Report - wildwingshackers.blogspot.com/2012/03/windows-8-for-all-prince-shan.html/

Report Overview

Submitted URL
wildwingshackers.blogspot.com/2012/03/windows-8-for-all-prince-shan.html/
IP
172.217.21.161
ASN
#15169 GOOGLE
Submitted
2023-06-04 03:59:55
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
3
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
maxcdn.bootstrapcdn.com	724	2012-05-25	2014-06-18	2023-06-03	390 B	7.7 kB	104.18.11.207
pagead2.googlesyndication.com	101	2003-01-21	2021-02-20	2023-06-03	1.1 kB	169 kB	142.250.74.34
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2023-06-03	3.4 kB	200 kB	216.58.207.227
www.effectivedisplaycontent.com	108881	2021-12-22	2021-12-28	2023-05-22	382 B	514 B	192.243.61.227
yx-tr-val.com	unknown	unknown	2019-12-07	2023-02-17	4.4 kB	138 kB	185.66.200.221
xvaaa.com	unknown	2021-12-30	2019-04-03	2023-05-19	577 B	6.2 kB	185.66.200.220
www.gstatic.com	unknown	2008-02-11	2016-07-26	2023-06-03	2.4 kB	530 kB	142.250.74.67
www.google.com	7	1997-09-15	2015-05-10	2023-06-02	2.1 kB	49 kB	142.250.74.132
1.bp.blogspot.com	8403	2000-07-31	2012-05-21	2023-06-03	409 B	3.3 kB	142.250.74.161
udbaa.com	380419	2021-12-30	2022-01-03	2023-06-01	1.1 kB	72 kB	185.66.200.220
pl17008343.trustedcpmrevenue.com	unknown	unknown	No data	No data	770 B	1.0 kB	173.233.139.164
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2023-06-03	430 B	1.6 kB	142.250.74.106
ylx-i.advertica-cdn2.com	193063	2017-12-16	2017-12-29	2023-06-02	379 B	1.1 kB	185.66.200.127
ajax.googleapis.com	12905	2005-01-25	2013-08-16	2023-06-03	446 B	35 kB	216.58.207.234
pl17008340.trustedcpmrevenue.com	unknown	unknown	No data	No data	383 B	514 B	192.243.59.13
cache.r-q.media	unknown	2022-04-17	2023-05-21	2023-06-02	1.8 kB	9.9 kB	65.60.58.179
ocsp.pki.goog	175	2016-06-13	2018-07-01	2023-06-03	5.7 kB	12 kB	142.250.74.3
wildwingshackers.blogspot.com	unknown	2000-07-31	2014-01-16	2023-06-04	1.4 kB	57 kB	172.217.21.161
www.blogger.com	8975	1999-06-22	2012-05-22	2023-06-03	909 B	66 kB	142.250.74.73

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-06-04 03:59:41	medium	Client IP	Internal IP	ET INFO Observed DNS Query to .world TLD
2023-06-04 03:59:41	medium	Client IP	Internal IP	ET INFO Observed DNS Query to .world TLD
2023-06-04 03:59:42	medium	Client IP	Internal IP	ET INFO Observed DNS Query to .world TLD

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (8)

	URL	Size	First Seen	Last Seen
	cache.r-q.media/?utm_term=7240675696924688403&utm_content=e6c2c6dcd68fd49594fc9695a6a79597828bb8888e8d88bd87b3c5b1c3b7b484b8b3b889bfbfbeb982b380b386b5b4b4a2aaa8a9afafacada2a3a091a7979495868a868d9d8c8d9d87ce90938f8a859783fbc9f9fecdc8fdc0c7f0f1f6919599b9aec8c9ffcffdfffaf3c0f0f6f5f0c5dadbd8d9e9e9e8e9e5e6e3e5efefe0ed1e12101c73#0	0 B	2023-03-07	2024-07-27
Pretty URL cache.r-q.media/?utm_term=7240675696924688403&utm_content=e6c2c6dcd68fd49594fc9695a6a79597828bb8888e8d88bd87b3c5b1c3b7b484b8b3b889bfbfbeb982b380b386b5b4b4a2aaa8a9afafacada2a3a091a7979495868a868d9d8c8d9d87ce90938f8a859783fbc9f9fecdc8fdc0c7f0f1f6919599b9aec8c9ffcffdfffaf3c0f0f6f5f0c5dadbd8d9e9e9e8e9e5e6e3e5efefe0ed1e12101c73#0 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-07-27 03:37:55 Times Seen41184139 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	cache.r-q.media/?utm_term=7240675696924688403&utm_content=e6c2c6dcd68fd49594fc9695a6a79597828bb8888e8d88bd87b3c5b1c3b7b484b8b3b889bfbfbeb982b380b386b5b4b4a2aaa8a9afafacada2a3a091a7979495868a868d9d8c8d9d87ce90938f8a859783fbc9f9fecdc8fdc0c7f0f1f6919599b9aec8c9ffcffdfffaf3c0f0f6f5f0c5dadbd8d9e9e9e8e9e5e6e3e5efefe0ed1e12101c73	397 B	2023-06-04	2023-06-04
Pretty URL cache.r-q.media/?utm_term=7240675696924688403&utm_content=e6c2c6dcd68fd49594fc9695a6a79597828bb8888e8d88bd87b3c5b1c3b7b484b8b3b889bfbfbeb982b380b386b5b4b4a2aaa8a9afafacada2a3a091a7979495868a868d9d8c8d9d87ce90938f8a859783fbc9f9fecdc8fdc0c7f0f1f6919599b9aec8c9ffcffdfffaf3c0f0f6f5f0c5dadbd8d9e9e9e8e9e5e6e3e5efefe0ed1e12101c73 IP 65.60.58.179 ASN #32475 SINGLEHOP-LLC Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-04 06:00:09 Last Seen2023-06-04 06:00:09 Times Seen1 Hash ea61773aba7c5a8869c99e9d955503ee bd20f772b05d79392687f4f3f9c968642053fe49 0d81fb15dc66c04865b6bab649fc7ea290acad4869360d1c736861556d49d839 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 9cac8ce8607e4e8cf8884051ce84fd92	62 B	2023-05-31	2023-06-12
Pretty Observations First Seen2023-05-31 10:33:42 Last Seen2023-06-12 20:39:46 Times Seen636 Hash 9cac8ce8607e4e8cf8884051ce84fd92 de97b66f56816b5944f7b7fa292fa423da106db0 ae95a3a846de65742b5a7f96a10c9bffed0b1429a802a19921331205a74644e7 Loading...

	#2 Eval - 382e6f1e49ada168bab60dcfaaedc54c	17 kB	2023-06-04	2023-06-04
Pretty Observations First Seen2023-06-04 06:00:09 Last Seen2023-06-04 06:00:09 Times Seen1 Hash 382e6f1e49ada168bab60dcfaaedc54c 7571328cf967f118280bc93bc69ef5b50c2fbc64 cb1c09e119828fab25f1d3ebbaa74e291690b016c66db71ee6afb119fcc31e13 Loading...

	#3 Eval - 30659bcaa899e7aa89f51f2d0a5aa0dc	22 B	2023-05-31	2023-06-12
Pretty Observations First Seen2023-05-31 10:33:42 Last Seen2023-06-12 20:39:46 Times Seen634 Hash 30659bcaa899e7aa89f51f2d0a5aa0dc 20b9e86875b6a2ff37f0b5fd49817bdac30d51aa 3f6f048c2c40a5fab599a2a04dd0dc4f816899be3c906d27c7f4b7e97d0cc24d Loading...

	#4 Eval - 7b4ca24128be3ef62d4689bc01703db6	22 B	2023-05-31	2023-06-12
Pretty Observations First Seen2023-05-31 10:33:42 Last Seen2023-06-12 20:39:46 Times Seen637 Hash 7b4ca24128be3ef62d4689bc01703db6 6c677c63400dffa3369068f0de5dcc2d7db26fa0 2a842b33ba104f6b5bf06b39aa191ee20c2f847cb4be23c654786badc97dac7a Loading...

	#5 Eval - 60f9014673130a96d684e080432c72ff	16 kB	2023-05-31	2023-06-12
Pretty Observations First Seen2023-05-31 10:33:42 Last Seen2023-06-12 20:39:46 Times Seen636 Hash 60f9014673130a96d684e080432c72ff 357f5dccdceebafdb6b42c4a1310c52c4113707f d377b5279bdbf4cf6856dbf0b13a2bc09b8fcd4571c66b61a95c9a8b45016b65 Loading...

		Size	First Seen	Last Seen
	#1 Write - f34255e4f705fa7651d71e6b068a04c6	128 B	2023-06-04	2023-06-10
Pretty Observations First Seen2023-06-04 06:00:09 Last Seen2023-06-10 17:20:32 Times Seen2 Hash f34255e4f705fa7651d71e6b068a04c6 afd5c29b3bd79ffc2b36995e5c00200e161b746b a6aa48eb00c2f10b1be198e7e957f913ce8ba78e925246d4ff394fa1fe2d1892 Loading...

HTTP Transactions (59)

	URL	IP	Response	Size
	ocsp.pki.goog/gts1c3	142.250.74.3		471 B
URL ocsp.pki.goog/gts1c3 IP 142.250.74.3:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 55bca43f09e258c7913f004f9c367928 7187e09c3707b3d58587c7f9ad51b5442ded29d3 4aeb02eaa23b5e5d56e9aea8e8d968e6573ee87a1fec3ee24538fd34e9c28143 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 04 Jun 2023 03:59:36 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	wildwingshackers.blogspot.com/2012/03/windows-8-for-all-prince-shan.html/	172.217.21.161		27 kB
URL wildwingshackers.blogspot.com/2012/03/windows-8-for-all-prince-shan.html/ IP 172.217.21.161:0 ASN #15169 GOOGLE File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (6967) Size 27 kB (26883 bytes) Hash 180d01bd701ca70a366b35c67f6dba17 e963191d4a8cd15d158237d19fee3e1500e2bf83 322600e34f2e0806bc993ac661b98b47706c4bead2b0a1434d3965c95b126f85 HTTP Headers GET /2012/03/windows-8-for-all-prince-shan.html/ HTTP/1.1 Host: wildwingshackers.blogspot.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Upgrade-Insecure-Requests: 1 Connection: keep-alive Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache `HTTP/2 404 Not Found content-type: text/html; charset=UTF-8 cache-control: no-cache, no-store, max-age=0, must-revalidate pragma: no-cache expires: Mon, 01 Jan 1990 00:00:00 GMT date: Sun, 04 Jun 2023 03:59:36 GMT content-encoding: gzip x-content-type-options: nosniff x-xss-protection: 1; mode=block content-length: 26883 server: GSE alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2`

	ocsp.pki.goog/gts1c3	142.250.74.3		471 B
URL ocsp.pki.goog/gts1c3 IP 142.250.74.3:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash a10bf1244cba4323104fe9d4a23e228f 8943d772662c41169c4461355687298205011f3b 6e0a2297c3e668c8a15cdb92b364bcb67c18cea413af1f306dd67673d0a9b724 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 04 Jun 2023 03:59:37 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	wildwingshackers.blogspot.com/2012/03/windows-8-for-all-prince-shan.html/	172.217.21.161		27 kB
URL wildwingshackers.blogspot.com/2012/03/windows-8-for-all-prince-shan.html/ IP 172.217.21.161:0 ASN #15169 GOOGLE File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (6967) Size 27 kB (26903 bytes) Hash 17aeeab18682be31b106ce298d8a96f9 207486a25abda16991926d320d7293f18c585d3d afa1215cb06fad1f5d2f775bcc7aae094b148451783897c8796d37ba70b52218 HTTP Headers `GET /2012/03/windows-8-for-all-prince-shan.html/ HTTP/1.1 Host: wildwingshackers.blogspot.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 404 Not Found Content-Type: text/html; charset=UTF-8 Cache-Control: no-cache, no-store, max-age=0, must-revalidate Pragma: no-cache Expires: Mon, 01 Jan 1990 00:00:00 GMT Date: Sun, 04 Jun 2023 03:59:37 GMT Content-Encoding: gzip X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block Content-Length: 26903 Server: GSE`

	wildwingshackers.blogspot.com/js/cookienotice.js	172.217.21.161		2.0 kB
URL wildwingshackers.blogspot.com/js/cookienotice.js IP 172.217.21.161:0 ASN #15169 GOOGLE File type ASCII text Size 2.0 kB (2026 bytes) Hash a705132a2174f88e196ec3610d68faa8 3bad57a48d973a678fec600d45933010f6edc659 068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568 HTTP Headers `GET /js/cookienotice.js HTTP/1.1 Host: wildwingshackers.blogspot.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate DNT: 1 Connection: keep-alive Referer: http://wildwingshackers.blogspot.com/2012/03/windows-8-for-all-prince-shan.html/ Pragma: no-cache Cache-Control: no-cache` HTTP/1.1 200 OK Accept-Ranges: bytes Vary: Accept-Encoding Content-Encoding: gzip Content-Type: text/javascript Cross-Origin-Resource-Policy: cross-origin Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech" Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]} Content-Length: 2026 Date: Sun, 04 Jun 2023 03:59:37 GMT Expires: Sun, 11 Jun 2023 03:59:37 GMT Cache-Control: public, max-age=604800 Last-Modified: Sat, 03 Jun 2023 23:50:32 GMT X-Content-Type-Options: nosniff Server: sffe X-XSS-Protection: 0

	fonts.googleapis.com/css?family=Open+Sans:400,400italic,700,700italic\|Oswald:300,400,700\|Shadows+Into+Light	142.250.74.106		1.0 kB
URL fonts.googleapis.com/css?family=Open+Sans:400,400italic,700,700italic\|Oswald:300,400,700\|Shadows+Into+Light IP 142.250.74.106:0 ASN #15169 GOOGLE File type ASCII text Size 1.0 kB (1033 bytes) Hash c932be71beba7ed28e667b8979c32edc 87c3cf51f5e6131d11520f4a00dade51bf9f83a6 228bceceb5e75f19cf19ed2fefc07177e90c72f5042150073962ec4d6065e51a HTTP Headers `GET /css?family=Open+Sans:400,400italic,700,700italic\|Oswald:300,400,700\|Shadows+Into+Light HTTP/1.1 Host: fonts.googleapis.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate DNT: 1 Connection: keep-alive Referer: http://wildwingshackers.blogspot.com/ Pragma: no-cache Cache-Control: no-cache` HTTP/1.1 200 OK Content-Type: text/css; charset=utf-8 Access-Control-Allow-Origin: * Timing-Allow-Origin: * Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin Expires: Sun, 04 Jun 2023 03:59:37 GMT Date: Sun, 04 Jun 2023 03:59:37 GMT Cache-Control: private, max-age=86400 Cross-Origin-Resource-Policy: cross-origin Cross-Origin-Opener-Policy: same-origin-allow-popups Content-Encoding: gzip Transfer-Encoding: chunked Server: ESF X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN X-Content-Type-Options: nosniff

	maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css	104.18.11.207		6.9 kB
URL maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css IP 104.18.11.207:0 ASN #13335 CLOUDFLARENET File type ASCII text, with very long lines (27303) Size 6.9 kB (6901 bytes) Hash 4fbd15cb6047af93373f4f895639c8bf 12d6861075de8e293265ff6ff03b1f3adcb44c76 ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5 HTTP Headers `GET /font-awesome/4.5.0/css/font-awesome.min.css HTTP/1.1 Host: maxcdn.bootstrapcdn.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate DNT: 1 Connection: keep-alive Referer: http://wildwingshackers.blogspot.com/ Pragma: no-cache Cache-Control: no-cache` HTTP/1.1 200 OK Date: Sun, 04 Jun 2023 03:59:38 GMT Content-Type: text/css; charset=utf-8 Transfer-Encoding: chunked Connection: keep-alive Vary: Accept-Encoding CDN-PullZone: 252412 CDN-Uid: b1941f61-b576-4f40-80de-5677acb38f74 CDN-RequestCountryCode: DE CDN-EdgeStorageId: 565, 617, 617 Last-Modified: Mon, 25 Jan 2021 22:04:54 GMT CDN-CachedAt: 2021-06-08 19:04:20 CDN-RequestPullSuccess: True CDN-RequestPullCode: 200 Cache-Control: public, max-age=31919000 timing-allow-origin: * cross-origin-resource-policy: cross-origin access-control-allow-origin: * x-content-type-options: nosniff CDN-RequestId: e9a84d03a1f7c6aa17012c712a6e5dd5 Content-Encoding: gzip CDN-Status: 200 CDN-Cache: HIT CF-Cache-Status: HIT Age: 31295426 Server: cloudflare CF-RAY: 7d1d43a6997f1bfa-OSL alt-svc: h3=":443"; ma=86400

	ocsp.pki.goog/gts1c3	142.250.74.3		471 B
URL ocsp.pki.goog/gts1c3 IP 142.250.74.3:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash f12b9ab145d385ad70601c5c7a071675 242ac99050466d2e164c40d4cf4e4339793fa63f 1d687ac6d3cb41167dcccec96667f7ed18e0a2e5a5ca62aef3c955e705b2d05e HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 04 Jun 2023 03:59:38 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	www.blogger.com/static/v1/widgets/3566091532-css_bundle_v2.css	142.250.74.73		7.8 kB
URL www.blogger.com/static/v1/widgets/3566091532-css_bundle_v2.css IP 142.250.74.73:0 ASN #15169 GOOGLE File type ASCII text, with very long lines (35959) Size 7.8 kB (7756 bytes) Hash 1e32420a7b6ddbdcb7def8b3141c4d1e a1be54d42ff1f95244c9653539f90318f5bc0580 a9ca837900b6ae007386d400f659c233120b8af7d93407fd6475c9180d9e83d2 HTTP Headers `GET /static/v1/widgets/3566091532-css_bundle_v2.css HTTP/1.1 Host: www.blogger.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: http://wildwingshackers.blogspot.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK accept-ranges: bytes content-encoding: gzip cross-origin-resource-policy: cross-origin cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech" report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]} content-length: 7756 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Thu, 01 Jun 2023 07:48:08 GMT expires: Fri, 31 May 2024 07:48:08 GMT cache-control: public, max-age=31536000 last-modified: Wed, 31 May 2023 19:54:39 GMT content-type: text/css vary: Accept-Encoding age: 245490 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	142.250.74.3		471 B
URL ocsp.pki.goog/gts1c3 IP 142.250.74.3:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 34d9e4e508a70d42180686b70a225a52 1d54115c94e76e52e3c07b2d3c38ed50c60fdd04 b6e88977e0706ed9db5ca106ba6330625a4dc1bc82c158cee7a91711fe1bc5de HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 04 Jun 2023 03:59:38 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.pki.goog/gts1c3	142.250.74.3		471 B
URL ocsp.pki.goog/gts1c3 IP 142.250.74.3:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash a8a3974038c8ae57154bba33caefbe14 0497524f948beee22399042af1f2777f10944741 0b5040e393ac1af3414a12e88a0adbb235d15b0d1f0db9033def346a4159b58c HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 04 Jun 2023 03:59:38 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.pki.goog/gts1c3	142.250.74.3		471 B
URL ocsp.pki.goog/gts1c3 IP 142.250.74.3:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash d11f1919fef5d8fccf8a87cf62ec7d61 b862276403c5375ce0cf2707ff0141d0f765fafa 7002839ec0a73f7a79f9f8720287932bd850a6a1b741ad91808e402ecb1c0d48 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 04 Jun 2023 03:59:38 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js	216.58.207.234		34 kB
URL ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js IP 216.58.207.234:0 ASN #15169 GOOGLE File type ASCII text, with very long lines (32341) Size 34 kB (33576 bytes) Hash 8fc25e27d42774aeae6edbc0a18b72aa b66ed708717bf0b4a005a4d0113af8843ef3b8ff b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682 HTTP Headers `GET /ajax/libs/jquery/1.11.0/jquery.min.js HTTP/1.1 Host: ajax.googleapis.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: http://wildwingshackers.blogspot.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK accept-ranges: bytes content-encoding: gzip access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers" report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} timing-allow-origin: * content-length: 33576 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Thu, 01 Jun 2023 15:05:24 GMT expires: Fri, 31 May 2024 15:05:24 GMT cache-control: public, max-age=31536000, stale-while-revalidate=2592000 age: 219254 last-modified: Tue, 03 Mar 2020 19:15:00 GMT content-type: text/javascript; charset=UTF-8 vary: Accept-Encoding alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	www.blogger.com/static/v1/widgets/4164569176-widgets.js	142.250.74.73		57 kB
URL www.blogger.com/static/v1/widgets/4164569176-widgets.js IP 142.250.74.73:0 ASN #15169 GOOGLE File type ASCII text, with very long lines (2215) Size 57 kB (56553 bytes) Hash 206862b03a4ccbfeeeae44d04b97b03d 22746bf8a77f06e49343c2d0b4d1204a24b8661f eb7550ed07118c7e03ceaf573e6487dc3c1967efd41b9900e7ef8d1db30a52fe HTTP Headers `GET /static/v1/widgets/4164569176-widgets.js HTTP/1.1 Host: www.blogger.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: http://wildwingshackers.blogspot.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK accept-ranges: bytes content-encoding: gzip cross-origin-resource-policy: cross-origin cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech" report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]} content-length: 56553 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Fri, 02 Jun 2023 02:22:24 GMT expires: Sat, 01 Jun 2024 02:22:24 GMT cache-control: public, max-age=31536000 last-modified: Thu, 01 Jun 2023 15:53:32 GMT content-type: text/javascript vary: Accept-Encoding age: 178634 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6794290122359041&host=ca-host-pub-1556223355139109	142.250.74.34		47 kB
URL pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6794290122359041&host=ca-host-pub-1556223355139109 IP 142.250.74.34:0 ASN #15169 GOOGLE File type ASCII text, with very long lines (3548) Size 47 kB (47360 bytes) Hash 920c427e9b8bb9f1ea8c84a11254629f 68464445e6c1d91602f59fffce410218bd5f21bc 5ed6c8060eb443c2c6ef74773597dbffd60e73cfb7283dc9f189ab99ecafb8d1 HTTP Headers GET /pagead/js/adsbygoogle.js?client=ca-pub-6794290122359041&host=ca-host-pub-1556223355139109 HTTP/1.1 Host: pagead2.googlesyndication.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: http://wildwingshackers.blogspot.com DNT: 1 Connection: keep-alive Referer: http://wildwingshackers.blogspot.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" timing-allow-origin: * cross-origin-resource-policy: cross-origin vary: Accept-Encoding date: Sun, 04 Jun 2023 03:59:38 GMT expires: Sun, 04 Jun 2023 03:59:38 GMT cache-control: private, max-age=3600 content-type: text/javascript; charset=UTF-8 etag: 12453769406469213266 access-control-allow-origin: * x-content-type-options: nosniff content-disposition: attachment; filename="f.txt" content-encoding: br server: cafe content-length: 47360 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	142.250.74.3		471 B
URL ocsp.pki.goog/gts1c3 IP 142.250.74.3:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash f12b9ab145d385ad70601c5c7a071675 242ac99050466d2e164c40d4cf4e4339793fa63f 1d687ac6d3cb41167dcccec96667f7ed18e0a2e5a5ca62aef3c955e705b2d05e HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 04 Jun 2023 03:59:38 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.pki.goog/gts1c3	142.250.74.3		471 B
URL ocsp.pki.goog/gts1c3 IP 142.250.74.3:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash d11f1919fef5d8fccf8a87cf62ec7d61 b862276403c5375ce0cf2707ff0141d0f765fafa 7002839ec0a73f7a79f9f8720287932bd850a6a1b741ad91808e402ecb1c0d48 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 04 Jun 2023 03:59:38 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.pki.goog/gts1c3	142.250.74.3		471 B
URL ocsp.pki.goog/gts1c3 IP 142.250.74.3:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash a8a3974038c8ae57154bba33caefbe14 0497524f948beee22399042af1f2777f10944741 0b5040e393ac1af3414a12e88a0adbb235d15b0d1f0db9033def346a4159b58c HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 04 Jun 2023 03:59:38 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	1.bp.blogspot.com/-LeOd3ALR2xA/UbmVttsOBZI/AAAAAAAABZg/Qp8oxTLN_x4/s1600/bg.png	142.250.74.161		2.9 kB
URL 1.bp.blogspot.com/-LeOd3ALR2xA/UbmVttsOBZI/AAAAAAAABZg/Qp8oxTLN_x4/s1600/bg.png IP 142.250.74.161:0 ASN #15169 GOOGLE File type PNG image data, 99 x 99, 8-bit colormap, non-interlaced\012- data Size 2.9 kB (2891 bytes) Hash ab25e409f981e3379a25153a5f473b60 92011e07f37a15fd9302c23c081645c10bc16283 32df16fb278d8f2f3340202fda7810da07736103323da7ab658378c64f64af03 HTTP Headers `GET /-LeOd3ALR2xA/UbmVttsOBZI/AAAAAAAABZg/Qp8oxTLN_x4/s1600/bg.png HTTP/1.1 Host: 1.bp.blogspot.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate DNT: 1 Connection: keep-alive Referer: http://wildwingshackers.blogspot.com/ Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Access-Control-Allow-Origin: * Timing-Allow-Origin: * Access-Control-Expose-Headers: Content-Length Content-Disposition: inline;filename="bg.png" X-Content-Type-Options: nosniff Server: fife Content-Length: 2891 X-XSS-Protection: 0 Date: Sun, 04 Jun 2023 03:59:38 GMT Expires: Mon, 05 Jun 2023 03:59:38 GMT Cache-Control: public, max-age=86400, no-transform ETag: "v599" Content-Type: image/png Vary: Origin Age: 0`

	fonts.gstatic.com/s/oswald/v49/TK3iWkUHHAIjg752GT8G.woff2	216.58.207.227		25 kB
URL fonts.gstatic.com/s/oswald/v49/TK3iWkUHHAIjg752GT8G.woff2 IP 216.58.207.227:0 ASN #15169 GOOGLE File type Web Open Font Format (Version 2), TrueType, length 25372, version 1.0\012- data Size 25 kB (25372 bytes) Hash fe424f96cb627d8b835cb001af17f56e c5b4368fed99812a99036fba86d01367b5549505 35c92598a5f32c018dc630f57b183b0284c211ce9c222e5b36840a62115262f1 HTTP Headers `GET /s/oswald/v49/TK3iWkUHHAIjg752GT8G.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: http://wildwingshackers.blogspot.com DNT: 1 Connection: keep-alive Referer: http://fonts.googleapis.com/ Pragma: no-cache Cache-Control: no-cache` HTTP/1.1 200 OK Accept-Ranges: bytes Access-Control-Allow-Origin: * Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes Cross-Origin-Resource-Policy: cross-origin Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes" Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} Timing-Allow-Origin: * Content-Length: 25372 X-Content-Type-Options: nosniff Server: sffe X-XSS-Protection: 0 Date: Wed, 31 May 2023 21:07:24 GMT Expires: Thu, 30 May 2024 21:07:24 GMT Cache-Control: public, max-age=31536000 Age: 283934 Last-Modified: Mon, 18 Jul 2022 19:24:05 GMT Content-Type: font/woff2

	fonts.gstatic.com/s/oswald/v49/TK3iWkUHHAIjg752GT8G.woff2	216.58.207.227		25 kB
URL fonts.gstatic.com/s/oswald/v49/TK3iWkUHHAIjg752GT8G.woff2 IP 216.58.207.227:0 ASN #15169 GOOGLE File type Web Open Font Format (Version 2), TrueType, length 25372, version 1.0\012- data Size 25 kB (25372 bytes) Hash fe424f96cb627d8b835cb001af17f56e c5b4368fed99812a99036fba86d01367b5549505 35c92598a5f32c018dc630f57b183b0284c211ce9c222e5b36840a62115262f1 HTTP Headers `GET /s/oswald/v49/TK3iWkUHHAIjg752GT8G.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: http://wildwingshackers.blogspot.com DNT: 1 Connection: keep-alive Referer: http://fonts.googleapis.com/ Pragma: no-cache Cache-Control: no-cache` HTTP/1.1 200 OK Accept-Ranges: bytes Access-Control-Allow-Origin: * Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes Cross-Origin-Resource-Policy: cross-origin Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes" Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} Timing-Allow-Origin: * Content-Length: 25372 X-Content-Type-Options: nosniff Server: sffe X-XSS-Protection: 0 Date: Wed, 31 May 2023 21:07:24 GMT Expires: Thu, 30 May 2024 21:07:24 GMT Cache-Control: public, max-age=31536000 Age: 283934 Last-Modified: Mon, 18 Jul 2022 19:24:05 GMT Content-Type: font/woff2

	fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2	216.58.207.227		48 kB
URL fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 IP 216.58.207.227:0 ASN #15169 GOOGLE File type Web Open Font Format (Version 2), TrueType, length 48412, version 1.0\012- data Size 48 kB (48412 bytes) Hash 31a8297826cdcea344698ff952694a7f 4fa1ee4c471d1c05e9141855eec5ee09b898d594 7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5 HTTP Headers `GET /s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: http://wildwingshackers.blogspot.com DNT: 1 Connection: keep-alive Referer: http://fonts.googleapis.com/ Pragma: no-cache Cache-Control: no-cache` HTTP/1.1 200 OK Accept-Ranges: bytes Access-Control-Allow-Origin: * Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes Cross-Origin-Resource-Policy: cross-origin Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes" Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} Timing-Allow-Origin: * Content-Length: 48412 X-Content-Type-Options: nosniff Server: sffe X-XSS-Protection: 0 Date: Thu, 01 Jun 2023 07:49:34 GMT Expires: Fri, 31 May 2024 07:49:34 GMT Cache-Control: public, max-age=31536000 Age: 245404 Last-Modified: Tue, 02 May 2023 15:08:53 GMT Content-Type: font/woff2

	fonts.gstatic.com/s/shadowsintolight/v15/UqyNK9UOIntux_czAvDQx_ZcHqZXBNQzdcD5.woff2	216.58.207.227		16 kB
URL fonts.gstatic.com/s/shadowsintolight/v15/UqyNK9UOIntux_czAvDQx_ZcHqZXBNQzdcD5.woff2 IP 216.58.207.227:0 ASN #15169 GOOGLE File type Web Open Font Format (Version 2), TrueType, length 16296, version 1.0\012- data Size 16 kB (16296 bytes) Hash ab4a2c11e0a08a8b4fa7846c2adcc173 86304ab63791be3a22e5eb673245bca6351774a2 2498c027559c4ae9a920e18e30031193148983e7ea195416d62c5d0ea2eaa3ac HTTP Headers `GET /s/shadowsintolight/v15/UqyNK9UOIntux_czAvDQx_ZcHqZXBNQzdcD5.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: http://wildwingshackers.blogspot.com DNT: 1 Connection: keep-alive Referer: http://fonts.googleapis.com/ Pragma: no-cache Cache-Control: no-cache` HTTP/1.1 200 OK Accept-Ranges: bytes Access-Control-Allow-Origin: * Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes Cross-Origin-Resource-Policy: cross-origin Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes" Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} Timing-Allow-Origin: * Content-Length: 16296 X-Content-Type-Options: nosniff Server: sffe X-XSS-Protection: 0 Date: Wed, 31 May 2023 20:27:55 GMT Expires: Thu, 30 May 2024 20:27:55 GMT Cache-Control: public, max-age=31536000 Age: 286303 Last-Modified: Wed, 27 Apr 2022 15:55:58 GMT Content-Type: font/woff2

	fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2	216.58.207.227		48 kB
URL fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 IP 216.58.207.227:0 ASN #15169 GOOGLE File type Web Open Font Format (Version 2), TrueType, length 48412, version 1.0\012- data Size 48 kB (48412 bytes) Hash 31a8297826cdcea344698ff952694a7f 4fa1ee4c471d1c05e9141855eec5ee09b898d594 7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5 HTTP Headers `GET /s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: http://wildwingshackers.blogspot.com DNT: 1 Connection: keep-alive Referer: http://fonts.googleapis.com/ Pragma: no-cache Cache-Control: no-cache` HTTP/1.1 200 OK Accept-Ranges: bytes Access-Control-Allow-Origin: * Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes Cross-Origin-Resource-Policy: cross-origin Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes" Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} Timing-Allow-Origin: * Content-Length: 48412 X-Content-Type-Options: nosniff Server: sffe X-XSS-Protection: 0 Date: Thu, 01 Jun 2023 07:49:34 GMT Expires: Fri, 31 May 2024 07:49:34 GMT Cache-Control: public, max-age=31536000 Age: 245404 Last-Modified: Tue, 02 May 2023 15:08:53 GMT Content-Type: font/woff2

	udbaa.com/slider.php?section=General&pub=846527&ga=g&side=random	185.66.200.220		69 kB
URL udbaa.com/slider.php?section=General&pub=846527&ga=g&side=random IP 185.66.200.220:0 ASN #201702 skHosting.eu s.r.o. File type data Size 69 kB (68697 bytes) Hash 7d4084968064ea78012c3dfb708d2d9b b5870e03b49206c81677e2072d6ef8d85f7bbfd1 218cca81ffd9f885877c005d7bc993e830662873e66327f631ff00effdd00c9f HTTP Headers `GET /slider.php?section=General&pub=846527&ga=g&side=random HTTP/1.1 Host: udbaa.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: http://wildwingshackers.blogspot.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` `HTTP/2 200 OK server: nginx date: Sun, 04 Jun 2023 03:59:38 GMT content-type: application/javascript expires: Sun, 04 Jun 2023 03:59:38 GMT last-modified: Sun, 04 Jun 2023 03:59:38 GMT cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 pragma: no-cache x-robots-tag: noindex, nofollow, noarchive, nosnippet X-Firefox-Spdy: h2`

	pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6794290122359041&plah=wildwingshackers.blogspot.com	142.250.74.34		121 kB
URL pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6794290122359041&plah=wildwingshackers.blogspot.com IP 142.250.74.34:0 ASN #15169 GOOGLE File type ASCII text, with very long lines (4291) Size 121 kB (120658 bytes) Hash 4f5f7c03c868185cd6af51bffe182016 72612899fc46e921039d4a8aa4384bf3aa73d4ba 01772f2b7324a96272af92eae07f39fa64f571a42827bb8043efc22dd8a26585 HTTP Headers GET /pagead/managed/js/adsense/m202305300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6794290122359041&plah=wildwingshackers.blogspot.com HTTP/1.1 Host: pagead2.googlesyndication.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: http://wildwingshackers.blogspot.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/3 200 OK p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" timing-allow-origin: * cross-origin-resource-policy: cross-origin vary: Accept-Encoding date: Sun, 04 Jun 2023 03:59:38 GMT expires: Sun, 04 Jun 2023 03:59:38 GMT cache-control: private, max-age=3600, stale-while-revalidate=3600 content-type: text/javascript; charset=UTF-8 etag: 8004497143688778538 x-content-type-options: nosniff content-disposition: attachment; filename="f.txt" content-encoding: br server: cafe content-length: 120658 x-xss-protection: 0 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	pl17008343.trustedcpmrevenue.com/58/ae/8f/58ae8f59bb8e156b1e414c15667737f5.js	173.233.139.164		0 B
URL pl17008343.trustedcpmrevenue.com/58/ae/8f/58ae8f59bb8e156b1e414c15667737f5.js IP 173.233.139.164:0 ASN #7979 SERVERS-COM File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /58/ae/8f/58ae8f59bb8e156b1e414c15667737f5.js HTTP/1.1 Host: pl17008343.trustedcpmrevenue.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate DNT: 1 Connection: keep-alive Referer: http://wildwingshackers.blogspot.com/ Pragma: no-cache Cache-Control: no-cache` HTTP/1.1 403 Forbidden Server: nginx/1.19.5 Date: Sun, 04 Jun 2023 03:59:38 GMT Content-Type: application/javascript Content-Length: 0 Connection: keep-alive P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Access-Control-Allow-Origin: * Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA

	www.effectivedisplaycontent.com/f120c5a81a77823e16e2ff5b476a653f/invoke.js	192.243.61.227		0 B
URL www.effectivedisplaycontent.com/f120c5a81a77823e16e2ff5b476a653f/invoke.js IP 192.243.61.227:0 ASN #39572 DataWeb Global Group B.V. File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /f120c5a81a77823e16e2ff5b476a653f/invoke.js HTTP/1.1 Host: www.effectivedisplaycontent.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate DNT: 1 Connection: keep-alive Referer: http://wildwingshackers.blogspot.com/ Pragma: no-cache Cache-Control: no-cache` HTTP/1.1 403 Forbidden Server: nginx/1.19.5 Date: Sun, 04 Jun 2023 03:59:38 GMT Content-Type: application/javascript Content-Length: 0 Connection: keep-alive P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Access-Control-Allow-Origin: * Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA

	pl17008340.trustedcpmrevenue.com/e9980ddec67e439d04b71a049a41ffdf/invoke.js	192.243.59.13		0 B
URL pl17008340.trustedcpmrevenue.com/e9980ddec67e439d04b71a049a41ffdf/invoke.js IP 192.243.59.13:0 ASN #39572 DataWeb Global Group B.V. File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /e9980ddec67e439d04b71a049a41ffdf/invoke.js HTTP/1.1 Host: pl17008340.trustedcpmrevenue.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate DNT: 1 Connection: keep-alive Referer: http://wildwingshackers.blogspot.com/ Pragma: no-cache Cache-Control: no-cache` HTTP/1.1 403 Forbidden Server: nginx/1.19.5 Date: Sun, 04 Jun 2023 03:59:38 GMT Content-Type: application/javascript Content-Length: 0 Connection: keep-alive P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Access-Control-Allow-Origin: * Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA

	pl17008343.trustedcpmrevenue.com/58/ae/8f/58ae8f59bb8e156b1e414c15667737f5.js	173.233.139.164		0 B
URL pl17008343.trustedcpmrevenue.com/58/ae/8f/58ae8f59bb8e156b1e414c15667737f5.js IP 173.233.139.164:0 ASN #7979 SERVERS-COM File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers `GET /58/ae/8f/58ae8f59bb8e156b1e414c15667737f5.js HTTP/1.1 Host: pl17008343.trustedcpmrevenue.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate DNT: 1 Connection: keep-alive Referer: http://wildwingshackers.blogspot.com/ Pragma: no-cache Cache-Control: no-cache` HTTP/1.1 403 Forbidden Server: nginx/1.19.5 Date: Sun, 04 Jun 2023 03:59:38 GMT Content-Type: application/javascript Content-Length: 0 Connection: keep-alive P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Access-Control-Allow-Origin: * Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA

	ocsp.pki.goog/gts1c3	142.250.74.3		471 B
URL ocsp.pki.goog/gts1c3 IP 142.250.74.3:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash fd08f494022e7928bada8f41f6593a45 1aeb426f640bd3717fa55e15bc089cfbc52305e4 b93699e575c48d529818c3c1de85a23e3acc7831baebe763e7aca012867d5c44 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 04 Jun 2023 03:59:38 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.pki.goog/gts1c3	142.250.74.3		471 B
URL ocsp.pki.goog/gts1c3 IP 142.250.74.3:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash ca359c54531ea823812a5abbcf85eb97 6c9d445dc87b58e70dfd8d80a15374667f9f0b4f 32015b73ad6385df42848ae288806993cab31ee8f210e61ac5d2857fa0d30805 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 04 Jun 2023 03:59:38 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ocsp.pki.goog/gts1c3	142.250.74.3		472 B
URL ocsp.pki.goog/gts1c3 IP 142.250.74.3:0 ASN #15169 GOOGLE File type data Size 472 B (472 bytes) Hash e7b6cbe8a94c6cb240ce77c42a8968f2 98dcc5f84369060eb767e67997d541eeb994e290 82736e8da7b595e7370396055bcd69ff02e4686f866b9724f429e60c0135d19c HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 04 Jun 2023 03:59:38 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	ylx-i.advertica-cdn2.com/but_close.png?1360094895	185.66.200.127		692 B
URL ylx-i.advertica-cdn2.com/but_close.png?1360094895 IP 185.66.200.127:0 ASN #201702 skHosting.eu s.r.o. File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data Size 692 B (692 bytes) Hash 9455d6e0f53f2dde9e0cbac65b7a10f4 0cf2db4dcc079a22ff355e5ae94b9a3921e58479 57bca4c5b764830392d8e4b6482fe19c7dddf0e8ae3627b68a22ebc398b27da3 HTTP Headers `GET /but_close.png?1360094895 HTTP/1.1 Host: ylx-i.advertica-cdn2.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate DNT: 1 Connection: keep-alive Referer: http://wildwingshackers.blogspot.com/ Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Date: Sun, 04 Jun 2023 03:59:38 GMT Content-Type: image/png Transfer-Encoding: chunked Connection: keep-alive Last-Modified: Tue, 05 Feb 2013 20:08:15 GMT ETag: W/"511166af-298" Expires: Tue, 04 Jul 2023 03:59:38 GMT Cache-Control: max-age=2592000 Access-Control-Allow-Origin: * X-Cache: HIT X-Server: cdnbts Content-Encoding: gzip`

	ocsp.pki.goog/gts1c3	142.250.74.3		471 B
URL ocsp.pki.goog/gts1c3 IP 142.250.74.3:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 89cf78789180bd118e9b97dad5ed4053 820d2363f5e826f226de0eb9ad170cb135e1b1fd 3effb60c74b1b0e55a5bddd1aa2d3daae71e18e14f273e38cc57db481cc7d04c HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 04 Jun 2023 03:59:39 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	udbaa.com/banner_show.php?section=General&pub=846527&format=728x90&ga=g&slider=4567d63869888b88fb19d4751c52f1a2	185.66.200.220		1.9 kB
URL udbaa.com/banner_show.php?section=General&pub=846527&format=728x90&ga=g&slider=4567d63869888b88fb19d4751c52f1a2 IP 185.66.200.220:0 ASN #201702 skHosting.eu s.r.o. File type data Size 1.9 kB (1931 bytes) Hash 4c669c0b048604d3d04d1b9dff4968a9 e545ee3768912fc29f1fe06b5872b7c0c1657961 0af259e70fcd864220cd58c8daf3297cfd3393bf523d0ed21fb4a270ec78ada1 HTTP Headers GET /banner_show.php?section=General&pub=846527&format=728x90&ga=g&slider=4567d63869888b88fb19d4751c52f1a2 HTTP/1.1 Host: udbaa.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: http://wildwingshackers.blogspot.com/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/2 200 OK server: nginx date: Sun, 04 Jun 2023 03:59:39 GMT content-type: text/html; charset=UTF-8 expires: Sun, 04 Jun 2023 03:59:38 GMT last-modified: Sun, 04 Jun 2023 03:59:38 GMT cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 pragma: no-cache x-robots-tag: noindex, nofollow, noarchive, nosnippet set-cookie: used_ad2307194=1; expires=Sun, 04-Jun-2023 04:00:00 GMT; Max-Age=21; path=/; domain=udbaa.com; secure; HttpOnly; SameSite=None total_impressions=1; expires=Sun, 04-Jun-2023 04:00:00 GMT; Max-Age=21; path=/; domain=udbaa.com; secure; HttpOnly; SameSite=None cpa_673873=728x90_914543523_5; expires=Tue, 04-Jul-2023 03:59:39 GMT; Max-Age=2592000; path=/; domain=udbaa.com; secure; SameSite=None X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	142.250.74.3		471 B
URL ocsp.pki.goog/gts1c3 IP 142.250.74.3:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 37666b9ccb9ec1632df818aa5b9c30ce 73a1cc9b50fa59f3262e6b0577d70514ae639adf d62cc75cd09bd1a62debedc6273aec0e8206c45fc993553253627a3464f46d57 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 04 Jun 2023 03:59:39 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	yx-tr-val.com/crs/css/bootstrap.min.css	185.66.200.221		121 kB
URL yx-tr-val.com/crs/css/bootstrap.min.css IP 185.66.200.221:0 ASN #201702 skHosting.eu s.r.o. File type ASCII text, with very long lines (65371) Size 121 kB (121200 bytes) Hash ec3bb52a00e176a7181d454dffaea219 6527d8bf3e1e9368bab8c7b60f56bc01fa3afd68 f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c HTTP Headers GET /crs/css/bootstrap.min.css HTTP/1.1 Host: yx-tr-val.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://yx-tr-val.com/crs/index_v3.php?d=43836796&f=popup&s=4&t=4&pr=50&u=aHR0cHM6Ly94dmFhYS5jb20vZnVsbHBhZ2UucGhwP3NlY3Rpb249UmVkaXJlY3RlZF9EZXNrdG9wX1RyYWZmaWMmcHViPTg0NjUyNyZnYT1hJnJyPWFIUjBjRG92TDNkcGJHUjNhVzVuYzJoaFkydGxjbk11WW14dlozTndiM1F1WTI5dEx3PT0= Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Sun, 04 Jun 2023 03:59:39 GMT content-type: text/css content-length: 121200 last-modified: Fri, 13 Apr 2018 15:24:45 GMT etag: "5ad0cbbd-1d970" accept-ranges: bytes X-Firefox-Spdy: h2`

	yx-tr-val.com/crs/css/main.css?v2	185.66.200.221		2.4 kB
URL yx-tr-val.com/crs/css/main.css?v2 IP 185.66.200.221:0 ASN #201702 skHosting.eu s.r.o. File type ASCII text Size 2.4 kB (2414 bytes) Hash 201005da1f71265b67c5ea40d3eb27d4 3e2e8b4c95bf48125828686818206507e2f4a73f 2347125f250e16855d8229f8e941cc376dfe7a9d5caddc3206d20952b1f46c48 HTTP Headers GET /crs/css/main.css?v2 HTTP/1.1 Host: yx-tr-val.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://yx-tr-val.com/crs/index_v3.php?d=43836796&f=popup&s=4&t=4&pr=50&u=aHR0cHM6Ly94dmFhYS5jb20vZnVsbHBhZ2UucGhwP3NlY3Rpb249UmVkaXJlY3RlZF9EZXNrdG9wX1RyYWZmaWMmcHViPTg0NjUyNyZnYT1hJnJyPWFIUjBjRG92TDNkcGJHUjNhVzVuYzJoaFkydGxjbk11WW14dlozTndiM1F1WTI5dEx3PT0= Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Sun, 04 Jun 2023 03:59:39 GMT content-type: text/css content-length: 2414 last-modified: Mon, 30 Apr 2018 06:33:38 GMT etag: "5ae6b8c2-96e" accept-ranges: bytes X-Firefox-Spdy: h2`

	yx-tr-val.com/crs/js/main.js	185.66.200.221		255 B
URL yx-tr-val.com/crs/js/main.js IP 185.66.200.221:0 ASN #201702 skHosting.eu s.r.o. File type ASCII text, with CRLF line terminators Size 255 B (255 bytes) Hash 6338b30d286e8e5a63ab5029255dc6cf c7a03fdf33ff70cf17065cf0ee3a3b5db975667d c91d7242589722eec07910a5a5fe2b8855c57100fbfbdc93d6604823a9402458 HTTP Headers GET /crs/js/main.js HTTP/1.1 Host: yx-tr-val.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://yx-tr-val.com/crs/index_v3.php?d=43836796&f=popup&s=4&t=4&pr=50&u=aHR0cHM6Ly94dmFhYS5jb20vZnVsbHBhZ2UucGhwP3NlY3Rpb249UmVkaXJlY3RlZF9EZXNrdG9wX1RyYWZmaWMmcHViPTg0NjUyNyZnYT1hJnJyPWFIUjBjRG92TDNkcGJHUjNhVzVuYzJoaFkydGxjbk11WW14dlozTndiM1F1WTI5dEx3PT0= Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Sun, 04 Jun 2023 03:59:39 GMT content-type: application/javascript content-length: 255 last-modified: Fri, 13 Apr 2018 15:24:54 GMT etag: "5ad0cbc6-ff" accept-ranges: bytes X-Firefox-Spdy: h2`

	xvaaa.com/fullpage.php?section=Redirected_Desktop_Traffic&pub=846527&ga=a	185.66.200.220		5.6 kB
URL xvaaa.com/fullpage.php?section=Redirected_Desktop_Traffic&pub=846527&ga=a IP 185.66.200.220:0 ASN #201702 skHosting.eu s.r.o. File type data Size 5.6 kB (5550 bytes) Hash a16e7bf2a91ca771992d984b4478d2f3 19b22f2979ca35ef42e1cee1559829cdded7260b 4f08c4c8f75845289f628448c0da919f0a7b144d40a05a8cc1575cadaf8938f2 HTTP Headers GET /fullpage.php?section=Redirected_Desktop_Traffic&pub=846527&ga=a HTTP/1.1 Host: xvaaa.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: http://wildwingshackers.blogspot.com/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 302 Found server: nginx date: Sun, 04 Jun 2023 03:59:38 GMT content-type: text/html; charset=UTF-8 location: https://yx-tr-val.com/crs/index_v3.php?d=43836796&f=popup&s=4&t=4&pr=50&u=aHR0cHM6Ly94dmFhYS5jb20vZnVsbHBhZ2UucGhwP3NlY3Rpb249UmVkaXJlY3RlZF9EZXNrdG9wX1RyYWZmaWMmcHViPTg0NjUyNyZnYT1hJnJyPWFIUjBjRG92TDNkcGJHUjNhVzVuYzJoaFkydGxjbk11WW14dlozTndiM1F1WTI5dEx3PT0= expires: Sun, 04 Jun 2023 03:59:38 GMT last-modified: Sun, 04 Jun 2023 03:59:38 GMT cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 pragma: no-cache x-robots-tag: noindex, nofollow, noarchive, nosnippet X-Firefox-Spdy: h2

	yx-tr-val.com/crs/img/logo.png	185.66.200.221		6.3 kB
URL yx-tr-val.com/crs/img/logo.png IP 185.66.200.221:0 ASN #201702 skHosting.eu s.r.o. File type PNG image data, 200 x 61, 8-bit/color RGBA, non-interlaced\012- data Size 6.3 kB (6283 bytes) Hash 6e706d14f17c0c85b9b487d2cc20e303 561436bf3d7099d68f93b25950f4c494c4e87a98 8b0c746b1dfbfd8429d32fcb994fb2223fb4724a5942e255bb4a4e96351579ef HTTP Headers GET /crs/img/logo.png HTTP/1.1 Host: yx-tr-val.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://yx-tr-val.com/crs/index_v3.php?d=43836796&f=popup&s=4&t=4&pr=50&u=aHR0cHM6Ly94dmFhYS5jb20vZnVsbHBhZ2UucGhwP3NlY3Rpb249UmVkaXJlY3RlZF9EZXNrdG9wX1RyYWZmaWMmcHViPTg0NjUyNyZnYT1hJnJyPWFIUjBjRG92TDNkcGJHUjNhVzVuYzJoaFkydGxjbk11WW14dlozTndiM1F1WTI5dEx3PT0= Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Sun, 04 Jun 2023 03:59:39 GMT content-type: image/png content-length: 6283 last-modified: Fri, 13 Apr 2018 15:24:51 GMT etag: "5ad0cbc3-188b" accept-ranges: bytes X-Firefox-Spdy: h2`

	ocsp.pki.goog/gts1c3	142.250.74.3		471 B
URL ocsp.pki.goog/gts1c3 IP 142.250.74.3:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash 0affd42f3b881bc89a46594868663e52 03ca33c099bbc747c00360101c6ca6e21810aa07 1a1eb9e073803bd3864fdc023b727bcdd97df9074a2b8a657769da4a8b858d97 HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 04 Jun 2023 03:59:39 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	yx-tr-val.com/favicon.ico	185.66.200.221		5.4 kB
URL yx-tr-val.com/favicon.ico IP 185.66.200.221:0 ASN #201702 skHosting.eu s.r.o. File type MS Windows icon resource - 2 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data Size 5.4 kB (5430 bytes) Hash ee01681340ad2bc4700456ca0a6cf460 72a5be7a571f1295215ee35d0bf195af6e63ae33 6b53f27aea977e48791e42c7fabdf7dcf6b9c4dc5aab3bd6d254526883cfb315 HTTP Headers GET /favicon.ico HTTP/1.1 Host: yx-tr-val.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://yx-tr-val.com/crs/index_v3.php?d=43836796&f=popup&s=4&t=4&pr=50&u=aHR0cHM6Ly94dmFhYS5jb20vZnVsbHBhZ2UucGhwP3NlY3Rpb249UmVkaXJlY3RlZF9EZXNrdG9wX1RyYWZmaWMmcHViPTg0NjUyNyZnYT1hJnJyPWFIUjBjRG92TDNkcGJHUjNhVzVuYzJoaFkydGxjbk11WW14dlozTndiM1F1WTI5dEx3PT0= Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Sun, 04 Jun 2023 03:59:39 GMT content-type: image/x-icon content-length: 5430 last-modified: Mon, 19 Aug 2019 13:20:40 GMT etag: "5d5aa228-1536" accept-ranges: bytes X-Firefox-Spdy: h2`

	ocsp.pki.goog/gts1c3	142.250.74.3		471 B
URL ocsp.pki.goog/gts1c3 IP 142.250.74.3:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash c8c4fd34484b10881179e1a092434fd9 b37e3b04da5ba68bf533fcff188ac29b8eb27b3e e5ccf7ef803972b97b8bff04fcab8af38c84d5a832ab096c7fd5ace5e56bf92c HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 04 Jun 2023 03:59:39 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	www.gstatic.com/recaptcha/releases/sNQO7xVld1CuA2hfFHvkpVL-/recaptcha__en.js	142.250.74.67		166 kB
URL www.gstatic.com/recaptcha/releases/sNQO7xVld1CuA2hfFHvkpVL-/recaptcha__en.js IP 142.250.74.67:0 ASN #15169 GOOGLE File type ASCII text, with very long lines (749) Size 166 kB (166186 bytes) Hash ee07ba65373413be83ec0d45887c2a44 13646acedb5d781fed2599c46634b4e58b8217db d946e8f3fb4fe90a5ae3027b91a76703106e2c5c1d762fc3fc230895db7b6048 HTTP Headers `GET /recaptcha/releases/sNQO7xVld1CuA2hfFHvkpVL-/recaptcha__en.js HTTP/1.1 Host: www.gstatic.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: https://yx-tr-val.com DNT: 1 Connection: keep-alive Referer: https://yx-tr-val.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK accept-ranges: bytes content-encoding: gzip access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha" report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-length: 166186 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Thu, 01 Jun 2023 13:34:38 GMT expires: Fri, 31 May 2024 13:34:38 GMT cache-control: public, max-age=31536000 last-modified: Tue, 30 May 2023 00:01:16 GMT content-type: text/javascript vary: Accept-Encoding age: 224701 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	ocsp.pki.goog/gts1c3	142.250.74.3		471 B
URL ocsp.pki.goog/gts1c3 IP 142.250.74.3:0 ASN #15169 GOOGLE File type data Size 471 B (471 bytes) Hash c8c4fd34484b10881179e1a092434fd9 b37e3b04da5ba68bf533fcff188ac29b8eb27b3e e5ccf7ef803972b97b8bff04fcab8af38c84d5a832ab096c7fd5ace5e56bf92c HTTP Headers `POST /gts1c3 HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 04 Jun 2023 03:59:39 GMT Cache-Control: public, max-age=14400 Server: ocsp_responder Content-Length: 471 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN`

	www.google.com/recaptcha/api2/anchor?ar=1&k=6LfiKsQUAAAAAEiC8Ne-bY_-EXtz5OmV9D9IVEu-&co=aHR0cHM6Ly95eC10ci12YWwuY29tOjQ0Mw..&hl=en&v=sNQO7xVld1CuA2hfFHvkpVL-&size=invisible&cb=yiu3lre5hkbo	142.250.74.132		28 kB
URL www.google.com/recaptcha/api2/anchor?ar=1&k=6LfiKsQUAAAAAEiC8Ne-bY_-EXtz5OmV9D9IVEu-&co=aHR0cHM6Ly95eC10ci12YWwuY29tOjQ0Mw..&hl=en&v=sNQO7xVld1CuA2hfFHvkpVL-&size=invisible&cb=yiu3lre5hkbo IP 142.250.74.132:0 ASN #15169 GOOGLE File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (42652) Size 28 kB (27778 bytes) Hash ca44ec92beece7c79e06352ef21a4ac8 81cf4d919100e8b6cdeff489438de53b289fc101 b05609220448bf74f5c7232b1bec5523ec4900e65711d4953a988bcdeb84253d HTTP Headers GET /recaptcha/api2/anchor?ar=1&k=6LfiKsQUAAAAAEiC8Ne-bY_-EXtz5OmV9D9IVEu-&co=aHR0cHM6Ly95eC10ci12YWwuY29tOjQ0Mw..&hl=en&v=sNQO7xVld1CuA2hfFHvkpVL-&size=invisible&cb=yiu3lre5hkbo HTTP/1.1 Host: www.google.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://yx-tr-val.com/ Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: iframe Sec-Fetch-Mode: navigate Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/3 200 OK cross-origin-resource-policy: cross-origin cross-origin-embedder-policy: require-corp report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type: text/html; charset=utf-8 cache-control: no-cache, no-store, max-age=0, must-revalidate pragma: no-cache expires: Mon, 01 Jan 1990 00:00:00 GMT date: Sun, 04 Jun 2023 03:59:40 GMT content-security-policy: script-src 'nonce-gaENYCTr6H6_Zl--AlwBwg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-encoding: gzip x-content-type-options: nosniff x-xss-protection: 1; mode=block content-length: 27778 server: GSE alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	www.gstatic.com/recaptcha/releases/sNQO7xVld1CuA2hfFHvkpVL-/styles__ltr.css	142.250.74.67		25 kB
URL www.gstatic.com/recaptcha/releases/sNQO7xVld1CuA2hfFHvkpVL-/styles__ltr.css IP 142.250.74.67:0 ASN #15169 GOOGLE File type ASCII text, with very long lines (56403), with no line terminators Size 25 kB (24605 bytes) Hash 83f90c5a4c20afb44429fa346fbadc10 7c278ec721d3880fbafaadeba9ee80bdf294b014 952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8 HTTP Headers `GET /recaptcha/releases/sNQO7xVld1CuA2hfFHvkpVL-/styles__ltr.css HTTP/1.1 Host: www.gstatic.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.google.com/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/3 200 OK accept-ranges: bytes content-encoding: gzip content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha" report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-length: 24605 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Fri, 02 Jun 2023 05:10:26 GMT expires: Sat, 01 Jun 2024 05:10:26 GMT cache-control: public, max-age=31536000 last-modified: Tue, 30 May 2023 00:01:16 GMT content-type: text/css vary: Accept-Encoding age: 168554 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	www.gstatic.com/recaptcha/releases/sNQO7xVld1CuA2hfFHvkpVL-/recaptcha__en.js	142.250.74.67		166 kB
URL www.gstatic.com/recaptcha/releases/sNQO7xVld1CuA2hfFHvkpVL-/recaptcha__en.js IP 142.250.74.67:0 ASN #15169 GOOGLE File type ASCII text, with very long lines (749) Size 166 kB (166186 bytes) Hash ee07ba65373413be83ec0d45887c2a44 13646acedb5d781fed2599c46634b4e58b8217db d946e8f3fb4fe90a5ae3027b91a76703106e2c5c1d762fc3fc230895db7b6048 HTTP Headers `GET /recaptcha/releases/sNQO7xVld1CuA2hfFHvkpVL-/recaptcha__en.js HTTP/1.1 Host: www.gstatic.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.google.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/3 200 OK accept-ranges: bytes content-encoding: gzip access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha" report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-length: 166186 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Thu, 01 Jun 2023 13:34:38 GMT expires: Fri, 31 May 2024 13:34:38 GMT cache-control: public, max-age=31536000 last-modified: Tue, 30 May 2023 00:01:16 GMT content-type: text/javascript vary: Accept-Encoding age: 224702 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	www.google.com/recaptcha/api2/webworker.js?hl=en&v=sNQO7xVld1CuA2hfFHvkpVL-	142.250.74.132		112 B
URL www.google.com/recaptcha/api2/webworker.js?hl=en&v=sNQO7xVld1CuA2hfFHvkpVL- IP 142.250.74.132:0 ASN #15169 GOOGLE File type ASCII text, with no line terminators Size 112 B (112 bytes) Hash 28c612c7ed1d28591eb7ed8d95816a94 bc402ec3d9eccbb9ce2b682bb43fa23ab92afb80 dc304d634887ea89a42e74d959fdc8dc4517e33e0df44764aad5bc63870ccb29 HTTP Headers GET /recaptcha/api2/webworker.js?hl=en&v=sNQO7xVld1CuA2hfFHvkpVL- HTTP/1.1 Host: www.google.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfiKsQUAAAAAEiC8Ne-bY_-EXtz5OmV9D9IVEu-&co=aHR0cHM6Ly95eC10ci12YWwuY29tOjQ0Mw..&hl=en&v=sNQO7xVld1CuA2hfFHvkpVL-&size=invisible&cb=yiu3lre5hkbo Sec-Fetch-Dest: worker Sec-Fetch-Mode: same-origin Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/3 200 OK expires: Sun, 04 Jun 2023 03:59:40 GMT date: Sun, 04 Jun 2023 03:59:40 GMT cache-control: private, max-age=300 cross-origin-embedder-policy: require-corp report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type: text/javascript; charset=UTF-8 content-encoding: gzip x-content-type-options: nosniff x-frame-options: SAMEORIGIN content-security-policy: frame-ancestors 'self' x-xss-protection: 1; mode=block content-length: 112 server: GSE alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2	216.58.207.227		15 kB
URL fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 IP 216.58.207.227:0 ASN #15169 GOOGLE File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data Size 15 kB (15344 bytes) Hash 5d4aeb4e5f5ef754e307d7ffaef688bd 06db651cdf354c64a7383ea9c77024ef4fb4cef8 3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc HTTP Headers `GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://www.google.com DNT: 1 Connection: keep-alive Referer: https://www.google.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache` HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 15344 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Tue, 30 May 2023 17:31:32 GMT expires: Wed, 29 May 2024 17:31:32 GMT cache-control: public, max-age=31536000 age: 383288 last-modified: Mon, 16 Oct 2017 17:32:55 GMT content-type: font/woff2 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	www.gstatic.com/recaptcha/releases/sNQO7xVld1CuA2hfFHvkpVL-/recaptcha__en.js	142.250.74.67		166 kB
URL www.gstatic.com/recaptcha/releases/sNQO7xVld1CuA2hfFHvkpVL-/recaptcha__en.js IP 142.250.74.67:0 ASN #15169 GOOGLE File type ASCII text, with very long lines (749) Size 166 kB (166186 bytes) Hash ee07ba65373413be83ec0d45887c2a44 13646acedb5d781fed2599c46634b4e58b8217db d946e8f3fb4fe90a5ae3027b91a76703106e2c5c1d762fc3fc230895db7b6048 HTTP Headers `GET /recaptcha/releases/sNQO7xVld1CuA2hfFHvkpVL-/recaptcha__en.js HTTP/1.1 Host: www.gstatic.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.google.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/3 200 OK accept-ranges: bytes content-encoding: gzip access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha" report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-length: 166186 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Thu, 01 Jun 2023 13:34:38 GMT expires: Fri, 31 May 2024 13:34:38 GMT cache-control: public, max-age=31536000 last-modified: Tue, 30 May 2023 00:01:16 GMT content-type: text/javascript vary: Accept-Encoding age: 224702 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2	216.58.207.227		16 kB
URL fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 IP 216.58.207.227:0 ASN #15169 GOOGLE File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data Size 16 kB (15552 bytes) Hash 285467176f7fe6bb6a9c6873b3dad2cc ea04e4ff5142ddd69307c183def721a160e0a64e 5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7 HTTP Headers GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1 Host: fonts.gstatic.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Origin: https://www.google.com DNT: 1 Connection: keep-alive Referer: https://www.google.com/ Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache HTTP/2 200 OK accept-ranges: bytes access-control-allow-origin: * content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin; report-to="apps-themes" report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} timing-allow-origin: * content-length: 15552 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Tue, 30 May 2023 21:40:21 GMT expires: Wed, 29 May 2024 21:40:21 GMT cache-control: public, max-age=31536000 age: 368359 last-modified: Mon, 16 Oct 2017 17:33:02 GMT content-type: font/woff2 alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2

	www.gstatic.com/recaptcha/api2/logo_48.png	142.250.74.67		2.2 kB
URL www.gstatic.com/recaptcha/api2/logo_48.png IP 142.250.74.67:0 ASN #15169 GOOGLE File type PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data Size 2.2 kB (2228 bytes) Hash ef9941290c50cd3866e2ba6b793f010d 4736508c795667dcea21f8d864233031223b7832 1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a HTTP Headers `GET /recaptcha/api2/logo_48.png HTTP/1.1 Host: www.gstatic.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://www.gstatic.com/recaptcha/releases/sNQO7xVld1CuA2hfFHvkpVL-/styles__ltr.css Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers` HTTP/3 200 OK accept-ranges: bytes content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy: cross-origin cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha" report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-length: 2228 x-content-type-options: nosniff server: sffe x-xss-protection: 0 date: Mon, 29 May 2023 21:48:58 GMT expires: Mon, 05 Jun 2023 21:48:58 GMT cache-control: public, max-age=604800 age: 454242 last-modified: Tue, 03 Mar 2020 20:15:00 GMT content-type: image/png alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	www.google.com/recaptcha/api2/reload?k=6LfiKsQUAAAAAEiC8Ne-bY_-EXtz5OmV9D9IVEu-	142.250.74.132		19 kB
URL www.google.com/recaptcha/api2/reload?k=6LfiKsQUAAAAAEiC8Ne-bY_-EXtz5OmV9D9IVEu- IP 142.250.74.132:0 ASN #15169 GOOGLE File type ASCII text, with very long lines (33748) Size 19 kB (19352 bytes) Hash 26b557d9944cac9025272e59ffff26cc 4dd86482ed6d03b3bfddc693ea31539d11d7ab93 881fd41de8cde5a15eb3d9eabca07898c6be051e968b62a44f375c2db93ea00d HTTP Headers POST /recaptcha/api2/reload?k=6LfiKsQUAAAAAEiC8Ne-bY_-EXtz5OmV9D9IVEu- HTTP/1.1 Host: www.google.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/x-protobuffer Content-Length: 6487 Origin: https://www.google.com DNT: 1 Connection: keep-alive Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfiKsQUAAAAAEiC8Ne-bY_-EXtz5OmV9D9IVEu-&co=aHR0cHM6Ly95eC10ci12YWwuY29tOjQ0Mw..&hl=en&v=sNQO7xVld1CuA2hfFHvkpVL-&size=invisible&cb=yiu3lre5hkbo Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers HTTP/3 200 OK content-type: application/json; charset=utf-8 content-encoding: gzip date: Sun, 04 Jun 2023 03:59:41 GMT expires: Sun, 04 Jun 2023 03:59:41 GMT cache-control: private, max-age=0 x-content-type-options: nosniff x-frame-options: SAMEORIGIN content-security-policy: frame-ancestors 'self' x-xss-protection: 1; mode=block content-length: 19352 server: GSE set-cookie: _GRECAPTCHA=09ALyjir9BCICHfNOgkIaLVnjqH_cwWeLSfpEYLYG7JqlqDJi7IUuI2Ehc2SNGzWOuuyDT-wI6Fb75dbbDPSVrTpA;Path=/recaptcha;Expires=Fri, 01-Dec-2023 03:59:41 GMT;Secure;HttpOnly;Priority=HIGH;SameSite=none alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

	yx-tr-val.com/crs/index_v3.php?d=43836796&f=popup&s=4&t=4&u=aHR0cHM6Ly94dmFhYS5jb20vZnVsbHBhZ2UucGhwP3NlY3Rpb249UmVkaXJlY3RlZF9EZXNrdG9wX1RyYWZmaWMmcHViPTg0NjUyNyZnYT1hJnJyPWFIUjBjRG92TDNkcGJHUjNhVzVuYzJoaFkydGxjbk11WW14dlozTndiM1F1WTI5dEx3PT0=	185.66.200.221		503 B
URL yx-tr-val.com/crs/index_v3.php?d=43836796&f=popup&s=4&t=4&u=aHR0cHM6Ly94dmFhYS5jb20vZnVsbHBhZ2UucGhwP3NlY3Rpb249UmVkaXJlY3RlZF9EZXNrdG9wX1RyYWZmaWMmcHViPTg0NjUyNyZnYT1hJnJyPWFIUjBjRG92TDNkcGJHUjNhVzVuYzJoaFkydGxjbk11WW14dlozTndiM1F1WTI5dEx3PT0= IP 185.66.200.221:0 ASN #201702 skHosting.eu s.r.o. File type data Size 503 B (503 bytes) Hash 8b4c3853a30db4b759a88c775b8e26bb a3589f083f071f91fc78b2d9e6431a7806846e0b 22a4cb083c1316ae728ea96c6ea67d39849a707e31cc5563276da31beb9777f3 HTTP Headers POST /crs/index_v3.php?d=43836796&f=popup&s=4&t=4&u=aHR0cHM6Ly94dmFhYS5jb20vZnVsbHBhZ2UucGhwP3NlY3Rpb249UmVkaXJlY3RlZF9EZXNrdG9wX1RyYWZmaWMmcHViPTg0NjUyNyZnYT1hJnJyPWFIUjBjRG92TDNkcGJHUjNhVzVuYzJoaFkydGxjbk11WW14dlozTndiM1F1WTI5dEx3PT0= HTTP/1.1 Host: yx-tr-val.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/x-www-form-urlencoded Content-Length: 614 Origin: https://yx-tr-val.com DNT: 1 Connection: keep-alive Referer: https://yx-tr-val.com/crs/index_v3.php?d=43836796&f=popup&s=4&t=4&pr=50&u=aHR0cHM6Ly94dmFhYS5jb20vZnVsbHBhZ2UucGhwP3NlY3Rpb249UmVkaXJlY3RlZF9EZXNrdG9wX1RyYWZmaWMmcHViPTg0NjUyNyZnYT1hJnJyPWFIUjBjRG92TDNkcGJHUjNhVzVuYzJoaFkydGxjbk11WW14dlozTndiM1F1WTI5dEx3PT0= Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 302 Found server: nginx date: Sun, 04 Jun 2023 03:59:41 GMT content-type: text/html; charset=UTF-8 location: https://xvaaa.com/fullpage.php?section=Redirected_Desktop_Traffic&pub=846527&ga=a&rr=aHR0cDovL3dpbGR3aW5nc2hhY2tlcnMuYmxvZ3Nwb3QuY29tLw==&dom_id=43836796&yXcrs=43 X-Firefox-Spdy: h2`

	cache.r-q.media/favicon.ico	65.60.58.179	200 OK	1.2 kB
URL GET HTTP/2 cache.r-q.media/favicon.ico IP 65.60.58.179:443 ASN #32475 SINGLEHOP-LLC Requested by https://cache.r-q.media/?utm_term=7240675696924688403&utm_content=e6c2c6dcd68fd49594fc9695a6a79597828bb8888e8d88bd87b3c5b1c3b7b484b8b3b889bfbfbeb982b380b386b5b4b4a2aaa8a9afafacada2a3a091a7979495868a868d9d8c8d9d87ce90938f8a859783fbc9f9fecdc8fdc0c7f0f1f6919599b9aec8c9ffcffdfffaf3c0f0f6f5f0c5dadbd8d9e9e9e8e9e5e6e3e5efefe0ed1e12101c73 Certificate IssuerLet's Encrypt Subjectcache.r-q.media Fingerprint83:4E:E1:A9:15:74:01:74:66:5E:1E:E8:52:39:E8:8B:43:21:C9:96 ValiditySun, 21 May 2023 14:18:26 GMT - Sat, 19 Aug 2023 14:18:25 GMT File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data Size 1.2 kB (1150 bytes) Hash 91abe01116ab422c598e9c8af72cf4da 0f2815fe8e067d48537ad168225ab4674271fa27 b1d7aef06456fe7431124129a28f0138bb5fccfa4f4161e3087de23c005e5edc HTTP Headers GET /favicon.ico HTTP/1.1 Host: cache.r-q.media User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://cache.r-q.media/?utm_term=7240675696924688403&utm_content=e6c2c6dcd68fd49594fc9695a6a79597828bb8888e8d88bd87b3c5b1c3b7b484b8b3b889bfbfbeb982b380b386b5b4b4a2aaa8a9afafacada2a3a091a7979495868a868d9d8c8d9d87ce90938f8a859783fbc9f9fecdc8fdc0c7f0f1f6919599b9aec8c9ffcffdfffaf3c0f0f6f5f0c5dadbd8d9e9e9e8e9e5e6e3e5efefe0ed1e12101c73 Cookie: u=9b303e33a9d45cf42aef7572e7d22c40; split=a Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache TE: trailers `HTTP/2 200 OK server: nginx date: Sun, 04 Jun 2023 03:59:43 GMT content-type: image/x-icon content-length: 1150 last-modified: Wed, 31 Jul 2019 07:48:51 GMT etag: "5d4147e3-47e" expires: Mon, 05 Jun 2023 03:59:43 GMT cache-control: max-age=86400 strict-transport-security: max-age=31536000; includeSubdomains accept-ranges: bytes X-Firefox-Spdy: h2`

	cache.r-q.media/?utm_term=7240675696924688403&utm_content=e6c2c6dcd68fd49594fc9695a6a79597828bb8888e8d88bd87b3c5b1c3b7b484b8b3b889bfbfbeb982b380b386b5b4b4a2aaa8a9afafacada2a3a091a7979495868a868d9d8c8d9d87ce90938f8a859783fbc9f9fecdc8fdc0c7f0f1f6919599b9aec8c9ffcffdfffaf3c0f0f6f5f0c5dadbd8d9e9e9e8e9e5e6e3e5efefe0ed1e12101c73	65.60.58.179	200 OK	8.0 kB
URL User Request GET HTTP/2 cache.r-q.media/?utm_term=7240675696924688403&utm_content=e6c2c6dcd68fd49594fc9695a6a79597828bb8888e8d88bd87b3c5b1c3b7b484b8b3b889bfbfbeb982b380b386b5b4b4a2aaa8a9afafacada2a3a091a7979495868a868d9d8c8d9d87ce90938f8a859783fbc9f9fecdc8fdc0c7f0f1f6919599b9aec8c9ffcffdfffaf3c0f0f6f5f0c5dadbd8d9e9e9e8e9e5e6e3e5efefe0ed1e12101c73 IP 65.60.58.179:443 ASN #32475 SINGLEHOP-LLC Certificate IssuerLet's Encrypt Subjectcache.r-q.media Fingerprint83:4E:E1:A9:15:74:01:74:66:5E:1E:E8:52:39:E8:8B:43:21:C9:96 ValiditySun, 21 May 2023 14:18:26 GMT - Sat, 19 Aug 2023 14:18:25 GMT File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (8197), with no line terminators Size 8.0 kB (8028 bytes) Hash d9d04bc18d665e558da6f8677f200b94 dafea914da34997c72cbb8337c122eef6fa97d68 2706cfc90737cd8a0bee2dbd4d1f95e6836475ad5d55aaa33975d754e0f8d55c HTTP Headers GET /?utm_term=7240675696924688403&utm_content=e6c2c6dcd68fd49594fc9695a6a79597828bb8888e8d88bd87b3c5b1c3b7b484b8b3b889bfbfbeb982b380b386b5b4b4a2aaa8a9afafacada2a3a091a7979495868a868d9d8c8d9d87ce90938f8a859783fbc9f9fecdc8fdc0c7f0f1f6919599b9aec8c9ffcffdfffaf3c0f0f6f5f0c5dadbd8d9e9e9e8e9e5e6e3e5efefe0ed1e12101c73 HTTP/1.1 Host: cache.r-q.media User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://cache.r-q.media/?utm_medium=35f01c022e5d4ea753f23df180ff68e0ad428e85&utm_campaign=PUSH-MS-SL-NA&cid=90affC1685851182affc7725faf35749a149a50&1=28288461 Cookie: u=9b303e33a9d45cf42aef7572e7d22c40; split=a Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: same-origin Pragma: no-cache Cache-Control: no-cache `HTTP/2 200 OK server: nginx date: Sun, 04 Jun 2023 03:59:43 GMT content-type: text/html; charset=UTF-8 vary: Accept-Encoding x-powered-by: PHP/8.2.0 cache-control: no-store, no-cache, must-revalidate, max-age=0 pragma: no-cache expires: Thu, 01 Jan 1970 00:00:00 GMT accept-ch: Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version content-encoding: gzip X-Firefox-Spdy: h2`

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (8)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

HTTP Transactions (59)

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash