r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash cf768e41672570b0a4a9fe86045915fc
2249064a86b2ba11e28208b9fba1c9f1db4f3e9e
a049499f78078df12f4d1c5180f1f36715a5c99db4f31c18ee06bcf0b6382b30
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A049499F78078DF12F4D1C5180F1F36715A5C99DB4F31C18EE06BCF0B6382B30"
Last-Modified: Fri, 07 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3433
Expires: Sun, 09 Oct 2022 01:55:46 GMT
Date: Sun, 09 Oct 2022 00:58:33 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
54.230.111.35200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 54.230.111.35:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bdb8b66c705a7b996496d780f50c00b5
403ae92039fcc933870f51f913f78ccaf9652256
c923ed2539f4ce9f4d43743c402fbb2060a52a4cbedbf14c5f5742ab718073d6
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Content-Length, Retry-After, Backoff
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 09 Oct 2022 00:47:42 GMT
Expires: Sun, 09 Oct 2022 01:24:00 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: qiIjyMl7ZUJNaIBmfy-nLRJC6jUKlqtsJHFUhoSJ0kpzuWHdI_YLxg==
Age: 651
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7cba6aada5c0a04c1c0644769c09f64e
ed02f174a9b718951911343af8ec181c6d205b1d
ba863e734d5d38ed160758ab0b09d1b0f44fc795dcbcee4199329b011fcd1bd1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BA863E734D5D38ED160758AB0B09D1B0F44FC795DCBCEE4199329B011FCD1BD1"
Last-Modified: Fri, 07 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4249
Expires: Sun, 09 Oct 2022 02:09:22 GMT
Date: Sun, 09 Oct 2022 00:58:33 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 3+frbep/VEQ1KLzB47f11T9O18wgv5b5ljgrAMMpEztFB7ZNm51Xl64unejLO3KSDRcQ4Cmrn00=
x-amz-request-id: K463DZSZ9N5RB87H
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 08 Oct 2022 23:59:48 GMT
age: 3525
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
license.emptor.vip/
135.148.121.39301 Moved Permanently 162 B IP 135.148.121.39:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET / HTTP/1.1
Host: license.emptor.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 09 Oct 2022 00:58:33 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://license.emptor.vip/
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 09 Oct 2022 00:58:33 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
54.230.111.35200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 54.230.111.35:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Expires, Backoff, ETag, Last-Modified, Pragma, Cache-Control, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Sun, 09 Oct 2022 00:29:41 GMT
Expires: Sun, 09 Oct 2022 01:23:57 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: SRekV3yeKBIMC4TtRatFfs2V_7FzhKWxOFMYKPPKGfDU4MDc01I6FA==
Age: 1732
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5f9a328a8a9425bb2ea436d330749961
e80f7f5d907a5cc5fd52be04dc1fba2eeb4ed07c
d71e3b5c90ed8663a6086e280eca1c43aee45bc5ecb84aa2366dbfaf0c7ea664
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D71E3B5C90ED8663A6086E280ECA1C43AEE45BC5ECB84AA2366DBFAF0C7EA664"
Last-Modified: Sun, 09 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21564
Expires: Sun, 09 Oct 2022 06:57:57 GMT
Date: Sun, 09 Oct 2022 00:58:33 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 5479444ef227af03029fbb9d154f0107
0563678ec07ab3707b716ca4c638ece4c8ad7de4
4850d49786a140003b90ae108104ffbfe80a6e0d9f584656a09f0fff11dc9d0d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5926
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 09 Oct 2022 00:58:33 GMT
Last-Modified: Sat, 08 Oct 2022 23:19:47 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
discordapp.com/widget?id=824397012685291520&theme=dark
162.159.129.233301 Moved Permanently 0 B URL HTTP/2 discordapp.com/widget?id=824397012685291520&theme=dark
IP 162.159.129.233:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /widget?id=824397012685291520&theme=dark HTTP/1.1
Host: discordapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://license.emptor.vip/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Sun, 09 Oct 2022 00:58:33 GMT
content-type: text/plain;charset=UTF-8
content-length: 0
location: https://discord.com/widget?id=824397012685291520&theme=dark
strict-transport-security: max-age=31536000; includeSubDomains; preload
permissions-policy: interest-cohort=()
x-content-type-options: nosniff
x-frame-options: DENY
x-robots-tag: noindex, nofollow, noarchive, nocache, noimageindex, noodp
x-xss-protection: 1; mode=block
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xxaKQWAwrXfI0FvGuFqkDMMkscCaUx3syDhG3QUmlOLEacekIu57MEdcGJkct59o2NIciZjYOyO6IVz3IS1tnKAP7%2BLEUwimwQWy4xa7eNkHfev%2F8PUw67k7Yb9kSVct"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75732b2a7ee0b4ed-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash a5bb2ca079b8c15c921933d39c57ae47
7ae6e38c3e12ef05164b04df7f2a65be3a3ec440
336607c0f56b4a97511339d2437520aa8c9d6cb07b5b5ddf535efe65561d2890
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 09 Oct 2022 00:58:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
buttons.github.io/buttons.js
185.199.109.153200 OK 6.9 kB URL HTTP/2 buttons.github.io/buttons.js
IP 185.199.109.153:0
File type Unicode text, UTF-8 text, with very long lines (19903)
Hash 413d7bec10c872dcce59249f060532ef
a2104721bf276e569bd8634edfdfe3a0e284ce8e
c64e18bcc64751ce6bf6947324fd570def71b1e6fdbc8803b618c6bd4d33c4a7
GET /buttons.js HTTP/1.1
Host: buttons.github.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://license.emptor.vip/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: GitHub.com
content-type: application/javascript; charset=utf-8
permissions-policy: interest-cohort=()
x-origin-cache: HIT
last-modified: Tue, 04 Oct 2022 15:24:38 GMT
access-control-allow-origin: *
etag: W/"633c5036-4e11"
expires: Tue, 04 Oct 2022 15:34:58 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: 0800:6420:58B253:754495:633C504A
accept-ranges: bytes
date: Sun, 09 Oct 2022 00:58:34 GMT
via: 1.1 varnish
age: 321
x-served-by: cache-bma1659-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1665277114.076744,VS0,VE1
vary: Accept-Encoding
x-fastly-request-id: 1ae22406dd22bb3262fdaf62bacd126f514ff992
content-length: 6868
X-Firefox-Spdy: h2
www.youtube.com/s/player/17ab0793/www-player.css
216.58.207.206200 OK 50 kB URL HTTP/2 www.youtube.com/s/player/17ab0793/www-player.css
IP 216.58.207.206:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash ce9b3268e83e864464ee0b1c1bcbd395
aec0d122b7a1674fd2c903e350d7c1e345bdda9a
eccc42a16e7cb2c976a2f247265ef435954d636410182b6e8d6443457252d0e6
GET /s/player/17ab0793/www-player.css HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/9-qgmsUUCK4
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 50095
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 06 Oct 2022 16:57:14 GMT
expires: Fri, 06 Oct 2023 16:57:14 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 06 Oct 2022 00:52:14 GMT
content-type: text/css
age: 201680
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.youtube.com/s/player/17ab0793/www-embed-player.vflset/www-embed-player.js
216.58.207.206200 OK 97 kB URL HTTP/2 www.youtube.com/s/player/17ab0793/www-embed-player.vflset/www-embed-player.js
IP 216.58.207.206:0
File type ASCII text, with very long lines (572)
Hash 25913148e87059714551dcf4917e9cda
77186ee8b563a941961829ca4df183e6c0b63660
2c1f6b675637c3df7fce30c177b7a16047d026aca38b4f2e562b8328d775acf0
GET /s/player/17ab0793/www-embed-player.vflset/www-embed-player.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/9-qgmsUUCK4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 97396
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 06 Oct 2022 16:57:14 GMT
expires: Fri, 06 Oct 2023 16:57:14 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 06 Oct 2022 00:52:14 GMT
content-type: text/javascript
age: 201680
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash a5bb2ca079b8c15c921933d39c57ae47
7ae6e38c3e12ef05164b04df7f2a65be3a3ec440
336607c0f56b4a97511339d2437520aa8c9d6cb07b5b5ddf535efe65561d2890
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 09 Oct 2022 00:58:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
discord.com/assets/index.693fb6cb383c52b4acb1.css
162.159.136.232200 OK 5.8 kB URL HTTP/2 discord.com/assets/index.693fb6cb383c52b4acb1.css
IP 162.159.136.232:0
File type ASCII text, with very long lines (6565)
Hash 7b2af8dbe555ee4b44648b17f19a0407
4a9b886faf7f9b9446a425f9fe9b53a8e2df4462
0cf33a5f3ab923e2fdf0dd6d786cb420ea1ed52f64d9969d60c3b96f165c21ff
GET /assets/index.693fb6cb383c52b4acb1.css HTTP/1.1
Host: discord.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://discord.com/widget?id=824397012685291520&theme=dark
Cookie: __cfruid=ee127ca49f6cccab842f7b04d385ed51691996dc-1665277114
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 09 Oct 2022 00:58:34 GMT
content-type: text/css
cf-ray: 75732b2b1b62b506-OSL
access-control-allow-origin: https://discord.com
cache-control: public, max-age=2592000
etag: W/"63996df123566cc2b4d4b5370f61ce8e"
last-modified: Mon, 06 Jun 2022 20:43:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Origin, Accept-Encoding
cf-cache-status: HIT
permissions-policy: interest-cohort=()
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VW50p43gizISTi%2BRrYgHnz11Ifec4dacoep5EutEOtVzk1nxso67LFUZwsQe39mnyes%2FsxZI5x0C%2FzIF%2FHtS5JuUrmASmw2j%2FyHfniN%2BdFXbDEzRLTVP4VqA2wqP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.keyauth.uk/front/assets/img/presentation-mockup.png
172.67.179.241200 OK 163 kB URL HTTP/2 cdn.keyauth.uk/front/assets/img/presentation-mockup.png
IP 172.67.179.241:0
File type PNG image data, 1920 x 1080, 8-bit/color RGBA, non-interlaced\012- data
Size 163 kB (163221 bytes)
Hash e613831056212f1b5ccc1ecae3d5fe3e
45e7cc9c7dc46e760839a589f884c3accfca28a7
ecd807a92c842be36a15db1d69d4eaa474562d86bacca414902a1d71ace20cab
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /front/assets/img/presentation-mockup.png HTTP/1.1
Host: cdn.keyauth.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://license.emptor.vip/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 09 Oct 2022 00:58:34 GMT
content-type: image/png
content-length: 163221
access-control-allow-origin: *
cache-control: public, max-age=14400, s-max-age=31556926
etag: "09b78d8241b3ec7f05615066dbe6b8e3-ssl"
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O9suSeZdwWK6zjOCv7x%2BiiJd69bKkxModjgj4ZJrLgLwCg1NL3uMkOxyUvJtDIJtDHV4mxkK9KeTR70UuZEZQFRQIU6lGEfCEJ%2BwhYk%2BYaj6YeBVBVlWdUaU%2BZVABJsuLw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75732b2adb41b506-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.youtube.com/s/player/17ab0793/player_ias.vflset/en_US/base.js
216.58.207.206200 OK 593 kB URL HTTP/2 www.youtube.com/s/player/17ab0793/player_ias.vflset/en_US/base.js
IP 216.58.207.206:0
File type ASCII text, with very long lines (554)
Size 593 kB (592870 bytes)
Hash b30301fb53e40884dbd3be8408d61222
77c903074d3a42ed7981bb7334c25b388fefdebf
bcf6f84f1a3b6ade4733d7237e30988dae2bc8245b045f3ed1a5eab5015ccfe3
GET /s/player/17ab0793/player_ias.vflset/en_US/base.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/9-qgmsUUCK4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding, Origin
content-encoding: br
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 592870
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 06 Oct 2022 17:05:07 GMT
expires: Fri, 06 Oct 2023 17:05:07 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 06 Oct 2022 00:52:14 GMT
content-type: text/javascript
age: 201207
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash ee96d771e1664e3afe56cf32bfe45eee
3ab9109d6f7a952cf2f7071ecb5ee186f9eebf6a
df7a23267a1a0bddc477d2b3f4c870b6a6ab7b4dca5fc38164d814ccae2b2fdd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 09 Oct 2022 00:58:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css?family=Nunito+Sans:300,400,600,700,800&display=swap
142.250.74.10200 OK 1.1 kB URL HTTP/2 fonts.googleapis.com/css?family=Nunito+Sans:300,400,600,700,800&display=swap
IP 142.250.74.10:0
Hash ab413abd65f5ac44aad441bc60766e60
ad19ebf6370cbc139a9407aa5fb1e85d1e6fed4b
e42c0352421f744e83b03d54653166e5210a270d68894138c80de316313993dc
GET /css?family=Nunito+Sans:300,400,600,700,800&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.keyauth.uk/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 09 Oct 2022 00:58:34 GMT
date: Sun, 09 Oct 2022 00:58:34 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.keyauth.uk/vendor/jarallax/dist/jarallax.min.js
172.67.179.241200 OK 5.6 kB URL HTTP/2 cdn.keyauth.uk/vendor/jarallax/dist/jarallax.min.js
IP 172.67.179.241:0
File type ASCII text, with very long lines (15016)
Hash fa0d8432a07ac9f3be1f46441cf73617
ac8b2d6a7f8fc0ed154d9e6f179d2299b7280c95
8b7f51e6015c61d7a4f3b1892f4692d022359a59234e96c280be96dd297cc6f3
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /vendor/jarallax/dist/jarallax.min.js HTTP/1.1
Host: cdn.keyauth.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://license.emptor.vip/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 09 Oct 2022 00:58:34 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400, s-max-age=31556926
etag: W/"965fd4d72b8d02c17c8af9de9141ee6a-ssl-df"
vary: Accept-Encoding
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FI%2FopO3EPhvsJMc0dF1OWKv9EZQFbHisDuSHoVRLPGO1kHU2D3BgRKYNw62v4VycaqeNYRn5sb78BoWXqjbrTyBx7eobbV7HxwTtMHsH5%2FCSylebKXXV3F8KJ9OCZWpztA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75732b2adb3eb506-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.gstatic.com/s/nunitosans/v12/pe0qMImSLYBIv1o4X1M8cce9I9s.woff2
216.58.207.195200 OK 17 kB URL HTTP/2 fonts.gstatic.com/s/nunitosans/v12/pe0qMImSLYBIv1o4X1M8cce9I9s.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 16980, version 1.0\012- data
Hash 8a97f720d330e75ccdbda9ae0e9f5e90
8e4fee916581ab48d385187705667cebc7500afe
97d5a594e7f76c7e50045b67667fd6b74b268515efe6425097be1b2647079787
GET /s/nunitosans/v12/pe0qMImSLYBIv1o4X1M8cce9I9s.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://license.emptor.vip
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16980
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 03 Oct 2022 21:08:02 GMT
expires: Tue, 03 Oct 2023 21:08:02 GMT
cache-control: public, max-age=31536000
age: 445832
last-modified: Mon, 09 May 2022 18:33:54 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/nunitosans/v12/pe03MImSLYBIv1o4X1M8cc9iB85tU1E.woff2
216.58.207.195200 OK 17 kB URL HTTP/2 fonts.gstatic.com/s/nunitosans/v12/pe03MImSLYBIv1o4X1M8cc9iB85tU1E.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 17156, version 1.0\012- data
Hash 7e344afc10a492d516789f072fa6edfd
f38bd0b4e9d0577528f533b8ecd80801a0c6340f
c84423c305779f2aab07847a2e3870ac1ea4072e470d5eb149c01e0e0497eae3
GET /s/nunitosans/v12/pe03MImSLYBIv1o4X1M8cc9iB85tU1E.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://license.emptor.vip
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17156
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 05 Oct 2022 21:48:30 GMT
expires: Thu, 05 Oct 2023 21:48:30 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 09 May 2022 18:33:24 GMT
content-type: font/woff2
age: 270604
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
discord.com/widget?id=824397012685291520&theme=dark
162.159.136.232200 OK 18 kB URL HTTP/2 discord.com/widget?id=824397012685291520&theme=dark
IP 162.159.136.232:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1559)
Hash 048f3cefe0f64cc8080bfb4de3585ab0
ef7d911fba9595c726bcb05422219e14937e5bfe
51d7a7800d68d75852b82be530f84f340bcd22af6a384491967817388e29771b
GET /widget?id=824397012685291520&theme=dark HTTP/1.1
Host: discord.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://license.emptor.vip/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 09 Oct 2022 00:58:34 GMT
content-type: text/html
cf-ray: 75732b2afb4fb506-OSL
cache-control: public, max-age=14400
last-modified: Mon, 06 Jun 2022 20:56:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
permissions-policy: interest-cohort=()
x-build-id: 658afa3e9b2fd84f7825b019e925af528bcb2f76
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pjSeH%2FcoichQjUbxzaj3mNXXc%2Bj%2FPr1yrjSJfuhFnXMjBRuMXfxkWRiGiIk2Or0IsFAF8RWnrlVOMXv0B94N2sJVWHcUQ4uglkyi%2BOR13XwshyZ4jEC%2Bat8BQpT1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
set-cookie: __dcfduid=7fe16a40476d11ed8418e5b6ebdc361b; Expires=Fri, 08 Oct 2027 00:58:34 GMT; Max-Age=157680000; Path=/; Secure; HttpOnly; SameSite=Lax
__sdcfduid=7fe16a41476d11ed8418e5b6ebdc361b4caa9f0b6dca185089b227bfc63d43ae610c1e3db980d1da2fb963a9c9f03f46; Expires=Fri, 08 Oct 2027 00:58:34 GMT; Max-Age=157680000; Path=/; Secure; HttpOnly; SameSite=Lax
__cfruid=ee127ca49f6cccab842f7b04d385ed51691996dc-1665277114; path=/; domain=.discord.com; HttpOnly; Secure; SameSite=None
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.gstatic.com/s/nunitosans/v12/pe03MImSLYBIv1o4X1M8cc8WAc5tU1E.woff2
216.58.207.195200 OK 20 kB URL HTTP/2 fonts.gstatic.com/s/nunitosans/v12/pe03MImSLYBIv1o4X1M8cc8WAc5tU1E.woff2
IP 216.58.207.195:0
Hash d621dc5b15d6dd09456c2edca1a554ac
e56741143ae093187d07acbe695ef49e689bc735
bf492d505b4ebd95850b1db1a7f56d123c185495493434eeaae9d5ef498c0325
GET /s/nunitosans/v12/pe03MImSLYBIv1o4X1M8cc8WAc5tU1E.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://license.emptor.vip
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 03 Oct 2022 21:24:11 GMT
expires: Tue, 03 Oct 2023 21:24:11 GMT
cache-control: public, max-age=31536000
age: 444863
last-modified: Mon, 09 May 2022 18:31:06 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.195200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 08 Oct 2022 12:31:58 GMT
expires: Sun, 08 Oct 2023 12:31:58 GMT
cache-control: public, max-age=31536000
age: 44796
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 07 Oct 2022 00:48:31 GMT
expires: Sat, 07 Oct 2023 00:48:31 GMT
cache-control: public, max-age=31536000
age: 173403
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.keyauth.uk/vendor/smooth-scroll/dist/smooth-scroll.polyfills.min.js
172.67.179.241200 OK 3.1 kB URL HTTP/2 cdn.keyauth.uk/vendor/smooth-scroll/dist/smooth-scroll.polyfills.min.js
IP 172.67.179.241:0
File type ASCII text, with very long lines (6397)
Hash c3c70ab97eb824b3a8e83f97b1968496
651a7868c5020c861cb193a4cd0e240759a9e641
d090ec5e48d528fab488222ed8579aaa48371498e24c4582fa79fe21a394723e
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /vendor/smooth-scroll/dist/smooth-scroll.polyfills.min.js HTTP/1.1
Host: cdn.keyauth.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://license.emptor.vip/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 09 Oct 2022 00:58:34 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400, s-max-age=31556926
etag: W/"a1c136b64b4abb235cee5cedcc910ba0-ssl-df"
vary: Accept-Encoding
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n580zUmg8iJfOoxZUzsv2x%2FapwimMXUyF56b9821BqVzb6nFup5sQAFz5MhfPsa79N7D52OKtAxWtlZE7VgKDHoy6iQs1kwJ%2Fmr9%2BjG5JaWlXE8RGh%2BxqXCmI2LXuXmm2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75732b2adb3fb506-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 2.7 kB IP 142.250.74.3:0
Hash e3af9adbdf221236029cdf337031d1ef
3c86ab130fd2dcffae59c8108eb3a46c77d3c94f
5221fbc29f0be780aeb2b572c946c06e720a26b27b6abec707750e29673abb76
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 09 Oct 2022 00:58:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.doubleclick.net/instream/ad_status.js
142.250.74.166200 OK 823 B URL HTTP/2 static.doubleclick.net/instream/ad_status.js
IP 142.250.74.166:0
Hash 86013f2c8ad671772319bd08ce108c14
7ce575a4bf9abaa1cfbb1d917a9935d4921584b9
6a74aa596abf3764f2e7b5b69387cc85e211a4e6d9942b42ba4c181a17be3594
GET /instream/ad_status.js HTTP/1.1
Host: static.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 29
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 09 Oct 2022 00:57:37 GMT
expires: Sun, 09 Oct 2022 01:12:37 GMT
cache-control: public, max-age=900
age: 58
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 0aca7edf23f6d8fb3c0b5a89400d3118
67e4a61460cb43d6882f3378d0455835d323c63f
acf66c6d19fa651d5a9a59b67b3e4c116485a2f60a5dd4d753afa411811019e4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 09 Oct 2022 00:58:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/id
142.250.74.34302 Found 0 B URL HTTP/2 googleads.g.doubleclick.net/pagead/id
IP 142.250.74.34:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/id HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
date: Sun, 09 Oct 2022 00:58:35 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 1615a59f732d50dbd386c89f599fe0d5
ee4fae75b28e7a30ed404cf10e6f0830bd0b69f7
48574ec51753d230b28f90dd3cfd4862d307de1d507b2bb5a7bddf5a294876f1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 09 Oct 2022 00:58:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 0aca7edf23f6d8fb3c0b5a89400d3118
67e4a61460cb43d6882f3378d0455835d323c63f
acf66c6d19fa651d5a9a59b67b3e4c116485a2f60a5dd4d753afa411811019e4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 09 Oct 2022 00:58:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
216.58.211.10200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 216.58.211.10:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Sun, 09 Oct 2022 00:58:35 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 89a17c02cdf926b852220408f32d6ad4
c22fb94c77a74cfc00d6b2cc88643afa0563abbe
2a4d9286d35271838cb99d265e2c8dbb851fa80ac2ca293571125188e684a7e3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 09 Oct 2022 00:58:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
license.emptor.vip/stats.php
135.148.121.39200 OK 31 kB URL HTTP/2 license.emptor.vip/stats.php
IP 135.148.121.39:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 45a6a097d521283a563f8680da216817
920ea9b5e1283b529b8788b93a29d6a69971ce93
f109a78704f997a51298964c95b215684a74cb42eba2db1706b0ac0e05d580a9
GET /stats.php HTTP/1.1
Host: license.emptor.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://license.emptor.vip/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 09 Oct 2022 00:58:35 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/8.0.24, PleskLin
content-encoding: br
X-Firefox-Spdy: h2
www.google.com/js/th/V6O6m_A4SlO-MjsPbzlPIQ9zQH4BCPezl8YCTT2cIuk.js
142.250.74.164200 OK 30 kB URL HTTP/2 www.google.com/js/th/V6O6m_A4SlO-MjsPbzlPIQ9zQH4BCPezl8YCTT2cIuk.js
IP 142.250.74.164:0
File type JSON data\012- , ASCII text, with very long lines (34762), with no line terminators
Hash f8ab7583e53fd333fdad31c4fa0f7933
036cc93a14a14b5ce67691b2ce531846c272e8fb
a3d67401be916858c4daf038968feab0bc8872607aa0a5bfdcc908a556b2eafb
GET /js/th/V6O6m_A4SlO-MjsPbzlPIQ9zQH4BCPezl8YCTT2cIuk.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 14322
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 05 Oct 2022 05:04:05 GMT
expires: Thu, 05 Oct 2023 05:04:05 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 03 Oct 2022 11:00:00 GMT
content-type: text/javascript
age: 330870
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 6c98d1159d4d0e4886d03d837d873a86
295ee171e920021e2bd27ebd661f069bb2cc3f52
c701935caa68be37b1fb2448162ee0ebc3131d7a4843fb35faa2da1da05c1500
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 09 Oct 2022 00:58:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i.ytimg.com/vi_webp/9-qgmsUUCK4/sddefault.webp
142.250.74.150200 OK 19 kB URL HTTP/2 i.ytimg.com/vi_webp/9-qgmsUUCK4/sddefault.webp
IP 142.250.74.150:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 2688d59faad99b21aa5ebefb206a01df
596f3062e28ac093c6cadbe5e0e69d336e47611d
56998dcf1f2d09d968724dffff902a6bf7fc1bbcf35a07f5cedb1a8753efeafc
GET /vi_webp/9-qgmsUUCK4/sddefault.webp HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 19208
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 09 Oct 2022 00:58:35 GMT
expires: Sun, 09 Oct 2022 02:58:35 GMT
cache-control: public, max-age=7200
etag: "1641096333"
content-type: image/webp
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
license.emptor.vip/
135.148.121.39200 OK 9.8 kB IP 135.148.121.39:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (537)
Hash 99d02cfb5dcea2113bb419445f6b0505
12cde8feda47bfcf3a6e144e0e93768ac24bcd54
2275ce1dd12ea095c8d8e49874894e0ff8f908aa17b0f7b533f7aa525a5cf986
GET / HTTP/1.1
Host: license.emptor.vip
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
date: Sun, 09 Oct 2022 00:58:33 GMT
content-type: text/html
last-modified: Sat, 04 Jun 2022 17:16:09 GMT
etag: W/"629b9359-99e3"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
cdn.keyauth.uk/front/css/front.css
172.67.179.241200 OK 81 kB URL HTTP/2 cdn.keyauth.uk/front/css/front.css
IP 172.67.179.241:0
File type ASCII text, with very long lines (65226)
Hash c5afaa7409318f3151fe0277f187627b
646d0c40b0ea45bb1d482f2bdc093e594467ce7a
c5affa542eb19ba3d6f5913d27bf9e2e3313eaa7509a89a21e81219d74959dfd
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /front/css/front.css HTTP/1.1
Host: cdn.keyauth.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://license.emptor.vip/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 09 Oct 2022 00:58:34 GMT
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400, s-max-age=31556926
etag: W/"9340aacf0f0df99c077c47445d6696ea-ssl-df"
vary: Accept-Encoding
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dnHT9u%2BRG3yQn%2F8rzoMXAqgaqEVod39WOzse%2B8iB0YWiNlQLf5D1DO75oWaFUr8AMSZe62n9bNP5iCukLI%2Fl%2FqXE2HkgCRywgsZd4dM8jRkyVzu%2B8tpdN0378QEeyAOyUA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75732b2acb33b506-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.keyauth.uk/vendor/swiper/swiper.min.js
172.67.179.241200 OK 37 kB URL HTTP/2 cdn.keyauth.uk/vendor/swiper/swiper.min.js
IP 172.67.179.241:0
File type ASCII text, with very long lines (65270)
Hash 722040f32c51b9e3927d9b2d8b283328
b8c9485f2bcdcf6e782096f5b581715d2a750a5d
45bd9b7a2ea74f2794c4ee062bea80271bbb6c9ea617dc706ffa9a51f932645b
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /vendor/swiper/swiper.min.js HTTP/1.1
Host: cdn.keyauth.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://license.emptor.vip/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 09 Oct 2022 00:58:34 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400, s-max-age=31556926
etag: W/"975f3d2858266740268c3349896bf782-ssl-df"
vary: Accept-Encoding
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=54ha%2FxWnLhfFL%2B%2BMVA7O1712739Ytxujvwclh1U9Qppnu3VvNKFrIxhtWAw2Fnh6rk5H01DK1lRy7pR%2FcxV1kBk2Mc8wTKFWy31Q8062r%2FEozDqnc1ONv1VNndrF2qQbxg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75732b2adb39b506-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.keyauth.uk/vendor/jquery/dist/jquery.min.js
172.67.179.241200 OK 35 kB URL HTTP/2 cdn.keyauth.uk/vendor/jquery/dist/jquery.min.js
IP 172.67.179.241:0
File type ASCII text, with very long lines (65451)
Hash 8d3de51f16a22e05a480e5c8ccc93d1f
897f8419fde77dc77d84686b233e1f60f70f7b53
c56dfdb7ce7a9b6fb889ca15cabf225fbd1dac2ff8b298112ca1de8e4e09f1d8
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /vendor/jquery/dist/jquery.min.js HTTP/1.1
Host: cdn.keyauth.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://license.emptor.vip/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 09 Oct 2022 00:58:34 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400, s-max-age=31556926
etag: W/"057b0b210b07e1537a63f373837b4d8d-ssl-df"
vary: Accept-Encoding
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b7k0oMR4zzH9Lc4D2y48jcs0VBqQ56m0%2F8MLE0q3pT48HnGy6GMy8kEPmEl03jlBrnVTz%2FRp146HBNR0Fn24NyIFlK8gfTd6LtODTyY16foLaCU%2FNZyTtIbPwa1%2B3Bhk%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75732b2aeb4eb506-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.keyauth.uk/vendor/@fortawesome/fontawesome-free/css/all.min.css
172.67.179.241200 OK 16 kB URL HTTP/2 cdn.keyauth.uk/vendor/@fortawesome/fontawesome-free/css/all.min.css
IP 172.67.179.241:0
File type ASCII text, with very long lines (56656)
Hash bf876443b2a85ecffe0f2d3a7a09a4f5
bee8a0bf14de2e92db43fe1d154e984550e1d484
9780110ba40cfcf961aa83738ee4296595e66baf94dca62cd89ed750d20bf983
GET /vendor/@fortawesome/fontawesome-free/css/all.min.css HTTP/1.1
Host: cdn.keyauth.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://license.emptor.vip/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 09 Oct 2022 00:58:34 GMT
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400, s-max-age=31556926
etag: W/"a924f74822e4e2c37e49c8133640e4fa-ssl-df"
vary: Accept-Encoding
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GDtHSHH%2Bfc7XvJnB8d1O%2FVrO%2F%2FMjVC2UB68BO2m6QD8chltd9QxxyDg9IuG9ztkMPwBhyEZpq7FXRRhIfVW1Xih%2B%2F7mx6GMQxGNlFK22ZrNmTXWlBIIe%2FIltqHiKGpvKUA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75732b2aeb4db506-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.keyauth.uk/assets/css/nucleo.css
172.67.179.241200 OK 4.6 kB URL HTTP/2 cdn.keyauth.uk/assets/css/nucleo.css
IP 172.67.179.241:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text
Hash a426dbd174d4c19470d9f07fc9e5432c
c72928bf6e086d96e352ac11786dcc2cb5c148c3
b3d57624a478b18f6082c88668570192d15561bb29a40bb20eeb8a37822de0fa
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /assets/css/nucleo.css HTTP/1.1
Host: cdn.keyauth.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://license.emptor.vip/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 09 Oct 2022 00:58:34 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400, s-max-age=31556926
vary: Accept-Encoding
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ALPeGPHS2hDDOjsVsRC1BHaG3qziKeyXHymn2XVNP5ENUjY5birTlNJBH24H%2FS6TmpiWoX1cTfzZza8zTSIhz5QO%2BxbZ0Bll6T3RI46JsoMwBrgUmUhKB%2BEqvSejDTCFzg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75732b2aeb49b506-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.keyauth.uk/vendor/swiper/wb.swiper-init.js
172.67.179.241200 OK 3.7 kB URL HTTP/2 cdn.keyauth.uk/vendor/swiper/wb.swiper-init.js
IP 172.67.179.241:0
Hash 068532b14c1f0f02a674308a5d867999
bf88480690cf483e8cde8018fc827391a2b19f5c
443d2421113e15cd2370218d07321b7736cdd528689ff8619c37b569c7b993db
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /vendor/swiper/wb.swiper-init.js HTTP/1.1
Host: cdn.keyauth.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://license.emptor.vip/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 09 Oct 2022 00:58:34 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400, s-max-age=31556926
etag: W/"588385ae490aaa8c9b4406072d89705b-ssl"
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IjmqzDNQJUMEvC%2F6VH4f6N6Ys0XjNxc6G7w5ajzDhYmIn4TGUUsgXVPNtseP6orXWHZ2hKM97Y1SsG86WW7iiw18tCPXQ55d0dGBAfAl6ycsSFlPE1T9t%2FuNPDkjmY24Tw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75732b2adb3ab506-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.keyauth.uk/vendor/bootstrap/dist/js/bootstrap.min.js
172.67.179.241200 OK 20 kB URL HTTP/2 cdn.keyauth.uk/vendor/bootstrap/dist/js/bootstrap.min.js
IP 172.67.179.241:0
File type ASCII text, with very long lines (57791)
Hash a4ffebd3b1cdd1b968fa9a598a37c3c8
b43c9da040c605e5bb38716178429fef23c92e30
d8bb60a69fef01dd78c52b4523ef4ed7fda76ef0f101116591ec15ce4240c2bb
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /vendor/bootstrap/dist/js/bootstrap.min.js HTTP/1.1
Host: cdn.keyauth.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://license.emptor.vip/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 09 Oct 2022 00:58:34 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400, s-max-age=31556926
etag: W/"c30d6c291c89c6a6f9fd289df66137fd-ssl-df"
vary: Accept-Encoding
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FKMSRqMOp3gzgYlNqBuxZNSm04MMgI9ytyJA5DQdIMVLI6FeGPb9R9Fw19Gf3rOruFqZd0wnWwq93X6fQ%2BoSi%2FAiiHpf3gOdtSQTDCXkCMG1npJre4uvR2TFDiCrJi3xcg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75732b2adb37b506-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.keyauth.uk/vendor/headroom.js/dist/headroom.min.js
172.67.179.241200 OK 6.1 kB URL HTTP/2 cdn.keyauth.uk/vendor/headroom.js/dist/headroom.min.js
IP 172.67.179.241:0
File type ASCII text, with very long lines (4215)
Hash 2c21b401d6ea4011b7bf79e7d73d6f46
9abb90a6d9734c87d4965b83149709312fcb8fc9
df81f7948d297a8ad8a92f3377f9294c90abe059f1884186646d11df543f7251
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /vendor/headroom.js/dist/headroom.min.js HTTP/1.1
Host: cdn.keyauth.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://license.emptor.vip/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 09 Oct 2022 00:58:34 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400, s-max-age=31556926
etag: W/"33fe0af08af800d0fa62d507c6fde2b6-ssl-df"
vary: Accept-Encoding
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8Hf52g0IeqjVlojDpTp2g%2FjOy1UPR9a3brUDODp46QrOuIUQn4PDWHGb6uYobMTX3nmWd%2BnEgrfuoGn%2Fw57IjTmK%2BZiJMDCmKaqfIi4CbvQ%2BXnEgq8DhsiGXZpCQ9TznVg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75732b2adb38b506-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 1b523949818a5a16753637f9ad58584b
5d31dd0a86b616b95aa2855ced5ddc1b5d088213
6d4dc5c21d9a3ae5f2d4f259250be56bf1852336fa674f9ab926cdd395c1a107
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 09 Oct 2022 00:58:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
yt3.ggpht.com/grRAL_fvBLGy1WYAvkp0x3mNQTf-EYKvtGvSyiSqB_jkFoHzdexgPqOIvvAdoxiz2gnjmovKpQ=s68-c-k-c0x00ffffff-no-rj
142.250.74.161200 OK 3.7 kB URL HTTP/2 yt3.ggpht.com/grRAL_fvBLGy1WYAvkp0x3mNQTf-EYKvtGvSyiSqB_jkFoHzdexgPqOIvvAdoxiz2gnjmovKpQ=s68-c-k-c0x00ffffff-no-rj
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 68x68, components 3\012- data
Hash 010460ee0fb9041a4eaeeb7c76168c42
e76ec6f4efcd9156665d4b4e0fdec86157bfbe4c
d86cf4deb847af49c5b8bde37cd2b8b5a21cef118073f2122102507c93be7efd
GET /grRAL_fvBLGy1WYAvkp0x3mNQTf-EYKvtGvSyiSqB_jkFoHzdexgPqOIvvAdoxiz2gnjmovKpQ=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="channels4_profile.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 3721
x-xss-protection: 0
date: Sun, 09 Oct 2022 00:00:14 GMT
expires: Sat, 08 Oct 2022 08:11:29 GMT
cache-control: public, max-age=86400, no-transform
age: 3501
etag: "v1"
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 6c98d1159d4d0e4886d03d837d873a86
295ee171e920021e2bd27ebd661f069bb2cc3f52
c701935caa68be37b1fb2448162ee0ebc3131d7a4843fb35faa2da1da05c1500
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 09 Oct 2022 00:58:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 31e440ccd993c4ee793f50511c2ac7c4
4380327d50b7001d158aee05a57c6078e57c94e4
65d8a97f6df1e110333a01d1f6dcb4982db7bb4b1c5f3f1498fafa716e250c0f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "65D8A97F6DF1E110333A01D1F6DCB4982DB7BB4B1C5F3F1498FAFA716E250C0F"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4347
Expires: Sun, 09 Oct 2022 02:11:02 GMT
Date: Sun, 09 Oct 2022 00:58:35 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 31e440ccd993c4ee793f50511c2ac7c4
4380327d50b7001d158aee05a57c6078e57c94e4
65d8a97f6df1e110333a01d1f6dcb4982db7bb4b1c5f3f1498fafa716e250c0f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "65D8A97F6DF1E110333A01D1F6DCB4982DB7BB4B1C5F3F1498FAFA716E250C0F"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4347
Expires: Sun, 09 Oct 2022 02:11:02 GMT
Date: Sun, 09 Oct 2022 00:58:35 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 1b523949818a5a16753637f9ad58584b
5d31dd0a86b616b95aa2855ced5ddc1b5d088213
6d4dc5c21d9a3ae5f2d4f259250be56bf1852336fa674f9ab926cdd395c1a107
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 09 Oct 2022 00:58:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 31e440ccd993c4ee793f50511c2ac7c4
4380327d50b7001d158aee05a57c6078e57c94e4
65d8a97f6df1e110333a01d1f6dcb4982db7bb4b1c5f3f1498fafa716e250c0f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "65D8A97F6DF1E110333A01D1F6DCB4982DB7BB4B1C5F3F1498FAFA716E250C0F"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4347
Expires: Sun, 09 Oct 2022 02:11:02 GMT
Date: Sun, 09 Oct 2022 00:58:35 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 31e440ccd993c4ee793f50511c2ac7c4
4380327d50b7001d158aee05a57c6078e57c94e4
65d8a97f6df1e110333a01d1f6dcb4982db7bb4b1c5f3f1498fafa716e250c0f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "65D8A97F6DF1E110333A01D1F6DCB4982DB7BB4B1C5F3F1498FAFA716E250C0F"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4347
Expires: Sun, 09 Oct 2022 02:11:02 GMT
Date: Sun, 09 Oct 2022 00:58:35 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe6e3f651-bb7d-4dea-9351-b49a68de1bbc.webp
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe6e3f651-bb7d-4dea-9351-b49a68de1bbc.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b020db4bfa5b227115ab8d151dd6ea33
90bda3a7632acaab42fc995b90bcf9172f838bcf
e5031215b788a47dad462c3344c0e4d35d501224e3896e2c691d338c4e80023b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe6e3f651-bb7d-4dea-9351-b49a68de1bbc.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9286
x-amzn-requestid: 64e1076a-99be-4764-857c-4ffb73575ee4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZtaOPGUmoAMFwRw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63420a5a-55d109371e471e952ad7f73e;Sampled=0
x-amzn-remapped-date: Sat, 08 Oct 2022 23:40:10 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: q4wLWfRD6VpAGdaYa9t6vSiutA8U59DXkgGrHzQHn3wVs6h6YvnQZg==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 08 Oct 2022 23:41:16 GMT
etag: "90bda3a7632acaab42fc995b90bcf9172f838bcf"
content-type: image/jpeg
age: 4639
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f1ce5b6-8998-4fc8-b1c4-d0c89c74fba6.jpeg
34.120.237.76200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f1ce5b6-8998-4fc8-b1c4-d0c89c74fba6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 954195baaeb3faefcb26cb04f1767465
bdba70f84d0c8f61b0cc4e99345a964ed9f46b9c
efaafca7f8c638b1d92723745cbd02298afd4357e9bb7905e854921aaa51d271
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f1ce5b6-8998-4fc8-b1c4-d0c89c74fba6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8625
x-amzn-requestid: 0e74e6ca-2bfc-4b0e-8af4-630c2db9a6cf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZaqhkHgIoAMFWDQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a8ad6-157ce0a07e1d98552bfd2bc1;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 07:10:14 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 5KfbGKLcjLes0CI2YMiiNLqfDOOpgq819kFrRECTsHHHR7DgY7wCgg==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Sat, 08 Oct 2022 12:43:09 GMT
age: 44126
etag: "bdba70f84d0c8f61b0cc4e99345a964ed9f46b9c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F23327393-3198-4ca1-b9b0-c756dc43aae4.jpeg
34.120.237.76200 OK 6.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F23327393-3198-4ca1-b9b0-c756dc43aae4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5d5fa39037d1e76f7c07415916e75795
fcfc6d3ddcf460cdd8cb9abb8111efde834b4c3c
05c5aa873e7c5b6d7f4f480f8e45143371d9cc6bf62b4c5054fcace1ad94d082
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F23327393-3198-4ca1-b9b0-c756dc43aae4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6038
x-amzn-requestid: 0a3b21a1-2610-4314-b43c-e01370c91353
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZnSMgHIfoAMFVTA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633f971c-54390b1d2cee3bd37e3f8315;Sampled=0
x-amzn-remapped-date: Fri, 07 Oct 2022 03:03:56 GMT
x-amz-cf-pop: SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: nScJI2YBdOKrOEER-CwIZTDctOCZP5VnuU4KqKcgE2QzuHmb0UwsHA==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 b47618c03bd47cf085f27b1e215f76cc.cloudfront.net (CloudFront), 1.1 google
date: Sat, 08 Oct 2022 03:42:25 GMT
age: 76570
etag: "fcfc6d3ddcf460cdd8cb9abb8111efde834b4c3c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F32c8191a-de6e-4f3a-852d-f12b0c223b48.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F32c8191a-de6e-4f3a-852d-f12b0c223b48.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c3d61c6306bde2889800cc3633bab1d6
8ca3e490efbe763fe9da28ea5488921609f89b71
9bd15609f24464ea93d8055a266cccdf4212d2cd12636e997e6da0b3a2a60f1d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F32c8191a-de6e-4f3a-852d-f12b0c223b48.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8507
x-amzn-requestid: 0fb22b48-b061-4497-940c-0b1e85733303
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZrJUQHkxoAMFXiA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63412281-40339c72375ebd3f22fbceae;Sampled=0
x-amzn-remapped-date: Sat, 08 Oct 2022 07:10:57 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 2s8bFnyf4RYxq_FzqaTYPGfJa4Jdl9TBcyWTfT9tgyb8D0OAXCA5Pg==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 08 Oct 2022 08:19:07 GMT
age: 59968
etag: "8ca3e490efbe763fe9da28ea5488921609f89b71"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff1599fbb-2511-4bc2-8ca8-c4005f192889.jpeg
34.120.237.76200 OK 7.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff1599fbb-2511-4bc2-8ca8-c4005f192889.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fa302105ffc3d3c3eb8c61fb9c74eb44
748429ef5ace5733a115fbff5d775825a6d7a406
4214b707ce6018e1f70d36515f270d3e5c7575b2f2c2c3affa670b5f48d6e195
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff1599fbb-2511-4bc2-8ca8-c4005f192889.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7332
x-amzn-requestid: f1570fe8-21a8-4d77-87d5-cd186eff2987
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZtHgOH9boAMFRzg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6341ec67-25e96c4777da7ced0b003869;Sampled=0
x-amzn-remapped-date: Sat, 08 Oct 2022 21:32:23 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: R-xUSJxrEHLgDmS9e0vaVMeoG51jQTdugiGQeRwZlv0HqW_sM2EZBw==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Sat, 08 Oct 2022 21:51:56 GMT
etag: "748429ef5ace5733a115fbff5d775825a6d7a406"
content-type: image/jpeg
age: 11199
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F829a81b7-8a2b-4381-a830-9c534e3312fe.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F829a81b7-8a2b-4381-a830-9c534e3312fe.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2b15495e3e13c06fd0d67523870405ed
3cb8b43735e86c93733affa10818c47693c80fce
f65edddef18295076f79a48e9a6c95d07ed244a2ae618cb4229b6c1bd434cd57
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F829a81b7-8a2b-4381-a830-9c534e3312fe.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12187
x-amzn-requestid: 9768886f-0e17-4958-bdaf-e17385eb21d6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjqJCHyNoAMFmDg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633e23d3-288e1d28057753a16893d6b5;Sampled=0
x-amzn-remapped-date: Thu, 06 Oct 2022 00:39:47 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Sq19dwfau75VJsl8E2BNddasuiRnVxAuDjNEz0tC_scJSLZZkTayCw==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Sat, 08 Oct 2022 22:24:03 GMT
age: 9272
etag: "3cb8b43735e86c93733affa10818c47693c80fce"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 312 B IP 93.184.220.29:0
Hash 0c3ad3bc088759ac7c8ba97f964b2bcf
968e85c2e9d27a6aecab59ebf36d31685fdf04ce
b0cca711ddc2a811fa756fb830d1d750ae9b502e3e4039692990321beea6b0df
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4192
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 09 Oct 2022 00:58:35 GMT
Last-Modified: Sat, 08 Oct 2022 23:48:44 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 312
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
216.58.211.10200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 216.58.211.10:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Sun, 09 Oct 2022 00:58:35 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
216.58.211.10200 OK 114 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 216.58.211.10:0
File type JSON data\012- , ASCII text, with no line terminators
Hash e3571957114cf6663ec89735aac004e1
aae3b3a25c4b6c840120a1c68f8e2de954c2ad0a
edd15ba76df0e8a6b3d1681e8116dd77350a2a5e2270d233c7f43692ccf4bb5b
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 903
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sun, 09 Oct 2022 00:58:35 GMT
server: ESF
cache-control: private
content-length: 114
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
api.github.com/repos/KeyAuth/KeyAuth-Source-Code
140.82.121.6200 OK 1.5 kB URL HTTP/2 api.github.com/repos/KeyAuth/KeyAuth-Source-Code
IP 140.82.121.6:0
File type JSON data\012- , ASCII text
Hash c1ea7fa11f1f43e29b367f65454fc9bd
b8ef2b5580cef720137300d43c85c4bbe176cc8a
652f313b926c91f6d43a05e2e6e8dd1516d4c9f45191ddd058c6102fb01a81e4
GET /repos/KeyAuth/KeyAuth-Source-Code HTTP/1.1
Host: api.github.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://license.emptor.vip
Connection: keep-alive
Referer: https://license.emptor.vip/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: GitHub.com
date: Sun, 09 Oct 2022 00:58:35 GMT
content-type: application/json; charset=utf-8
cache-control: public, max-age=60, s-maxage=60
vary: Accept, Accept-Encoding, Accept, X-Requested-With
etag: W/"7b0d11f1c4c286f43fcc0ddc1caa9507dcdb119bca83d27dc4c79a6203ff2442"
last-modified: Fri, 07 Oct 2022 01:33:39 GMT
x-github-media-type: github.v3; format=json
access-control-expose-headers: ETag, Link, Location, Retry-After, X-GitHub-OTP, X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Used, X-RateLimit-Resource, X-RateLimit-Reset, X-OAuth-Scopes, X-Accepted-OAuth-Scopes, X-Poll-Interval, X-GitHub-Media-Type, X-GitHub-SSO, X-GitHub-Request-Id, Deprecation, Sunset
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
content-security-policy: default-src 'none'
content-encoding: gzip
x-ratelimit-limit: 60
x-ratelimit-remaining: 59
x-ratelimit-reset: 1665280715
x-ratelimit-resource: core
x-ratelimit-used: 1
accept-ranges: bytes
content-length: 1531
x-github-request-id: 2C22:A1D6:20B81A9:212F5FC:63421CBB
X-Firefox-Spdy: h2
discord.com/assets/e33e6e9d9de3d3040d8b.js
162.159.136.232200 OK 0 B URL HTTP/2 discord.com/assets/e33e6e9d9de3d3040d8b.js
IP 162.159.136.232:0
GET /assets/e33e6e9d9de3d3040d8b.js HTTP/1.1
Host: discord.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://discord.com/widget?id=824397012685291520&theme=dark
Cookie: __cfruid=ee127ca49f6cccab842f7b04d385ed51691996dc-1665277114
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 09 Oct 2022 00:58:34 GMT
content-type: application/javascript
cf-ray: 75732b2b2b64b506-OSL
access-control-allow-origin: https://discord.com
cache-control: public, max-age=2592000
etag: W/"1d8b2b7b16bc5c35f14e2f4f7b321626"
last-modified: Mon, 06 Jun 2022 20:43:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Origin, Accept-Encoding
cf-cache-status: HIT
permissions-policy: interest-cohort=()
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qXvN6htNnnNYSuzUfCG%2B9vWa6K8YrEnEHiA6kL0ieXslIoRDsbgvPRzgS17GXCdpxzQB%2BMPma3R7dbb9Mso20T9mfUes8aDJSt2pC8kiSs1e0KoAtHi6GdXLhIDB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.keyauth.uk/front/css/swiper.min.css
172.67.179.241200 OK 0 B URL HTTP/2 cdn.keyauth.uk/front/css/swiper.min.css
IP 172.67.179.241:0
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /front/css/swiper.min.css HTTP/1.1
Host: cdn.keyauth.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://license.emptor.vip/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 09 Oct 2022 00:58:34 GMT
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400, s-max-age=31556926
etag: W/"9d510f84fe3a47c9545319cf3d1ba2fb-ssl-df"
vary: Accept-Encoding
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0sJrYEw0OcJIc6rd61467dRTIfHZ%2B%2Bsj%2F7z6JuN39nHyRy%2FEAGne4vaq13zjHMxjjVocJUSTQ1BfiLiX0%2FPeVT4qBnEw%2BiOMIhl9TBWqu6xJ92pLPAiZq1an0KKPf%2FIa8w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75732b2aeb4ab506-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.keyauth.uk/vendor/onscreen/dist/on-screen.umd.min.js
172.67.179.241200 OK 0 B URL HTTP/2 cdn.keyauth.uk/vendor/onscreen/dist/on-screen.umd.min.js
IP 172.67.179.241:0
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /vendor/onscreen/dist/on-screen.umd.min.js HTTP/1.1
Host: cdn.keyauth.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://license.emptor.vip/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 09 Oct 2022 00:58:34 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400, s-max-age=31556926
etag: W/"8b6ad6056ef6736ccb3b126ad79c4de9-ssl-df"
vary: Accept-Encoding
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MG20vK489OHxXhNRytcdKDsQFky1%2FfH1OmO5Bvk%2FyAeqiF0PhzTJqeBt2nKzQ1hIxlmkRJLhLrbOeFH%2F30ByKg3jZefl%2FRKIWYQRf84B4waPLCc9vhvAAw26VZP2EJKBiw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75732b2adb3bb506-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.keyauth.uk/vendor/prismjs/themes/prism.css
172.67.179.241200 OK 0 B URL HTTP/2 cdn.keyauth.uk/vendor/prismjs/themes/prism.css
IP 172.67.179.241:0
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /vendor/prismjs/themes/prism.css HTTP/1.1
Host: cdn.keyauth.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://license.emptor.vip/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 09 Oct 2022 00:58:34 GMT
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400, s-max-age=31556926
etag: W/"df1484389b8117603e2174aed2e59be1-ssl-df"
vary: Accept-Encoding
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FX6nsrA%2B3W2rTE9a%2FiN115yvFlzHMnHmOdQKNx0QLZqPpyxkPuZmHCA1u%2BFqnGvzLxO19FcANpdxyQr0bymW64cOI5B05H4ScCaRz%2F%2Bq3w7wbLmx4pbvqsueHcD%2Bv8t49w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75732b2aeb4cb506-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.keyauth.uk/vendor/popper.js/dist/umd/popper.min.js
172.67.179.241200 OK 0 B URL HTTP/2 cdn.keyauth.uk/vendor/popper.js/dist/umd/popper.min.js
IP 172.67.179.241:0
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /vendor/popper.js/dist/umd/popper.min.js HTTP/1.1
Host: cdn.keyauth.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://license.emptor.vip/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 09 Oct 2022 00:58:34 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400, s-max-age=31556926
etag: W/"fc47b055a45e947a8e7778f5940f07e6-ssl-df"
vary: Accept-Encoding
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hzTwoMYjqJ%2FX8XH4YDsFJuHdVinjBX%2F1b%2BW3R1h3LpozU64SQHqcb1SGBl9fme5CoFynMQ6s2RArnX8XPQgZBP0bdifWgy48nUviHIj8BBgNiAXKSgJ%2FGdl%2BiGfAaWizeQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75732b2adb35b506-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.youtube.com/embed/9-qgmsUUCK4
216.58.207.206200 OK 0 B URL HTTP/2 www.youtube.com/embed/9-qgmsUUCK4
IP 216.58.207.206:0
GET /embed/9-qgmsUUCK4 HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://license.emptor.vip/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 09 Oct 2022 00:58:34 GMT
strict-transport-security: max-age=31536000
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=3ShlXBmFzVM; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=C_L95PwELbw; Domain=.youtube.com; Expires=Fri, 07-Apr-2023 00:58:34 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+479; expires=Tue, 08-Oct-2024 00:58:34 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.keyauth.uk/front/assets/js/front.js
172.67.179.241200 OK 0 B URL HTTP/2 cdn.keyauth.uk/front/assets/js/front.js
IP 172.67.179.241:0
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /front/assets/js/front.js HTTP/1.1
Host: cdn.keyauth.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://license.emptor.vip/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 09 Oct 2022 00:58:34 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=14400, s-max-age=31556926
etag: W/"efcf6d83dfa2916c5682016aea47dc71-ssl-df"
vary: Accept-Encoding
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XsfwgFnAkopSE1ZHJ2MVRJufu%2F6WJaFi6u1idJYA0rVjgVLGQr0lap4gjzJlvmNJoQo5iRyXz7YGRavuDFU8q4uAMLJQiHNq4WvkFgVWePlhl%2BvNoG8zPU98HIYSGI7hjw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75732b2adb40b506-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2