%20tous%20les%20Guinean%F0%9F%8C%B9&t=Guinea%20%3A%20Free%20credit
67.202.105.32204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!soldgn&lm=0&ts=1666368154482&dn=TC&iso=0&img=sold.png&ct=Urgent!%20pour%20tous%20les%20Guinean%F0%9F%8C%B9&t=Guinea%20%3A%20Free%20credit
IP 67.202.105.32:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!soldgn&lm=0&ts=1666368154482&dn=TC&iso=0&img=sold.png&ct=Urgent!%20pour%20tous%20les%20Guinean%F0%9F%8C%B9&t=Guinea%20%3A%20Free%20credit HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://soldfly.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Fri, 21 Oct 2022 16:02:22 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
de.tynt.com/deb/v2?id=w!soldgn&dn=TC&cc=1&r=
67.202.105.33200 OK 4 B URL HTTP/2 de.tynt.com/deb/v2?id=w!soldgn&dn=TC&cc=1&r=
IP 67.202.105.33:0
File type ASCII text, with no line terminators
Hash 350fd6ef6446635f7a8f608434a405ec
a4b6c275ac2c80ec925b5c0c5c6abb79ba897356
d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179
GET /deb/v2?id=w!soldgn&dn=TC&cc=1&r= HTTP/1.1
Host: de.tynt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://soldfly.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=86400
expires: Sat, 22 Oct 2022 16:02:22 GMT
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type: application/javascript
content-length: 4
date: Fri, 21 Oct 2022 16:02:21 GMT
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=w!soldgn&lm=0&ts=1666368154482&dn=TC&iso=0&img=sold.png&ct=Urgent!%20pour%20tous%20les%20Guinean%F0%9F%8C%B9
67.202.105.32204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!soldgn&lm=0&ts=1666368154482&dn=TC&iso=0&img=sold.png&ct=Urgent!%20pour%20tous%20les%20Guinean%F0%9F%8C%B9
IP 67.202.105.32:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!soldgn&lm=0&ts=1666368154482&dn=TC&iso=0&img=sold.png&ct=Urgent!%20pour%20tous%20les%20Guinean%F0%9F%8C%B9 HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://soldfly.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Fri, 21 Oct 2022 16:02:22 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=w!soldgn&lm=0&ts=1666368154482&dn=TC&iso=0&img=sold.png&ct=Urgent!%20pour%20tous%20les%20Guinean%F0%9F%8C%B9
67.202.105.32204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!soldgn&lm=0&ts=1666368154482&dn=TC&iso=0&img=sold.png&ct=Urgent!%20pour%20tous%20les%20Guinean%F0%9F%8C%B9
IP 67.202.105.32:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!soldgn&lm=0&ts=1666368154482&dn=TC&iso=0&img=sold.png&ct=Urgent!%20pour%20tous%20les%20Guinean%F0%9F%8C%B9 HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://soldfly.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Fri, 21 Oct 2022 16:02:22 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=w!soldgn&lm=0&ts=1666368154482&dn=TC&iso=0&img=sold.png
67.202.105.32204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!soldgn&lm=0&ts=1666368154482&dn=TC&iso=0&img=sold.png
IP 67.202.105.32:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!soldgn&lm=0&ts=1666368154482&dn=TC&iso=0&img=sold.png HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://soldfly.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Fri, 21 Oct 2022 16:02:22 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=w!soldgn&lm=0&ts=1666368154482&dn=TC&iso=0
67.202.105.32204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!soldgn&lm=0&ts=1666368154482&dn=TC&iso=0
IP 67.202.105.32:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!soldgn&lm=0&ts=1666368154482&dn=TC&iso=0 HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://soldfly.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Fri, 21 Oct 2022 16:02:22 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2