e.vg/eLMdAz?%C2%A0
104.21.58.194301 Moved Permanently 0 B IP 104.21.58.194:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /eLMdAz?%C2%A0 HTTP/1.1
Host: e.vg
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Mon, 12 Sep 2022 20:13:26 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Mon, 12 Sep 2022 21:13:26 GMT
Location: https://e.vg/eLMdAz?%C2%A0
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kH480NVKA%2B3jenJodCMK4KN043lhzMworAfkevGQF%2F%2Bt4ztNB5%2B85GTD6kGmvVd82ueZhqf4gl7yaDjRyrj5eQ%2BTLjU%2BI6cfPgKsuAvlalv0FIQGZB%2FX"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 749b4dbf3efeb51d-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 76d5eb597558e3dee0d99719d17e71e0
f3a0f3932fa8059f27dc9422d523b938fa9a7d09
d16de6cc9eb0e1297f53dc1137bb764bf5c21a7727be32ad05afebd1fe9501ed
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D16DE6CC9EB0E1297F53DC1137BB764BF5C21A7727BE32AD05AFEBD1FE9501ED"
Last-Modified: Sat, 10 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3559
Expires: Mon, 12 Sep 2022 21:12:45 GMT
Date: Mon, 12 Sep 2022 20:13:26 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
143.204.55.27200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 91dd975a7b17b2922dd23c0e49314e40
57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 12 Sep 2022 20:08:19 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: rgyiqHzDEg74TEufWN36hHbjRCFEqiqAI0c3il5J0bL_yLqA7ilGuw==
Age: 307
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.110200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.110:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Mon, 12 Sep 2022 07:17:13 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: TBhXSOukOp2IpNYk9AnOMXBA2RyeyysB8nhXZrNUVa9slNz8mbS1SQ==
age: 46574
X-Firefox-Spdy: h2
e.vg/eLMdAz?%C2%A0
172.67.163.115302 Found 0 B IP 172.67.163.115:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /eLMdAz?%C2%A0 HTTP/1.1
Host: e.vg
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
date: Mon, 12 Sep 2022 20:13:26 GMT
content-length: 0
location: https://free4gcp.xyz/2736784286563739
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cwHNXkUF7T0w%2BDeSyoEKJOlnTz1brVZxwx8Y3Q7UINdTRyF4mKUDfdhubls%2FBwxyHV5obaljDmxGUEjpukDhQIKfmmIIqUg49RKNp1RX5LfoJeoSewUI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 749b4dbffec80b3d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 12 Sep 2022 20:13:26 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.27200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Mon, 12 Sep 2022 19:56:07 GMT
Expires: Mon, 12 Sep 2022 20:36:03 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: NetiQRqlZDzdf4_b0SBLyiagrE_X3oF4xK2CMEYR6SsSEIkHfbFS9A==
Age: 1039
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash cb674936db4af4be99c3c397eff8c6ae
de79d76bac3fae5799b0ff35ecc19360595dfb06
992b884b64f9f6fdb76a6ba91c48fed329325b95b99d8003b282879a52093c08
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5756
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 20:13:27 GMT
Last-Modified: Mon, 12 Sep 2022 18:37:31 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6526c70eb74c821b7a95487ad9a4e13d
0b8c610a7755437ab815b845f52cbb27e6c95008
059d15ca6ac7cb1830286ae635731e03b56c01d7d050291dabe2b3f3db866c9a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 20:13:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js
142.250.74.42200 OK 33 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js
IP 142.250.74.42:0
File type ASCII text, with very long lines (32086)
Hash 430e927c980ad4079de727fa59dd93f2
891aaada9a55a91292999f6d50fd300439905982
e8728df8617340bd8c10bc8d27d3a725a48871a269c850e8598689938ec6e2ed
GET /ajax/libs/jquery/1.11.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free4gcp.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33434
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Sep 2022 20:55:29 GMT
expires: Wed, 06 Sep 2023 20:55:29 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
age: 515878
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6526c70eb74c821b7a95487ad9a4e13d
0b8c610a7755437ab815b845f52cbb27e6c95008
059d15ca6ac7cb1830286ae635731e03b56c01d7d050291dabe2b3f3db866c9a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 20:13:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
54.149.83.187101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.149.83.187:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: xz7R5E1KXVXv49ow+7ilhQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 1sM9RVUdgHU/xTWJonfKwIg2BHA=
e1.o.lencr.org/
95.101.11.115200 OK 345 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 6020292bf51b5191deb2524e2a7c2ef8
174a523478ee4c5df95aaacb3e2697a434ebcf30
043cf201d2b4a5dfe0fb2465fd182c4e6471e1b141d2f4af57925b3cc21ae279
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "043CF201D2B4A5DFE0FB2465FD182C4E6471E1B141D2F4AF57925B3CC21AE279"
Last-Modified: Mon, 12 Sep 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=970
Expires: Mon, 12 Sep 2022 20:29:37 GMT
Date: Mon, 12 Sep 2022 20:13:27 GMT
Connection: keep-alive
e1.o.lencr.org/
95.101.11.115200 OK 345 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 8d73299662ea88e4ff5ac8a636c49916
afdb14497ef209c3cc63be0a3cec867ab4d28348
dc081bdcbc7a371786bb94528fdc7ba7831dd529a8cecb392ad2d587ebb9e3c6
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "DC081BDCBC7A371786BB94528FDC7BA7831DD529A8CECB392AD2D587EBB9E3C6"
Last-Modified: Mon, 12 Sep 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10338
Expires: Mon, 12 Sep 2022 23:05:45 GMT
Date: Mon, 12 Sep 2022 20:13:27 GMT
Connection: keep-alive
e1.o.lencr.org/
95.101.11.115200 OK 344 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash e3c3cd799c27195039026aeaa286c00f
3e3c12bd340ff2c1acbfa442839af2052aff8886
651ad5874c35b7e1bf0a36e3cfd7adf06c70d4bbede067efc220ed5057e6cabd
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "651AD5874C35B7E1BF0A36E3CFD7ADF06C70D4BBEDE067EFC220ED5057E6CABD"
Last-Modified: Sat, 10 Sep 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16673
Expires: Tue, 13 Sep 2022 00:51:20 GMT
Date: Mon, 12 Sep 2022 20:13:27 GMT
Connection: keep-alive
e1.o.lencr.org/
95.101.11.115200 OK 345 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 7927a094c694d6daea191f941313e7a2
1b96430e7e815ba212a7cd0da9b14c6a57f9a29f
d24281a71783ec26f2ea168c3d40f080ff9c1a70774befc4b5220f27f19a2011
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "D24281A71783EC26F2EA168C3D40F080FF9C1A70774BEFC4B5220F27F19A2011"
Last-Modified: Sun, 11 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Tue, 13 Sep 2022 02:13:28 GMT
Date: Mon, 12 Sep 2022 20:13:28 GMT
Connection: keep-alive
e1.o.lencr.org/
95.101.11.115200 OK 344 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash f40ec80b07ca1baa86e46aa048f8a507
7b3b5c1920122a0d0adb9c03be3b2728669e1e30
ff74279243998b84da56c9b4787bd654ca880d58f6d0a457ee284d26a58329b1
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "FF74279243998B84DA56C9B4787BD654CA880D58F6D0A457EE284D26A58329B1"
Last-Modified: Mon, 12 Sep 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21591
Expires: Tue, 13 Sep 2022 02:13:19 GMT
Date: Mon, 12 Sep 2022 20:13:28 GMT
Connection: keep-alive
e1.o.lencr.org/
95.101.11.115200 OK 344 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 22822b98a8f95f9ab6126c730c51617a
b1dc816d8d5a000e664eb7d152e3539896a0bfea
303a95a10e92c5c6efbd4cdcabfd8f372b7141817cce4e7983e3cbfbc795fd66
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "303A95A10E92C5C6EFBD4CDCABFD8F372B7141817CCE4E7983E3CBFBC795FD66"
Last-Modified: Mon, 12 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21545
Expires: Tue, 13 Sep 2022 02:12:33 GMT
Date: Mon, 12 Sep 2022 20:13:28 GMT
Connection: keep-alive
e1.o.lencr.org/
95.101.11.115200 OK 345 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 0cb2922616ce18f839946d042b36c245
979463ace1721efce36f6e1577acc37c6f9ee368
289b77f85f8ac283104834d1f793b2203623a480ba4025aa45b986556b268abb
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "289B77F85F8AC283104834D1F793B2203623A480BA4025AA45B986556B268ABB"
Last-Modified: Sun, 11 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9042
Expires: Mon, 12 Sep 2022 22:44:10 GMT
Date: Mon, 12 Sep 2022 20:13:28 GMT
Connection: keep-alive
e1.o.lencr.org/
95.101.11.115200 OK 345 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash f1d2486429633e2b1129db7c72f9d67c
0157bad8eace91e23b07dcdeee5614b67d1a93c6
302e15ebd00d24cdce86b012b780203cf5394bb44103a469636f553de8709a3c
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "302E15EBD00D24CDCE86B012B780203CF5394BB44103A469636F553DE8709A3C"
Last-Modified: Sat, 10 Sep 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21570
Expires: Tue, 13 Sep 2022 02:12:58 GMT
Date: Mon, 12 Sep 2022 20:13:28 GMT
Connection: keep-alive
e1.o.lencr.org/
95.101.11.115200 OK 346 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash f38699db6e36698a07db24fe073080a6
0a8521fee88f64eada4c2da9d4d5feb1838b7fde
2eb2848d6a58319bd83093e94b5a502844fe87ac82520e0fea0fcb01376994e8
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "2EB2848D6A58319BD83093E94B5A502844FE87AC82520E0FEA0FCB01376994E8"
Last-Modified: Mon, 12 Sep 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6448
Expires: Mon, 12 Sep 2022 22:00:56 GMT
Date: Mon, 12 Sep 2022 20:13:28 GMT
Connection: keep-alive
e1.o.lencr.org/
95.101.11.115200 OK 345 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 7e5793dd5c125a5c49ef4c7bc82156a1
acdb93303ad08dda6776bbc7fc060f10d774efab
e5036896793149d001fbde731206cf1ebdf54718db6b3de086bbdc30459d3e9b
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "E5036896793149D001FBDE731206CF1EBDF54718DB6B3DE086BBDC30459D3E9B"
Last-Modified: Sun, 11 Sep 2022 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11662
Expires: Mon, 12 Sep 2022 23:27:50 GMT
Date: Mon, 12 Sep 2022 20:13:28 GMT
Connection: keep-alive
e1.o.lencr.org/
95.101.11.115200 OK 345 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 1dd51f574dc7228b89227d1fb9839392
512422452dcb842c4e8d581d66361010068259be
9842b970a23e01bafd2d584399e8d13befeeaf8467aa9f2b1b9db131cb7888f2
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "9842B970A23E01BAFD2D584399E8D13BEFEEAF8467AA9F2B1B9DB131CB7888F2"
Last-Modified: Sat, 10 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Tue, 13 Sep 2022 02:13:28 GMT
Date: Mon, 12 Sep 2022 20:13:28 GMT
Connection: keep-alive
e1.o.lencr.org/
95.101.11.115200 OK 346 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 2eadc25eb862e35db29311d37bf52e79
cb56feddc4db5e931e4823b7c7758f650b84c025
b6b8016fdedd74d447c3b4fb7044b52a56bd52904cd779b5b238474ef8700130
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "B6B8016FDEDD74D447C3B4FB7044B52A56BD52904CD779B5B238474EF8700130"
Last-Modified: Sat, 10 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Tue, 13 Sep 2022 02:13:28 GMT
Date: Mon, 12 Sep 2022 20:13:28 GMT
Connection: keep-alive
e1.o.lencr.org/
95.101.11.115200 OK 345 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 9ef673ffaf2f0fa01d4929d4aa2d1326
ba5ec7183566920abfb3810a55357ca181d0bdb4
4b20377c3d0d0d42b6d714aa3293be231f4afc03bbc2a4da0aa77c02aad9edf2
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "4B20377C3D0D0D42B6D714AA3293BE231F4AFC03BBC2A4DA0AA77C02AAD9EDF2"
Last-Modified: Sun, 11 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15841
Expires: Tue, 13 Sep 2022 00:37:29 GMT
Date: Mon, 12 Sep 2022 20:13:28 GMT
Connection: keep-alive
e1.o.lencr.org/
95.101.11.115200 OK 344 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 73aab46191deab60b404ea59a6020fc6
fe4915e33ee539ff976f9c64c9a8d56acf9c9bf8
489594195c1e05756f16896b1f4da40ceec727aa5d6a8cc45ab9ec263a48b6eb
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "489594195C1E05756F16896B1F4DA40CEEC727AA5D6A8CC45AB9EC263A48B6EB"
Last-Modified: Sat, 10 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Tue, 13 Sep 2022 02:13:28 GMT
Date: Mon, 12 Sep 2022 20:13:28 GMT
Connection: keep-alive
e1.o.lencr.org/
95.101.11.115200 OK 345 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash eedeedc6e2b58090dba823dcbbd8e47d
ea9b8a65f9f564f47780f9871ad34f22cd5cfc18
87638994cd5c812d1a9eb7347ce45de2498d4a52caf14ecb837e2a8019512f7c
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "87638994CD5C812D1A9EB7347CE45DE2498D4A52CAF14ECB837E2A8019512F7C"
Last-Modified: Sat, 10 Sep 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=750
Expires: Mon, 12 Sep 2022 20:25:58 GMT
Date: Mon, 12 Sep 2022 20:13:28 GMT
Connection: keep-alive
e1.o.lencr.org/
95.101.11.115200 OK 344 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 56cb3962050fc9dbc0a3b3ea2e46c09e
7ec385bc69a53479bcc2e78d06bd0d4a34782682
d6ee30d6a8380e453663ce769f030e6613bf454486c831e9de3c38e02f505cea
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "D6EE30D6A8380E453663CE769F030E6613BF454486C831E9DE3C38E02F505CEA"
Last-Modified: Mon, 12 Sep 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10207
Expires: Mon, 12 Sep 2022 23:03:35 GMT
Date: Mon, 12 Sep 2022 20:13:28 GMT
Connection: keep-alive
e1.o.lencr.org/
95.101.11.115200 OK 345 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash aeba9a56e05e8c9252e7293254db9acb
2fd688e1143e88a9017ad95cd0ac100a2f8bc9c8
3be29c4ed1d26c45855120a8c43a987fee221da656d714282df28386ef91893e
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "3BE29C4ED1D26C45855120A8C43A987FEE221DA656D714282DF28386EF91893E"
Last-Modified: Mon, 12 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2183
Expires: Mon, 12 Sep 2022 20:49:51 GMT
Date: Mon, 12 Sep 2022 20:13:28 GMT
Connection: keep-alive
e1.o.lencr.org/
95.101.11.115200 OK 345 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 7c4deb274d82e3761320ec75b4ac879c
ea85cd699971302d29225170b73c0993ce5dc0e4
20684816b28c2a50fccf991a7db5b49e4812fe6d8543efd04f03f76e72075925
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "20684816B28C2A50FCCF991A7DB5B49E4812FE6D8543EFD04F03F76E72075925"
Last-Modified: Sun, 11 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11429
Expires: Mon, 12 Sep 2022 23:23:57 GMT
Date: Mon, 12 Sep 2022 20:13:28 GMT
Connection: keep-alive
e1.o.lencr.org/
95.101.11.115200 OK 345 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash a00359f3ad611a31e1da061fa7179a8a
3f4d96e25c98cdb6f7acc345be0c675967ad9a6a
2c033922c18e3695d84c3b6c3b2e4272b03a57613b4a339a94c42b7edeb66ba5
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "2C033922C18E3695D84C3B6C3B2E4272B03A57613B4A339A94C42B7EDEB66BA5"
Last-Modified: Mon, 12 Sep 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=949
Expires: Mon, 12 Sep 2022 20:29:17 GMT
Date: Mon, 12 Sep 2022 20:13:28 GMT
Connection: keep-alive
e1.o.lencr.org/
95.101.11.115200 OK 346 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 572139e8055fb59296e783eaedcc3ff7
cd430c56eae35217fba95b7d094078e6db7fc877
702bac733325e37d345198aa04f51f9c6fc1cf7e71aebfa92c15e5c15716e853
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "702BAC733325E37D345198AA04F51F9C6FC1CF7E71AEBFA92C15E5C15716E853"
Last-Modified: Sat, 10 Sep 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21591
Expires: Tue, 13 Sep 2022 02:13:19 GMT
Date: Mon, 12 Sep 2022 20:13:28 GMT
Connection: keep-alive
e1.o.lencr.org/
95.101.11.115200 OK 346 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash a3219956a811e3314debe513e5895ada
a4183eee27edadbe9dbcb63477c110f3c21f6daa
cc1cab1af567f141b860f6887f2a6b3b224c6ec849b99cafb3ec2b1f7e0c7ca8
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "CC1CAB1AF567F141B860F6887F2A6B3B224C6EC849B99CAFB3EC2B1F7E0C7CA8"
Last-Modified: Sun, 11 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17612
Expires: Tue, 13 Sep 2022 01:07:00 GMT
Date: Mon, 12 Sep 2022 20:13:28 GMT
Connection: keep-alive
e1.o.lencr.org/
95.101.11.115200 OK 345 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash eebc5598ed05032f695ba8508027d7de
b6213667df8e8e051d27b41638a4c78698d9e7c3
81e079cd32f269ff06f7f16224cb7e3b5094f570613a5b5750201088aebe47ec
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "81E079CD32F269FF06F7F16224CB7E3B5094F570613A5B5750201088AEBE47EC"
Last-Modified: Sun, 11 Sep 2022 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6524
Expires: Mon, 12 Sep 2022 22:02:12 GMT
Date: Mon, 12 Sep 2022 20:13:28 GMT
Connection: keep-alive
e1.o.lencr.org/
95.101.11.115200 OK 345 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash bf3ae23a060d2c262021a4a864f285ac
310d869d6e429103c3a79c8795750dc7855023e7
43293f496009ae630ab1f14d1dcc52c4b0af12735bb7aaf32024394b935796af
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "43293F496009AE630AB1F14D1DCC52C4B0AF12735BB7AAF32024394B935796AF"
Last-Modified: Sat, 10 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14838
Expires: Tue, 13 Sep 2022 00:20:46 GMT
Date: Mon, 12 Sep 2022 20:13:28 GMT
Connection: keep-alive
e1.o.lencr.org/
95.101.11.115200 OK 344 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 8ac223ef34e0badd60d5a83b7bfc40cf
5730af48ca911d1b9465b9b12748b22e292b06b8
126f33dec55b5cfe2d46aeb51c07af0069075bdb651e30797557572578b9cda9
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "126F33DEC55B5CFE2D46AEB51C07AF0069075BDB651E30797557572578B9CDA9"
Last-Modified: Sun, 11 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Tue, 13 Sep 2022 02:13:28 GMT
Date: Mon, 12 Sep 2022 20:13:28 GMT
Connection: keep-alive
e1.o.lencr.org/
95.101.11.115200 OK 345 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 59560df23bdf6405723185c1d468fc16
0d2019e35b3cd765f697741a5be1fe63490e2525
ea155238247fd5a8e2cba2bd134b4cc6d1192c8ae4424d14d3148d281e6f89e0
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "EA155238247FD5A8E2CBA2BD134B4CC6D1192C8AE4424D14D3148D281E6F89E0"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12609
Expires: Mon, 12 Sep 2022 23:43:37 GMT
Date: Mon, 12 Sep 2022 20:13:28 GMT
Connection: keep-alive
e1.o.lencr.org/
95.101.11.115200 OK 345 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 50375870fe88f7a61a2faa32f4350c29
23ef6f127c9410e1c2e01e31f6384eeba6ff7c38
1af68b55049a4d5a1fbb212210d81c5c16ec3671fbaae8342db8e3cfc2a6d57c
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "1AF68B55049A4D5A1FBB212210D81C5C16EC3671FBAAE8342DB8E3CFC2A6D57C"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12642
Expires: Mon, 12 Sep 2022 23:44:10 GMT
Date: Mon, 12 Sep 2022 20:13:28 GMT
Connection: keep-alive
e1.o.lencr.org/
95.101.11.115200 OK 345 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 9ed1321ac68fb06803caf4ff5b92016e
756a7581d44c8f1933246764c898e4f4f487bdbe
0d0e4002f72a887e19a0ea9198767f7b2b1fe4dcad87a3486a27c90733dfb654
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "0D0E4002F72A887E19A0EA9198767F7B2B1FE4DCAD87A3486A27C90733DFB654"
Last-Modified: Sat, 10 Sep 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17761
Expires: Tue, 13 Sep 2022 01:09:29 GMT
Date: Mon, 12 Sep 2022 20:13:28 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18308
Expires: Tue, 13 Sep 2022 01:18:36 GMT
Date: Mon, 12 Sep 2022 20:13:28 GMT
Connection: keep-alive
e1.o.lencr.org/
95.101.11.115200 OK 345 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash f5710e28d96418a4e94b160cd6811ead
e25afb12d129a903749569281bfa32e97826272d
eb0686f511e228f6556e222bbaf7eec02cc4b0e548829a7744de5c66a309b80f
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "EB0686F511E228F6556E222BBAF7EEC02CC4B0E548829A7744DE5C66A309B80F"
Last-Modified: Mon, 12 Sep 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21566
Expires: Tue, 13 Sep 2022 02:12:54 GMT
Date: Mon, 12 Sep 2022 20:13:28 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae1f7987-7b92-4cec-85ab-243250e02a06.webp
34.120.237.76200 OK 7.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae1f7987-7b92-4cec-85ab-243250e02a06.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b7ccc33ae0c85a906f2c17db281ec790
1904722d70348235d5472c54f888d2b4b991e2aa
f48edc03624f582b05b596694b76bd784f85eb9f2ca5dd025bbea9cc2ff1f096
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae1f7987-7b92-4cec-85ab-243250e02a06.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6999
x-amzn-requestid: 61e3e817-fb62-47c7-b938-2dfc6a134622
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YO1mlG3XIAMFo5w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631c3629-37c2c8982c4ccf891875c59a;Sampled=0
x-amzn-remapped-date: Sat, 10 Sep 2022 07:00:57 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: S2TR552YpZeEbhTSAn4vdXexYpvR4Lrr-LaJmfNd7LnO0L4QM8w-Dg==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 07:13:41 GMT
age: 46787
etag: "1904722d70348235d5472c54f888d2b4b991e2aa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a938fd0-09b1-4550-89f4-e81e9c6a8737.jpeg
34.120.237.76200 OK 4.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a938fd0-09b1-4550-89f4-e81e9c6a8737.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b674daf3dc6e85ed054ab34d69979b86
47aaf5a3af2c25820d01d613c82b7f1279a298fc
7b9993ef69d4b77c1533ada040c85563b9cf7b1f5d007177c005f6cd7fdba1d3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a938fd0-09b1-4550-89f4-e81e9c6a8737.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4162
x-amzn-requestid: 9dc27e34-69e1-439d-8974-1297584ef4d0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YSIhuHlWIAMFhOQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631d87a4-410e9ede524aa657609a057a;Sampled=0
x-amzn-remapped-date: Sun, 11 Sep 2022 07:00:52 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: UxATqmWDCTwVqA3ORIXXObWZZj158TSRUoaAr48b08sxdAxBicw5zA==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 07:27:45 GMT
age: 45943
etag: "47aaf5a3af2c25820d01d613c82b7f1279a298fc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fefa6ec5a-4e0b-4c94-b9da-4836fbaa107b.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fefa6ec5a-4e0b-4c94-b9da-4836fbaa107b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e407da4d97d497925b1ab523fd416787
166741631fb93d109b18dde6d316b3fa3276aa8f
707460c02438da6114e35e0b6569d42c0f3fb747f8cb51002f4d52bedbcffa61
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fefa6ec5a-4e0b-4c94-b9da-4836fbaa107b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8485
x-amzn-requestid: a56c9282-2786-4ae7-9fc2-0468bcc820a8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YQ1k_FM1oAMFZ2Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631d02ec-753cc4f121c9b77d22bb82b5;Sampled=0
x-amzn-remapped-date: Sat, 10 Sep 2022 21:34:36 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Mfmj40aUc8l5RPk56M-pbqTwhde_HzYcmN5MDrfv-WFPhbpoShWYNw==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Sep 2022 22:16:58 GMT
age: 78990
etag: "166741631fb93d109b18dde6d316b3fa3276aa8f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
e1.o.lencr.org/
95.101.11.115200 OK 345 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash d91faa776d33134e906b3e1a785dbd24
efb1a03588ec8a0dcf9e82f912e027458686fb94
6954202ac270b02f6d8a5ecb5c4b2ede04a097b027267dd8285ab568faeff19d
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "6954202AC270B02F6D8A5ECB5C4B2EDE04A097B027267DD8285AB568FAEFF19D"
Last-Modified: Mon, 12 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Tue, 13 Sep 2022 02:13:28 GMT
Date: Mon, 12 Sep 2022 20:13:28 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75931920-737e-40b5-8dd6-d2070639ea2d.jpeg
34.120.237.76200 OK 8.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75931920-737e-40b5-8dd6-d2070639ea2d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c14088c4ca0d576e087feed41b7f1565
172b23f2ef39b6c3fdebb5441b10a95712206d0a
2699efa811ceac5420f5bd26c35a6f48b51854e29cbce7cbb62efb613db7d6b9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75931920-737e-40b5-8dd6-d2070639ea2d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8799
x-amzn-requestid: 1bcdf387-9ad2-449a-861e-3352b1744d23
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YUI-0G6vIAMFgbA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631e552b-42aa46af6315148106c4fdee;Sampled=0
x-amzn-remapped-date: Sun, 11 Sep 2022 21:37:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: g2mxKK8L5T4YkeD8JqNUuV_KfsIq8ypRMvxhsyzSZSEIP4gDl4zLVQ==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Sep 2022 21:41:51 GMT
age: 81097
etag: "172b23f2ef39b6c3fdebb5441b10a95712206d0a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6b50df-cdcd-4b44-9ed3-90a502ea29ad.jpeg
34.120.237.76200 OK 9.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6b50df-cdcd-4b44-9ed3-90a502ea29ad.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 239262b6ab17cb19414c35cd4f761092
48eddcf9838e980e67cc8f9cbb05b475df2f0331
cd27cbce632d769288d9c33c5c8e887ba02df5677f10f7a6d03139b590ba24b4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6b50df-cdcd-4b44-9ed3-90a502ea29ad.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9815
x-amzn-requestid: 89243e57-94eb-4c6b-903f-aa01df030ecc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YUIxnEAjoAMF_Ig=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631e54d6-199403e2695b214711f5117f;Sampled=0
x-amzn-remapped-date: Sun, 11 Sep 2022 21:36:23 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: PWOeca9JRnIgEymeLVyqTBucBJ0j6OS9Rmqwd4CcAKixqo0zvb452w==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Sep 2022 21:48:14 GMT
age: 80714
etag: "48eddcf9838e980e67cc8f9cbb05b475df2f0331"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81f9b0a3-fe8f-4665-9e54-9dfaf5d4876b.jpeg
34.120.237.76200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81f9b0a3-fe8f-4665-9e54-9dfaf5d4876b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6174529fff57758e958da5432344962f
05ec2076b32398d60ee77fab8c14345bc7dfe647
65284a76355864efa944dff5033575013c6d74a019a7b731e0236603f2f656a7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81f9b0a3-fe8f-4665-9e54-9dfaf5d4876b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9466
x-amzn-requestid: ba3f7eac-61c9-4b5f-ae8a-b372906a25ba
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YOTeoHMKoAMFr5Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631bff90-1e70e2c444242a2d46387986;Sampled=0
x-amzn-remapped-date: Sat, 10 Sep 2022 03:08:00 GMT
x-amz-cf-pop: SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: -SwaUjMInlOaGpH6yK1W1a57QCQMgY-l43RdUfKVtZA1zJzMrLzC6g==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 f7283f3fe2c258cf54f8b7d3dd272e0e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 04:04:42 GMT
age: 58126
etag: "05ec2076b32398d60ee77fab8c14345bc7dfe647"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
e1.o.lencr.org/
95.101.11.115200 OK 344 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 8a0fa5394e7e6c745bdcb5cd20e2c592
4832dc28b45d2e7c42af24841232d7adfcd9ee47
a3ba24c87fe18dd1cc22c21cbf98ebf24d1482d3fe6b53cd0bbfe7930d0ff4cc
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "A3BA24C87FE18DD1CC22C21CBF98EBF24D1482D3FE6B53CD0BBFE7930D0FF4CC"
Last-Modified: Sun, 11 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6263
Expires: Mon, 12 Sep 2022 21:57:51 GMT
Date: Mon, 12 Sep 2022 20:13:28 GMT
Connection: keep-alive
allfree4gck.xyz/?code=MjczNjc4NDI4NjU2MzczOXx8ZnJlZTRnY3AueHl6
104.21.78.155200 OK 16 kB URL HTTP/2 allfree4gck.xyz/?code=MjczNjc4NDI4NjU2MzczOXx8ZnJlZTRnY3AueHl6
IP 104.21.78.155:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (456), with CRLF, LF line terminators
Hash c2af3f5dbf4c1ade82e9646547d7eef4
bd00d29fe3a504c14b50153743c291292b5e964e
855e967197079506e0d28f7b9c4ac4ee0b5813abbcab176e832d0afbae0029c8
GET /?code=MjczNjc4NDI4NjU2MzczOXx8ZnJlZTRnY3AueHl6 HTTP/1.1
Host: allfree4gck.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free4gcp.xyz/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 12 Sep 2022 20:13:28 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
set-cookie: PHPSESSID=ng15vqdq868jigscffqnmni78m; path=/
pid=2736784286563739; expires=Thu, 15-Sep-2022 20:13:28 GMT; Max-Age=259200; path=/
dldomain=free4gcp.xyz; expires=Thu, 15-Sep-2022 20:13:28 GMT; Max-Age=259200; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JsHavnGYygKlDCfUfxQlTptGgQ6U5J3YXW3SPyjTONkbrN33ywb%2BpEiwcOOAfDDLoY9%2BH3ulKSSN5BAlWh%2BFVv3P3uG5d%2BUO4qi3QIXTxcpjUl3dgctYwGw198AZmW77xPg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 749b4dcdcc860b45-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 8.1 kB IP 142.250.74.3:0
Hash 52597977b64cd187a1b63e40cc372cca
a525d15b280c1e4cb4f518329bee7bcbb0f6d59c
e83b4fc5dd194de2781c9bff4239f5eb414c2bd8311d831db30d9730aef89fb2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 20:13:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=UA-228184982-1
142.250.74.72200 OK 42 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-228184982-1
IP 142.250.74.72:0
File type ASCII text, with very long lines (1615)
Hash 3fb7788c648226b12511f6e95204aca1
18fe3cb8fa2bb9981d89899184d33d30c6a4890c
043c13aca72676c07a8bc9b6b237f1e63dc926e7e376910b0a0b47f123d8e584
GET /gtag/js?id=UA-228184982-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://allfree4gck.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 12 Sep 2022 20:13:29 GMT
expires: Mon, 12 Sep 2022 20:13:29 GMT
cache-control: private, max-age=900
last-modified: Mon, 12 Sep 2022 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 41948
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 32 kB IP 142.250.74.3:0
Hash 6fb4188fd4ffa8399118e998d6a17c49
fed726861c15e35d802cc48c49e45d87aa0811c9
4d5a6a537694ee1b959226d6414dc8f3da0d42193d44b757d51dcf0d2de21877
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 20:13:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash bc61e1d5292ba27bb66da1f0a8d32496
918b5448bba6f6e2541e014d48ba9c3fe5f3db06
cfb29973089da1310059ca77d3952e05d3bfa191aaa33f8e5ec1da0f6bac16a2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CFB29973089DA1310059CA77D3952E05D3BFA191AAA33F8E5EC1DA0F6BAC16A2"
Last-Modified: Sun, 11 Sep 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3120
Expires: Mon, 12 Sep 2022 21:05:29 GMT
Date: Mon, 12 Sep 2022 20:13:29 GMT
Connection: keep-alive
ulogin.ru/js/ulogin.js
95.163.118.168200 OK 19 kB IP 95.163.118.168:0
ASN #12695 LLC Digital Network
File type ASCII text, with very long lines (580)
Hash 2a0c0923151479ada7471cdac3948867
2c4963de82442c3b9aa4aa1a2b470f97d2dac40f
a0d2d1dbde89b1f3acaaf5adf4d3ab4a9ad62ac219c01627ca437da996e84d74
GET /js/ulogin.js HTTP/1.1
Host: ulogin.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://allfree4gck.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 12 Sep 2022 20:13:30 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Mon, 29 Aug 2022 19:41:34 GMT
Set-Cookie: ulogin_token=ua08aff7a7da36f6b88cfbbcd2681fd62; expires=Tuesday, 12-Jan-2030 10:00:00 GMT; path=/
Expires: Thu, 15 Sep 2022 20:13:30 GMT
Cache-Control: max-age=259200
Content-Encoding: gzip
ulogin.ru/stats.html?r=83134&type=panel&xdm_e=https%3A%2F%2Fallfree4gck.xyz&xdm_c=default8673&xdm_p=1
95.163.118.168200 OK 1.1 kB URL HTTP/1.1 ulogin.ru/stats.html?r=83134&type=panel&xdm_e=https%3A%2F%2Fallfree4gck.xyz&xdm_c=default8673&xdm_p=1
IP 95.163.118.168:0
ASN #12695 LLC Digital Network
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 4a960496cafd40eadd72f4bca9980313
6c320736ce0e61dbe3ad4e7c04928c18a63b2b01
bdaf1d4b1e28c4f0e696b8494ac0c7387ab9b6122166fe9a13845a545085851b
GET /stats.html?r=83134&type=panel&xdm_e=https%3A%2F%2Fallfree4gck.xyz&xdm_c=default8673&xdm_p=1 HTTP/1.1
Host: ulogin.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://allfree4gck.xyz/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 12 Sep 2022 20:13:30 GMT
Content-Type: text/html
Last-Modified: Tue, 10 Aug 2021 16:01:27 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
r3.o.lencr.org/
95.101.11.115200 OK 7.6 kB IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 415abc26605854fe0dad140c17052fd5
59f330e647736064cc1907e30dd33221133e9905
6dbfff1e69e6169a0030a0b3c69d5442b398bca4dced43a15c236e080b0a61b1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "00B5388EDD6E9E1914B4CC6CE415C239C50D0904BF836DE6AAEFAF46A2255909"
Last-Modified: Sat, 10 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3136
Expires: Mon, 12 Sep 2022 21:05:45 GMT
Date: Mon, 12 Sep 2022 20:13:29 GMT
Connection: keep-alive
ulogin.ru/stats.html?r=50211&type=panel&xdm_e=https%3A%2F%2Fallfree4gck.xyz&xdm_c=default8674&xdm_p=1
95.163.118.168200 OK 1.1 kB URL HTTP/1.1 ulogin.ru/stats.html?r=50211&type=panel&xdm_e=https%3A%2F%2Fallfree4gck.xyz&xdm_c=default8674&xdm_p=1
IP 95.163.118.168:0
ASN #12695 LLC Digital Network
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 4a960496cafd40eadd72f4bca9980313
6c320736ce0e61dbe3ad4e7c04928c18a63b2b01
bdaf1d4b1e28c4f0e696b8494ac0c7387ab9b6122166fe9a13845a545085851b
GET /stats.html?r=50211&type=panel&xdm_e=https%3A%2F%2Fallfree4gck.xyz&xdm_c=default8674&xdm_p=1 HTTP/1.1
Host: ulogin.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://allfree4gck.xyz/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 12 Sep 2022 20:13:30 GMT
Content-Type: text/html
Last-Modified: Tue, 10 Aug 2021 16:01:27 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
r3.o.lencr.org/
95.101.11.115200 OK 5.1 kB IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 3e5846603d413838938563d2458205a7
74ce504b96cc970d3f054f3e5f4a18fe84d5c128
0f6ce67aa8cd71d496da83aa1d0cad8aab366547c7c57cc2f27350ba44151e74
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "10147B15150C53F44C4167462E434693D5C53FE58839497457A4A139BB0D099C"
Last-Modified: Sun, 11 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9654
Expires: Mon, 12 Sep 2022 22:54:23 GMT
Date: Mon, 12 Sep 2022 20:13:29 GMT
Connection: keep-alive
ulogin.ru/js/easyXDM.min.js?version=js.2.0.0
95.163.118.168200 OK 7.0 kB URL HTTP/1.1 ulogin.ru/js/easyXDM.min.js?version=js.2.0.0
IP 95.163.118.168:0
ASN #12695 LLC Digital Network
File type Unicode text, UTF-8 text, with very long lines (19804)
Hash 489ab3ceae080380a204ec274fb6debc
4759776b7953b70ecb269125ad0d945a7836b884
4840a22f680156aa6f5d95be69dcb71962c27747b6dfae8f7946f90d6387932f
GET /js/easyXDM.min.js?version=js.2.0.0 HTTP/1.1
Host: ulogin.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ulogin.ru/stats.html?r=83134&type=panel&xdm_e=https%3A%2F%2Fallfree4gck.xyz&xdm_c=default8673&xdm_p=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 12 Sep 2022 20:13:30 GMT
Content-Type: application/x-javascript
Content-Length: 6980
Last-Modified: Wed, 08 Jun 2016 14:44:03 GMT
Connection: keep-alive
Vary: Accept-Encoding
ETag: "57582f33-1b44"
Content-Encoding: gzip
Expires: Thu, 15 Sep 2022 20:13:30 GMT
Cache-Control: max-age=259200, public
r3.o.lencr.org/
95.101.11.115200 OK 3.2 kB IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash f9bb5b79c59dfa390ed1e964ed3bea02
ea4e3537b672b92bd3938cac55353ae647a2eb3e
5b75e8395bcb17828144dde5e767058fe5e0cbff4cf806ca0363504be2fa7f90
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "97CF75BA57A3A8072E0ACCBC18A6449502BCE5EE0BC4A90F0419C2D22493789F"
Last-Modified: Mon, 12 Sep 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5971
Expires: Mon, 12 Sep 2022 21:53:00 GMT
Date: Mon, 12 Sep 2022 20:13:29 GMT
Connection: keep-alive
algoaspace.ru/rev/
185.246.65.16200 OK 5.9 kB IP 185.246.65.16:0
Hash 6a218cfb802ccbc3e638ff181fe0fb9d
91c3841fd9d73c47866ed7b66710e03169762b0b
aa223c53a992c1c8aeacbabc4f8a563ca07665a46d93c49871d05c1434204263
GET /rev/ HTTP/1.1
Host: algoaspace.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://allfree4gck.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.13.12
Date: Mon, 12 Sep 2022 20:13:29 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Set-Cookie: utm1=1:64509619-e92f-4bd5-b1aa-cec5052ef0a2; expires=Tue, 12 Sep 2023 20:13:29 GMT; Max-Age=31536000; Path=/
ttl_YWxsZnJlZTRnY2sueHl6=0; Path=/
Last-Modified: Monday, 12-Sep-2022 20:13:29 GMT
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Content-Encoding: gzip
counter.yadro.ru/hit?t26.6;rhttps%3A//allfree4gck.xyz/;s1280*1024*24;uhttps%3A//ulogin.ru/stats.html%3Fr%3D83134%26type%3Dpanel%26xdm_e%3Dhttps%253A%252F%252Fallfree4gck.xyz%26xdm_c%3Ddefault8673%26xdm_p%3D1;0.5075439362897768
88.212.202.52200 OK 111 B URL HTTP/1.1 counter.yadro.ru/hit?t26.6;rhttps%3A//allfree4gck.xyz/;s1280*1024*24;uhttps%3A//ulogin.ru/stats.html%3Fr%3D83134%26type%3Dpanel%26xdm_e%3Dhttps%253A%252F%252Fallfree4gck.xyz%26xdm_c%3Ddefault8673%26xdm_p%3D1;0.5075439362897768
IP 88.212.202.52:0
ASN #39134 United Network LLC
File type GIF image data, version 87a, 88 x 15\012- data
Hash 461c6ecbe7e5c1031c4c5f1d877ab251
7a9ed50ead5fc203d982e574ffc0a1defda0505f
771258edf682e442c71c3f6e2e6efdb65fb985307663a5f4819818120a3cceec
GET /hit?t26.6;rhttps%3A//allfree4gck.xyz/;s1280*1024*24;uhttps%3A//ulogin.ru/stats.html%3Fr%3D83134%26type%3Dpanel%26xdm_e%3Dhttps%253A%252F%252Fallfree4gck.xyz%26xdm_c%3Ddefault8673%26xdm_p%3D1;0.5075439362897768 HTTP/1.1
Host: counter.yadro.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ulogin.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Mon, 12 Sep 2022 20:13:29 GMT
Content-Type: image/gif
Content-Length: 111
Connection: keep-alive
Expires: Sat, 11 Sep 2021 21:00:00 GMT
Pragma: no-cache
Cache-control: no-cache
Access-Control-Allow-Origin: *
Strict-Transport-Security: max-age=86400
counter.yadro.ru/hit?t26.6;rhttps%3A//allfree4gck.xyz/;s1280*1024*24;uhttps%3A//ulogin.ru/stats.html%3Fr%3D50211%26type%3Dpanel%26xdm_e%3Dhttps%253A%252F%252Fallfree4gck.xyz%26xdm_c%3Ddefault8674%26xdm_p%3D1;0.592590044645413
88.212.202.52200 OK 3.0 kB URL HTTP/1.1 counter.yadro.ru/hit?t26.6;rhttps%3A//allfree4gck.xyz/;s1280*1024*24;uhttps%3A//ulogin.ru/stats.html%3Fr%3D50211%26type%3Dpanel%26xdm_e%3Dhttps%253A%252F%252Fallfree4gck.xyz%26xdm_c%3Ddefault8674%26xdm_p%3D1;0.592590044645413
IP 88.212.202.52:0
ASN #39134 United Network LLC
Hash 3d1b21d3b694337b5618871b2d027215
5ae0bb9785ccaccfd1a577c7ad6d9a7bed351f63
65fc0b5ac63c10f41b15f2b2c9f71031304c10923826df789e3bac10032dd5ea
GET /hit?t26.6;rhttps%3A//allfree4gck.xyz/;s1280*1024*24;uhttps%3A//ulogin.ru/stats.html%3Fr%3D50211%26type%3Dpanel%26xdm_e%3Dhttps%253A%252F%252Fallfree4gck.xyz%26xdm_c%3Ddefault8674%26xdm_p%3D1;0.592590044645413 HTTP/1.1
Host: counter.yadro.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ulogin.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Mon, 12 Sep 2022 20:13:29 GMT
Content-Type: image/gif
Content-Length: 111
Connection: keep-alive
Expires: Sat, 11 Sep 2021 21:00:00 GMT
Pragma: no-cache
Cache-control: no-cache
Access-Control-Allow-Origin: *
Strict-Transport-Security: max-age=86400
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 72cb7c355aa6eb507a1f80f7543b2e5a
663925cfa934a8ba508f08211db6235f2fa3732d
cf002e70996611c88617c1d664f2ffaebc4bdd23aaabf9c9b19d0db4d5c56435
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CF002E70996611C88617C1D664F2FFAEBC4BDD23AAABF9C9B19D0DB4D5C56435"
Last-Modified: Mon, 12 Sep 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9366
Expires: Mon, 12 Sep 2022 22:49:35 GMT
Date: Mon, 12 Sep 2022 20:13:29 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 5295571977aa4cf60d7a855be161fab4
e629ecb649ee304e7f6200133103b48e1d21eecb
8aaec54992c2d50ca6291240a28ca775c76b03dc711c1c4933a198ab4a9ed934
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8AAEC54992C2D50CA6291240A28CA775C76B03DC711C1C4933A198AB4A9ED934"
Last-Modified: Sat, 10 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5100
Expires: Mon, 12 Sep 2022 21:38:29 GMT
Date: Mon, 12 Sep 2022 20:13:29 GMT
Connection: keep-alive
edn.whilen.ru/sta453b3qh45lr/1.4.5.js
92.223.97.97200 OK 9.6 kB URL HTTP/2 edn.whilen.ru/sta453b3qh45lr/1.4.5.js
IP 92.223.97.97:0
ASN #199524 G-Core Labs S.A.
Hash a846efc599c8a0473aa54fdf0673f8d9
5a21af3f1066760783aaf4473ae477b18b6e3672
674adc2cd75b361f0bce76f4d8f554a3031c7d887d8016dac38c83a1c73e6047
Analyzer Verdict Alert fortinet Malware
GET /sta453b3qh45lr/1.4.5.js HTTP/1.1
Host: edn.whilen.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://allfree4gck.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 12 Sep 2022 20:13:29 GMT
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges
etag: W/"e22b559d6fc3241ea271ecf13869d8fc"
last-modified: Fri, 26 Nov 2021 15:33:27 GMT
x-timestamp: 1637940806.16302
x-trans-id: 16bb227c2a251146
age: 1
cache: HIT
x-cached-since: 2022-09-12T20:05:04+00:00
x-id: sto5-up-gc14
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash ad439cab56126bcc402ee9f92365a209
a4b48a9a733c53cbc7020e190b8c787e1f80f55a
d0e2e52b66a8dec8c57092ec332f452a7348941d778d7b4686ca32696aabd065
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 20:13:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
nordw.ingeitn.ru/i/k.js
92.223.97.97200 OK 32 kB IP 92.223.97.97:0
ASN #199524 G-Core Labs S.A.
Hash beaa29f09ef79682d7afcf2135ae54e7
d80c1069175a3033ee722ef4e76a6ceb29035fc6
9dd42491ecde0f7bb45a56840b634448dbc518f8f0356eb2791ea9c7eeacf4c0
GET /i/k.js HTTP/1.1
Host: nordw.ingeitn.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://allfree4gck.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 12 Sep 2022 20:13:29 GMT
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges
etag: W/"d0226560a2d22923fc0b287025fd9906"
last-modified: Fri, 26 Nov 2021 15:34:02 GMT
x-timestamp: 1637940841.37913
x-trans-id: 16bb22845d641b0a
age: 48190
expires: Wed, 14 Sep 2022 08:13:29 GMT
cache-control: max-age=129600
cache: HIT
x-cached-since: 2022-09-12T20:13:07+00:00
x-id: sto5-up-gc10
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash ad439cab56126bcc402ee9f92365a209
a4b48a9a733c53cbc7020e190b8c787e1f80f55a
d0e2e52b66a8dec8c57092ec332f452a7348941d778d7b4686ca32696aabd065
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 20:13:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash ad439cab56126bcc402ee9f92365a209
a4b48a9a733c53cbc7020e190b8c787e1f80f55a
d0e2e52b66a8dec8c57092ec332f452a7348941d778d7b4686ca32696aabd065
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 20:13:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img.youtube.com/vi/pKCWOBQy22U/hqdefault.jpg
142.250.74.46200 OK 39 kB URL HTTP/2 img.youtube.com/vi/pKCWOBQy22U/hqdefault.jpg
IP 142.250.74.46:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x360, components 3\012- data
Hash 9c23352207c43c77bd0add44641bdc6d
dd8ab61deed369f3476c8715ff2ae7b1cbe1482c
bbcc71063bf48e875079ce8e34bf1c9f3cfff226db55ef9a102d33db52338b6f
GET /vi/pKCWOBQy22U/hqdefault.jpg HTTP/1.1
Host: img.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://allfree4gck.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 38887
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 12 Sep 2022 20:13:30 GMT
expires: Mon, 12 Sep 2022 22:13:30 GMT
cache-control: public, max-age=7200
etag: "1628366029"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img.youtube.com/vi/BlQ3mIGsgkU/hqdefault.jpg
142.250.74.46200 OK 16 kB URL HTTP/2 img.youtube.com/vi/BlQ3mIGsgkU/hqdefault.jpg
IP 142.250.74.46:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x360, components 3\012- data
Hash 0cca033b9dc69a8cc7b50e350b0240e9
58d08915b359b4e134fae7ae08fcbe1071dfc692
4fb163c302284ea560f85cdc8a75bec89b7642adf025f6dfa87d8991afb57ea1
GET /vi/BlQ3mIGsgkU/hqdefault.jpg HTTP/1.1
Host: img.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://allfree4gck.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 15654
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 12 Sep 2022 20:13:30 GMT
expires: Mon, 12 Sep 2022 22:13:30 GMT
cache-control: public, max-age=7200
etag: "1434108628"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 437c7ccd2c357dd83d6b9a5118d4b402
e0002389b286a960b454a92aeb3d1a1e08317ff2
9a5b3bdb7765ea21d7147a0c8022198a1be6c8256fa594b53732cf59e86532b9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 20:13:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img.youtube.com/vi/9uJGSwu6UgI/hqdefault.jpg
142.250.74.46200 OK 46 kB URL HTTP/2 img.youtube.com/vi/9uJGSwu6UgI/hqdefault.jpg
IP 142.250.74.46:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x360, components 3\012- data
Hash d2ffad38ae5df62b53d99f7201c7f8ac
06157eac3750711199ecb085e87ab831b5b8f573
a7bc17df1015a5db366625a5090a704a3b365b27b07743d485563be65b579cc7
GET /vi/9uJGSwu6UgI/hqdefault.jpg HTTP/1.1
Host: img.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://allfree4gck.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 45715
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 12 Sep 2022 20:13:30 GMT
expires: Mon, 12 Sep 2022 22:13:30 GMT
cache-control: public, max-age=7200
etag: "1627502312"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.46200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.46:0
File type ASCII text, with very long lines (1325)
Hash 56f5d7f608e25d64207135f045f988cb
901eb59372ae330ae85e1384da93479b21ae1082
1910daea79e5a9d04829a91e432dfa56f45a80a3e14a8cf667fec73af9fd3d29
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://allfree4gck.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20006
date: Mon, 12 Sep 2022 18:29:41 GMT
expires: Mon, 12 Sep 2022 20:29:41 GMT
cache-control: public, max-age=7200
age: 6229
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img.youtube.com/vi/zoyhCLYs7NU/hqdefault.jpg
142.250.74.46200 OK 30 kB URL HTTP/2 img.youtube.com/vi/zoyhCLYs7NU/hqdefault.jpg
IP 142.250.74.46:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x360, components 3\012- data
Hash 80982db88e08b8d00566f51136878d12
d5fa1efcbaa3592cea8806c232b6fe2bb2f2b7fe
bd55afc1287db8502f6ea3ea5b804a13074dff01cc7c996f72c02ffd480c16fe
GET /vi/zoyhCLYs7NU/hqdefault.jpg HTTP/1.1
Host: img.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://allfree4gck.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 29971
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 12 Sep 2022 20:13:30 GMT
expires: Mon, 12 Sep 2022 22:13:30 GMT
cache-control: public, max-age=7200
etag: "1628175831"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d0b93bf10aa6a1c704f00fe526ad647b
0a19767b3b99aa79469aadc9b88ec5d3df93d442
852466649bb58710c5a9a42d6fcc2ada0d5062ba42351cc503ed2fdd46588e33
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4669
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 20:13:30 GMT
Last-Modified: Mon, 12 Sep 2022 18:55:41 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
img.youtube.com/vi/H1ZtMw9ugQg/hqdefault.jpg
142.250.74.46200 OK 31 kB URL HTTP/2 img.youtube.com/vi/H1ZtMw9ugQg/hqdefault.jpg
IP 142.250.74.46:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x360, components 3\012- data
Hash f2fe50d9fefd9b286e350d5e950e0a07
e7fd60c18613286c86771af1581cbe57b6f64be9
114f54014f6ca0e585b67aeea9e0621cbd6c2f32d258cf86bcd40a13e2a95677
GET /vi/H1ZtMw9ugQg/hqdefault.jpg HTTP/1.1
Host: img.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://allfree4gck.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 31414
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 12 Sep 2022 19:21:41 GMT
expires: Mon, 12 Sep 2022 21:21:41 GMT
cache-control: public, max-age=7200
age: 3109
etag: "1629934114"
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img.youtube.com/vi/hx2w5eaG6gg/hqdefault.jpg
142.250.74.46200 OK 9.8 kB URL HTTP/2 img.youtube.com/vi/hx2w5eaG6gg/hqdefault.jpg
IP 142.250.74.46:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x360, components 3\012- data
Hash 6dc59250a4435a8edabb4c37fac1bb8d
fc7adab651a94fe514e439a58460d4c1b6a7bad2
f2976df88889401db44c5919e4baeee8ffd3b16ef0e2aa6646f509bc43105063
GET /vi/hx2w5eaG6gg/hqdefault.jpg HTTP/1.1
Host: img.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://allfree4gck.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 9836
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 12 Sep 2022 20:13:30 GMT
expires: Mon, 12 Sep 2022 22:13:30 GMT
cache-control: public, max-age=7200
etag: "0"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
connect.facebook.net/en_US/sdk.js
157.240.200.14200 OK 1.7 kB URL HTTP/2 connect.facebook.net/en_US/sdk.js
IP 157.240.200.14:0
File type ASCII text, with very long lines (1961)
Hash 64c9c78243444126db06bd3d6ba86350
267a0565825d1b7776e6ff8e4fc14859599efeba
2d4e573cc2c7e723d1d88656eb0209e92640bf84cf9969fe86f104312adb4767
GET /en_US/sdk.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://allfree4gck.xyz
Connection: keep-alive
Referer: https://allfree4gck.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: f1a93cc47f5db887babbc6f48fd75461
etag: "3275f8da5c67214e9af4604d520e31c0"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Mon, 12 Sep 2022 20:23:02 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: ZMnHgkNEQSbbBr09a6hjUA==
x-fb-debug: CA/WMpLY4IIGXom8Kie2pCWEMPyVhYep1lVrUS+8YymUoQcRkiBYHwnPrdCd9Xg88BX2m98dxOlXZi6H/j+b+w==
content-length: 1687
x-fb-trip-id: 1679558926
date: Mon, 12 Sep 2022 20:13:30 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img.youtube.com/vi/2lx3kQvIAXk/hqdefault.jpg
142.250.74.46200 OK 29 kB URL HTTP/2 img.youtube.com/vi/2lx3kQvIAXk/hqdefault.jpg
IP 142.250.74.46:0
Hash 635a3f1042bbc1bda7a1629cffd20cb3
e060c724fd7128879fb68bdf345f01b2ee2b7606
633e109b87e7ef8a127ec9e8b035a723cf1232235c6a86dd7337f49a7c75e2e3
GET /vi/2lx3kQvIAXk/hqdefault.jpg HTTP/1.1
Host: img.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://allfree4gck.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 29089
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 12 Sep 2022 20:13:30 GMT
expires: Mon, 12 Sep 2022 22:13:30 GMT
cache-control: public, max-age=7200
etag: "1618954564"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash ad439cab56126bcc402ee9f92365a209
a4b48a9a733c53cbc7020e190b8c787e1f80f55a
d0e2e52b66a8dec8c57092ec332f452a7348941d778d7b4686ca32696aabd065
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 20:13:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/j/collect?v=1&_v=j96&a=1140727177&t=pageview&_s=1&dl=https%3A%2F%2Fallfree4gck.xyz%2F%3Fcode%3DMjczNjc4NDI4NjU2MzczOXx8ZnJlZTRnY3AueHl6&dr=https%3A%2F%2Ffree4gcp.xyz%2F&ul=en-us&de=UTF-8&dt=Paid%20video%20viewing&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAUABAAAAAC~&jid=1020691324&gjid=757153400&cid=1848078017.1663013598&tid=UA-228184982-1&_gid=1362619784.1663013598&_r=1>m=2ou970&z=1427262215
142.250.74.46200 OK 1 B URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j96&a=1140727177&t=pageview&_s=1&dl=https%3A%2F%2Fallfree4gck.xyz%2F%3Fcode%3DMjczNjc4NDI4NjU2MzczOXx8ZnJlZTRnY3AueHl6&dr=https%3A%2F%2Ffree4gcp.xyz%2F&ul=en-us&de=UTF-8&dt=Paid%20video%20viewing&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAUABAAAAAC~&jid=1020691324&gjid=757153400&cid=1848078017.1663013598&tid=UA-228184982-1&_gid=1362619784.1663013598&_r=1>m=2ou970&z=1427262215
IP 142.250.74.46:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?v=1&_v=j96&a=1140727177&t=pageview&_s=1&dl=https%3A%2F%2Fallfree4gck.xyz%2F%3Fcode%3DMjczNjc4NDI4NjU2MzczOXx8ZnJlZTRnY3AueHl6&dr=https%3A%2F%2Ffree4gcp.xyz%2F&ul=en-us&de=UTF-8&dt=Paid%20video%20viewing&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAUABAAAAAC~&jid=1020691324&gjid=757153400&cid=1848078017.1663013598&tid=UA-228184982-1&_gid=1362619784.1663013598&_r=1>m=2ou970&z=1427262215 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://allfree4gck.xyz
Connection: keep-alive
Referer: https://allfree4gck.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://allfree4gck.xyz
date: Mon, 12 Sep 2022 20:13:30 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.globalsign.com/gseccovsslca2018
104.18.21.226200 OK 939 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.21.226:0
Hash 45ba9e837db07bc0f3be65ebd26e0c3a
f1fa72ef9198c3d65f5886e2e55f100cc622f31a
e974e70a85924786509f6cbb712b849dd73fffcc2eff2156863f8ac91f1ad4cf
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 20:13:30 GMT
Content-Type: application/ocsp-response
Content-Length: 939
Connection: keep-alive
Expires: Fri, 16 Sep 2022 18:38:31 GMT
ETag: "f1fa72ef9198c3d65f5886e2e55f100cc622f31a"
Last-Modified: Mon, 12 Sep 2022 18:38:32 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 412
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 749b4dd84cd6b4f9-OSL
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d0b93bf10aa6a1c704f00fe526ad647b
0a19767b3b99aa79469aadc9b88ec5d3df93d442
852466649bb58710c5a9a42d6fcc2ada0d5062ba42351cc503ed2fdd46588e33
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4669
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 20:13:30 GMT
Last-Modified: Mon, 12 Sep 2022 18:55:41 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 4.1 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash 9bcfd7bbf3c8499a9ec89e5441cc99da
3370c94542475750915d272dbf9ee385fe5d7d79
232f67bf0642216d6b8f27c520b631a24b6491d78088ad6ae7ed612e7ae6ff76
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 20:13:30 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Fri, 16 Sep 2022 18:21:21 GMT
ETag: "b03f0269bca5634f9cff66f29658f996f8b177c7"
Last-Modified: Mon, 12 Sep 2022 18:21:22 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 780
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 749b4dd95efdb4f9-OSL
mc.yandex.ru/metrika/watch.js
87.250.250.119200 OK 57 kB URL HTTP/2 mc.yandex.ru/metrika/watch.js
IP 87.250.250.119:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (557)
Hash 4772d9b98d93f93593c6e8edc7aa9293
93d8e8e70227ec38eba90283deecfeaa15464e30
9e196cd0bee78731c8219a29250b236d8377ec95d4f9ae0c30fa9a9a44fc4c19
GET /metrika/watch.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://allfree4gck.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 57321
date: Mon, 12 Sep 2022 20:13:30 GMT
access-control-allow-origin: *
etag: "631f3e5d-dfe9"
expires: Mon, 12 Sep 2022 21:13:30 GMT
last-modified: Mon, 12 Sep 2022 17:12:45 GMT
cache-control: max-age=3600
content-encoding: br
content-type: application/javascript
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
connect.facebook.net/en_US/sdk.js?hash=d562b19c8090904c33fe14657a1694c1
157.240.200.14200 OK 88 kB URL HTTP/2 connect.facebook.net/en_US/sdk.js?hash=d562b19c8090904c33fe14657a1694c1
IP 157.240.200.14:0
File type ASCII text, with very long lines (18453)
Hash 009a5d3d969323b9d25fed18ee2a5486
ffd3574ddfea95bc8d3d1fa76adf9a0909023d3d
0091558d13d2817f750816a9df1548bc8297a41502c0c821c8ab4d857e84fe3f
GET /en_US/sdk.js?hash=d562b19c8090904c33fe14657a1694c1 HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://allfree4gck.xyz
Connection: keep-alive
Referer: https://allfree4gck.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: ea40376e957c882e5a3720de65f32320
etag: "c9b8f0cfb2daefb8dcedbee17dacfb5b"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Tue, 12 Sep 2023 16:26:17 GMT
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: AJpdPZaTI7nSX+0Y7ipUhg==
x-fb-debug: 7UK59rSCoRp/Ejpd0w3KoCpo3qUP7JeJYGUfmXyeManBUSXliFjZesXmtjALNPduHt2+EgHJTA0pY6DX0TDR9A==
content-length: 87984
x-fb-trip-id: 1679558926
date: Mon, 12 Sep 2022 20:13:30 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
mc.yandex.ru/metrika/advert.gif
87.250.250.119200 OK 43 B URL HTTP/2 mc.yandex.ru/metrika/advert.gif
IP 87.250.250.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /metrika/advert.gif HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://allfree4gck.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Mon, 12 Sep 2022 20:13:30 GMT
access-control-allow-origin: *
etag: "631f3e5d-2b"
expires: Mon, 12 Sep 2022 21:13:30 GMT
accept-ranges: bytes
last-modified: Mon, 12 Sep 2022 17:12:45 GMT
cache-control: max-age=3600
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/82412725?wmode=7&page-url=https%3A%2F%2Fallfree4gck.xyz%2F%3Fcode%3DMjczNjc4NDI4NjU2MzczOXx8ZnJlZTRnY3AueHl6%231663013597436&page-ref=https%3A%2F%2Ffree4gcp.xyz%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A62hj1rf2ym1arpdzxkk3c%3Afp%3A1391%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A893%3Acn%3A1%3Adp%3A0%3Als%3A1430636067036%3Ahid%3A714319130%3Az%3A0%3Ai%3A20220912201318%3Aet%3A1663013598%3Ac%3A1%3Arn%3A217525669%3Arqn%3A1%3Au%3A1663013598789658060%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ans%3A1663013595543%3Aco%3A0%3Ads%3A2%2C736%2C374%2C1%2C%2C0%2C%2C507%2C10%2C%2C%2C%2C1719%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1663013598%3At%3APaid%20video%20viewing&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2)
87.250.250.119302 Found 407 B URL HTTP/2 mc.yandex.ru/watch/82412725?wmode=7&page-url=https%3A%2F%2Fallfree4gck.xyz%2F%3Fcode%3DMjczNjc4NDI4NjU2MzczOXx8ZnJlZTRnY3AueHl6%231663013597436&page-ref=https%3A%2F%2Ffree4gcp.xyz%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A62hj1rf2ym1arpdzxkk3c%3Afp%3A1391%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A893%3Acn%3A1%3Adp%3A0%3Als%3A1430636067036%3Ahid%3A714319130%3Az%3A0%3Ai%3A20220912201318%3Aet%3A1663013598%3Ac%3A1%3Arn%3A217525669%3Arqn%3A1%3Au%3A1663013598789658060%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ans%3A1663013595543%3Aco%3A0%3Ads%3A2%2C736%2C374%2C1%2C%2C0%2C%2C507%2C10%2C%2C%2C%2C1719%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1663013598%3At%3APaid%20video%20viewing&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2)
IP 87.250.250.119:0
File type JSON data\012- , ASCII text, with very long lines (407), with no line terminators
Hash 6e65346fef44a3385f891b548c3ccef1
d1e60d71c45cd3c327d6e6e69ea8413fd85908d0
1f669b1b597e700f877c588adc32bf2e5dc1e674f58a8f794b7e1954f554e2c7
GET /watch/82412725?wmode=7&page-url=https%3A%2F%2Fallfree4gck.xyz%2F%3Fcode%3DMjczNjc4NDI4NjU2MzczOXx8ZnJlZTRnY3AueHl6%231663013597436&page-ref=https%3A%2F%2Ffree4gcp.xyz%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A62hj1rf2ym1arpdzxkk3c%3Afp%3A1391%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A893%3Acn%3A1%3Adp%3A0%3Als%3A1430636067036%3Ahid%3A714319130%3Az%3A0%3Ai%3A20220912201318%3Aet%3A1663013598%3Ac%3A1%3Arn%3A217525669%3Arqn%3A1%3Au%3A1663013598789658060%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ans%3A1663013595543%3Aco%3A0%3Ads%3A2%2C736%2C374%2C1%2C%2C0%2C%2C507%2C10%2C%2C%2C%2C1719%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1663013598%3At%3APaid%20video%20viewing&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://allfree4gck.xyz
Connection: keep-alive
Referer: https://allfree4gck.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /watch/82412725/1?wmode=7&page-url=https%3A%2F%2Fallfree4gck.xyz%2F%3Fcode%3DMjczNjc4NDI4NjU2MzczOXx8ZnJlZTRnY3AueHl6%231663013597436&page-ref=https%3A%2F%2Ffree4gcp.xyz%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A62hj1rf2ym1arpdzxkk3c%3Afp%3A1391%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A893%3Acn%3A1%3Adp%3A0%3Als%3A1430636067036%3Ahid%3A714319130%3Az%3A0%3Ai%3A20220912201318%3Aet%3A1663013598%3Ac%3A1%3Arn%3A217525669%3Arqn%3A1%3Au%3A1663013598789658060%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ans%3A1663013595543%3Aco%3A0%3Ads%3A2%2C736%2C374%2C1%2C%2C0%2C%2C507%2C10%2C%2C%2C%2C1719%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1663013598%3At%3APaid%20video%20viewing&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29
date: Mon, 12 Sep 2022 20:13:30 GMT
access-control-allow-origin: https://allfree4gck.xyz
set-cookie: yandexuid=3490944731663013610; Expires=Tue, 12-Sep-2023 20:13:30 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=3490944731663013610; Expires=Tue, 12-Sep-2023 20:13:30 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yabs-sid=2204197591663013610; Path=/; SameSite=None; Secure
i=xxq7f8eRiwRCfFzErlokyfyrcaPnMup3MrVJ2UtemV2m3y0mkoyjSlClxm4OpTmjRVt58E2k/EG4BJdKzauZE5s87Gg=; Expires=Thu, 09-Sep-2032 20:13:20 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
ymex=1694549610.yrts.1663013610#1694549610.yrtsi.1663013610; Expires=Tue, 12-Sep-2023 20:13:30 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Mon, 12-Sep-2022 20:13:30 GMT
last-modified: Mon, 12-Sep-2022 20:13:30 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
hm.baidu.com/hm.js?ca39fa08836e125f6ea13e25b34bd166
103.235.46.191200 OK 12 kB URL HTTP/1.1 hm.baidu.com/hm.js?ca39fa08836e125f6ea13e25b34bd166
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
Hash 0e9537426b0531f01dbc8411af2588fe
8ad5e7adc79242b6ea79a60eddbed5276ba3c2e1
1e5eb4d6d7c7aa4ad97ff1befd29a55c56e1d6a13f58d9a2bedc83f934517d74
GET /hm.js?ca39fa08836e125f6ea13e25b34bd166 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://allfree4gck.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11344
Content-Type: application/javascript
Date: Mon, 12 Sep 2022 20:13:31 GMT
Etag: 1759044352249858af3cae2489623ea4
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=A9CBA2A1C9DB075A; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=656702719&si=ca39fa08836e125f6ea13e25b34bd166&su=https%3A%2F%2Ffree4gcp.xyz%2F&v=1.2.97&lv=1&sn=62974&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fallfree4gck.xyz%2F%3Fcode%3DMjczNjc4NDI4NjU2MzczOXx8ZnJlZTRnY3AueHl6%231663013597436&tt=Paid%20video%20viewing
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=656702719&si=ca39fa08836e125f6ea13e25b34bd166&su=https%3A%2F%2Ffree4gcp.xyz%2F&v=1.2.97&lv=1&sn=62974&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fallfree4gck.xyz%2F%3Fcode%3DMjczNjc4NDI4NjU2MzczOXx8ZnJlZTRnY3AueHl6%231663013597436&tt=Paid%20video%20viewing
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=656702719&si=ca39fa08836e125f6ea13e25b34bd166&su=https%3A%2F%2Ffree4gcp.xyz%2F&v=1.2.97&lv=1&sn=62974&r=0&ww=1280&ct=!!&u=https%3A%2F%2Fallfree4gck.xyz%2F%3Fcode%3DMjczNjc4NDI4NjU2MzczOXx8ZnJlZTRnY3AueHl6%231663013597436&tt=Paid%20video%20viewing HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://allfree4gck.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Mon, 12 Sep 2022 20:13:31 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=D69411BF95CD42B3; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
free4gcp.xyz/2736784286563739
172.67.184.22200 OK 0 B URL HTTP/2 free4gcp.xyz/2736784286563739
IP 172.67.184.22:0
GET /2736784286563739 HTTP/1.1
Host: free4gcp.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Mon, 12 Sep 2022 20:13:26 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: pid=2736784286563739; expires=Thu, 15-Sep-2022 20:13:26 GMT; Max-Age=259200; path=/
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1pvOW4uuPquA8NVgHaJwVaPxND7nOR9GPqBMPC0191gAzZ59IuN83ixJTXE2cPlJa6sQkp1rJ4UR8T37UQr%2F1sQ5%2B%2FR91%2Fv1HF6oxuYjnF8RL1SvIyl%2FmvswPrJua%2Bc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 749b4dc0dee1b4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
allfree4gck.xyz/js/bootstrap.min.js?1663013606&_=1663013594909
172.67.223.87200 OK 0 B URL HTTP/2 allfree4gck.xyz/js/bootstrap.min.js?1663013606&_=1663013594909
IP 172.67.223.87:0
GET /js/bootstrap.min.js?1663013606&_=1663013594909 HTTP/1.1
Host: allfree4gck.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://free4gcp.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 12 Sep 2022 20:13:27 GMT
content-type: application/javascript
last-modified: Sun, 19 Jun 2022 01:19:14 GMT
vary: Accept-Encoding
etag: W/"62ae7992-ea69"
expires: Tue, 13 Sep 2022 08:13:27 GMT
cache-control: max-age=43200
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UG0J4zucOV3GsFOt1VcQCsTJEVLj9ebVtv7YNjBod8pzJ%2BxQZKUAWeRhZM17f6u%2FvGTP%2B9ct6QS4hbSpsTUHHdorjYNzQqZexmvfXrsj3tSa2CbWfqm9gjXOKm0iFki9wWM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 749b4dc529420b51-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.smntq.com/c83ul/smart.js
95.217.109.66200 OK 0 B URL HTTP/2 cdn.smntq.com/c83ul/smart.js
IP 95.217.109.66:0
ASN #24940 Hetzner Online GmbH
GET /c83ul/smart.js HTTP/1.1
Host: cdn.smntq.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://allfree4gck.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.20.1
date: Mon, 12 Sep 2022 20:13:29 GMT
content-type: text/javascript;charset=UTF-8
mode: no-cors
access-control-allow-origin: *
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers: Access-Control-Allow-Headers, Origin,Accept, x-compress, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
cache-control: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.retget.ru/pwk/mc.php
95.217.109.66200 OK 0 B IP 95.217.109.66:0
ASN #24940 Hetzner Online GmbH
GET /pwk/mc.php HTTP/1.1
Host: cdn.retget.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://allfree4gck.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.20.1
date: Mon, 12 Sep 2022 20:13:32 GMT
content-type: text/html; charset=UTF-8
set-cookie: hjelwf=fe2353fb14e14bb39464d7080f24fcb5; expires=Mon, 12-Sep-2022 21:13:32 GMT; Max-Age=3600; path=/; SameSite=None; Secure; domain=cdn.retget.ru
content-encoding: gzip
mode: no-cors
access-control-allow-origin: *
cache-control: no-cache
X-Firefox-Spdy: h2