Report - rule34.xyz/metro%20exodus

Report Overview

Submitted URL
rule34.xyz/metro%20exodus
IP
31.222.238.177
ASN
#43624 Pq Hosting S.r.l.
Submitted
2022-09-26 19:31:58
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
6

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	34.218.164.174
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	64 kB	34.120.237.76
rule34xyz.b-cdn.net	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	13 kB	188 kB	89.187.169.3
stats.g.doubleclick.net	96	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	581 B	705 B	64.233.162.157
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.6 kB	7.7 kB	142.250.74.3
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	153 kB	142.250.74.163
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	143.204.55.115
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	34.160.144.191
www.googletagmanager.com	75	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	364 B	38 kB	142.250.74.72
bg4nxu2u5t.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.3 kB	4.7 kB	62.122.171.6
www.google.no	25607	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	495 B	694 B	142.250.74.3
www.google.com	7	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	496 B	694 B	142.250.74.164
rule34.xyz	84497	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	17 kB	3.4 MB	31.222.238.177
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.6 kB	4.4 kB	23.36.76.226
region1.google-analytics.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	648 B	557 B	216.239.32.36
ocsp.sectigo.com	487	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.3 kB	3.9 kB	172.64.155.188
www.google-analytics.com	40	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	355 B	20 kB	142.250.74.174
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	329 B	737 B	93.184.220.29

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-09-26	medium	bg4nxu2u5t.com	Sinkholed
2022-09-26	medium	bg4nxu2u5t.com	Sinkholed
2022-09-26	medium	bg4nxu2u5t.com	Sinkholed

JavaScript (10)

	URL	Size	First Seen	Last Seen
	rule34.xyz/metro%20exodus	532 B	2023-03-07	2023-12-12
Pretty URL rule34.xyz/metro%20exodus IP 31.222.238.177 ASN #43624 Pq Hosting S.r.l. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 21:58:40 Last Seen2023-12-12 16:16:59 Times Seen7 Hash c0736df5bc2d804a8452871c3cd295d2 1d06a43c6714336cb341d991d6f9779a53d24f61 7b396328ab1bc186ad2b0dce0f0b70a6eb8b067f2e65920537a0509eaff8c6a2 Loading...

	rule34.xyz/runtime-es2015.8c1dfa218bbfed4f8c2a.js	2.5 kB	2023-03-07	2023-12-12
Pretty URL rule34.xyz/runtime-es2015.8c1dfa218bbfed4f8c2a.js IP 31.222.238.177 ASN #43624 Pq Hosting S.r.l. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 21:58:40 Last Seen2023-12-12 16:16:59 Times Seen41 Hash fa306a5cf5db76555fa629c28df96834 cfc58ebc5375edece30a9a37922369dd6bf4b80a 27fe677a858739be13c63a7b3fcbfa1d77728e8ad9900fa39677a57203a463b9 Loading...

	rule34.xyz/polyfills-es2015.10f5ef413ad7eb91b554.js	37 kB	2023-03-07	2023-12-12
Pretty URL rule34.xyz/polyfills-es2015.10f5ef413ad7eb91b554.js IP 31.222.238.177 ASN #43624 Pq Hosting S.r.l. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 21:58:40 Last Seen2023-12-12 16:16:59 Times Seen50 Hash 3126d8f9e8eeb3f382e3ff4b4f2f3371 b2b42c137c7f033fd6640629368b3a5d31f3b6f4 8c5b43165c2c034f9496624b4ed3342570c367b9a7ef9db96ae66a6f786ab277 Loading...

	www.googletagmanager.com/gtm.js?id=GTM-TFMCMS4	96 kB	2023-03-08	2023-03-08
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-TFMCMS4 IP 142.250.74.72 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 01:55:22 Last Seen2023-03-08 01:55:22 Times Seen1 Hash 6c6452264f1830d3c3c6e61d5e1bcb75 ad847bd97fb01e374d682fc0490a3b707c95b7f4 38ba3928e4de2ecf28e5a5138cd010508bd4dbe4ed9be4175bad109611f37088 Loading...

	www.googletagmanager.com/gtag/js?id=G-R4GRY2G49W&l=dataLayer&cx=c	212 kB	2023-03-08	2023-03-08
Pretty URL www.googletagmanager.com/gtag/js?id=G-R4GRY2G49W&l=dataLayer&cx=c IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 01:55:22 Last Seen2023-03-08 01:55:22 Times Seen1 Hash 2dc8cb387e35589d46cbbe0cd06a8fd9 cb837a9162c88532efb1a5942b2fda7a89c9effe ce2844fb7a3dc09fe6ba7881e7681ad2d3761115255cab29daec3382b4411187 Loading...

	bg4nxu2u5t.com/get/1780566?zoneid=1780566&jp=_cl6ogvh471w8qw01ku281f&nojs=0&ix=0&abvar=31&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=2923816135323855	2.6 kB	2023-03-08	2023-03-08
Pretty URL bg4nxu2u5t.com/get/1780566?zoneid=1780566&jp=_cl6ogvh471w8qw01ku281f&nojs=0&ix=0&abvar=31&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=2923816135323855 IP 62.122.171.6 ASN #50245 Serverel Inc. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 01:55:22 Last Seen2023-03-08 01:55:22 Times Seen1 Hash 97cd069360c9a3a5ab7fb2dac3c9a79d 45ff776cdae11fc987cf744b09cac63660858301 d9a07306557cb2a70ca14443697a98be39a6813520348ca466cf92e3bee1b3c9 Loading...

	rule34.xyz/metro%20exodus	349 B	2023-03-07	2023-12-12
Pretty URL rule34.xyz/metro%20exodus IP 31.222.238.177 ASN #43624 Pq Hosting S.r.l. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 21:58:40 Last Seen2023-12-12 16:16:35 Times Seen7 Hash 4edc304205f9436d72b2ff9a0743a81b 6b44498f2a358d08c7d3a669354f6746b0cc545d f734f5da3b22c00dd3fcca0758ce05beebb465617d3934b805a970d9239c001d Loading...

	rule34.xyz/main-es2015.ded06dec06650aa2dd25.js	1.3 MB	2023-03-07	2023-03-10
Pretty URL rule34.xyz/main-es2015.ded06dec06650aa2dd25.js IP 31.222.238.177 ASN #43624 Pq Hosting S.r.l. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 21:58:40 Last Seen2023-03-10 10:55:30 Times Seen1 Hash afea5f0c2a54343da740e7aebe9c3ffb 55b72fbde8c2a8835949577a15102b6bdb4205b2 d8a154b1637b240b015bdb31c114088f0bd63adea287464126c5e2bb645583f6 Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-07	2024-01-06
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.174 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:05:31 Last Seen2024-01-06 17:39:53 Times Seen66 Hash 99ba52a15d2da967b023016d1af58cbd 5c2246049c43834d17113877b4731bd4f9803d55 9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f Loading...

	bg4nxu2u5t.com/aas/r45d/vki/1780566/03f48f81.js	68 kB	2023-03-08	2023-03-08
Pretty URL bg4nxu2u5t.com/aas/r45d/vki/1780566/03f48f81.js IP 62.122.171.6 ASN #50245 Serverel Inc. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 01:55:22 Last Seen2023-03-08 01:55:22 Times Seen1 Hash 292a669e0490d1db5cfb704100b87a3c 746120ffa61acae704543e9d616531dae2930161 186bb217d3f4d216568483339dcd03cb0798a72c866fb1562f4e3713883284d2 Loading...

HTTP Transactions (110)

URL IP Response Size

rule34.xyz/metro%20exodus

31.222.238.177

307 Temporary Redirect

0 B

URL HTTP/1.1
rule34.xyz/metro%20exodus
IP
31.222.238.177:0
ASN
#43624 Pq Hosting S.r.l.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /metro%20exodus HTTP/1.1
Host: rule34.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 307 Temporary Redirect
Date: Mon, 26 Sep 2022 19:31:45 GMT
Server: Kestrel
Content-Length: 0
Location: https://rule34.xyz/metro%20exodus

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d2560f62890e75b8de444fed96c22f52
334ce0c48e606ee029f31eeb1463af87b1024bb9
4397e6b45b5822fbab9b83abe0b96ee70efba7cd2160b51936159865ede5fdb1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4397E6B45B5822FBAB9B83ABE0B96EE70EFBA7CD2160B51936159865EDE5FDB1"
Last-Modified: Sun, 25 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2716
Expires: Mon, 26 Sep 2022 20:17:02 GMT
Date: Mon, 26 Sep 2022 19:31:46 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

143.204.55.115

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.115:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
1b3053fa528e28810f8a2cc9284cc921
cca9eb471d941881a6b9a1793aecb6c281908f6a
a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 26 Sep 2022 19:15:19 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 4FmB56tF3a5M6RH_-jMdvbiO9AFJ_MxKBcaBHwz3d3cKjXQiTHw0Mw==
Age: 987

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1017811d25642601e984edc1676d118d
c177c4f7a897584bf91347fa4990c83d6bfd0321
f35bb3a8c877dd8d3c5920f3c917722f12b157aff398e2ec30fab51fa6caa2ef

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F35BB3A8C877DD8D3C5920F3C917722F12B157AFF398E2EC30FAB51FA6CAA2EF"
Last-Modified: Mon, 26 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4964
Expires: Mon, 26 Sep 2022 20:54:30 GMT
Date: Mon, 26 Sep 2022 19:31:46 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: dfUqUEviL1TXJCqCaWFAAYWpvSaWbUiOrUjGmbyGD3ei65iCtWH6390ilBAmCGYBl4b1Kigi3FY=
x-amz-request-id: VV6J2CBFWB1W6SKZ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 26 Sep 2022 18:48:50 GMT
age: 2576
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
etag: "6113f8408c59aebe188d6af273b90743"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b6952e75ef7b51f81cf3da268952b78e
dfd083deabe8ef71b7d2f4032cb5d5b58a0ccf5d
e65d3481f031c12e609cedad7ac7bb332046bfab0b576b619bf65f4d1658fa0b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E65D3481F031C12E609CEDAD7AC7BB332046BFAB0B576B619BF65F4D1658FA0B"
Last-Modified: Sat, 24 Sep 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11041
Expires: Mon, 26 Sep 2022 22:35:47 GMT
Date: Mon, 26 Sep 2022 19:31:46 GMT
Connection: keep-alive

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 19:31:46 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.115

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.115:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Mon, 26 Sep 2022 19:10:46 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Mon, 26 Sep 2022 19:26:17 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: utpuxkmswENsenNY8pdWxvtMs7KU3oJE6KB_RNRsu_QHd6KDye5pgA==
Age: 1261

rule34.xyz/assets/images/discord_32.png

31.222.238.177

200 OK

833 B

URL HTTP/2
rule34.xyz/assets/images/discord_32.png
IP
31.222.238.177:0
ASN
#43624 Pq Hosting S.r.l.

File type
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Size
833 B (833 bytes)
Hash
a9670c588d6d7b07ccfb3d125173de21
fad6bb4af7258dacca5412cf3ced4ac1f984ee69
214077b40659aa214c997cf921ead8a4952fa16ba3f64d7953c369ae03e648f8

HTTP Headers

GET /assets/images/discord_32.png HTTP/1.1
Host: rule34.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rule34.xyz/metro%20exodus
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public,max-age=31536000
date: Mon, 26 Sep 2022 19:31:46 GMT
content-type: image/png
last-modified: Mon, 26 Sep 2022 19:20:07 GMT
accept-ranges: bytes
etag: "1d8d1dcfcb28ec1"
server: Kestrel
content-length: 833
strict-transport-security: max-age=2592000
X-Firefox-Spdy: h2

rule34.xyz/assets/images/twitter.png

31.222.238.177

200 OK

1.3 kB

URL HTTP/2
rule34.xyz/assets/images/twitter.png
IP
31.222.238.177:0
ASN
#43624 Pq Hosting S.r.l.

File type
PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Size
1.3 kB (1317 bytes)
Hash
501d6dfa0f9f66cc740e95fc952dbb68
4b0f77b1f2f45866f554a9349a10d19ce5191057
ab5f3e319577d3bcc1c2db4fadddb215b7b16976cd780881ca785221b34c3434

HTTP Headers

GET /assets/images/twitter.png HTTP/1.1
Host: rule34.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rule34.xyz/metro%20exodus
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public,max-age=31536000
date: Mon, 26 Sep 2022 19:31:46 GMT
content-type: image/png
last-modified: Mon, 26 Sep 2022 19:20:07 GMT
accept-ranges: bytes
etag: "1d8d1dcfcb288a5"
server: Kestrel
content-length: 1317
strict-transport-security: max-age=2592000
X-Firefox-Spdy: h2

rule34.xyz/assets/images/flags/en.png

31.222.238.177

200 OK

4.8 kB

URL HTTP/2
rule34.xyz/assets/images/flags/en.png
IP
31.222.238.177:0
ASN
#43624 Pq Hosting S.r.l.

File type
PNG image data, 256 x 171, 8-bit/color RGBA, non-interlaced\012- data
Size
4.8 kB (4849 bytes)
Hash
dda9cec7d5c5f13201b0f59e83ad74a2
99797780c3381911facf4a7f725795d44b4ced88
7a7a13c54037d440227c51cdd42501d095a43cf6cc1c6f34150224d68b57317b

HTTP Headers

GET /assets/images/flags/en.png HTTP/1.1
Host: rule34.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rule34.xyz/metro%20exodus
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public,max-age=31536000
date: Mon, 26 Sep 2022 19:31:46 GMT
content-type: image/png
last-modified: Mon, 26 Sep 2022 19:20:07 GMT
accept-ranges: bytes
etag: "1d8d1dcfcb29f71"
server: Kestrel
content-length: 4849
strict-transport-security: max-age=2592000
X-Firefox-Spdy: h2

rule34.xyz/assets/images/r34xyz.png

31.222.238.177

200 OK

3.0 kB

URL HTTP/2
rule34.xyz/assets/images/r34xyz.png
IP
31.222.238.177:0
ASN
#43624 Pq Hosting S.r.l.

File type
PNG image data, 192 x 192, 8-bit colormap, non-interlaced\012- data
Size
3.0 kB (2950 bytes)
Hash
e16ed231acdbbfe680da8526bb1d6724
65cc448611ae56224ffbe651d798f19e7f225f39
16e5dda70ec1757be18cb2d0f63b15333fbebed549e31535597dc6bc36a6a769

HTTP Headers

GET /assets/images/r34xyz.png HTTP/1.1
Host: rule34.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rule34.xyz/metro%20exodus
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public,max-age=31536000
date: Mon, 26 Sep 2022 19:31:46 GMT
content-type: image/png
last-modified: Mon, 26 Sep 2022 19:20:07 GMT
accept-ranges: bytes
etag: "1d8d1dcfcb28606"
server: Kestrel
content-length: 2950
strict-transport-security: max-age=2592000
X-Firefox-Spdy: h2

rule34.xyz/runtime-es2015.8c1dfa218bbfed4f8c2a.js

31.222.238.177

200 OK

2.5 kB

URL HTTP/2
rule34.xyz/runtime-es2015.8c1dfa218bbfed4f8c2a.js
IP
31.222.238.177:0
ASN
#43624 Pq Hosting S.r.l.

File type
ASCII text, with very long lines (2473), with no line terminators
Size
2.5 kB (2473 bytes)
Hash
fa306a5cf5db76555fa629c28df96834
cfc58ebc5375edece30a9a37922369dd6bf4b80a
27fe677a858739be13c63a7b3fcbfa1d77728e8ad9900fa39677a57203a463b9

HTTP Headers

GET /runtime-es2015.8c1dfa218bbfed4f8c2a.js HTTP/1.1
Host: rule34.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rule34.xyz/metro%20exodus
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public,max-age=31536000
date: Mon, 26 Sep 2022 19:31:46 GMT
content-type: application/javascript
last-modified: Mon, 26 Sep 2022 19:20:06 GMT
accept-ranges: bytes
etag: "1d8d1dcfc19fea9"
server: Kestrel
content-length: 2473
strict-transport-security: max-age=2592000
X-Firefox-Spdy: h2

rule34.xyz/polyfills-es2015.10f5ef413ad7eb91b554.js

31.222.238.177

200 OK

37 kB

URL HTTP/2
rule34.xyz/polyfills-es2015.10f5ef413ad7eb91b554.js
IP
31.222.238.177:0
ASN
#43624 Pq Hosting S.r.l.

File type
ASCII text, with very long lines (36973), with no line terminators
Size
37 kB (36973 bytes)
Hash
3126d8f9e8eeb3f382e3ff4b4f2f3371
b2b42c137c7f033fd6640629368b3a5d31f3b6f4
8c5b43165c2c034f9496624b4ed3342570c367b9a7ef9db96ae66a6f786ab277

HTTP Headers

GET /polyfills-es2015.10f5ef413ad7eb91b554.js HTTP/1.1
Host: rule34.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rule34.xyz/metro%20exodus
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public,max-age=31536000
date: Mon, 26 Sep 2022 19:31:46 GMT
content-type: application/javascript
last-modified: Mon, 26 Sep 2022 19:20:06 GMT
accept-ranges: bytes
etag: "1d8d1dcfc19676d"
server: Kestrel
content-length: 36973
strict-transport-security: max-age=2592000
X-Firefox-Spdy: h2

rule34.xyz/styles.0551c7465b0cc99fa3c6.css

31.222.238.177

200 OK

345 kB

URL HTTP/2
rule34.xyz/styles.0551c7465b0cc99fa3c6.css
IP
31.222.238.177:0
ASN
#43624 Pq Hosting S.r.l.

File type
ASCII text, with very long lines (55435)
Size
345 kB (344877 bytes)
Hash
6364a642aaef90d2b01a784342ad6bea
bcf22dc32e9a2920b3e926297d6d69165b798499
bede92f15609cfc8a070c3217494987365f99eb877e6d45689b0fcea55a5a681

HTTP Headers

GET /styles.0551c7465b0cc99fa3c6.css HTTP/1.1
Host: rule34.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rule34.xyz/metro%20exodus
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public,max-age=31536000
date: Mon, 26 Sep 2022 19:31:46 GMT
content-type: text/css
last-modified: Mon, 26 Sep 2022 19:20:07 GMT
accept-ranges: bytes
etag: "1d8d1dcfcb7cead"
server: Kestrel
content-length: 344877
strict-transport-security: max-age=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
1db3e1d6bf7a5e2d0c87eab75a6e52fe
b923a169beb9248ea6a5070a04b57bc0aa44799b
f35aafc9c21937ac03d9b711aa18ef518aaaec6d0f9dbcecb42f757a0e70915c

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 19:31:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

rule34.xyz/main-es2015.ded06dec06650aa2dd25.js

31.222.238.177

200 OK

1.3 MB

URL HTTP/2
rule34.xyz/main-es2015.ded06dec06650aa2dd25.js
IP
31.222.238.177:0
ASN
#43624 Pq Hosting S.r.l.

File type
ASCII text, with very long lines (65536), with no line terminators
Size
1.3 MB (1282432 bytes)
Hash
afea5f0c2a54343da740e7aebe9c3ffb
55b72fbde8c2a8835949577a15102b6bdb4205b2
d8a154b1637b240b015bdb31c114088f0bd63adea287464126c5e2bb645583f6

HTTP Headers

GET /main-es2015.ded06dec06650aa2dd25.js HTTP/1.1
Host: rule34.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rule34.xyz/metro%20exodus
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public,max-age=31536000
date: Mon, 26 Sep 2022 19:31:46 GMT
content-type: application/javascript
last-modified: Mon, 26 Sep 2022 19:20:06 GMT
accept-ranges: bytes
etag: "1d8d1dcfc0a6680"
server: Kestrel
content-length: 1282432
strict-transport-security: max-age=2592000
X-Firefox-Spdy: h2

www.googletagmanager.com/gtm.js?id=GTM-TFMCMS4

142.250.74.72

200 OK

38 kB

URL HTTP/2
www.googletagmanager.com/gtm.js?id=GTM-TFMCMS4
IP
142.250.74.72:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1720)
Size
38 kB (37623 bytes)
Hash
5df171684d558ad4f9890ce44f55ab1f
09085283cbde86fa231090029d5cbb7966847338
ce5f50dc972536b7578c95e7fa10fd2e12f33d3a8c99940bced5553a5422cca7

HTTP Headers

GET /gtm.js?id=GTM-TFMCMS4 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rule34.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 26 Sep 2022 19:31:47 GMT
expires: Mon, 26 Sep 2022 19:31:47 GMT
cache-control: private, max-age=900
last-modified: Mon, 26 Sep 2022 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 37623
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
5adb7eb1d103eadeeafac36e663ffdd3
23b784388dd634fa736cd60aed71570661e73d02
5c95ba48bc342887b4f7ef697bd4def50f6f2f472f654169179e5ac44df883d9

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4836
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 19:31:47 GMT
Last-Modified: Mon, 26 Sep 2022 18:11:11 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
1db3e1d6bf7a5e2d0c87eab75a6e52fe
b923a169beb9248ea6a5070a04b57bc0aa44799b
f35aafc9c21937ac03d9b711aa18ef518aaaec6d0f9dbcecb42f757a0e70915c

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 19:31:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
d1256b6452c58ffb05e1db44d9d37a5f
04538f69abefe1019a0c4c6cc1fd3ffe5a5b2cfd
4bf592b24e41cf58e4ea973378a8559c4011a25ccdc51cc7a31457cc6561d22b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 19:31:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
737756d717fd215d94458a21028ae486
ee3c3097bcb2ff3f5482b0dc6056b1549afa8f1f
8e705bae2060960e1b2f79c42ebc445d52f307aeac41b34d3a1789879e51b85a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 19:31:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
d1256b6452c58ffb05e1db44d9d37a5f
04538f69abefe1019a0c4c6cc1fd3ffe5a5b2cfd
4bf592b24e41cf58e4ea973378a8559c4011a25ccdc51cc7a31457cc6561d22b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 19:31:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/materialicons/v139/flUhRq6tzZclQEJ-Vdg-IuiaDsNcIhQ8tQ.woff2

142.250.74.163

200 OK

128 kB

URL HTTP/2
fonts.gstatic.com/s/materialicons/v139/flUhRq6tzZclQEJ-Vdg-IuiaDsNcIhQ8tQ.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 128360, version 1.0\012- data
Size
128 kB (128360 bytes)
Hash
393b5d8b3fd798486652801f3ee8c6ea
979383e09be691921a211f5fc4ef97fc4406e4dd
83be7b2f504af2c948c5106fa907dc4224380a7b75a993a7bff52cd71ec8c7d3

HTTP Headers

GET /s/materialicons/v139/flUhRq6tzZclQEJ-Vdg-IuiaDsNcIhQ8tQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rule34.xyz
Connection: keep-alive
Referer: https://rule34.xyz/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 128360
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 22 Sep 2022 20:30:37 GMT
expires: Fri, 22 Sep 2023 20:30:37 GMT
cache-control: public, max-age=31536000
age: 342070
last-modified: Thu, 25 Aug 2022 00:09:15 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2

142.250.74.163

200 OK

11 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 11072, version 1.0\012- data
Size
11 kB (11072 bytes)
Hash
e7df3d0942815909add8f9d0c40d00d9
cf5032eea3399a58870e8a05e629b006a8c7c3c7
bce2f309470952b7affa62ff4d91b454334c68cefa541429b502904d20696875

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rule34.xyz
Connection: keep-alive
Referer: https://rule34.xyz/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11072
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 19:34:03 GMT
expires: Thu, 21 Sep 2023 19:34:03 GMT
cache-control: public, max-age=31536000
age: 431864
last-modified: Wed, 11 May 2022 19:24:53 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

142.250.74.163

200 OK

11 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 11028, version 1.0\012- data
Size
11 kB (11028 bytes)
Hash
1f6d3cf6d38f25d83d95f5a800b8cac3
279f300ca2cbbdf9f5036ef2f438607fbf377daa
796de064b8d80eba7ccacb8ba67d77fdbcdf4b385c844645d452c24537b3108f

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rule34.xyz
Connection: keep-alive
Referer: https://rule34.xyz/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11028
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 22 Sep 2022 17:24:34 GMT
expires: Fri, 22 Sep 2023 17:24:34 GMT
cache-control: public, max-age=31536000
age: 353233
last-modified: Wed, 11 May 2022 19:24:50 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.sectigo.com/

172.64.155.188

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
96c73f686bbfccd42a1bc25900e41390
21f19f5a80114b20d2df17e85a0441b3874694fa
1f2587c0c48e9bb25096fb30e9a5d6ebad24022c06adb5508146d2a97102b13a

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 19:31:47 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 24 Sep 2022 17:02:00 GMT
Expires: Sat, 01 Oct 2022 17:01:59 GMT
Etag: "21f19f5a80114b20d2df17e85a0441b3874694fa"
Cache-Control: max-age=422411,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 750e6bfe1ef1b4f7-OSL

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
d1256b6452c58ffb05e1db44d9d37a5f
04538f69abefe1019a0c4c6cc1fd3ffe5a5b2cfd
4bf592b24e41cf58e4ea973378a8559c4011a25ccdc51cc7a31457cc6561d22b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 19:31:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

rule34xyz.b-cdn.net/posts/3349/3349470/3349470.pic256avif.avif

89.187.169.3

200 OK

5.5 kB

URL HTTP/2
rule34xyz.b-cdn.net/posts/3349/3349470/3349470.pic256avif.avif
IP
89.187.169.3:0
ASN
#60068 Datacamp Limited

File type
ISO Media, HEIF Image\012- data
Size
5.5 kB (5470 bytes)
Hash
a161244c83dd45c47bb16df80b0bff01
3ade20b0b2e5bd914476c0dcfdde33b9684ba407
dbe100ffa62b363b0950b0d97386d92b72ea5cc342d3da5780979e2593f06dbd

HTTP Headers

GET /posts/3349/3349470/3349470.pic256avif.avif HTTP/1.1
Host: rule34xyz.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rule34.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 26 Sep 2022 19:31:47 GMT
content-type: application/octet-stream
content-length: 5470
server: BunnyCDN-DE-752
cdn-pullzone: 294263
cdn-uid: 66d6ad83-3f00-4738-b738-db341e02bfab
cdn-requestcountrycode: NO
cache-control: public, max-age=2592000
last-modified: Thu, 03 Feb 2022 10:08:00 GMT
cdn-storageserver: DE-51
cdn-fileserver: 226
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 206
cdn-cachedat: 09/20/2022 18:14:10
cdn-edgestorageid: 723
cdn-status: 200
cdn-requestid: d469f5886cccdc1eb416520337ad5111
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

rule34xyz.b-cdn.net/posts/3333/3333692/3333692.pic256avif.avif

89.187.169.3

200 OK

2.7 kB

URL HTTP/2
rule34xyz.b-cdn.net/posts/3333/3333692/3333692.pic256avif.avif
IP
89.187.169.3:0
ASN
#60068 Datacamp Limited

File type
ISO Media, HEIF Image\012- data
Size
2.7 kB (2675 bytes)
Hash
f48ae5975218e05bec91fd781f5ff5e9
8dda12320c355fa00d9dbec7bf8b15e4ab93a826
71fcafd9224de7368c8a83bd54d49cb2479c02d03c731ff7dde01a882f66371c

HTTP Headers

GET /posts/3333/3333692/3333692.pic256avif.avif HTTP/1.1
Host: rule34xyz.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rule34.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 26 Sep 2022 19:31:47 GMT
content-type: application/octet-stream
content-length: 2675
server: BunnyCDN-DE-752
cdn-pullzone: 294263
cdn-uid: 66d6ad83-3f00-4738-b738-db341e02bfab
cdn-requestcountrycode: NO
cache-control: public, max-age=2592000
last-modified: Tue, 11 Jan 2022 22:15:40 GMT
cdn-storageserver: DE-167
cdn-fileserver: 229
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 206
cdn-cachedat: 08/31/2022 20:04:08
cdn-edgestorageid: 752
cdn-status: 200
cdn-requestid: 7cc8f4bbc31de2e71fb55bc142f6dd8a
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

rule34.xyz/ads2.json?v=09M0731

31.222.238.177

200 OK

106 B

URL HTTP/2
rule34.xyz/ads2.json?v=09M0731
IP
31.222.238.177:0
ASN
#43624 Pq Hosting S.r.l.

File type
JSON data\012- , ASCII text
Size
106 B (106 bytes)
Hash
a6ffac3ddaa9269ead51ec3cda35d4d7
d72804f4cd3a0e1b500382fb1517ac8f93ccf7d9
9c0f755ae93dcc7cdce985f208c4a068de18249aa229b31284ccb25bdd76224d

HTTP Headers

GET /ads2.json?v=09M0731 HTTP/1.1
Host: rule34.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rule34.xyz/metro%20exodus
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 26 Sep 2022 19:31:46 GMT
content-type: application/json
last-modified: Sat, 24 Sep 2022 13:07:14 GMT
accept-ranges: bytes
etag: "1d8d01690862d6a"
server: Kestrel
content-length: 106
strict-transport-security: max-age=2592000
X-Firefox-Spdy: h2

rule34xyz.b-cdn.net/posts/3347/3347747/3347747.pic256avif.avif

89.187.169.3

200 OK

5.0 kB

URL HTTP/2
rule34xyz.b-cdn.net/posts/3347/3347747/3347747.pic256avif.avif
IP
89.187.169.3:0
ASN
#60068 Datacamp Limited

File type
ISO Media, HEIF Image\012- data
Size
5.0 kB (5001 bytes)
Hash
2de4a8cac104397e30f06daa53b3c0d6
173a6e28e147ed965bb6797c99af719e73ead9b7
d4fde3479a59592138f435bb47706f309e80d369b8c882a765287a048eb59f59

HTTP Headers

GET /posts/3347/3347747/3347747.pic256avif.avif HTTP/1.1
Host: rule34xyz.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rule34.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 26 Sep 2022 19:31:47 GMT
content-type: application/octet-stream
content-length: 5001
server: BunnyCDN-DE-752
cdn-pullzone: 294263
cdn-uid: 66d6ad83-3f00-4738-b738-db341e02bfab
cdn-requestcountrycode: NO
cache-control: public, max-age=2592000
last-modified: Mon, 31 Jan 2022 23:10:20 GMT
cdn-storageserver: DE-167
cdn-fileserver: 293
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 206
cdn-cachedat: 08/25/2022 19:39:12
cdn-edgestorageid: 860
cdn-status: 200
cdn-requestid: 294bf6cd88eab4aad02ace128c009b3d
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

rule34xyz.b-cdn.net/posts/3334/3334406/3334406.pic256avif.avif

89.187.169.3

200 OK

539 B

URL HTTP/2
rule34xyz.b-cdn.net/posts/3334/3334406/3334406.pic256avif.avif
IP
89.187.169.3:0
ASN
#60068 Datacamp Limited

File type
ISO Media, HEIF Image\012- data
Size
539 B (539 bytes)
Hash
cee064011354c21c7b7f6c29cdcd87d3
5eb7e056a03954445c1acf055daed5a90bd7a260
a104ef2c38f98c36941be0a3c9d713a55e58ff3b3bbb6ee02990bc5234f5c35b

HTTP Headers

GET /posts/3334/3334406/3334406.pic256avif.avif HTTP/1.1
Host: rule34xyz.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rule34.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 26 Sep 2022 19:31:47 GMT
content-type: application/octet-stream
content-length: 539
server: BunnyCDN-DE-752
cdn-pullzone: 294263
cdn-uid: 66d6ad83-3f00-4738-b738-db341e02bfab
cdn-requestcountrycode: NO
cache-control: public, max-age=2592000
last-modified: Wed, 12 Jan 2022 14:05:11 GMT
cdn-storageserver: DE-167
cdn-fileserver: 292
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 206
cdn-cachedat: 09/01/2022 09:32:32
cdn-edgestorageid: 722
cdn-status: 200
cdn-requestid: 39e0232e4be9fa82231c63e9c091001b
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

push.services.mozilla.com/

34.218.164.174

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
34.218.164.174:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 367WB62UTor3OKMOsJngfQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: gsl6GLhgwT4WnLuD1eUzNZC/Bdc=

rule34xyz.b-cdn.net/posts/3255/3255893/3255893.pic256avif.avif

89.187.169.3

200 OK

5.5 kB

URL HTTP/2
rule34xyz.b-cdn.net/posts/3255/3255893/3255893.pic256avif.avif
IP
89.187.169.3:0
ASN
#60068 Datacamp Limited

File type
ISO Media, HEIF Image\012- data
Size
5.5 kB (5520 bytes)
Hash
fef79ddd5a40e7f21f49c842bdefc612
901e4e103e978c44654be72d0c40a43841f25d38
e362ea86f9daf617a30b35b46b9dfd6dce788bef0e7e6983ee77531d94c15721

HTTP Headers

GET /posts/3255/3255893/3255893.pic256avif.avif HTTP/1.1
Host: rule34xyz.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rule34.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 26 Sep 2022 19:31:47 GMT
content-type: application/octet-stream
content-length: 5520
server: BunnyCDN-DE-752
cdn-pullzone: 294263
cdn-uid: 66d6ad83-3f00-4738-b738-db341e02bfab
cdn-requestcountrycode: NO
cache-control: public, max-age=2592000
last-modified: Sat, 11 Sep 2021 09:22:26 GMT
cdn-storageserver: DE-199
cdn-fileserver: 143
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 206
cdn-cachedat: 09/13/2022 18:29:34
cdn-edgestorageid: 723
cdn-status: 200
cdn-requestid: da696133cbb15bf6b526fa2f940e03cc
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

rule34xyz.b-cdn.net/posts/3254/3254641/3254641.pic256avif.avif

89.187.169.3

200 OK

1.9 kB

URL HTTP/2
rule34xyz.b-cdn.net/posts/3254/3254641/3254641.pic256avif.avif
IP
89.187.169.3:0
ASN
#60068 Datacamp Limited

File type
ISO Media, HEIF Image\012- data
Size
1.9 kB (1872 bytes)
Hash
574afd2b5e391d5a2b61facc89e4fa31
8027fcc1c861ae06da5bb1b97fb2fd0c078ac6a4
90be34ac985e5cc84606dcfd7204dad3af47c5d1097201425bb6c51639996f62

HTTP Headers

GET /posts/3254/3254641/3254641.pic256avif.avif HTTP/1.1
Host: rule34xyz.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rule34.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 26 Sep 2022 19:31:47 GMT
content-type: application/octet-stream
content-length: 1872
server: BunnyCDN-DE-752
cdn-pullzone: 294263
cdn-uid: 66d6ad83-3f00-4738-b738-db341e02bfab
cdn-requestcountrycode: NO
cache-control: public, max-age=2592000
last-modified: Thu, 09 Sep 2021 00:21:12 GMT
cdn-storageserver: DE-165
cdn-fileserver: 143
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 206
cdn-cachedat: 09/02/2022 18:11:54
cdn-edgestorageid: 874
cdn-status: 200
cdn-requestid: f38eea725277c02b71c55845d34122f9
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

rule34xyz.b-cdn.net/posts/3477/3477861/3477861.pic256avif.avif

89.187.169.3

200 OK

8.5 kB

URL HTTP/2
rule34xyz.b-cdn.net/posts/3477/3477861/3477861.pic256avif.avif
IP
89.187.169.3:0
ASN
#60068 Datacamp Limited

File type
ISO Media, HEIF Image\012- data
Size
8.5 kB (8460 bytes)
Hash
ae2e6f873768194b77195c11cd33ba72
186a3dd0982a9c00247825a98242b349a6c7ff1b
b45998e4fb5177fb8b393e906b0a46e6c1c7723c3b242500a83170305f9ade4a

HTTP Headers

GET /posts/3477/3477861/3477861.pic256avif.avif HTTP/1.1
Host: rule34xyz.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rule34.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 26 Sep 2022 19:31:47 GMT
content-type: application/octet-stream
content-length: 8460
server: BunnyCDN-DE-752
cdn-pullzone: 294263
cdn-uid: 66d6ad83-3f00-4738-b738-db341e02bfab
cdn-requestcountrycode: NO
cache-control: public, max-age=2592000
last-modified: Mon, 08 Aug 2022 05:40:26 GMT
cdn-storageserver: DE-164
cdn-fileserver: 419
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 206
cdn-cachedat: 09/14/2022 00:57:13
cdn-edgestorageid: 755
cdn-status: 200
cdn-requestid: 98111ceb60a5033b45125429674aadcf
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

rule34xyz.b-cdn.net/posts/3327/3327399/3327399.pic256avif.avif

89.187.169.3

200 OK

6.1 kB

URL HTTP/2
rule34xyz.b-cdn.net/posts/3327/3327399/3327399.pic256avif.avif
IP
89.187.169.3:0
ASN
#60068 Datacamp Limited

File type
ISO Media, HEIF Image\012- data
Size
6.1 kB (6060 bytes)
Hash
654e9576bddeb7880ba16cc60860da3e
c2f0d358af687b85bd07db13f3df35e1e7e52a61
3956262b26abfc57fdc84ad8b1aac0d83da7d8febc7e9c7e4530a7e19b954f54

HTTP Headers

GET /posts/3327/3327399/3327399.pic256avif.avif HTTP/1.1
Host: rule34xyz.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rule34.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 26 Sep 2022 19:31:47 GMT
content-type: application/octet-stream
content-length: 6060
server: BunnyCDN-DE-752
cdn-pullzone: 294263
cdn-uid: 66d6ad83-3f00-4738-b738-db341e02bfab
cdn-requestcountrycode: NO
cache-control: public, max-age=2592000
last-modified: Sun, 02 Jan 2022 05:50:37 GMT
cdn-storageserver: DE-200
cdn-fileserver: 291
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 206
cdn-cachedat: 08/23/2022 07:40:10
cdn-edgestorageid: 601
cdn-status: 200
cdn-requestid: b3d9e6f5dc41cd44f81918a8f1ffb114
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

rule34xyz.b-cdn.net/posts/3228/3228155/3228155.pic256avif.avif

89.187.169.3

200 OK

2.7 kB

URL HTTP/2
rule34xyz.b-cdn.net/posts/3228/3228155/3228155.pic256avif.avif
IP
89.187.169.3:0
ASN
#60068 Datacamp Limited

File type
ISO Media, HEIF Image\012- data
Size
2.7 kB (2731 bytes)
Hash
a132792a3e41673cab8b23e009f816eb
7e705871eca3d58caa39912d8fd33635b828fa82
ca1ad8a6386a82c02bd4ece2742e49f0e4bca984cce89f872abdd0f812a53c2d

HTTP Headers

GET /posts/3228/3228155/3228155.pic256avif.avif HTTP/1.1
Host: rule34xyz.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rule34.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 26 Sep 2022 19:31:47 GMT
content-type: application/octet-stream
content-length: 2731
server: BunnyCDN-DE-752
cdn-pullzone: 294263
cdn-uid: 66d6ad83-3f00-4738-b738-db341e02bfab
cdn-requestcountrycode: NO
cache-control: public, max-age=2592000
last-modified: Tue, 27 Jul 2021 02:20:16 GMT
cdn-storageserver: DE-51
cdn-fileserver: 185
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 206
cdn-cachedat: 09/01/2022 09:32:32
cdn-edgestorageid: 865
cdn-status: 200
cdn-requestid: de9b0bca212cc14184b15c366cb96414
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

rule34xyz.b-cdn.net/posts/3195/3195547/3195547.pic256avif.avif

89.187.169.3

200 OK

11 kB

URL HTTP/2
rule34xyz.b-cdn.net/posts/3195/3195547/3195547.pic256avif.avif
IP
89.187.169.3:0
ASN
#60068 Datacamp Limited

File type
ISO Media, HEIF Image\012- data
Size
11 kB (10725 bytes)
Hash
d557e92eebe118aa0f0ba4a716752275
946682ad335057f0233af5a902a5bba2f545635b
4fdec9281d0d3fe49774d0f9c3b21d9302eaa12a6362391e6299789f04932651

HTTP Headers

GET /posts/3195/3195547/3195547.pic256avif.avif HTTP/1.1
Host: rule34xyz.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rule34.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 26 Sep 2022 19:31:47 GMT
content-type: application/octet-stream
content-length: 10725
server: BunnyCDN-DE-752
cdn-pullzone: 294263
cdn-uid: 66d6ad83-3f00-4738-b738-db341e02bfab
cdn-requestcountrycode: NO
cache-control: public, max-age=2592000
last-modified: Sat, 05 Jun 2021 18:43:16 GMT
cdn-storageserver: DE-197
cdn-fileserver: 68
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 206
cdn-cachedat: 09/01/2022 05:01:08
cdn-edgestorageid: 755
cdn-status: 200
cdn-requestid: 086326755d8cf15fd8355747261c1e5b
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

rule34xyz.b-cdn.net/posts/3157/3157162/3157162.pic256avif.avif

89.187.169.3

200 OK

2.4 kB

URL HTTP/2
rule34xyz.b-cdn.net/posts/3157/3157162/3157162.pic256avif.avif
IP
89.187.169.3:0
ASN
#60068 Datacamp Limited

File type
ISO Media, HEIF Image\012- data
Size
2.4 kB (2377 bytes)
Hash
c1db247c849ffe9610319f45d511b2eb
ee3a283a9c981264f840a21f2065d3f13abf0e01
66bf75fb952bb1ba84d782206f33c6fb2a183ae8815e7e7613c14f66cea6525a

HTTP Headers

GET /posts/3157/3157162/3157162.pic256avif.avif HTTP/1.1
Host: rule34xyz.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rule34.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 26 Sep 2022 19:31:47 GMT
content-type: application/octet-stream
content-length: 2377
server: BunnyCDN-DE-752
cdn-pullzone: 294263
cdn-uid: 66d6ad83-3f00-4738-b738-db341e02bfab
cdn-requestcountrycode: NO
cache-control: public, max-age=2592000
last-modified: Mon, 07 Jun 2021 14:58:25 GMT
cdn-storageserver: DE-169
cdn-fileserver: 115
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 206
cdn-cachedat: 09/01/2022 07:51:38
cdn-edgestorageid: 874
cdn-status: 200
cdn-requestid: 8ec46d2f3caa81c19e205ac871b0330a
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

rule34xyz.b-cdn.net/posts/3132/3132647/3132647.pic256avif.avif

89.187.169.3

200 OK

4.8 kB

URL HTTP/2
rule34xyz.b-cdn.net/posts/3132/3132647/3132647.pic256avif.avif
IP
89.187.169.3:0
ASN
#60068 Datacamp Limited

File type
ISO Media, HEIF Image\012- data
Size
4.8 kB (4817 bytes)
Hash
cd35c86a8c82ef9a9dcd8a2bfacd2575
0b118c93d35288576d2e2ffef56490a79ef6d24e
3d71874cbc79fe64e43a99443f9e71f9e6c3036129db7824d50bf9ffe7e505f5

HTTP Headers

GET /posts/3132/3132647/3132647.pic256avif.avif HTTP/1.1
Host: rule34xyz.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rule34.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 26 Sep 2022 19:31:47 GMT
content-type: application/octet-stream
content-length: 4817
server: BunnyCDN-DE-752
cdn-pullzone: 294263
cdn-uid: 66d6ad83-3f00-4738-b738-db341e02bfab
cdn-requestcountrycode: NO
cache-control: public, max-age=2592000
last-modified: Tue, 01 Jun 2021 09:49:44 GMT
cdn-storageserver: DE-165
cdn-fileserver: 57
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 206
cdn-cachedat: 08/31/2022 13:58:14
cdn-edgestorageid: 755
cdn-status: 200
cdn-requestid: aee1ec59daa23cec3130261b7ce2d16f
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

rule34xyz.b-cdn.net/posts/3178/3178188/3178188.pic256avif.avif

89.187.169.3

200 OK

4.4 kB

URL HTTP/2
rule34xyz.b-cdn.net/posts/3178/3178188/3178188.pic256avif.avif
IP
89.187.169.3:0
ASN
#60068 Datacamp Limited

File type
ISO Media, HEIF Image\012- data
Size
4.4 kB (4385 bytes)
Hash
0abcf5907f61ca40a50640a7d6a0aa64
b5ac01a1bb8c6821bc411551aa4f1b56e57d9187
d0e2b013570b7679469e9a66dcdab11ed4d5ae0ea717e07b8f24b2c8c94c5007

HTTP Headers

GET /posts/3178/3178188/3178188.pic256avif.avif HTTP/1.1
Host: rule34xyz.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rule34.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 26 Sep 2022 19:31:47 GMT
content-type: application/octet-stream
content-length: 4385
server: BunnyCDN-DE-752
cdn-pullzone: 294263
cdn-uid: 66d6ad83-3f00-4738-b738-db341e02bfab
cdn-requestcountrycode: NO
cache-control: public, max-age=2592000
last-modified: Tue, 08 Jun 2021 17:14:49 GMT
cdn-storageserver: DE-197
cdn-fileserver: 132
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 206
cdn-cachedat: 08/28/2022 01:22:59
cdn-edgestorageid: 863
cdn-status: 200
cdn-requestid: 6f4e2016a889469e634bfe3de8bceffd
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

rule34xyz.b-cdn.net/posts/3116/3116074/3116074.pic256avif.avif

89.187.169.3

200 OK

5.3 kB

URL HTTP/2
rule34xyz.b-cdn.net/posts/3116/3116074/3116074.pic256avif.avif
IP
89.187.169.3:0
ASN
#60068 Datacamp Limited

File type
ISO Media, HEIF Image\012- data
Size
5.3 kB (5271 bytes)
Hash
ff76f37cc8bd088f831a487bb1535974
291fead2b4c0a9a1b3cac18a0df766f1024c6232
f03a68a297ec9d45fe9aeb886fe7515f5abc092d05a12a4b072b65af293d8b97

HTTP Headers

GET /posts/3116/3116074/3116074.pic256avif.avif HTTP/1.1
Host: rule34xyz.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rule34.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 26 Sep 2022 19:31:47 GMT
content-type: application/octet-stream
content-length: 5271
server: BunnyCDN-DE-752
cdn-pullzone: 294263
cdn-uid: 66d6ad83-3f00-4738-b738-db341e02bfab
cdn-requestcountrycode: NO
cache-control: public, max-age=2592000
last-modified: Sun, 30 May 2021 21:39:50 GMT
cdn-storageserver: DE-169
cdn-fileserver: 146
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 206
cdn-cachedat: 09/01/2022 09:32:32
cdn-edgestorageid: 865
cdn-status: 200
cdn-requestid: a08c8766d5b883c21c9956bae8a974c9
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

rule34xyz.b-cdn.net/posts/3116/3116073/3116073.pic256avif.avif

89.187.169.3

200 OK

6.2 kB

URL HTTP/2
rule34xyz.b-cdn.net/posts/3116/3116073/3116073.pic256avif.avif
IP
89.187.169.3:0
ASN
#60068 Datacamp Limited

File type
ISO Media, HEIF Image\012- data
Size
6.2 kB (6161 bytes)
Hash
e01409a874aaf81cb2870e65ea97116a
cfb0a00a7a96db714a811e5080a2503a2801e640
01d003e559dfbf00da9d0d9bcc9c3bedfe3029305d640f7f87899a2eb5187c47

HTTP Headers

GET /posts/3116/3116073/3116073.pic256avif.avif HTTP/1.1
Host: rule34xyz.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rule34.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 26 Sep 2022 19:31:47 GMT
content-type: application/octet-stream
content-length: 6161
server: BunnyCDN-DE-752
cdn-pullzone: 294263
cdn-uid: 66d6ad83-3f00-4738-b738-db341e02bfab
cdn-requestcountrycode: NO
cache-control: public, max-age=2592000
last-modified: Sun, 30 May 2021 21:39:49 GMT
cdn-storageserver: DE-200
cdn-fileserver: 146
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 206
cdn-cachedat: 09/01/2022 09:32:32
cdn-edgestorageid: 752
cdn-status: 200
cdn-requestid: 5bd0bc8362a30b3a2d566612283eebaa
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

rule34xyz.b-cdn.net/posts/3116/3116060/3116060.pic256avif.avif

89.187.169.3

200 OK

5.3 kB

URL HTTP/2
rule34xyz.b-cdn.net/posts/3116/3116060/3116060.pic256avif.avif
IP
89.187.169.3:0
ASN
#60068 Datacamp Limited

File type
ISO Media, HEIF Image\012- data
Size
5.3 kB (5303 bytes)
Hash
2e1580611c46c4f4f34ad35d74b6c38c
ca25c760e09820c7762458eee64f289452b1c995
daebf02a11de8f424ca3a8d98a804913440f9daf2955c95795a7cc3be233b960

HTTP Headers

GET /posts/3116/3116060/3116060.pic256avif.avif HTTP/1.1
Host: rule34xyz.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rule34.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 26 Sep 2022 19:31:47 GMT
content-type: application/octet-stream
content-length: 5303
server: BunnyCDN-DE-752
cdn-pullzone: 294263
cdn-uid: 66d6ad83-3f00-4738-b738-db341e02bfab
cdn-requestcountrycode: NO
cache-control: public, max-age=2592000
last-modified: Sun, 30 May 2021 21:39:36 GMT
cdn-storageserver: DE-169
cdn-fileserver: 141
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 206
cdn-cachedat: 09/03/2022 12:04:45
cdn-edgestorageid: 860
cdn-status: 200
cdn-requestid: e2d754bb5c65cb08072606ef75b01fd6
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

rule34xyz.b-cdn.net/posts/3116/3116059/3116059.pic256avif.avif

89.187.169.3

200 OK

7.2 kB

URL HTTP/2
rule34xyz.b-cdn.net/posts/3116/3116059/3116059.pic256avif.avif
IP
89.187.169.3:0
ASN
#60068 Datacamp Limited

File type
ISO Media, HEIF Image\012- data
Size
7.2 kB (7183 bytes)
Hash
ce8c1c0523b909bb076899cbbb9d0cb8
afdc82e892381bd3ed1ee61561f7540dc243f0e5
c550011fb2324fdcaf433b4aa13216aa462af62e3d23cf5310b37287cfe41b7b

HTTP Headers

GET /posts/3116/3116059/3116059.pic256avif.avif HTTP/1.1
Host: rule34xyz.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rule34.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 26 Sep 2022 19:31:47 GMT
content-type: application/octet-stream
content-length: 7183
server: BunnyCDN-DE-752
cdn-pullzone: 294263
cdn-uid: 66d6ad83-3f00-4738-b738-db341e02bfab
cdn-requestcountrycode: NO
cache-control: public, max-age=2592000
last-modified: Sun, 30 May 2021 21:39:34 GMT
cdn-storageserver: DE-197
cdn-fileserver: 39
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 206
cdn-cachedat: 08/28/2022 21:06:37
cdn-edgestorageid: 632
cdn-status: 200
cdn-requestid: 35a356be96e4184738e6014fd421f4f6
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

rule34xyz.b-cdn.net/posts/3104/3104063/3104063.pic256avif.avif

89.187.169.3

200 OK

5.3 kB

URL HTTP/2
rule34xyz.b-cdn.net/posts/3104/3104063/3104063.pic256avif.avif
IP
89.187.169.3:0
ASN
#60068 Datacamp Limited

File type
ISO Media, HEIF Image\012- data
Size
5.3 kB (5294 bytes)
Hash
8b924d19de38a1e13ebacbbd29bcc4da
f8ae09ba3d075ff9cc8afcb63e81aac0091d889c
9cb64029dc604b963a4fab9c0f9d2b8740368a76c257ddaa5a0ba9eb945b43b8

HTTP Headers

GET /posts/3104/3104063/3104063.pic256avif.avif HTTP/1.1
Host: rule34xyz.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rule34.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 26 Sep 2022 19:31:47 GMT
content-type: application/octet-stream
content-length: 5294
server: BunnyCDN-DE-752
cdn-pullzone: 294263
cdn-uid: 66d6ad83-3f00-4738-b738-db341e02bfab
cdn-requestcountrycode: NO
cache-control: public, max-age=2592000
last-modified: Wed, 26 May 2021 23:41:29 GMT
cdn-storageserver: DE-198
cdn-fileserver: 33
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 206
cdn-cachedat: 09/01/2022 09:32:32
cdn-edgestorageid: 632
cdn-status: 200
cdn-requestid: bbeec77823c116bafec0fe9c3acc71ba
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

rule34xyz.b-cdn.net/posts/3102/3102129/3102129.pic256avif.avif

89.187.169.3

200 OK

3.0 kB

URL HTTP/2
rule34xyz.b-cdn.net/posts/3102/3102129/3102129.pic256avif.avif
IP
89.187.169.3:0
ASN
#60068 Datacamp Limited

File type
ISO Media, HEIF Image\012- data
Size
3.0 kB (2977 bytes)
Hash
934c36c566394cf487ca9ffbf014500b
6e14cdbe7c12c4887bacfef04d6b4bc978b2aa79
cb7f5f63f47b922fa41dd52f80f851f90458089ac1f9c943c46efc88efb15d32

HTTP Headers

GET /posts/3102/3102129/3102129.pic256avif.avif HTTP/1.1
Host: rule34xyz.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rule34.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 26 Sep 2022 19:31:47 GMT
content-type: application/octet-stream
content-length: 2977
server: BunnyCDN-DE-752
cdn-pullzone: 294263
cdn-uid: 66d6ad83-3f00-4738-b738-db341e02bfab
cdn-requestcountrycode: NO
cache-control: public, max-age=2592000
last-modified: Wed, 26 May 2021 22:02:44 GMT
cdn-storageserver: DE-167
cdn-fileserver: 150
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 206
cdn-cachedat: 08/31/2022 17:11:13
cdn-edgestorageid: 632
cdn-status: 200
cdn-requestid: 647661a71fe154797358ac9fa3b3d690
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

rule34xyz.b-cdn.net/posts/3101/3101367/3101367.pic256avif.avif

89.187.169.3

200 OK

3.3 kB

URL HTTP/2
rule34xyz.b-cdn.net/posts/3101/3101367/3101367.pic256avif.avif
IP
89.187.169.3:0
ASN
#60068 Datacamp Limited

File type
ISO Media, HEIF Image\012- data
Size
3.3 kB (3309 bytes)
Hash
61732af79e866ab008fb839c41f9fec0
5d2fbb760d48475e9402da70460ef2ff840f496c
6ea67fe49545809a73137d50c91474d8d85c3b232c96b5f6a2054fcc0337ee00

HTTP Headers

GET /posts/3101/3101367/3101367.pic256avif.avif HTTP/1.1
Host: rule34xyz.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rule34.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 26 Sep 2022 19:31:47 GMT
content-type: application/octet-stream
content-length: 3309
server: BunnyCDN-DE-752
cdn-pullzone: 294263
cdn-uid: 66d6ad83-3f00-4738-b738-db341e02bfab
cdn-requestcountrycode: NO
cache-control: public, max-age=2592000
last-modified: Wed, 26 May 2021 21:12:47 GMT
cdn-storageserver: DE-51
cdn-fileserver: 89
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 206
cdn-cachedat: 08/31/2022 17:11:12
cdn-edgestorageid: 874
cdn-status: 200
cdn-requestid: e0d719bcb006117dfa5c1b79fe88a3c7
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

rule34xyz.b-cdn.net/posts/3031/3031636/3031636.pic256avif.avif

89.187.169.3

200 OK

4.5 kB

URL HTTP/2
rule34xyz.b-cdn.net/posts/3031/3031636/3031636.pic256avif.avif
IP
89.187.169.3:0
ASN
#60068 Datacamp Limited

File type
ISO Media, HEIF Image\012- data
Size
4.5 kB (4454 bytes)
Hash
8be965ecf218372cd4c6923f8e8e6635
7faba2da4abe298b0131c55ab03a2ef673bf06bf
1eeb624e51ba334adcc4de08a5c7be4771ba20af73f4a30c2b5e16bef0558c91

HTTP Headers

GET /posts/3031/3031636/3031636.pic256avif.avif HTTP/1.1
Host: rule34xyz.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rule34.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 26 Sep 2022 19:31:47 GMT
content-type: application/octet-stream
content-length: 4454
server: BunnyCDN-DE-752
cdn-pullzone: 294263
cdn-uid: 66d6ad83-3f00-4738-b738-db341e02bfab
cdn-requestcountrycode: NO
cache-control: public, max-age=2592000
last-modified: Fri, 19 Nov 2021 13:37:57 GMT
cdn-storageserver: LA-211
cdn-fileserver: 244
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 206
cdn-cachedat: 09/19/2022 10:27:02
cdn-edgestorageid: 723
cdn-status: 200
cdn-requestid: 2d5fbab770f27c3d0f8be1dc215efaa0
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

rule34xyz.b-cdn.net/posts/3101/3101368/3101368.pic256avif.avif

89.187.169.3

200 OK

3.8 kB

URL HTTP/2
rule34xyz.b-cdn.net/posts/3101/3101368/3101368.pic256avif.avif
IP
89.187.169.3:0
ASN
#60068 Datacamp Limited

File type
ISO Media, HEIF Image\012- data
Size
3.8 kB (3776 bytes)
Hash
ae5ec8f46aa4ad3eabe1a60f285f88a4
39064b1b3cee6c8784708d83dc4bb4d922971185
5f54284490dfd42d5dad4754a7d4e1d125b5c0e8fe5a65a33b90e1cd7906202c

HTTP Headers

GET /posts/3101/3101368/3101368.pic256avif.avif HTTP/1.1
Host: rule34xyz.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rule34.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 26 Sep 2022 19:31:47 GMT
content-type: application/octet-stream
content-length: 3776
server: BunnyCDN-DE-752
cdn-pullzone: 294263
cdn-uid: 66d6ad83-3f00-4738-b738-db341e02bfab
cdn-requestcountrycode: NO
cache-control: public, max-age=2592000
last-modified: Wed, 26 May 2021 21:12:48 GMT
cdn-storageserver: DE-51
cdn-fileserver: 89
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 206
cdn-cachedat: 07/06/2022 23:28:16
cdn-edgestorageid: 874
cdn-status: 200
cdn-requestid: 9700fc67479fc3cc290b6645ef694d1c
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

rule34xyz.b-cdn.net/posts/3352/3352870/3352870.pic256avif.avif

89.187.169.3

200 OK

7.3 kB

URL HTTP/2
rule34xyz.b-cdn.net/posts/3352/3352870/3352870.pic256avif.avif
IP
89.187.169.3:0
ASN
#60068 Datacamp Limited

File type
ISO Media, HEIF Image\012- data
Size
7.3 kB (7330 bytes)
Hash
d8cf8424c7bcb6cf481dcc731771ed5e
b9e4f40b24027226b674330a86f76e8a8aa3d57e
eefdc9098d645a24e5942ebd955ddd15b85635c70bd158005286d74fb87e614e

HTTP Headers

GET /posts/3352/3352870/3352870.pic256avif.avif HTTP/1.1
Host: rule34xyz.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rule34.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 26 Sep 2022 19:31:47 GMT
content-type: application/octet-stream
content-length: 7330
server: BunnyCDN-DE-752
cdn-pullzone: 294263
cdn-uid: 66d6ad83-3f00-4738-b738-db341e02bfab
cdn-requestcountrycode: NO
cache-control: public, max-age=2592000
last-modified: Tue, 08 Feb 2022 07:00:18 GMT
cdn-storageserver: DE-169
cdn-fileserver: 296
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 206
cdn-cachedat: 07/19/2022 19:48:20
cdn-edgestorageid: 722
cdn-status: 200
cdn-requestid: 829f14d3ff1b2294b4e9123cb86fe4fd
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

rule34xyz.b-cdn.net/posts/3023/3023240/3023240.pic256avif.avif

89.187.169.3

200 OK

2.4 kB

URL HTTP/2
rule34xyz.b-cdn.net/posts/3023/3023240/3023240.pic256avif.avif
IP
89.187.169.3:0
ASN
#60068 Datacamp Limited

File type
ISO Media, HEIF Image\012- data
Size
2.4 kB (2408 bytes)
Hash
998acd0f33ea2b7c8a2932681fd58cea
0db038048249d30b018b7c39f35d58d038d838eb
bbf7138c0649b4abb91a899eaf6c4e9562e91952afa7d2cf5192e4e1bb1fbd7b

HTTP Headers

GET /posts/3023/3023240/3023240.pic256avif.avif HTTP/1.1
Host: rule34xyz.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rule34.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 26 Sep 2022 19:31:47 GMT
content-type: application/octet-stream
content-length: 2408
server: BunnyCDN-DE-752
cdn-pullzone: 294263
cdn-uid: 66d6ad83-3f00-4738-b738-db341e02bfab
cdn-requestcountrycode: NO
cache-control: public, max-age=2592000
last-modified: Mon, 31 May 2021 09:16:33 GMT
cdn-storageserver: DE-51
cdn-fileserver: 124
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 206
cdn-cachedat: 03/26/2022 22:04:56
cdn-edgestorageid: 755
cdn-status: 200
cdn-requestid: 0fe5f5e950ea6468291b0e7b3f13d595
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

rule34xyz.b-cdn.net/posts/3353/3353101/3353101.pic256avif.avif

89.187.169.3

200 OK

12 kB

URL HTTP/2
rule34xyz.b-cdn.net/posts/3353/3353101/3353101.pic256avif.avif
IP
89.187.169.3:0
ASN
#60068 Datacamp Limited

File type
ISO Media, HEIF Image\012- data
Size
12 kB (12509 bytes)
Hash
7912ef0011695e19a3db260ded2e9933
821a87c275ab49642b612645e12ccb7bd934ec37
884ab42b8133416e667230e1c3f35d24194b77dbc4a5e2fb6883c7ba4a0afc5f

HTTP Headers

GET /posts/3353/3353101/3353101.pic256avif.avif HTTP/1.1
Host: rule34xyz.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rule34.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 26 Sep 2022 19:31:47 GMT
content-type: application/octet-stream
content-length: 12509
server: BunnyCDN-DE-752
cdn-pullzone: 294263
cdn-uid: 66d6ad83-3f00-4738-b738-db341e02bfab
cdn-requestcountrycode: NO
cache-control: public, max-age=2592000
last-modified: Tue, 08 Feb 2022 16:20:19 GMT
cdn-storageserver: DE-169
cdn-fileserver: 236
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 206
cdn-cachedat: 05/03/2022 03:01:22
cdn-edgestorageid: 864
cdn-status: 200
cdn-requestid: daab7be50f436199b8f6c937cfe575b5
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

rule34xyz.b-cdn.net/posts/3031/3031654/3031654.pic256avif.avif

89.187.169.3

200 OK

5.2 kB

URL HTTP/2
rule34xyz.b-cdn.net/posts/3031/3031654/3031654.pic256avif.avif
IP
89.187.169.3:0
ASN
#60068 Datacamp Limited

File type
ISO Media, HEIF Image\012- data
Size
5.2 kB (5161 bytes)
Hash
134903276c46ed91782cba9dc2c75c59
fd3c4542f82c29c3dc4102c3b12f2ea08632787e
9c8abdc5478eda49dd3e49b435a20103ce8fe4fccab159ad3cebcc1a7287142d

HTTP Headers

GET /posts/3031/3031654/3031654.pic256avif.avif HTTP/1.1
Host: rule34xyz.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rule34.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 26 Sep 2022 19:31:47 GMT
content-type: application/octet-stream
content-length: 5161
server: BunnyCDN-DE-752
cdn-pullzone: 294263
cdn-uid: 66d6ad83-3f00-4738-b738-db341e02bfab
cdn-requestcountrycode: NO
cache-control: public, max-age=2592000
last-modified: Sun, 30 May 2021 22:41:05 GMT
cdn-storageserver: DE-197
cdn-fileserver: 132
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 206
cdn-cachedat: 08/31/2022 21:01:22
cdn-edgestorageid: 632
cdn-status: 200
cdn-requestid: 7a27437a22cf34a12b6fea2f47fbf06c
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

rule34xyz.b-cdn.net/posts/3075/3075076/3075076.pic256avif.avif

89.187.169.3

200 OK

4.1 kB

URL HTTP/2
rule34xyz.b-cdn.net/posts/3075/3075076/3075076.pic256avif.avif
IP
89.187.169.3:0
ASN
#60068 Datacamp Limited

File type
ISO Media, HEIF Image\012- data
Size
4.1 kB (4093 bytes)
Hash
92b2383a4a51ce7c2956eece07c0a19a
0bcf5d92df1079c6036ba8bab41987c4abf596b8
661d751934be1248e8c27344a8d299843cf555ec6b74651ec866d75fec28f090

HTTP Headers

GET /posts/3075/3075076/3075076.pic256avif.avif HTTP/1.1
Host: rule34xyz.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rule34.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 26 Sep 2022 19:31:47 GMT
content-type: application/octet-stream
content-length: 4093
server: BunnyCDN-DE-752
cdn-pullzone: 294263
cdn-uid: 66d6ad83-3f00-4738-b738-db341e02bfab
cdn-requestcountrycode: NO
cache-control: public, max-age=2592000
last-modified: Fri, 28 May 2021 19:00:49 GMT
cdn-storageserver: DE-199
cdn-fileserver: 162
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 206
cdn-cachedat: 04/19/2022 12:45:25
cdn-edgestorageid: 632
cdn-status: 200
cdn-requestid: f0dd92b033ea4fc3606d648a020ca49e
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

rule34xyz.b-cdn.net/posts/3092/3092959/3092959.pic256avif.avif

89.187.169.3

200 OK

5.3 kB

URL HTTP/2
rule34xyz.b-cdn.net/posts/3092/3092959/3092959.pic256avif.avif
IP
89.187.169.3:0
ASN
#60068 Datacamp Limited

File type
ISO Media, HEIF Image\012- data
Size
5.3 kB (5292 bytes)
Hash
1b86bc8dec14d71314ed0fddb76cbaad
5cc7dc4a18833a0dfe9881e0a0a94d279b389751
8fd80548713c9e3aedb23fb2bf880d18e803e46bf4e185a66719861b8e611da0

HTTP Headers

GET /posts/3092/3092959/3092959.pic256avif.avif HTTP/1.1
Host: rule34xyz.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rule34.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 26 Sep 2022 19:31:47 GMT
content-type: application/octet-stream
content-length: 5292
server: BunnyCDN-DE-752
cdn-pullzone: 294263
cdn-uid: 66d6ad83-3f00-4738-b738-db341e02bfab
cdn-requestcountrycode: NO
cache-control: public, max-age=2592000
last-modified: Sun, 30 May 2021 12:45:45 GMT
cdn-storageserver: DE-165
cdn-fileserver: 39
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 206
cdn-cachedat: 08/31/2022 23:59:11
cdn-edgestorageid: 860
cdn-status: 200
cdn-requestid: 8ea6fe87003cf8a7941ad5c945d82b64
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

rule34xyz.b-cdn.net/posts/3116/3116061/3116061.pic256avif.avif

89.187.169.3

200 OK

5.2 kB

URL HTTP/2
rule34xyz.b-cdn.net/posts/3116/3116061/3116061.pic256avif.avif
IP
89.187.169.3:0
ASN
#60068 Datacamp Limited

File type
ISO Media, HEIF Image\012- data
Size
5.2 kB (5192 bytes)
Hash
9d5532d4d06325a4446bb4635a95ebdb
6020425c6e605388983559e1fdb80ccce18913a4
68517213ada3ffb4c6a44f115fea794f9636359879f3e3409f21594eb54c8379

HTTP Headers

GET /posts/3116/3116061/3116061.pic256avif.avif HTTP/1.1
Host: rule34xyz.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rule34.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 26 Sep 2022 19:31:47 GMT
content-type: application/octet-stream
content-length: 5192
server: BunnyCDN-DE-752
cdn-pullzone: 294263
cdn-uid: 66d6ad83-3f00-4738-b738-db341e02bfab
cdn-requestcountrycode: NO
cache-control: public, max-age=2592000
last-modified: Sun, 30 May 2021 21:39:37 GMT
cdn-storageserver: DE-167
cdn-fileserver: 118
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 206
cdn-cachedat: 09/08/2022 17:58:58
cdn-edgestorageid: 865
cdn-status: 200
cdn-requestid: e7a8241c6ee31e6898e636b06ef453ed
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

ocsp.sectigo.com/

172.64.155.188

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
96c73f686bbfccd42a1bc25900e41390
21f19f5a80114b20d2df17e85a0441b3874694fa
1f2587c0c48e9bb25096fb30e9a5d6ebad24022c06adb5508146d2a97102b13a

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 19:31:47 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 24 Sep 2022 17:02:00 GMT
Expires: Sat, 01 Oct 2022 17:01:59 GMT
Etag: "21f19f5a80114b20d2df17e85a0441b3874694fa"
Cache-Control: max-age=422411,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 750e6bfe7fadb4f7-OSL

ocsp.sectigo.com/

172.64.155.188

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
96c73f686bbfccd42a1bc25900e41390
21f19f5a80114b20d2df17e85a0441b3874694fa
1f2587c0c48e9bb25096fb30e9a5d6ebad24022c06adb5508146d2a97102b13a

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 19:31:47 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 24 Sep 2022 17:02:00 GMT
Expires: Sat, 01 Oct 2022 17:01:59 GMT
Etag: "21f19f5a80114b20d2df17e85a0441b3874694fa"
Cache-Control: max-age=422411,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 750e6bfe8cacb517-OSL

ocsp.sectigo.com/

172.64.155.188

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
96c73f686bbfccd42a1bc25900e41390
21f19f5a80114b20d2df17e85a0441b3874694fa
1f2587c0c48e9bb25096fb30e9a5d6ebad24022c06adb5508146d2a97102b13a

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 26 Sep 2022 19:31:47 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 24 Sep 2022 17:02:00 GMT
Expires: Sat, 01 Oct 2022 17:01:59 GMT
Etag: "21f19f5a80114b20d2df17e85a0441b3874694fa"
Cache-Control: max-age=422411,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 750e6bfeae1eb529-OSL

rule34xyz.b-cdn.net/posts/3481/3481489/3481489.pic256avif.avif

89.187.169.3

200 OK

8.5 kB

URL HTTP/2
rule34xyz.b-cdn.net/posts/3481/3481489/3481489.pic256avif.avif
IP
89.187.169.3:0
ASN
#60068 Datacamp Limited

File type
ISO Media, HEIF Image\012- data
Size
8.5 kB (8547 bytes)
Hash
6b91198db3884d508a060e2c8e4b4be7
412fa08fb672e5f5733ae3de958a6e30ff5caf80
1fbee96f4c08df1de752e687c914aea037e5b85b549d5662c0f6eb49af7c6a72

HTTP Headers

GET /posts/3481/3481489/3481489.pic256avif.avif HTTP/1.1
Host: rule34xyz.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rule34.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 26 Sep 2022 19:31:47 GMT
content-type: application/octet-stream
content-length: 8547
server: BunnyCDN-DE-752
cdn-pullzone: 294263
cdn-uid: 66d6ad83-3f00-4738-b738-db341e02bfab
cdn-requestcountrycode: NO
cache-control: public, max-age=2592000
last-modified: Mon, 15 Aug 2022 06:50:23 GMT
cdn-storageserver: LA-211
cdn-fileserver: 355
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 206
cdn-cachedat: 09/22/2022 08:17:03
cdn-edgestorageid: 601
cdn-status: 200
cdn-requestid: d118aed974700d779f1e0cb12fe57c5e
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

rule34xyz.b-cdn.net/posts/3478/3478472/3478472.pic256avif.avif

89.187.169.3

200 OK

8.4 kB

URL HTTP/2
rule34xyz.b-cdn.net/posts/3478/3478472/3478472.pic256avif.avif
IP
89.187.169.3:0
ASN
#60068 Datacamp Limited

File type
ISO Media, HEIF Image\012- data
Size
8.4 kB (8389 bytes)
Hash
2e80c425b54fdbd909bbd3a5a959ca03
bdbd7d279394488c9d9ce6ffd2287c23c41a2f9e
c1c6cfd9670288f4351c963373e9194648476cf2dffe11fe6e388d9d8cea022d

HTTP Headers

GET /posts/3478/3478472/3478472.pic256avif.avif HTTP/1.1
Host: rule34xyz.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rule34.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 26 Sep 2022 19:31:47 GMT
content-type: application/octet-stream
content-length: 8389
server: BunnyCDN-DE-752
cdn-pullzone: 294263
cdn-uid: 66d6ad83-3f00-4738-b738-db341e02bfab
cdn-requestcountrycode: NO
cache-control: public, max-age=2592000
last-modified: Tue, 09 Aug 2022 06:40:27 GMT
cdn-storageserver: DE-169
cdn-fileserver: 414
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 206
cdn-cachedat: 09/16/2022 01:52:42
cdn-edgestorageid: 601
cdn-status: 200
cdn-requestid: a4fe58ef2cddd56d0fb84cd2f5594720
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

rule34xyz.b-cdn.net/posts/3410/3410152/3410152.pic256avif.avif

89.187.169.3

200 OK

4.5 kB

URL HTTP/2
rule34xyz.b-cdn.net/posts/3410/3410152/3410152.pic256avif.avif
IP
89.187.169.3:0
ASN
#60068 Datacamp Limited

File type
ISO Media, HEIF Image\012- data
Size
4.5 kB (4504 bytes)
Hash
3c10fef89dda588f4de6c75346ac6e51
8f1f9b026229a5f2248a0468676b882425e03f3b
e4b3a29c8009b988fc925cc009a876a269822787c5b461a1ca85a9a06e94cef2

HTTP Headers

GET /posts/3410/3410152/3410152.pic256avif.avif HTTP/1.1
Host: rule34xyz.b-cdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rule34.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 26 Sep 2022 19:31:47 GMT
content-type: application/octet-stream
content-length: 4504
server: BunnyCDN-DE-752
cdn-pullzone: 294263
cdn-uid: 66d6ad83-3f00-4738-b738-db341e02bfab
cdn-requestcountrycode: NO
cache-control: public, max-age=2592000
last-modified: Fri, 29 Apr 2022 10:25:18 GMT
cdn-storageserver: LA-244
cdn-fileserver: 286
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 206
cdn-cachedat: 08/22/2022 04:45:07
cdn-edgestorageid: 565
cdn-status: 200
cdn-requestid: ac811888851143bec2bdc20f202aa611
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

rule34.xyz/favicon.rule34xyz.ico

31.222.238.177

200 OK

22 kB

URL HTTP/2
rule34.xyz/favicon.rule34xyz.ico
IP
31.222.238.177:0
ASN
#43624 Pq Hosting S.r.l.

File type
MS Windows icon resource - 1 icon, 72x72, 32 bits/pixel\012- data
Size
22 kB (21662 bytes)
Hash
8af3931693c34a541ca0364bdd32940b
fe181a319195d6f133a73f9a232896c5369a1638
e5226fb838325cb0e7ddf30c89f4a0d0afd3f89d7936f5189f028fac8e1e5e77

HTTP Headers

GET /favicon.rule34xyz.ico HTTP/1.1
Host: rule34.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rule34.xyz/metro%20exodus
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public,max-age=31536000
date: Mon, 26 Sep 2022 19:31:46 GMT
content-type: image/x-icon
last-modified: Mon, 26 Sep 2022 19:20:06 GMT
accept-ranges: bytes
etag: "1d8d1dcfc19a39e"
server: Kestrel
content-length: 21662
strict-transport-security: max-age=2592000
X-Firefox-Spdy: h2

rule34.xyz/assets/images/flags/ru.png

31.222.238.177

200 OK

726 B

URL HTTP/2
rule34.xyz/assets/images/flags/ru.png
IP
31.222.238.177:0
ASN
#43624 Pq Hosting S.r.l.

File type
PNG image data, 256 x 171, 8-bit/color RGBA, non-interlaced\012- data
Size
726 B (726 bytes)
Hash
878b1c39221fd18c8288f25a81078e54
fdbc80bbe6fdfde300c6d059f02d7f3b51004c92
1271ce7f3b45a1197ce14d0f66a15e31465c16ff2b9711c00d69c44a26434d9a

HTTP Headers

GET /assets/images/flags/ru.png HTTP/1.1
Host: rule34.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rule34.xyz/metro_exodus
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public,max-age=31536000
date: Mon, 26 Sep 2022 19:31:46 GMT
content-type: image/png
last-modified: Mon, 26 Sep 2022 19:20:07 GMT
accept-ranges: bytes
etag: "1d8d1dcfcb28f56"
server: Kestrel
content-length: 726
strict-transport-security: max-age=2592000
X-Firefox-Spdy: h2

www.google-analytics.com/analytics.js

142.250.74.174

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.174:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1325)
Size
20 kB (19826 bytes)
Hash
cae538dcce82598fbe43c0bf443e62dd
cc68ac6be9c5e0087a0000e5735b83270ace30f5
954b9e9d9744e1319c51760780a35de2dec353afffac705c2cca6d836a5e056d

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rule34.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 19826
date: Mon, 26 Sep 2022 18:41:09 GMT
expires: Mon, 26 Sep 2022 20:41:09 GMT
cache-control: public, max-age=7200
age: 3038
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

rule34.xyz/ngsw-worker.js

31.222.238.177

200 OK

144 kB

URL HTTP/2
rule34.xyz/ngsw-worker.js
IP
31.222.238.177:0
ASN
#43624 Pq Hosting S.r.l.

File type
C++ source textAlgol 68 source text\012- Pascal source, ASCII text
Size
144 kB (144457 bytes)
Hash
f198dd031aa5e9954ce075455ba42676
b44316be1c1338e9e8bd30ee40946085916c58e4
b7e1ecb196061181fbb93845935de5d5a287f7a62a7dc9998e1bd781cedd14c9

HTTP Headers

GET /ngsw-worker.js HTTP/1.1
Host: rule34.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: _ga=GA1.2.162522528.1664220706; _gid=GA1.2.1138166168.1664220706; _gat=1
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public,max-age=31536000
date: Mon, 26 Sep 2022 19:31:47 GMT
content-type: application/javascript
last-modified: Mon, 26 Sep 2022 19:20:06 GMT
accept-ranges: bytes
etag: "1d8d1dcfc1bc349"
server: Kestrel
content-length: 144457
strict-transport-security: max-age=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
002d49bafbcc428a44fe523322ad9e05
b39aad0d1e941121f28af8f9b6d76f19216800d5
59a10c7762be219b689cd518aea4d034aa725c6a632b7f866989dcf984b5e007

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 19:31:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-114324981-1&cid=162522528.1664220706&jid=1821031250&gjid=1407816216&_gid=1138166168.1664220706&_u=IEBAAEAAAAAAAC~&z=217625797

64.233.162.157

200 OK

4 B

URL HTTP/2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-114324981-1&cid=162522528.1664220706&jid=1821031250&gjid=1407816216&_gid=1138166168.1664220706&_u=IEBAAEAAAAAAAC~&z=217625797
IP
64.233.162.157:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
4 B (4 bytes)
Hash
48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a

HTTP Headers

POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-114324981-1&cid=162522528.1664220706&jid=1821031250&gjid=1407816216&_gid=1138166168.1664220706&_u=IEBAAEAAAAAAAC~&z=217625797 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://rule34.xyz
Connection: keep-alive
Referer: https://rule34.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: https://rule34.xyz
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 26 Sep 2022 19:31:48 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

rule34.xyz/api/r/posts?id=FPBPH0ird_QJ1SMa5BdzHg

31.222.238.177

101 Switching Protocols

0 B

URL HTTP/1.1
rule34.xyz/api/r/posts?id=FPBPH0ird_QJ1SMa5BdzHg
IP
31.222.238.177:0
ASN
#43624 Pq Hosting S.r.l.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /api/r/posts?id=FPBPH0ird_QJ1SMa5BdzHg HTTP/1.1
Host: rule34.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://rule34.xyz
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: x4RX52T+0n2fU9Q1z60zDQ==
Connection: keep-alive, Upgrade
Cookie: _ga=GA1.2.162522528.1664220706; _gid=GA1.2.1138166168.1664220706; _gat=1
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Date: Mon, 26 Sep 2022 19:31:47 GMT
Server: Kestrel
Upgrade: websocket
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://rule34.xyz
Strict-Transport-Security: max-age=2592000
Sec-WebSocket-Accept: 5P2Eaq6dQMeXe12PAV9d9ghbXl8=

bg4nxu2u5t.com/solid.gif?z=1780566&abvar=31

62.122.171.6

200 OK

43 B

URL HTTP/2
bg4nxu2u5t.com/solid.gif?z=1780566&abvar=31
IP
62.122.171.6:0
ASN
#50245 Serverel Inc.

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
28e463819a210071de3b45ebe7633613
6dccd571828ec0912629119cf7eabfea9f33ddbc
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

POST /solid.gif?z=1780566&abvar=31 HTTP/1.1
Host: bg4nxu2u5t.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://rule34.xyz
Connection: keep-alive
Referer: https://rule34.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 19:31:48 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.tag.loaded
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
bc7883d0a03d9c3559288a600fecc70a
b0e538996510ec8c861264cba4bf79fa73f6f7d6
c3bdc9bb12c7c951ca2d861c95156de2c724acc82386e882864c464132e07ac3

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 19:31:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
9f61c5ada09e4fa747144a96e95a943f
e7f3119b4d75a72dd0409673b9789ac1f3233d23
95afa75f054462b0db7b7b59ebadecc07ce8e4eac12b07e76645848983c52bcf

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 19:31:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
002d49bafbcc428a44fe523322ad9e05
b39aad0d1e941121f28af8f9b6d76f19216800d5
59a10c7762be219b689cd518aea4d034aa725c6a632b7f866989dcf984b5e007

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 19:31:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-114324981-1&cid=162522528.1664220706&jid=1821031250&_u=IEBAAEAAAAAAAC~&z=776531758

142.250.74.3

200 OK

42 B

URL HTTP/2
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-114324981-1&cid=162522528.1664220706&jid=1821031250&_u=IEBAAEAAAAAAAC~&z=776531758
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-114324981-1&cid=162522528.1664220706&jid=1821031250&_u=IEBAAEAAAAAAAC~&z=776531758 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rule34.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 26 Sep 2022 19:31:48 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-114324981-1&cid=162522528.1664220706&jid=1821031250&_u=IEBAAEAAAAAAAC~&z=776531758

142.250.74.164

200 OK

42 B

URL HTTP/2
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-114324981-1&cid=162522528.1664220706&jid=1821031250&_u=IEBAAEAAAAAAAC~&z=776531758
IP
142.250.74.164:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-114324981-1&cid=162522528.1664220706&jid=1821031250&_u=IEBAAEAAAAAAAC~&z=776531758 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rule34.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 26 Sep 2022 19:31:48 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
9f61c5ada09e4fa747144a96e95a943f
e7f3119b4d75a72dd0409673b9789ac1f3233d23
95afa75f054462b0db7b7b59ebadecc07ce8e4eac12b07e76645848983c52bcf

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 19:31:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

bg4nxu2u5t.com/get/1780566?zoneid=1780566&jp=_cl6ogvh471w8qw01ku281f&nojs=0&ix=0&abvar=31&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=2923816135323855

62.122.171.6

200 OK

1.9 kB

URL HTTP/2
bg4nxu2u5t.com/get/1780566?zoneid=1780566&jp=_cl6ogvh471w8qw01ku281f&nojs=0&ix=0&abvar=31&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=2923816135323855
IP
62.122.171.6:0
ASN
#50245 Serverel Inc.

File type
data
Size
1.9 kB (1859 bytes)
Hash
c2f48508ad6b779544d90aa447d45e7a
7b34f3d7c2c78dcb7e3e6f4dbef471287c334858
6a6474f7d17b63ae9b27d402ee33b76f30cd4eb47e1263e941823f01f20ba5fd

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /get/1780566?zoneid=1780566&jp=_cl6ogvh471w8qw01ku281f&nojs=0&ix=0&abvar=31&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=2923816135323855 HTTP/1.1
Host: bg4nxu2u5t.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rule34.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 19:31:48 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-route-id: config
set-cookie: UID=2209261431ee4e07e88aa84a5e83d5c0225d; Path=/; Expires=Tue, 26 Sep 2023 19:31:48 GMT; HttpOnly; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2

rule34.xyz/ngsw.json?ngsw-cache-bust=0.3604230747621805

31.222.238.177

200 OK

2.8 kB

URL HTTP/2
rule34.xyz/ngsw.json?ngsw-cache-bust=0.3604230747621805
IP
31.222.238.177:0
ASN
#43624 Pq Hosting S.r.l.

File type
data
Size
2.8 kB (2827 bytes)
Hash
a2cbee5c525fa3d2a5d364203e3af4da
7c24eff20d33e60f880b0d1709f8c3158c8d89c9
682a9b196ee94439c5f465d0e922514403cb8d8d2927ef96faf824e26f1eafcd

HTTP Headers

GET /ngsw.json?ngsw-cache-bust=0.3604230747621805 HTTP/1.1
Host: rule34.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rule34.xyz/ngsw-worker.js
Connection: keep-alive
Cookie: _ga=GA1.1.162522528.1664220706; _gid=GA1.2.1138166168.1664220706; _gat=1; _ga_R4GRY2G49W=GS1.1.1664220706.1.0.1664220706.0.0.0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31536000
date: Mon, 26 Sep 2022 19:31:48 GMT
content-type: application/json; charset=utf-8
content-encoding: gzip
last-modified: Fri, 23 Sep 2022 10:27:02 GMT
accept-ranges: bytes
etag: W/"1b1f-18369e2e8f0"
server: Kestrel
vary: Accept-Encoding
strict-transport-security: max-age=2592000
x-powered-by: Express
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
5a6097201b7da81f6e9a6d99a7353a0c
d4240fe80c76013b9f7b6fd09963aa47151b8d6a
519e9b47ddfa1e1fe047f4dc7df88e3011817f88144fcc3853a7984a781c2070

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "519E9B47DDFA1E1FE047F4DC7DF88E3011817F88144FCC3853A7984A781C2070"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5235
Expires: Mon, 26 Sep 2022 20:59:03 GMT
Date: Mon, 26 Sep 2022 19:31:48 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
5a6097201b7da81f6e9a6d99a7353a0c
d4240fe80c76013b9f7b6fd09963aa47151b8d6a
519e9b47ddfa1e1fe047f4dc7df88e3011817f88144fcc3853a7984a781c2070

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "519E9B47DDFA1E1FE047F4DC7DF88E3011817F88144FCC3853A7984A781C2070"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5235
Expires: Mon, 26 Sep 2022 20:59:03 GMT
Date: Mon, 26 Sep 2022 19:31:48 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9723d426-a6ee-4860-8067-0b8d98143233.jpeg

34.120.237.76

200 OK

8.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9723d426-a6ee-4860-8067-0b8d98143233.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.6 kB (8637 bytes)
Hash
d02ede0c964f3346fd53ae2950bf2a62
e49306a3713cb724be024a4ddb5e90645718a718
c0e653d89656016c55aca9b198b9191620f1ae9a3c45742a90744bd74c4f9505

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9723d426-a6ee-4860-8067-0b8d98143233.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8637
x-amzn-requestid: 07dc23e0-000f-4f6c-8d2b-0e65d88be270
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCSvvEenoAMFr0Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330cb31-520803124760abc216152d7b;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:42:09 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: HCJ483GPdpPhC7oYm1GrA02BqqST9sfqfCBSA93rZqaQYl-jezgP5Q==
via: 1.1 27a84054de24e45f952ea4056a821764.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 22:20:40 GMT
age: 76268
etag: "e49306a3713cb724be024a4ddb5e90645718a718"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

14 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feddf5115-4c67-4a03-b497-8b149b3c332c.png
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
14 kB (13584 bytes)
Hash
2c11e6fef1be62b971bd9daf378bfc95
ef9d756cbcda72cf7ef5029b7d384cd1fbaed633
b8369f83d6dddcd2355b81d8eb200791788165e56881ce21e1a1e9c8bb1bb2ef

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feddf5115-4c67-4a03-b497-8b149b3c332c.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 13584
x-amzn-requestid: 198bd2b4-d4ae-4f19-a500-463aee52b890
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCTHgFdNoAMFwEw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330cbc9-19a1f7d2102820da4b21f18b;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:44:41 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: yl8BCwdlIePsc4gIX4IYH0L6NHipn_5fBsa9nyYy14w0m49jPUYXBw==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 21:57:51 GMT
age: 77637
etag: "ef9d756cbcda72cf7ef5029b7d384cd1fbaed633"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Febd85aa2-fe15-49c2-aa3e-38b97cb99849.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.2 kB (5157 bytes)
Hash
2fe8c4f0c70fb6c1f4259eabedc7015e
85e378d0fff856832a8dd01743516b9476fed8c6
508a1c7d350fcf82d1ece0b99f8557b2f300c7c1148f28c3ae9fece20530e4b6

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Febd85aa2-fe15-49c2-aa3e-38b97cb99849.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5157
x-amzn-requestid: b5748f49-693f-4bc3-a850-cb68e770de24
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCUG9GUHIAMF7pw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330cd5f-5d2aaa212cf1be2506593746;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:51:27 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 4h9lb_7egxb2hBbxjcS_cpZ5lDq6Lx-c_WUZyRHdUA0YTwr6kgDuiQ==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 22:10:16 GMT
age: 76892
etag: "85e378d0fff856832a8dd01743516b9476fed8c6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7838a122-2b2e-4e4c-9bcc-7c6b46a93b1e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11728 bytes)
Hash
968b9c138702fb5994d1d9eab1a697fa
9660bb2d38079182efbd11d7a687bfc7f9d30751
5ba74820ad451747c8ed25529f06b037bebf4c0616a1f2165c9197c1171db7a6

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7838a122-2b2e-4e4c-9bcc-7c6b46a93b1e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11728
x-amzn-requestid: bf60e58f-c4f4-45c7-923b-0d1539f720f5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCUCGGw7oAMF3wQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330cd40-32043c1b1411544f5d00edc0;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:50:56 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: H4KXhBaRw3SvzBrbl30mV6R_vJ8bXBkyicb8fQiTp6YSBHjE8iFkNQ==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 22:49:56 GMT
etag: "9660bb2d38079182efbd11d7a687bfc7f9d30751"
content-type: image/jpeg
age: 74512
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff3689ec8-63b4-42ae-b7d5-a9b4b63af788.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.0 kB (5980 bytes)
Hash
ef17205adb2b478d3bff54b048208d22
12aac1bd22e675f09a220de08b4656e801c2e647
620fe39cf421ed3a21e968570f7e863d69224113be867ec2457ed3850ea113f6

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff3689ec8-63b4-42ae-b7d5-a9b4b63af788.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5980
x-amzn-requestid: fbf0c390-da24-49e2-8492-43e29e5d4bb3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCTHCGJVoAMFgxA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330cbc6-1f9b1b7d63467c58702e6d7e;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:44:38 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Iy0oyFx_T6CEuOQckEzvUQOUo307Jm_OgJzomWlMz9BhgD3eOaysdA==
via: 1.1 ec2a2c75c16156e4d43504606c118b90.cloudfront.net (CloudFront), 1.1 5954c6394458ffb44c970b3819d7ff2a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 18:14:05 GMT
age: 4663
etag: "12aac1bd22e675f09a220de08b4656e801c2e647"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

13 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1deb918e-bcb0-4629-aaa7-0ae0322969be.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3 DIY-Thermocam raw data\012- (Lepton 2.x), scale 3-257, spot sensor temperature 0.000000, unit celsius, color scheme 0, show scale bar, calibration: offset 0.000000, slope 241253891388563521536.000000\012- data
Size
13 kB (12826 bytes)
Hash
b3a72e81317074689a71dac7059e4b6a
b6d56333d7f1ea7ddc8838d84de498ff913c5464
e665a8821b5e7b2e78787647a08d629bf70cbf4cbfee2057c8601cf0565154a1

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1deb918e-bcb0-4629-aaa7-0ae0322969be.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12826
x-amzn-requestid: f075cf62-acfc-4bc1-be14-7c3dafb7aaed
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YfVRNFP-oAMFgrA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6322cf3a-184b678042d64ac9266b1128;Sampled=0
x-amzn-remapped-date: Thu, 15 Sep 2022 07:07:38 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: rN_8rm10Pxb0AUKW6ECfNulcYxBaS7FgGD15gT14dX-FlsGJfqahxA==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 21:37:35 GMT
age: 78853
etag: "b6d56333d7f1ea7ddc8838d84de498ff913c5464"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

region1.google-analytics.com/g/collect?v=2&tid=G-R4GRY2G49W&gtm=2oe9l0&_p=742787398&cid=162522528.1664220706&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1664220706&sct=1&seg=0&dl=https%3A%2F%2Frule34.xyz%2Fmetro_exodus&dt=Rule%2034%20XYZ%20%2F%20metro%20exodus&en=page_view&_fv=1&_ss=1

216.239.32.36

204 No Content

0 B

URL HTTP/2
region1.google-analytics.com/g/collect?v=2&tid=G-R4GRY2G49W&gtm=2oe9l0&_p=742787398&cid=162522528.1664220706&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1664220706&sct=1&seg=0&dl=https%3A%2F%2Frule34.xyz%2Fmetro_exodus&dt=Rule%2034%20XYZ%20%2F%20metro%20exodus&en=page_view&_fv=1&_ss=1
IP
216.239.32.36:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-R4GRY2G49W&gtm=2oe9l0&_p=742787398&cid=162522528.1664220706&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1664220706&sct=1&seg=0&dl=https%3A%2F%2Frule34.xyz%2Fmetro_exodus&dt=Rule%2034%20XYZ%20%2F%20metro%20exodus&en=page_view&_fv=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://rule34.xyz
Connection: keep-alive
Referer: https://rule34.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://rule34.xyz
date: Mon, 26 Sep 2022 19:31:49 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

rule34.xyz/10-es2015.0436f502c4c85d25b696.js

31.222.238.177

200 OK

5.7 kB

URL HTTP/2
rule34.xyz/10-es2015.0436f502c4c85d25b696.js
IP
31.222.238.177:0
ASN
#43624 Pq Hosting S.r.l.

File type
ASCII text, with very long lines (5739), with no line terminators
Size
5.7 kB (5739 bytes)
Hash
3f22018115bfd2db16778de786901834
84b09d73f045a9a3c01ab30aedde29767a170329
aafbf44a19623961d2a2b5c6203680ca832bb3d3e5ed5de9949d313714a9cbac

HTTP Headers

GET /10-es2015.0436f502c4c85d25b696.js HTTP/1.1
Host: rule34.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rule34.xyz/ngsw-worker.js
Connection: keep-alive
Cookie: _ga=GA1.1.162522528.1664220706; _gid=GA1.2.1138166168.1664220706; _gat=1; _ga_R4GRY2G49W=GS1.1.1664220706.1.0.1664220706.0.0.0; __PPU___PPU_SESSION_URL=%2Fmetro_exodus
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public,max-age=31536000
date: Mon, 26 Sep 2022 19:31:53 GMT
content-type: application/javascript
last-modified: Mon, 26 Sep 2022 19:20:06 GMT
accept-ranges: bytes
etag: "1d8d1dcfc19e16b"
server: Kestrel
content-length: 5739
strict-transport-security: max-age=2592000
X-Firefox-Spdy: h2

rule34.xyz/10-es5.0436f502c4c85d25b696.js

31.222.238.177

200 OK

7.0 kB

URL HTTP/2
rule34.xyz/10-es5.0436f502c4c85d25b696.js
IP
31.222.238.177:0
ASN
#43624 Pq Hosting S.r.l.

File type
ASCII text, with very long lines (6986), with no line terminators
Size
7.0 kB (6986 bytes)
Hash
cf398a2d653f9ed393021c77ff9a98d0
bb244f5f5127d4de794dc964824a1c60d7af258c
7dfd38750d4e2574a0c3b9f6d545e40600445e58c80d0f43ed03a40b25fdef69

HTTP Headers

GET /10-es5.0436f502c4c85d25b696.js HTTP/1.1
Host: rule34.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rule34.xyz/ngsw-worker.js
Connection: keep-alive
Cookie: _ga=GA1.1.162522528.1664220706; _gid=GA1.2.1138166168.1664220706; _gat=1; _ga_R4GRY2G49W=GS1.1.1664220706.1.0.1664220706.0.0.0; __PPU___PPU_SESSION_URL=%2Fmetro_exodus
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public,max-age=31536000
date: Mon, 26 Sep 2022 19:31:53 GMT
content-type: application/javascript
last-modified: Mon, 26 Sep 2022 19:20:06 GMT
accept-ranges: bytes
etag: "1d8d1dcfc19ec4a"
server: Kestrel
content-length: 6986
strict-transport-security: max-age=2592000
X-Firefox-Spdy: h2

rule34.xyz/11-es2015.9b5c908c89b6a2ce2352.js

31.222.238.177

200 OK

11 kB

URL HTTP/2
rule34.xyz/11-es2015.9b5c908c89b6a2ce2352.js
IP
31.222.238.177:0
ASN
#43624 Pq Hosting S.r.l.

File type
ASCII text, with very long lines (11241), with no line terminators
Size
11 kB (11241 bytes)
Hash
3397e9465f84512af5c56793eb1c34ec
7e0a9f3ec71ad8c87108109bf73cd5118d9300dc
b612338c9b9cf8f600a1568c80a54942544379bbaa8d0d61bb51bc4ea13553a1

HTTP Headers

GET /11-es2015.9b5c908c89b6a2ce2352.js HTTP/1.1
Host: rule34.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rule34.xyz/ngsw-worker.js
Connection: keep-alive
Cookie: _ga=GA1.1.162522528.1664220706; _gid=GA1.2.1138166168.1664220706; _gat=1; _ga_R4GRY2G49W=GS1.1.1664220706.1.0.1664220706.0.0.0; __PPU___PPU_SESSION_URL=%2Fmetro_exodus
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public,max-age=31536000
date: Mon, 26 Sep 2022 19:31:53 GMT
content-type: application/javascript
last-modified: Mon, 26 Sep 2022 19:20:06 GMT
accept-ranges: bytes
etag: "1d8d1dcfc19dce9"
server: Kestrel
content-length: 11241
strict-transport-security: max-age=2592000
X-Firefox-Spdy: h2

rule34.xyz/11-es5.9b5c908c89b6a2ce2352.js

31.222.238.177

200 OK

12 kB

URL HTTP/2
rule34.xyz/11-es5.9b5c908c89b6a2ce2352.js
IP
31.222.238.177:0
ASN
#43624 Pq Hosting S.r.l.

File type
ASCII text, with very long lines (12325), with no line terminators
Size
12 kB (12325 bytes)
Hash
2cecea096671c92693fc3822e26b5720
e9ab2f65ec2e470057daa94bf963ad8e1649edb1
e995559623fb0f6e2a5f33ed9ca5ebb3c9888ded9de3c358ff0a1d2167c08e77

HTTP Headers

GET /11-es5.9b5c908c89b6a2ce2352.js HTTP/1.1
Host: rule34.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rule34.xyz/ngsw-worker.js
Connection: keep-alive
Cookie: _ga=GA1.1.162522528.1664220706; _gid=GA1.2.1138166168.1664220706; _gat=1; _ga_R4GRY2G49W=GS1.1.1664220706.1.0.1664220706.0.0.0; __PPU___PPU_SESSION_URL=%2Fmetro_exodus
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public,max-age=31536000
date: Mon, 26 Sep 2022 19:31:54 GMT
content-type: application/javascript
last-modified: Mon, 26 Sep 2022 19:20:06 GMT
accept-ranges: bytes
etag: "1d8d1dcfc19c725"
server: Kestrel
content-length: 12325
strict-transport-security: max-age=2592000
X-Firefox-Spdy: h2

rule34.xyz/12-es2015.87a72d4af2eafe9f8a29.js

31.222.238.177

200 OK

22 kB

URL HTTP/2
rule34.xyz/12-es2015.87a72d4af2eafe9f8a29.js
IP
31.222.238.177:0
ASN
#43624 Pq Hosting S.r.l.

File type
ASCII text, with very long lines (21684), with no line terminators
Size
22 kB (21684 bytes)
Hash
1201f2b1697a66fefb14f850dbad1025
7d94d86e22012e49ad6988fc8d106132757cd6cb
c11cf73362018fc07070d253afb5a555e4ffd9641c5f29e80025045856f0a884

HTTP Headers

GET /12-es2015.87a72d4af2eafe9f8a29.js HTTP/1.1
Host: rule34.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rule34.xyz/ngsw-worker.js
Connection: keep-alive
Cookie: _ga=GA1.1.162522528.1664220706; _gid=GA1.2.1138166168.1664220706; _gat=1; _ga_R4GRY2G49W=GS1.1.1664220706.1.0.1664220706.0.0.0; __PPU___PPU_SESSION_URL=%2Fmetro_exodus
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public,max-age=31536000
date: Mon, 26 Sep 2022 19:31:54 GMT
content-type: application/javascript
last-modified: Mon, 26 Sep 2022 19:20:06 GMT
accept-ranges: bytes
etag: "1d8d1dcfc19a3b4"
server: Kestrel
content-length: 21684
strict-transport-security: max-age=2592000
X-Firefox-Spdy: h2

rule34.xyz/12-es5.87a72d4af2eafe9f8a29.js

31.222.238.177

200 OK

24 kB

URL HTTP/2
rule34.xyz/12-es5.87a72d4af2eafe9f8a29.js
IP
31.222.238.177:0
ASN
#43624 Pq Hosting S.r.l.

File type
ASCII text, with very long lines (24448), with no line terminators
Size
24 kB (24448 bytes)
Hash
3c6971902782e4f915931977f734c15b
6e1643d205bd2e0ce89865a1fb673fbf2959a085
9da1c7b9339fa77be687577051c212fca948105d71d3d51cb928fd6adc99a83f

HTTP Headers

GET /12-es5.87a72d4af2eafe9f8a29.js HTTP/1.1
Host: rule34.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rule34.xyz/ngsw-worker.js
Connection: keep-alive
Cookie: _ga=GA1.1.162522528.1664220706; _gid=GA1.2.1138166168.1664220706; _gat=1; _ga_R4GRY2G49W=GS1.1.1664220706.1.0.1664220706.0.0.0; __PPU___PPU_SESSION_URL=%2Fmetro_exodus
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public,max-age=31536000
date: Mon, 26 Sep 2022 19:31:54 GMT
content-type: application/javascript
last-modified: Mon, 26 Sep 2022 19:20:06 GMT
accept-ranges: bytes
etag: "1d8d1dcfc19a880"
server: Kestrel
content-length: 24448
strict-transport-security: max-age=2592000
X-Firefox-Spdy: h2

rule34.xyz/6-es2015.57a6bf094d63d3773676.js

31.222.238.177

200 OK

666 kB

URL HTTP/2
rule34.xyz/6-es2015.57a6bf094d63d3773676.js
IP
31.222.238.177:0
ASN
#43624 Pq Hosting S.r.l.

File type
ASCII text, with very long lines (65536), with no line terminators
Size
666 kB (665882 bytes)
Hash
fa21ab447af338b13eab0953112ebeb2
681fdc4e3468ef09b581aef4041f0f29ac4a22ba
0a084eb8b274ddea11121611a53f5768cc9a0bdabb465762c1a8bac8bf513cdc

HTTP Headers

GET /6-es2015.57a6bf094d63d3773676.js HTTP/1.1
Host: rule34.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rule34.xyz/ngsw-worker.js
Connection: keep-alive
Cookie: _ga=GA1.1.162522528.1664220706; _gid=GA1.2.1138166168.1664220706; _gat=1; _ga_R4GRY2G49W=GS1.1.1664220706.1.0.1664220706.0.0.0; __PPU___PPU_SESSION_URL=%2Fmetro_exodus
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public,max-age=31536000
date: Mon, 26 Sep 2022 19:31:54 GMT
content-type: application/javascript
last-modified: Mon, 26 Sep 2022 19:20:06 GMT
accept-ranges: bytes
etag: "1d8d1dcfc13de1a"
server: Kestrel
content-length: 665882
strict-transport-security: max-age=2592000
X-Firefox-Spdy: h2

rule34.xyz/6-es5.57a6bf094d63d3773676.js

31.222.238.177

200 OK

675 kB

URL HTTP/2
rule34.xyz/6-es5.57a6bf094d63d3773676.js
IP
31.222.238.177:0
ASN
#43624 Pq Hosting S.r.l.

File type
ASCII text, with very long lines (65536), with no line terminators
Size
675 kB (675067 bytes)
Hash
bdc83e1d357415d05f515de12f395713
3aeeb4156af6546a1193dcf29df978b687b4cf82
9e067b364124b7a894f92d0129719e8037541628e526fd501959acf4d3ed0d58

HTTP Headers

GET /6-es5.57a6bf094d63d3773676.js HTTP/1.1
Host: rule34.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rule34.xyz/ngsw-worker.js
Connection: keep-alive
Cookie: _ga=GA1.1.162522528.1664220706; _gid=GA1.2.1138166168.1664220706; _gat=1; _ga_R4GRY2G49W=GS1.1.1664220706.1.0.1664220706.0.0.0; __PPU___PPU_SESSION_URL=%2Fmetro_exodus
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public,max-age=31536000
date: Mon, 26 Sep 2022 19:31:54 GMT
content-type: application/javascript
last-modified: Mon, 26 Sep 2022 19:20:06 GMT
accept-ranges: bytes
etag: "1d8d1dcfc13bbfb"
server: Kestrel
content-length: 675067
strict-transport-security: max-age=2592000
X-Firefox-Spdy: h2

rule34.xyz/7-es2015.d157dd469c8a752791f6.js

31.222.238.177

200 OK

11 kB

URL HTTP/2
rule34.xyz/7-es2015.d157dd469c8a752791f6.js
IP
31.222.238.177:0
ASN
#43624 Pq Hosting S.r.l.

File type
ASCII text, with very long lines (10668), with no line terminators
Size
11 kB (10668 bytes)
Hash
c721dc0f0a28222318a2f04551ffda5c
3a7719d6656dd7f9c2487524b26ca6755efb0e34
c4350442659fe4812adc23f92013fbdae796135e8f6955345215a85f4251dce7

HTTP Headers

GET /7-es2015.d157dd469c8a752791f6.js HTTP/1.1
Host: rule34.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rule34.xyz/ngsw-worker.js
Connection: keep-alive
Cookie: _ga=GA1.1.162522528.1664220706; _gid=GA1.2.1138166168.1664220706; _gat=1; _ga_R4GRY2G49W=GS1.1.1664220706.1.0.1664220706.0.0.0; __PPU___PPU_SESSION_URL=%2Fmetro_exodus
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public,max-age=31536000
date: Mon, 26 Sep 2022 19:31:55 GMT
content-type: application/javascript
last-modified: Mon, 26 Sep 2022 19:20:06 GMT
accept-ranges: bytes
etag: "1d8d1dcfc19deac"
server: Kestrel
content-length: 10668
strict-transport-security: max-age=2592000
X-Firefox-Spdy: h2

rule34.xyz/7-es5.d157dd469c8a752791f6.js

31.222.238.177

200 OK

12 kB

URL HTTP/2
rule34.xyz/7-es5.d157dd469c8a752791f6.js
IP
31.222.238.177:0
ASN
#43624 Pq Hosting S.r.l.

File type
ASCII text, with very long lines (11667), with no line terminators
Size
12 kB (11667 bytes)
Hash
e089709e3201c6f801b6376ad1d8e0f7
32cd47485f0f3fd856e351c7bb1679845c36ff7b
69b67c8138c8af973fbe9d84935e63b49edd9e8b1ec5fbe68f307ef0a8f1d9b1

HTTP Headers

GET /7-es5.d157dd469c8a752791f6.js HTTP/1.1
Host: rule34.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rule34.xyz/ngsw-worker.js
Connection: keep-alive
Cookie: _ga=GA1.1.162522528.1664220706; _gid=GA1.2.1138166168.1664220706; _gat=1; _ga_R4GRY2G49W=GS1.1.1664220706.1.0.1664220706.0.0.0; __PPU___PPU_SESSION_URL=%2Fmetro_exodus
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public,max-age=31536000
date: Mon, 26 Sep 2022 19:31:55 GMT
content-type: application/javascript
last-modified: Mon, 26 Sep 2022 19:20:06 GMT
accept-ranges: bytes
etag: "1d8d1dcfc19da93"
server: Kestrel
content-length: 11667
strict-transport-security: max-age=2592000
X-Firefox-Spdy: h2

rule34.xyz/8-es2015.04e5423ca7abbc04078d.js

31.222.238.177

200 OK

15 kB

URL HTTP/2
rule34.xyz/8-es2015.04e5423ca7abbc04078d.js
IP
31.222.238.177:0
ASN
#43624 Pq Hosting S.r.l.

File type
ASCII text, with very long lines (15300), with no line terminators
Size
15 kB (15300 bytes)
Hash
ccff2880dd40ee6bee54cd8a220da7c6
c60c99e76f1cb264c6fe1878b66420a2554294df
409d6cf9a11f087060f3476782e52bb2eabf99655dcbd28508dc71fc97a6a8b5

HTTP Headers

GET /8-es2015.04e5423ca7abbc04078d.js HTTP/1.1
Host: rule34.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rule34.xyz/ngsw-worker.js
Connection: keep-alive
Cookie: _ga=GA1.1.162522528.1664220706; _gid=GA1.2.1138166168.1664220706; _gat=1; _ga_R4GRY2G49W=GS1.1.1664220706.1.0.1664220706.0.0.0; __PPU___PPU_SESSION_URL=%2Fmetro_exodus
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public,max-age=31536000
date: Mon, 26 Sep 2022 19:31:55 GMT
content-type: application/javascript
last-modified: Mon, 26 Sep 2022 19:20:06 GMT
accept-ranges: bytes
etag: "1d8d1dcfc19ccc4"
server: Kestrel
content-length: 15300
strict-transport-security: max-age=2592000
X-Firefox-Spdy: h2

rule34.xyz/8-es5.04e5423ca7abbc04078d.js

31.222.238.177

200 OK

19 kB

URL HTTP/2
rule34.xyz/8-es5.04e5423ca7abbc04078d.js
IP
31.222.238.177:0
ASN
#43624 Pq Hosting S.r.l.

File type
ASCII text, with very long lines (19300), with no line terminators
Size
19 kB (19300 bytes)
Hash
86b85851d60d646328fd31a669a13f0f
02237059c244341108e84b5af3c2f85e8ed6028f
fcaa10564d7de50ae3e2127aa45f03e6b96f8d3c4262c0481e530d659f343672

HTTP Headers

GET /8-es5.04e5423ca7abbc04078d.js HTTP/1.1
Host: rule34.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rule34.xyz/ngsw-worker.js
Connection: keep-alive
Cookie: _ga=GA1.1.162522528.1664220706; _gid=GA1.2.1138166168.1664220706; _gat=1; _ga_R4GRY2G49W=GS1.1.1664220706.1.0.1664220706.0.0.0; __PPU___PPU_SESSION_URL=%2Fmetro_exodus
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public,max-age=31536000
date: Mon, 26 Sep 2022 19:31:55 GMT
content-type: application/javascript
last-modified: Mon, 26 Sep 2022 19:20:06 GMT
accept-ranges: bytes
etag: "1d8d1dcfc19bc64"
server: Kestrel
content-length: 19300
strict-transport-security: max-age=2592000
X-Firefox-Spdy: h2

rule34.xyz/9-es2015.07560cb4dac8f1ddc44c.js

31.222.238.177

200 OK

21 kB

URL HTTP/2
rule34.xyz/9-es2015.07560cb4dac8f1ddc44c.js
IP
31.222.238.177:0
ASN
#43624 Pq Hosting S.r.l.

File type
ASCII text, with very long lines (21328), with no line terminators
Size
21 kB (21328 bytes)
Hash
741232df789700df68b2bc3bb6bc65d9
018ea90c80d487b8961525c20692e531a8de0d06
5ee295c487f3bbe91aa4c43f6d30eda2efe83c17b723eebabee3423992844da8

HTTP Headers

GET /9-es2015.07560cb4dac8f1ddc44c.js HTTP/1.1
Host: rule34.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rule34.xyz/ngsw-worker.js
Connection: keep-alive
Cookie: _ga=GA1.1.162522528.1664220706; _gid=GA1.2.1138166168.1664220706; _gat=1; _ga_R4GRY2G49W=GS1.1.1664220706.1.0.1664220706.0.0.0; __PPU___PPU_SESSION_URL=%2Fmetro_exodus
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public,max-age=31536000
date: Mon, 26 Sep 2022 19:31:55 GMT
content-type: application/javascript
last-modified: Mon, 26 Sep 2022 19:20:06 GMT
accept-ranges: bytes
etag: "1d8d1dcfc19a450"
server: Kestrel
content-length: 21328
strict-transport-security: max-age=2592000
X-Firefox-Spdy: h2

rule34.xyz/9-es5.07560cb4dac8f1ddc44c.js

31.222.238.177

200 OK

25 kB

URL HTTP/2
rule34.xyz/9-es5.07560cb4dac8f1ddc44c.js
IP
31.222.238.177:0
ASN
#43624 Pq Hosting S.r.l.

File type
ASCII text, with very long lines (25318), with no line terminators
Size
25 kB (25318 bytes)
Hash
dec17cfd05016230d59a8ec0692fbaf5
6fabdf4d40fe81c664b4312b65acd4866b859f5a
5794e74763b8e992e22821fb75def13d6ffdbd5fba1844b18f5d1ab13ad534e6

HTTP Headers

GET /9-es5.07560cb4dac8f1ddc44c.js HTTP/1.1
Host: rule34.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rule34.xyz/ngsw-worker.js
Connection: keep-alive
Cookie: _ga=GA1.1.162522528.1664220706; _gid=GA1.2.1138166168.1664220706; _gat=1; _ga_R4GRY2G49W=GS1.1.1664220706.1.0.1664220706.0.0.0; __PPU___PPU_SESSION_URL=%2Fmetro_exodus
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public,max-age=31536000
date: Mon, 26 Sep 2022 19:31:55 GMT
content-type: application/javascript
last-modified: Mon, 26 Sep 2022 19:20:06 GMT
accept-ranges: bytes
etag: "1d8d1dcfc1995e6"
server: Kestrel
content-length: 25318
strict-transport-security: max-age=2592000
X-Firefox-Spdy: h2

rule34.xyz/common-es2015.4c27ead3740e1d5d092e.js

31.222.238.177

200 OK

460 B

URL HTTP/2
rule34.xyz/common-es2015.4c27ead3740e1d5d092e.js
IP
31.222.238.177:0
ASN
#43624 Pq Hosting S.r.l.

File type
ASCII text, with very long lines (460), with no line terminators
Size
460 B (460 bytes)
Hash
da99b0cc34fe7da310835810638c7fd4
e014e5a0d9617961979290170ff03e892a2e73c8
dad3b58190da5e3acd44b87f776d9a0443900fa4746e30a25f47c59e9d2121eb

HTTP Headers

GET /common-es2015.4c27ead3740e1d5d092e.js HTTP/1.1
Host: rule34.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rule34.xyz/ngsw-worker.js
Connection: keep-alive
Cookie: _ga=GA1.1.162522528.1664220706; _gid=GA1.2.1138166168.1664220706; _gat=1; _ga_R4GRY2G49W=GS1.1.1664220706.1.0.1664220706.0.0.0; __PPU___PPU_SESSION_URL=%2Fmetro_exodus
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public,max-age=31536000
date: Mon, 26 Sep 2022 19:31:55 GMT
content-type: application/javascript
last-modified: Mon, 26 Sep 2022 19:20:06 GMT
accept-ranges: bytes
etag: "1d8d1dcfc19f6cc"
server: Kestrel
content-length: 460
strict-transport-security: max-age=2592000
X-Firefox-Spdy: h2

rule34.xyz/common-es5.4c27ead3740e1d5d092e.js

31.222.238.177

200 OK

897 B

URL HTTP/2
rule34.xyz/common-es5.4c27ead3740e1d5d092e.js
IP
31.222.238.177:0
ASN
#43624 Pq Hosting S.r.l.

File type
ASCII text, with very long lines (897), with no line terminators
Size
897 B (897 bytes)
Hash
204e7e1b854f55034b38413617ddeaa8
f18657ae0750269c8c748a3d4903f266ec672b47
b618de8ffc64e444a7bd125659bb03d7eca09d80529c6cd778869f9af6618740

HTTP Headers

GET /common-es5.4c27ead3740e1d5d092e.js HTTP/1.1
Host: rule34.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rule34.xyz/ngsw-worker.js
Connection: keep-alive
Cookie: _ga=GA1.1.162522528.1664220706; _gid=GA1.2.1138166168.1664220706; _gat=1; _ga_R4GRY2G49W=GS1.1.1664220706.1.0.1664220706.0.0.0; __PPU___PPU_SESSION_URL=%2Fmetro_exodus
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public,max-age=31536000
date: Mon, 26 Sep 2022 19:31:55 GMT
content-type: application/javascript
last-modified: Mon, 26 Sep 2022 19:20:06 GMT
accept-ranges: bytes
etag: "1d8d1dcfc19f481"
server: Kestrel
content-length: 897
strict-transport-security: max-age=2592000
X-Firefox-Spdy: h2

rule34.xyz/index.html

31.222.238.177

200 OK

9.3 kB

URL HTTP/2
rule34.xyz/index.html
IP
31.222.238.177:0
ASN
#43624 Pq Hosting S.r.l.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (6283)
Size
9.3 kB (9287 bytes)
Hash
1d5225a7a33dc410315152256eddd4e1
c19ccc0a151f9647671b37e50548ebcd4a77cdd9
da7ff6aa54bb7b5d117b707816c1bec8a52683a2e25bec373f68c3d36a84970d

HTTP Headers

GET /index.html HTTP/1.1
Host: rule34.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rule34.xyz/ngsw-worker.js
Connection: keep-alive
Cookie: _ga=GA1.1.162522528.1664220706; _gid=GA1.2.1138166168.1664220706; _gat=1; _ga_R4GRY2G49W=GS1.1.1664220706.1.0.1664220706.0.0.0; __PPU___PPU_SESSION_URL=%2Fmetro_exodus
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public,max-age=31536000
date: Mon, 26 Sep 2022 19:31:55 GMT
content-type: text/html
last-modified: Mon, 26 Sep 2022 19:20:06 GMT
accept-ranges: bytes
etag: "1d8d1dcfc19d347"
server: Kestrel
content-length: 9287
strict-transport-security: max-age=2592000
X-Firefox-Spdy: h2

rule34.xyz/metro%20exodus

31.222.238.177

200 OK

0 B

URL HTTP/2
rule34.xyz/metro%20exodus
IP
31.222.238.177:0
ASN
#43624 Pq Hosting S.r.l.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /metro%20exodus HTTP/1.1
Host: rule34.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
date: Mon, 26 Sep 2022 19:31:46 GMT
content-type: text/html; charset=utf-8
content-encoding: gzip
etag: W/"3bb1c-A31i/lOX5QrbSfYIMNRqDnKzhXw"
server: Kestrel
vary: Accept-Encoding
strict-transport-security: max-age=2592000
x-powered-by: Express
X-Firefox-Spdy: h2

rule34.xyz/api/r/posts/negotiate?negotiateVersion=1

31.222.238.177

200 OK

0 B

URL HTTP/2
rule34.xyz/api/r/posts/negotiate?negotiateVersion=1
IP
31.222.238.177:0
ASN
#43624 Pq Hosting S.r.l.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

POST /api/r/posts/negotiate?negotiateVersion=1 HTTP/1.1
Host: rule34.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rule34.xyz/metro%20exodus
Content-Type: text/plain;charset=UTF-8
X-Requested-With: XMLHttpRequest
X-SignalR-User-Agent: Microsoft SignalR/5.0 (5.0.13; Unknown OS; Browser; Unknown Runtime Version)
Origin: https://rule34.xyz
Content-Length: 0
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 26 Sep 2022 19:31:46 GMT
content-type: application/json
content-encoding: br
server: Kestrel
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-origin: https://rule34.xyz
strict-transport-security: max-age=2592000
X-Firefox-Spdy: h2

bg4nxu2u5t.com/aas/r45d/vki/1780566/03f48f81.js

62.122.171.6

200 OK

0 B

URL HTTP/2
bg4nxu2u5t.com/aas/r45d/vki/1780566/03f48f81.js
IP
62.122.171.6:0
ASN
#50245 Serverel Inc.

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /aas/r45d/vki/1780566/03f48f81.js HTTP/1.1
Host: bg4nxu2u5t.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rule34.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 19:31:48 GMT
content-type: application/javascript
last-modified: Mon, 19 Sep 2022 10:29:43 GMT
vary: Accept-Encoding
etag: W/"63284497-10987"
x-js-ab1: var31
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (10)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations