mesmedia.press/med-29056/1453645365
173.249.19.158301 Moved Permanently 251 B URL HTTP/1.1 mesmedia.press/med-29056/1453645365
IP 173.249.19.158:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 62f6540fd7e55c1c3da2bf04e9a96a6b
26f729406f2f27da36ab4d4e52807fb7751178fe
ccb703bd9ad61732923c25477c29e01e9a86e6636e0e7283c765d1a30488040e
GET /med-29056/1453645365 HTTP/1.1
Host: mesmedia.press
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sun, 02 Oct 2022 16:45:00 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
Location: https://mesmedia.press/med-29056/1453645365
Content-Length: 251
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
firefox.settings.services.mozilla.com/v1/
18.165.201.103200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 18.165.201.103:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 02 Oct 2022 16:03:11 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 aa2f611dc578ba7eecb9a39cb23b1b70.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P3
X-Amz-Cf-Id: Yg3xeKEN9dv3QN4DxsQySgWIlqdmpnRk3V5ZwWRuTjN0QUBI1rqPSQ==
Age: 2509
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 60e4edea7b5f4d19f3547a3bb2d5df57
3ee076bab4da3416c2c5808f730cb316c28baef7
763e2dadfdd286a51327cd2000ca335e30cd0b9b7267875d22ca33f7556ba200
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "763E2DADFDD286A51327CD2000CA335E30CD0B9B7267875D22CA33F7556BA200"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4921
Expires: Sun, 02 Oct 2022 18:07:01 GMT
Date: Sun, 02 Oct 2022 16:45:00 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
108.156.28.102200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 108.156.28.102:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sun, 02 Oct 2022 03:33:17 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 cdd8daeefcf66738f6e908663e79c33e.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P1
x-amz-cf-id: iRepaqOxYNDgVmwivFUZfvcdhYpBS5ErKTBudpT6ddlUZFepjtfGyA==
age: 47504
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 16:45:00 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 439fa6e19d27dda63a85c0882e8a9c3c
38235f18c329541805361b6005240a4e9c8d9556
a3cbf2f4d3f54505c005a0f56fec66339c40970dc7b4865196661999ca2d447a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A3CBF2F4D3F54505C005A0F56FEC66339C40970DC7B4865196661999CA2D447A"
Last-Modified: Fri, 30 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3072
Expires: Sun, 02 Oct 2022 17:36:13 GMT
Date: Sun, 02 Oct 2022 16:45:01 GMT
Connection: keep-alive
mesmedia.press/med-29056/1453645365
173.249.19.158200 OK 6.8 kB URL HTTP/1.1 mesmedia.press/med-29056/1453645365
IP 173.249.19.158:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (688), with CRLF, LF line terminators
Hash 15eb796c000fb2e78ef289fcea7a4164
2ca1b416fc1133b72412c1d66274467e8accae35
302fdff0d3e76d1c7d8177366b7e8c2d8b9d32d5f4ffb746484a26e5ee29445a
GET /med-29056/1453645365 HTTP/1.1
Host: mesmedia.press
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Date: Sun, 02 Oct 2022 16:45:01 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
X-Powered-By: PHP/5.4.16
Access-Control-Allow-Origin: *
Content-Length: 6833
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset="utf-8"
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
18.165.201.103200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 18.165.201.103:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Expires, Backoff, ETag, Last-Modified, Pragma, Cache-Control, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Date: Sun, 02 Oct 2022 16:32:56 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Sun, 02 Oct 2022 16:54:57 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 bfad1bfbe8b9892941877774853e07da.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P3
X-Amz-Cf-Id: svD_fFNA4wJJzRZodViIkAqORPdViUOGLMCf2shR0_v8AMN6XXjQ1w==
Age: 728
mesmedia.press/css/style.css
173.249.19.158200 OK 5.8 kB URL HTTP/1.1 mesmedia.press/css/style.css
IP 173.249.19.158:0
Hash dd76cbcb96529352ddf18fc2cfdbce74
0f580e24ab7f395ed873fa88cf84253ef03b577c
9c129b87039f03fa1ad8e8dda82e2668559b1253b078fdb523d410139fc48a40
GET /css/style.css HTTP/1.1
Host: mesmedia.press
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mesmedia.press/med-29056/1453645365
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 02 Oct 2022 16:45:01 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
Last-Modified: Wed, 01 Jul 2020 03:23:44 GMT
ETag: "16c7-5a958d1b3f000"
Accept-Ranges: bytes
Content-Length: 5831
Access-Control-Allow-Origin: *
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.1/jquery.cookie.min.js
104.17.24.14200 OK 591 B URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.1/jquery.cookie.min.js
IP 104.17.24.14:0
File type ASCII text, with very long lines (1266)
Hash 414869f16aa77a65b4928a018f7f1abb
cea521f7a2958a50239526ed6b068f0937527653
afee364ce513c6517247b81cce5eb5eadb1dbbb35e439eb3fa97bbc15fac2cd3
GET /ajax/libs/jquery-cookie/1.4.1/jquery.cookie.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mesmedia.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 02 Oct 2022 16:45:01 GMT
content-type: application/javascript; charset=utf-8
content-length: 591
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec1-514"
last-modified: Mon, 04 May 2020 16:11:45 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 2546082
expires: Fri, 22 Sep 2023 16:45:01 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RypWOT%2BBkTD%2BtmvpKTlIvZs%2FuuRS7FEdRRM4joow0LmmeKHEm0uJPYmmwXF%2Bcl1BTTJcMA6dZ2kkUxr3eINC49RI%2B9Fmix6bao%2FXUiTFjyB6W8ipKBs1b2OXt%2F%2BMXbxxE2lf1kDf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 753ee7f3b8550b55-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
mesmedia.press/css/fbfeed.css
173.249.19.158200 OK 1.8 kB URL HTTP/1.1 mesmedia.press/css/fbfeed.css
IP 173.249.19.158:0
File type ASCII text, with CRLF line terminators
Hash 6f4fc8b223916bffb254463f5317faf6
07121890b2b8e3e2a587cf753e999df84b6e28b7
f50bfd19a8ed9e523dfcb4d2476af6f36579e7e79c0f8785746568f564091e3d
GET /css/fbfeed.css HTTP/1.1
Host: mesmedia.press
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mesmedia.press/med-29056/1453645365
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 02 Oct 2022 16:45:01 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
Last-Modified: Tue, 02 Feb 2016 05:55:53 GMT
ETag: "6e4-52ac3277c4c40"
Accept-Ranges: bytes
Content-Length: 1764
Access-Control-Allow-Origin: *
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
code.jquery.com/jquery-3.2.1.min.js
69.16.175.10200 OK 30 kB URL HTTP/2 code.jquery.com/jquery-3.2.1.min.js
IP 69.16.175.10:0
File type ASCII text, with very long lines (32058)
Hash 148f8d3ffd9cc02048c5f4d1cc83c407
9f2b89cfd151be6a29b4d43ad64d164fb8471046
4dc681da48ba2b417e613e8e027ff5322963c3a3697a8ba97973cfefb48def5e
GET /jquery-3.2.1.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mesmedia.press
Connection: keep-alive
Referer: https://mesmedia.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 02 Oct 2022 16:45:01 GMT
content-encoding: gzip
content-length: 30125
content-type: application/javascript; charset=utf-8
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-15283"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1664729101.dop071.sk1.t,1664729101.cds243.sk1.hn,1664729101.cds222.sk1.c
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 6644a7a3ac5216705c0c1ecc79f59ed7
0c87239e1d7314c8e872209fc5c5d43e0b99fafd
4fa469ea936fd8855b6f43b1aa1ee9b4517fcebf4a3e618abd6a827955e91daf
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3438
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 16:45:01 GMT
Last-Modified: Sun, 02 Oct 2022 15:47:43 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 4eb30b4a4234809cf7d5f89fa1f6ceeb
797242aab2f13c820050aa9accd11b7b950cd177
ce9d833a0ac321a908184b655d6632c481f758a04a9c936a7c303bb253444146
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5752
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 16:45:01 GMT
Last-Modified: Sun, 02 Oct 2022 15:09:09 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 6644a7a3ac5216705c0c1ecc79f59ed7
0c87239e1d7314c8e872209fc5c5d43e0b99fafd
4fa469ea936fd8855b6f43b1aa1ee9b4517fcebf4a3e618abd6a827955e91daf
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3438
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 16:45:01 GMT
Last-Modified: Sun, 02 Oct 2022 15:47:43 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 279
mesmedia.press/logo.gif
173.249.19.158200 OK 6.3 kB IP 173.249.19.158:0
File type GIF image data, version 89a, 250 x 218\012- data
Hash 5e47e0b99eabeb1acf80c5191704d6aa
3dd07a3113c6ba6583202b8430f9e4d609e97ae7
fa1af85e850673677f1735e81b6025fd8fdf02676298b9773738a104088d1f8d
GET /logo.gif HTTP/1.1
Host: mesmedia.press
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mesmedia.press/med-29056/1453645365
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 02 Oct 2022 16:45:01 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
Last-Modified: Sat, 25 Feb 2017 11:01:13 GMT
ETag: "18b0-54958c3b63040"
Accept-Ranges: bytes
Content-Length: 6320
Access-Control-Allow-Origin: *
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/gif
mesmedia.press/img/flag/no.png
173.249.19.158200 OK 154 B URL HTTP/1.1 mesmedia.press/img/flag/no.png
IP 173.249.19.158:0
File type PNG image data, 28 x 20, 4-bit colormap, non-interlaced\012- data
Hash 87f804f26166303a42d85ceba925ff82
639288f67d0632759a92f6ffed88b3f97dd8d19e
f22d7bf4e349291808b7ca93cad31b1744548c7c78f4a6586edb13b72ebffd3e
GET /img/flag/no.png HTTP/1.1
Host: mesmedia.press
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mesmedia.press/med-29056/1453645365
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 02 Oct 2022 16:45:01 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
Last-Modified: Fri, 17 Jan 2014 19:30:23 GMT
ETag: "9a-4f02f92bf91c0"
Accept-Ranges: bytes
Content-Length: 154
Access-Control-Allow-Origin: *
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/png
mesmedia.press/img/top1.png
173.249.19.158200 OK 22 kB URL HTTP/1.1 mesmedia.press/img/top1.png
IP 173.249.19.158:0
File type PNG image data, 468 x 60, 8-bit/color RGBA, non-interlaced\012- data
Hash 59bcbb7a94e149511096132047f1d896
15e40ef8ef74136ef5fac386928e0688fe00b864
053017ccee24aa101dc07475131f9ff03f262885df9db37fdb188367074379d7
GET /img/top1.png HTTP/1.1
Host: mesmedia.press
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mesmedia.press/med-29056/1453645365
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 02 Oct 2022 16:45:01 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
Last-Modified: Wed, 25 May 2016 04:21:04 GMT
ETag: "56bf-533a300766c00"
Accept-Ranges: bytes
Content-Length: 22207
Access-Control-Allow-Origin: *
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/png
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 83f9407574c75ca600c57af0637cb200
4ebabbc1900b8f575e90186e2024e48097b0c8d2
1e166ac737e5c3c015e0dc0c68115ebc5eeb53958682a9b77928ddb647137ac1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 16:45:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
mesmedia.press/img/award.png
173.249.19.158200 OK 51 kB URL HTTP/1.1 mesmedia.press/img/award.png
IP 173.249.19.158:0
File type PNG image data, 331 x 95, 8-bit/color RGB, non-interlaced\012- data
Hash 1c925b229332c88a3f0c4b002cbfe016
0538bc2e6f3e81230538b410c179cdc9b5ea3aa6
40b55ccc94082273b764739cbb1ebd95dc4e90c3568d6f831f60d61ece243e9a
GET /img/award.png HTTP/1.1
Host: mesmedia.press
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mesmedia.press/med-29056/1453645365
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 02 Oct 2022 16:45:01 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
Last-Modified: Sat, 03 Sep 2016 09:03:07 GMT
ETag: "c8c9-53b96b71fc8c0"
Accept-Ranges: bytes
Content-Length: 51401
Access-Control-Allow-Origin: *
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/png
ecx.images-amazon.com/images/I/412wuLwNjgL.jpg
18.172.153.222200 OK 31 kB URL HTTP/1.1 ecx.images-amazon.com/images/I/412wuLwNjgL.jpg
IP 18.172.153.222:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 324x500, components 3\012- data
Hash 748bb4674b0b76cefd34e9afed08c596
b5940569b0d23c108e7b1346b45e37b4af685c29
6c1738b5f78bb707083538eca751e5a7d375aff9302b3b22f13fdd72197d6a51
GET /images/I/412wuLwNjgL.jpg HTTP/1.1
Host: ecx.images-amazon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 31005
Connection: keep-alive
Server: Server
Date: Sun, 02 Oct 2022 09:26:16 GMT
X-Amz-IR-Id: a3746b2e-8c96-4839-8d50-b77cd7276d49
Expires: Sat, 27 Sep 2042 09:26:16 GMT
Cache-Control: max-age=630720000,public
Surrogate-key: x-cache-740 /images/I/412wuLwNjgL
Timing-Allow-Origin: https://www.amazon.in, https://www.amazon.com
Edge-Cache-Tag: x-cache-740,/images/I/412wuLwNjgL
Access-Control-Allow-Origin: *
Last-Modified: Mon, 03 Oct 2011 01:01:20 GMT
X-Nginx-Cache-Status: MISS
Accept-Ranges: bytes
X-Cache: Hit from cloudfront
Via: 1.1 e0f7b9809801dee6376c04a94d95b8f8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P5
X-Amz-Cf-Id: kFW_SW5lALA-DEO_g5dDojReasCEsMA-5Y6yjnrL7vj-k3ELpK_qsw==
Age: 26325
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 83f9407574c75ca600c57af0637cb200
4ebabbc1900b8f575e90186e2024e48097b0c8d2
1e166ac737e5c3c015e0dc0c68115ebc5eeb53958682a9b77928ddb647137ac1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 16:45:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,700,400italic
142.250.74.10200 OK 9.8 kB URL HTTP/2 fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,700,400italic
IP 142.250.74.10:0
Hash cbeaf2e2efe2cff311dbbef90f208aa8
d016c44642507ae1a7a279ff52e60fe342959102
7e52d86f0d0cda22108102c38959a6d5967e768a22f741d93f9519c43222d4d3
GET /css?family=Source+Sans+Pro:300,400,700,400italic HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://maxcdn.bootstrapcdn.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 02 Oct 2022 16:45:01 GMT
date: Sun, 02 Oct 2022 16:45:01 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
push.services.mozilla.com/
34.215.56.181101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.215.56.181:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: JoOLEr4EB3RxMe1TCNEoFQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 38VngxAddegxZtIhHuEGv8uwoKo=
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3507ce232dcf8df35f15b17099b54389
24518831bd9702aba9290b5b0e32ec1d04fece19
2beadb62d00f729207745c93a42472e1a4d611466d6d6146d1cf4be83606e06b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2BEADB62D00F729207745C93A42472E1A4D611466D6D6146D1CF4BE83606E06B"
Last-Modified: Sat, 01 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6236
Expires: Sun, 02 Oct 2022 18:28:57 GMT
Date: Sun, 02 Oct 2022 16:45:01 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3507ce232dcf8df35f15b17099b54389
24518831bd9702aba9290b5b0e32ec1d04fece19
2beadb62d00f729207745c93a42472e1a4d611466d6d6146d1cf4be83606e06b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2BEADB62D00F729207745C93A42472E1A4D611466D6D6146D1CF4BE83606E06B"
Last-Modified: Sat, 01 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6236
Expires: Sun, 02 Oct 2022 18:28:57 GMT
Date: Sun, 02 Oct 2022 16:45:01 GMT
Connection: keep-alive
faltercollection.com/09f7ebacf042f24698027cea5aed8ab5/invoke.js
192.243.59.20200 OK 9.8 kB URL HTTP/1.1 faltercollection.com/09f7ebacf042f24698027cea5aed8ab5/invoke.js
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (26994), with no line terminators
Hash 2ce5a070ca6cd3a48485aee4b0c46f07
8abfcac1ccbca88f5b71b277ff347f62a7c20895
aada29523095b34774f1fad18a307a65b43d877f4f7c25147bc66214a62c5d92
GET /09f7ebacf042f24698027cea5aed8ab5/invoke.js HTTP/1.1
Host: faltercollection.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mesmedia.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Sun, 02 Oct 2022 16:45:02 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: b726b5bd9a26a4dbd0183761a8bed5a1
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
faltercollection.com/ac00d9905d23c35abfd9985c2b855549/invoke.js
192.243.59.20200 OK 9.3 kB URL HTTP/1.1 faltercollection.com/ac00d9905d23c35abfd9985c2b855549/invoke.js
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type Unicode text, UTF-8 text, with very long lines (25102), with no line terminators
Hash 048ada5b92934f9feade40f4c0cb99bf
af0e0c8ba4e5a926a828f1d88a08c3de7915d69f
b6a2a2a3717d4ecf79b137be960852680fd5fe6cd04644bf8f8180727c81b4e5
GET /ac00d9905d23c35abfd9985c2b855549/invoke.js HTTP/1.1
Host: faltercollection.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mesmedia.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Sun, 02 Oct 2022 16:45:02 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 3e37318311d8ddedebb71022b443375b
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ocsp.sca1b.amazontrust.com/
216.137.34.194200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 216.137.34.194:0
Hash 606c558669146ba6d99d416b814455a8
9c49aea5039dcfdf01abba48f538350cf87f05ab
83b80756cb4f138174ba1020c487b4d10b6153bc994aba5b2d2ada322892da55
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=163278
Date: Sun, 02 Oct 2022 16:45:02 GMT
Etag: "63398480-1d7"
Expires: Tue, 04 Oct 2022 14:06:20 GMT
Last-Modified: Sun, 02 Oct 2022 12:30:56 GMT
Server: ECS (nyb/1D08)
X-Cache: Miss from cloudfront
Via: 1.1 5afa85054bbc88552c8f1b1dd45fef78.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR61-P2
X-Amz-Cf-Id: aJd9Lepr3a0t9og1Y2Ab6i-KjIGqoBFkCBXyJvmFmgZ01SY68qUylg==
Age: 5724
ocsp.sca1b.amazontrust.com/
216.137.34.194200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 216.137.34.194:0
Hash 606c558669146ba6d99d416b814455a8
9c49aea5039dcfdf01abba48f538350cf87f05ab
83b80756cb4f138174ba1020c487b4d10b6153bc994aba5b2d2ada322892da55
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 02 Oct 2022 16:45:02 GMT
Last-Modified: Sun, 02 Oct 2022 16:21:09 GMT
Server: ECS (nyb/1D1C)
X-Cache: Miss from cloudfront
Via: 1.1 b091f0807f56fed397ae3abb89dd1206.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR61-P2
X-Amz-Cf-Id: nUR6_LxZGudEgNnYEs7p1y0ks4caqXG1CHtTavYLoG_1D3kgoNLlrw==
Age: 1433
simplewebanalysis.com/stats
52.29.95.124200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 52.29.95.124:0
File type ASCII text, with no line terminators
Hash 47d040909146a896f5889ca56db9a204
420081e84ca4788d0d0d3265b0def0c6b45f17d0
c216158a9580cd4e6f862a8b9c06f72b3baa3724d842cb285641073285f0ebb6
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mesmedia.press
Connection: keep-alive
Referer: https://mesmedia.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 02 Oct 2022 16:45:02 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://mesmedia.press
access-control-allow-credentials: true
set-cookie: uid_id2=a1d31b05-b93b-4db8-878a-9eb1d988bf06:1:1; expires=Wed, 29 Sep 2032 16:45:02 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
52.29.95.124200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 52.29.95.124:0
File type ASCII text, with no line terminators
Hash b42882aee33cb6cfe5c5d22c53afd40f
3335de97b29e4853cd99cbc5313fdf6ed8c10471
d69092fbbb1f7077528f7ae7e452866d0c1a550f8ee2e1eba1bcc3128f9ed53d
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mesmedia.press
Connection: keep-alive
Referer: https://mesmedia.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 02 Oct 2022 16:45:02 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://mesmedia.press
access-control-allow-credentials: true
set-cookie: uid_id2=c71ccd31-f0dc-415e-8256-1677b77b1df8:1:1; expires=Wed, 29 Sep 2032 16:45:02 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1fea3d5dfa5c3d38ca31603abcf156c2
4a54a80c4ebe7ba2ed1d99f6b2b4bb6ce19ce1c0
a092c8f32758d7aff016334686522fcf4153402a9cf155331343c882951fbe42
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A092C8F32758D7AFF016334686522FCF4153402A9CF155331343C882951FBE42"
Last-Modified: Fri, 30 Sep 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=966
Expires: Sun, 02 Oct 2022 17:01:08 GMT
Date: Sun, 02 Oct 2022 16:45:02 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1fea3d5dfa5c3d38ca31603abcf156c2
4a54a80c4ebe7ba2ed1d99f6b2b4bb6ce19ce1c0
a092c8f32758d7aff016334686522fcf4153402a9cf155331343c882951fbe42
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A092C8F32758D7AFF016334686522FCF4153402A9CF155331343C882951FBE42"
Last-Modified: Fri, 30 Sep 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=966
Expires: Sun, 02 Oct 2022 17:01:08 GMT
Date: Sun, 02 Oct 2022 16:45:02 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a86ef94c334f426a10191d8c8cdbf33a
36e5470da0578fb9e159d1fd785a8ce1c865ec21
a6e020e3c1ee2b4c57b0dc32f075d2424cceb59826ced9ec76b630777e704a27
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A6E020E3C1EE2B4C57B0DC32F075D2424CCEB59826CED9EC76B630777E704A27"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5098
Expires: Sun, 02 Oct 2022 18:10:00 GMT
Date: Sun, 02 Oct 2022 16:45:02 GMT
Connection: keep-alive
mesmedia.press/favicon.ico
173.249.19.158200 OK 9.7 kB URL HTTP/1.1 mesmedia.press/favicon.ico
IP 173.249.19.158:0
File type MS Windows icon resource - 1 icon, 48x48, 32 bits/pixel\012- data
Hash 864585c13828d469220c961b4efbe781
5535635447437c18676db39f29de4d4c28d2e8be
10dc68b2c5edc475e10d02791aa5d6aee3204dd613c1d03fdc92f29ed626a80c
GET /favicon.ico HTTP/1.1
Host: mesmedia.press
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mesmedia.press/med-29056/1453645365
Cookie: sc_is_visitor_unique=rx11245892.1664729102.01701469A8204F351BA996C27137490B.1.1.1.1.1.1.1.1.1; dom3ic8zudi28v8lr6fgphwffqoz0j6c=c71ccd31-f0dc-415e-8256-1677b77b1df8%3A1%3A1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Sun, 02 Oct 2022 16:45:02 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
Last-Modified: Wed, 29 Oct 2014 04:04:47 GMT
ETag: "25be-50687dd5155c0"
Accept-Ranges: bytes
Content-Length: 9662
Access-Control-Allow-Origin: *
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/vnd.microsoft.icon
selfemployedbalconycane.com/watch.136986254737.js?key=09f7ebacf042f24698027cea5aed8ab5&kw=%5B%22download%22%2C%22give%22%2C%22yourself%22%2C%22credit%22%2C%22money%22%2C%22doesn%22%2C%22t%22%2C%22grow%22%2C%22on%22%2C%22trees%22%2C%22by%22%2C%22david%22%2C%22e%22%2C%22robinson%22%2C%22pdf%22%2C%22ebook%22%5D&refer=https%3A%2F%2Fmesmedia.press%2Fmed-29056%2F1453645365&tz=0&dev=r&res=12.31&uuid=a1d31b05-b93b-4db8-878a-9eb1d988bf06%3A1%3A1
173.233.137.52307 Temporary Redirect 0 B URL HTTP/1.1 selfemployedbalconycane.com/watch.136986254737.js?key=09f7ebacf042f24698027cea5aed8ab5&kw=%5B%22download%22%2C%22give%22%2C%22yourself%22%2C%22credit%22%2C%22money%22%2C%22doesn%22%2C%22t%22%2C%22grow%22%2C%22on%22%2C%22trees%22%2C%22by%22%2C%22david%22%2C%22e%22%2C%22robinson%22%2C%22pdf%22%2C%22ebook%22%5D&refer=https%3A%2F%2Fmesmedia.press%2Fmed-29056%2F1453645365&tz=0&dev=r&res=12.31&uuid=a1d31b05-b93b-4db8-878a-9eb1d988bf06%3A1%3A1
IP 173.233.137.52:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.136986254737.js?key=09f7ebacf042f24698027cea5aed8ab5&kw=%5B%22download%22%2C%22give%22%2C%22yourself%22%2C%22credit%22%2C%22money%22%2C%22doesn%22%2C%22t%22%2C%22grow%22%2C%22on%22%2C%22trees%22%2C%22by%22%2C%22david%22%2C%22e%22%2C%22robinson%22%2C%22pdf%22%2C%22ebook%22%5D&refer=https%3A%2F%2Fmesmedia.press%2Fmed-29056%2F1453645365&tz=0&dev=r&res=12.31&uuid=a1d31b05-b93b-4db8-878a-9eb1d988bf06%3A1%3A1 HTTP/1.1
Host: selfemployedbalconycane.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mesmedia.press
Connection: keep-alive
Referer: https://mesmedia.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Sun, 02 Oct 2022 16:45:02 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://mesmedia.press
Access-Control-Allow-Origin: https://mesmedia.press
Access-Control-Allow-Credentials: true
Location: https://selfemployedbalconycane.com/watch.136986254737.js?key=09f7ebacf042f24698027cea5aed8ab5&kw=%5B%22download%22%2C%22give%22%2C%22yourself%22%2C%22credit%22%2C%22money%22%2C%22doesn%22%2C%22t%22%2C%22grow%22%2C%22on%22%2C%22trees%22%2C%22by%22%2C%22david%22%2C%22e%22%2C%22robinson%22%2C%22pdf%22%2C%22ebook%22%5D&refer=https%3A%2F%2Fmesmedia.press%2Fmed-29056%2F1453645365&tz=0&dev=r&res=12.31&uuid=a1d31b05-b93b-4db8-878a-9eb1d988bf06%3A1%3A1&shu=73195f2166efa9fa64bec1351734c981aabb4c9eddf1a1d95a6d682cde91e37e19ebd584b6f463d11545ef68d06ddb3142f5df7e20018cbb1d95acdb68bb3e2f3efaf84eef25a457a14a2967c0a0e94ace4bac0cb069515084769d97d53aad&pst=1664729162&rmtc=t
Set-Cookie: u_pl=16268107; expires=Mon, 03 Oct 2022 16:45:02 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjI2ODEwNywiayI6IjA5ZjdlYmFjZjA0MmYyNDY5ODAyN2NlYTVhZWQ4YWI1Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNTQzNjY5LCJwaWQiOjMxMTI4OCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyNywiYWlkIjo1LCJwdCI6NCwicGsiOiJqNGN4eHQ0bTJyIiwiY3BrcyI6eyAiMjgiOiIzNDM2YzgzMjJkODZhMTU4M2Y0OGU3NjQ2ZjhiZWY4MiJ9LCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6Nzk5NTQxOTYsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjoxODExMCwib24iOiJMaW51eCIsIm92IjoiVW5rbm93biIsImJpZCI6MTE2NjcwLCJibiI6IkZpcmVmb3giLCJidiI6Ijk2LjAiLCJ3diI6ZmFsc2UsImUiOmZhbHNlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vbWVzbWVkaWEucHJlc3MvbWVkLTI5MDU2LzE0NTM2NDUzNjUifX0.gFZq4Ch2Gn6ThioVTz2huH-VuFMibWP6LXHgPROIRT0; expires=Sun, 02 Oct 2022 16:46:02 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: bbc06e1a5b7a6b471f9e3f1020a2328e
Strict-Transport-Security: max-age=0; includeSubdomains
selfemployedbalconycane.com/34/36/c8/3436c8322d86a1583f48e7646f8bef82.js
173.233.137.52200 OK 29 kB URL HTTP/1.1 selfemployedbalconycane.com/34/36/c8/3436c8322d86a1583f48e7646f8bef82.js
IP 173.233.137.52:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (65536), with no line terminators
Hash 930275b8665ef8088d41fd640ad097c4
a869215ac4c0ef309e31efb8a4c842a0b4060a9f
b1ca0605c3447677c980f4c586d3b583bb0e7e522ffdd67133e4f131150d6d8a
Analyzer Verdict Alert quad9 Sinkholed
GET /34/36/c8/3436c8322d86a1583f48e7646f8bef82.js HTTP/1.1
Host: selfemployedbalconycane.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mesmedia.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 02 Oct 2022 16:45:02 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: fc94f3e98447e52d15f2470bcb187078
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
selfemployedbalconycane.com/watch.136986254737.js?key=09f7ebacf042f24698027cea5aed8ab5&kw=%5B%22download%22%2C%22give%22%2C%22yourself%22%2C%22credit%22%2C%22money%22%2C%22doesn%22%2C%22t%22%2C%22grow%22%2C%22on%22%2C%22trees%22%2C%22by%22%2C%22david%22%2C%22e%22%2C%22robinson%22%2C%22pdf%22%2C%22ebook%22%5D&refer=https%3A%2F%2Fmesmedia.press%2Fmed-29056%2F1453645365&tz=0&dev=r&res=12.31&uuid=a1d31b05-b93b-4db8-878a-9eb1d988bf06%3A1%3A1&shu=73195f2166efa9fa64bec1351734c981aabb4c9eddf1a1d95a6d682cde91e37e19ebd584b6f463d11545ef68d06ddb3142f5df7e20018cbb1d95acdb68bb3e2f3efaf84eef25a457a14a2967c0a0e94ace4bac0cb069515084769d97d53aad&pst=1664729162&rmtc=t
173.233.137.52200 OK 2.1 kB URL HTTP/1.1 selfemployedbalconycane.com/watch.136986254737.js?key=09f7ebacf042f24698027cea5aed8ab5&kw=%5B%22download%22%2C%22give%22%2C%22yourself%22%2C%22credit%22%2C%22money%22%2C%22doesn%22%2C%22t%22%2C%22grow%22%2C%22on%22%2C%22trees%22%2C%22by%22%2C%22david%22%2C%22e%22%2C%22robinson%22%2C%22pdf%22%2C%22ebook%22%5D&refer=https%3A%2F%2Fmesmedia.press%2Fmed-29056%2F1453645365&tz=0&dev=r&res=12.31&uuid=a1d31b05-b93b-4db8-878a-9eb1d988bf06%3A1%3A1&shu=73195f2166efa9fa64bec1351734c981aabb4c9eddf1a1d95a6d682cde91e37e19ebd584b6f463d11545ef68d06ddb3142f5df7e20018cbb1d95acdb68bb3e2f3efaf84eef25a457a14a2967c0a0e94ace4bac0cb069515084769d97d53aad&pst=1664729162&rmtc=t
IP 173.233.137.52:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (2651)
Hash 48b374b4acdee866d2e8bfbee3e27c6e
0554379c2eed897ab1b52c212842a1c67d993003
433c0fc9696cc2e7d150465aae3c879ffa463b47f58d117dfab36c4650662e4c
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.136986254737.js?key=09f7ebacf042f24698027cea5aed8ab5&kw=%5B%22download%22%2C%22give%22%2C%22yourself%22%2C%22credit%22%2C%22money%22%2C%22doesn%22%2C%22t%22%2C%22grow%22%2C%22on%22%2C%22trees%22%2C%22by%22%2C%22david%22%2C%22e%22%2C%22robinson%22%2C%22pdf%22%2C%22ebook%22%5D&refer=https%3A%2F%2Fmesmedia.press%2Fmed-29056%2F1453645365&tz=0&dev=r&res=12.31&uuid=a1d31b05-b93b-4db8-878a-9eb1d988bf06%3A1%3A1&shu=73195f2166efa9fa64bec1351734c981aabb4c9eddf1a1d95a6d682cde91e37e19ebd584b6f463d11545ef68d06ddb3142f5df7e20018cbb1d95acdb68bb3e2f3efaf84eef25a457a14a2967c0a0e94ace4bac0cb069515084769d97d53aad&pst=1664729162&rmtc=t HTTP/1.1
Host: selfemployedbalconycane.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mesmedia.press
Referer: https://mesmedia.press/
Connection: keep-alive
Cookie: u_pl=16268107; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjI2ODEwNywiayI6IjA5ZjdlYmFjZjA0MmYyNDY5ODAyN2NlYTVhZWQ4YWI1Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNTQzNjY5LCJwaWQiOjMxMTI4OCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyNywiYWlkIjo1LCJwdCI6NCwicGsiOiJqNGN4eHQ0bTJyIiwiY3BrcyI6eyAiMjgiOiIzNDM2YzgzMjJkODZhMTU4M2Y0OGU3NjQ2ZjhiZWY4MiJ9LCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6Nzk5NTQxOTYsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjoxODExMCwib24iOiJMaW51eCIsIm92IjoiVW5rbm93biIsImJpZCI6MTE2NjcwLCJibiI6IkZpcmVmb3giLCJidiI6Ijk2LjAiLCJ3diI6ZmFsc2UsImUiOmZhbHNlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vbWVzbWVkaWEucHJlc3MvbWVkLTI5MDU2LzE0NTM2NDUzNjUifX0.gFZq4Ch2Gn6ThioVTz2huH-VuFMibWP6LXHgPROIRT0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 02 Oct 2022 16:45:02 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://mesmedia.press
Access-Control-Allow-Origin: https://mesmedia.press
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=a1d31b05-b93b-4db8-878a-9eb1d988bf06:1:1; expires=Sun, 09 Oct 2022 16:45:02 GMT; secure; SameSite=None
iprc71dda5b1a121091382364a6b0f70a2ea=3569806; expires=Sun, 02 Oct 2022 20:45:02 GMT; secure; SameSite=None
pdhtkv=true; expires=Mon, 03 Oct 2022 16:45:02 GMT; secure; SameSite=None
uncs=1; expires=Mon, 03 Oct 2022 16:45:02 GMT; secure; SameSite=None
pdhtkv5=true; expires=Mon, 03 Oct 2022 16:45:02 GMT; secure; SameSite=None
uncs5=1; expires=Mon, 03 Oct 2022 16:45:02 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 0dab9455d8c8dc825fe94c505a67bec8
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
specificationheadless.com/ntv.json?key=ac00d9905d23c35abfd9985c2b855549&vstc=1
192.243.61.225200 OK 4.1 kB URL HTTP/1.1 specificationheadless.com/ntv.json?key=ac00d9905d23c35abfd9985c2b855549&vstc=1
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type JSON data\012- , ASCII text, with very long lines (4144), with no line terminators
Hash 824372b64e9ef15673a2dffb9a11f764
e04260932c18ebe1bd213d476cef23469db1d7ed
c391dc70b77ce61d601c79727552e9fd68e46eaecf417cb2d6c820a598ce5931
GET /ntv.json?key=ac00d9905d23c35abfd9985c2b855549&vstc=1 HTTP/1.1
Host: specificationheadless.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mesmedia.press
Connection: keep-alive
Referer: https://mesmedia.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sun, 02 Oct 2022 16:45:02 GMT
Content-Type: application/json
Content-Length: 4144
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://mesmedia.press
Access-Control-Allow-Origin: https://mesmedia.press
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=16497554; expires=Mon, 03 Oct 2022 16:45:02 GMT; secure; SameSite=None
pdhtkv=true; expires=Mon, 03 Oct 2022 16:45:02 GMT; secure; SameSite=None
uncs=1; expires=Mon, 03 Oct 2022 16:45:02 GMT; secure; SameSite=None
pdhtkv49=true; expires=Mon, 03 Oct 2022 16:45:02 GMT; secure; SameSite=None
uncs49=1; expires=Mon, 03 Oct 2022 16:45:02 GMT; secure; SameSite=None
nlecac00d9905d23c35abfd9985c2b855549=[2229333]; expires=Sun, 02 Oct 2022 16:45:07 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 4a87ee20e7ff83cfdc85e8cc1729282c
Strict-Transport-Security: max-age=0; includeSubdomains
e1.o.lencr.org/
23.36.76.226200 OK 344 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 73b4a01fa28b7818979653c9b4f3827c
f1281a68d8e452f5d16d561ed601b9b2166dcad2
d22c5e2711704d4e1a30d9fbb9375c0322948fdd4df12d838dfec2c2c3a1df0d
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "D22C5E2711704D4E1A30D9FBB9375C0322948FDD4DF12D838DFEC2C2C3A1DF0D"
Last-Modified: Sat, 01 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2585
Expires: Sun, 02 Oct 2022 17:28:07 GMT
Date: Sun, 02 Oct 2022 16:45:02 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f5e503471cc78b95c0a3e75785615e5f
145b1e4d850c145a78577b5d7d4fadae9658d7a4
61bf2bddece68c7876ab5481c14ed1b1879343e55c86ee013b4f3a8d3353e6b4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "61BF2BDDECE68C7876AB5481C14ED1B1879343E55C86EE013B4F3A8D3353E6B4"
Last-Modified: Sat, 01 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4062
Expires: Sun, 02 Oct 2022 17:52:45 GMT
Date: Sun, 02 Oct 2022 16:45:03 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f5e503471cc78b95c0a3e75785615e5f
145b1e4d850c145a78577b5d7d4fadae9658d7a4
61bf2bddece68c7876ab5481c14ed1b1879343e55c86ee013b4f3a8d3353e6b4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "61BF2BDDECE68C7876AB5481C14ED1B1879343E55C86EE013B4F3A8D3353E6B4"
Last-Modified: Sat, 01 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4062
Expires: Sun, 02 Oct 2022 17:52:45 GMT
Date: Sun, 02 Oct 2022 16:45:03 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f5e503471cc78b95c0a3e75785615e5f
145b1e4d850c145a78577b5d7d4fadae9658d7a4
61bf2bddece68c7876ab5481c14ed1b1879343e55c86ee013b4f3a8d3353e6b4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "61BF2BDDECE68C7876AB5481C14ED1B1879343E55C86EE013B4F3A8D3353E6B4"
Last-Modified: Sat, 01 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4062
Expires: Sun, 02 Oct 2022 17:52:45 GMT
Date: Sun, 02 Oct 2022 16:45:03 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ab57c388b9a191ad382f6cc4772f3d4c
37c632b7fbe7c4019afdacc3af1d14ebc81d2edb
580db6b0d7fdf10a9b718ee65dc5b59749d358719fec8530820425c0fc4833cf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "580DB6B0D7FDF10A9B718EE65DC5B59749D358719FEC8530820425C0FC4833CF"
Last-Modified: Fri, 30 Sep 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8556
Expires: Sun, 02 Oct 2022 19:07:39 GMT
Date: Sun, 02 Oct 2022 16:45:03 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd4280e4-6b15-45b7-9469-d13ba14c37db.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd4280e4-6b15-45b7-9469-d13ba14c37db.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9dddb9d84a16a3004821d89836b83dc3
087521979efd5936416fd7f030779fa5725f0a8f
a6251ac43958031d765b5743d43e14bc04b1e465bed81f757c3609ee6f2bea66
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd4280e4-6b15-45b7-9469-d13ba14c37db.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6871
x-amzn-requestid: e1fdb2ee-c0e7-4a0c-ae26-d968aef00503
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWEIOGp2IAMFxSQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338b3ce-24b26a8048ffd84071a2ad57;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 21:40:30 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: -svKnYBuiMSdWObzJyNah9TDIi6IuPP6VMzEJWmn0zxoZbFmwpzkJw==
via: 1.1 c07670802688417c8b871124c547eb0a.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Oct 2022 21:48:33 GMT
age: 68190
etag: "087521979efd5936416fd7f030779fa5725f0a8f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7d657f8a-70bc-42c6-9aae-1127c4403047.jpeg
34.120.237.76200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7d657f8a-70bc-42c6-9aae-1127c4403047.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 94d82ad8d70761f6ee1384b4183335f3
5d3389a965cfa45dab2202d89b40264368674e8a
ad495dc0ede3bfcbaebfd3bf2eb55fc5596cd7643a539e030ccce0b8a3bcf8dd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7d657f8a-70bc-42c6-9aae-1127c4403047.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8602
x-amzn-requestid: 89329169-bc7a-46b1-85fc-20383a85cae8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWDf9GxzoAMFg0A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338b2cc-27952f8357fa25c956b1cd72;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 21:36:12 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: YDfn3Xd8m6jaBrj_M9hs4dePku_eEhJbYv3NJSHjCdAWifhBkiKUhw==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Oct 2022 22:21:15 GMT
age: 66228
etag: "5d3389a965cfa45dab2202d89b40264368674e8a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg
34.120.237.76200 OK 6.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 206fb65e75dbadf119512f71e0b78402
58ff0bf8ce7528b303d28bab01a80ad721705569
56c8d5f3b3060ee54bf81995269b86c070855d8c33bf437161339a45b309703f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6315
x-amzn-requestid: 6aa75b16-32e4-48a7-9fb0-9e3d5528c2d5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWSdsHUnIAMFXtw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338cabd-742d8a436403683e0cd9368f;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 23:18:21 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 5sAzc5Ewv4g6Wqq6JJiLylG3Jyy_nlWrr5Oteeo6ebEgq7Rvss4XaQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 04:41:00 GMT
age: 43443
etag: "58ff0bf8ce7528b303d28bab01a80ad721705569"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59054e54-a013-42c5-98a5-abe2b6af4fc6.jpeg
34.120.237.76200 OK 5.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59054e54-a013-42c5-98a5-abe2b6af4fc6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 463bdcfbec5426e18ecef83b1c373b71
2e533332ee5c49143e58dad32ee3717a39179532
2c40befd28781482b9be249a792571612d68d7045324083d2c832fa5ec42f04b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59054e54-a013-42c5-98a5-abe2b6af4fc6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4987
x-amzn-requestid: 763edd04-7f8d-42ae-8864-482be3549958
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWEHpFs4oAMFbqg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338b3ca-2f7b67e85aa83b69183e62b5;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 21:40:26 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 2Zoggf30lA-Kvt5QYa-IdhGePHCNiphR7pfFiOaFvL8ZkWZIaiK4pA==
via: 1.1 f4367b41311e3e9a490d7461b7b85490.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Oct 2022 21:48:37 GMT
etag: "2e533332ee5c49143e58dad32ee3717a39179532"
content-type: image/jpeg
age: 68186
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F18b1ba6d-ca56-4474-afa8-cd3b53cce28e.jpeg
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F18b1ba6d-ca56-4474-afa8-cd3b53cce28e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6047192460abf4afd600948abb5e6ee1
6d6d52fb5024e7772dd45dd459bfe3ec90cb5ce4
d1fd21a5913f6831d2128c8e9e84767d9730bf9e779da5395dc31b82a10e32e9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F18b1ba6d-ca56-4474-afa8-cd3b53cce28e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9340
x-amzn-requestid: e892265e-836d-4638-871f-0548eda57745
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWDf8FCEoAMFyow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338b2cc-7f39bb92066a75a90868dd03;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 21:36:12 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Sk1Dahp1gliiBIghSCZselE7-Fy45svrCk7TdmunOwNefSNqY1P1jA==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Oct 2022 21:48:34 GMT
etag: "6d6d52fb5024e7772dd45dd459bfe3ec90cb5ce4"
content-type: image/jpeg
age: 68189
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccb5f775-a073-47ba-b076-ad1c96659b64.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccb5f775-a073-47ba-b076-ad1c96659b64.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash edded48f558f739287a040151349ef67
d63b6ba630736d32c364b0e6a369274b2389b7ff
33b4a459df0ba7b36b907ba96d74e08660cc75640c42a5748b97d18ec2e9d533
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccb5f775-a073-47ba-b076-ad1c96659b64.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11083
x-amzn-requestid: 53e2c961-bcc0-4977-8648-ee3c1aed9cde
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWEHRFWfIAMFhlA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338b3c7-070212d7386d5efa1b4aa8d3;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 21:40:23 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Z1KmxHJh9QNfg5x0enkqOjbmiqHvg7nlQiMnuDuCRNWQUBFEiKELbw==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 31119c39c5a6dc62dfa1fe940afd7be2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Oct 2022 21:48:36 GMT
etag: "d63b6ba630736d32c364b0e6a369274b2389b7ff"
content-type: image/jpeg
age: 68187
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
specificationheadless.com/ren.gif?sid=H4sIAAAAAAAC%2F1SSz4scRRTHq5M5rSD%2BCIh4GQRBQWa7e362QYLrurK4ZmNi0JtUV%2FXMllPd1VR1dc%2FuaTEguQijNz31fmc3ixr8cRZjmA0EWRR2LrIH90%2FwIoaAF5nJ4OiD4r1X33f4fF%2FVx3v2jLiw9HT1bbUjpKTLzZpbffF9z7tY3RCJHVQHndYHrcbFqs5fCVo196XqmxHrq2Xf9VzXc73qmtBRVw2WpyJEejvwaoFba%2Fg1r9nAQP%2B%2FN9aBoQ54fkaeguCTyj3nAgQbI4m%2FW41MP1Ppy2%2FEVtJMaeT88HrST1SRIF6UXe2gmxzOp6HMydodqORghguV%2FzsYiglx7t9BmBzOIRHm%2BzPOUCJKEPLHUORjRHIMQcdg6gYEPyEA47i8iSS%2BdVnpgm4%2FUulUnZDKgz8higmp%2FH4BSfzNihSD6jUlbSZUYjDolhCDMURvjNQeIds5B1EcgWUfQfBfyfKDDSTx%2FqaRCoKXM%2B9CjCG6Y8hoCGoc2OkRDmzXgU0dxPy0yjzPa7ucUbcTMFbn7Shscdej7a5HPbfVgWVTvCGydAgmh2B6F6neRV8Moe1dmK0Shjsw2YQ47%2Bwi5yWKiKAwBAUlKARBkREUeXnApfFNeYtLY0Nvnv15rpcjlfX26IHKelFC9tIz8uRsL3%2F%2F8Bn60WmVMtflQeA2uV9n9SYNuzwIOk3mh51ms9kIYEQJYc7NrO6ICXnmk7%2BQigmp%2FPQQIT2CkUdg4jlQ64EWo7bvgm6NGh0XO8m3uTBCJVGoVL%2FGVAyuSqRZBdm2syfPyLMzlOcr1xGx40v3l15NR78tgekSqS7xobhH0JM3R1dVQfavqsKQ7zfTTMRih06f71pGs%2Bj8V29F24XSfH3VDL98jU2FaXn73chkGzThIukZ8vWK4DzSa0qziPy4bt6LwivWbK1Yndh048rra%2BtxqiMzhR2DipPNh2BTjy88PfuXT%2FzyB4QeQ9sSsT0m84BQR2DpLky6oDfqPLRczISpg8KWI%2B2Hi0spCGS06GlYwvynDxf1nrmJnvZBsxtI4hK5LpHLElQOYezSKEv18aWfP5%2FGFwilMwqldvZDqeWnj1ZrxGm1Xa%2B7tBU0vXabRu2w4Xe6LY9T6jdafqtF68jMhAV3H%2F8HAAD%2F%2FwEAAP%2F%2Fj6DhImIEAAA%3D
192.243.61.225200 OK 7 B URL HTTP/1.1 specificationheadless.com/ren.gif?sid=H4sIAAAAAAAC%2F1SSz4scRRTHq5M5rSD%2BCIh4GQRBQWa7e362QYLrurK4ZmNi0JtUV%2FXMllPd1VR1dc%2FuaTEguQijNz31fmc3ixr8cRZjmA0EWRR2LrIH90%2FwIoaAF5nJ4OiD4r1X33f4fF%2FVx3v2jLiw9HT1bbUjpKTLzZpbffF9z7tY3RCJHVQHndYHrcbFqs5fCVo196XqmxHrq2Xf9VzXc73qmtBRVw2WpyJEejvwaoFba%2Fg1r9nAQP%2B%2FN9aBoQ54fkaeguCTyj3nAgQbI4m%2FW41MP1Ppy2%2FEVtJMaeT88HrST1SRIF6UXe2gmxzOp6HMydodqORghguV%2FzsYiglx7t9BmBzOIRHm%2BzPOUCJKEPLHUORjRHIMQcdg6gYEPyEA47i8iSS%2BdVnpgm4%2FUulUnZDKgz8higmp%2FH4BSfzNihSD6jUlbSZUYjDolhCDMURvjNQeIds5B1EcgWUfQfBfyfKDDSTx%2FqaRCoKXM%2B9CjCG6Y8hoCGoc2OkRDmzXgU0dxPy0yjzPa7ucUbcTMFbn7Shscdej7a5HPbfVgWVTvCGydAgmh2B6F6neRV8Moe1dmK0Shjsw2YQ47%2Bwi5yWKiKAwBAUlKARBkREUeXnApfFNeYtLY0Nvnv15rpcjlfX26IHKelFC9tIz8uRsL3%2F%2F8Bn60WmVMtflQeA2uV9n9SYNuzwIOk3mh51ms9kIYEQJYc7NrO6ICXnmk7%2BQigmp%2FPQQIT2CkUdg4jlQ64EWo7bvgm6NGh0XO8m3uTBCJVGoVL%2FGVAyuSqRZBdm2syfPyLMzlOcr1xGx40v3l15NR78tgekSqS7xobhH0JM3R1dVQfavqsKQ7zfTTMRih06f71pGs%2Bj8V29F24XSfH3VDL98jU2FaXn73chkGzThIukZ8vWK4DzSa0qziPy4bt6LwivWbK1Yndh048rra%2BtxqiMzhR2DipPNh2BTjy88PfuXT%2FzyB4QeQ9sSsT0m84BQR2DpLky6oDfqPLRczISpg8KWI%2B2Hi0spCGS06GlYwvynDxf1nrmJnvZBsxtI4hK5LpHLElQOYezSKEv18aWfP5%2FGFwilMwqldvZDqeWnj1ZrxGm1Xa%2B7tBU0vXabRu2w4Xe6LY9T6jdafqtF68jMhAV3H%2F8HAAD%2F%2FwEAAP%2F%2Fj6DhImIEAAA%3D
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
GET /ren.gif?sid=H4sIAAAAAAAC%2F1SSz4scRRTHq5M5rSD%2BCIh4GQRBQWa7e362QYLrurK4ZmNi0JtUV%2FXMllPd1VR1dc%2FuaTEguQijNz31fmc3ixr8cRZjmA0EWRR2LrIH90%2FwIoaAF5nJ4OiD4r1X33f4fF%2FVx3v2jLiw9HT1bbUjpKTLzZpbffF9z7tY3RCJHVQHndYHrcbFqs5fCVo196XqmxHrq2Xf9VzXc73qmtBRVw2WpyJEejvwaoFba%2Fg1r9nAQP%2B%2FN9aBoQ54fkaeguCTyj3nAgQbI4m%2FW41MP1Ppy2%2FEVtJMaeT88HrST1SRIF6UXe2gmxzOp6HMydodqORghguV%2FzsYiglx7t9BmBzOIRHm%2BzPOUCJKEPLHUORjRHIMQcdg6gYEPyEA47i8iSS%2BdVnpgm4%2FUulUnZDKgz8higmp%2FH4BSfzNihSD6jUlbSZUYjDolhCDMURvjNQeIds5B1EcgWUfQfBfyfKDDSTx%2FqaRCoKXM%2B9CjCG6Y8hoCGoc2OkRDmzXgU0dxPy0yjzPa7ucUbcTMFbn7Shscdej7a5HPbfVgWVTvCGydAgmh2B6F6neRV8Moe1dmK0Shjsw2YQ47%2Bwi5yWKiKAwBAUlKARBkREUeXnApfFNeYtLY0Nvnv15rpcjlfX26IHKelFC9tIz8uRsL3%2F%2F8Bn60WmVMtflQeA2uV9n9SYNuzwIOk3mh51ms9kIYEQJYc7NrO6ICXnmk7%2BQigmp%2FPQQIT2CkUdg4jlQ64EWo7bvgm6NGh0XO8m3uTBCJVGoVL%2FGVAyuSqRZBdm2syfPyLMzlOcr1xGx40v3l15NR78tgekSqS7xobhH0JM3R1dVQfavqsKQ7zfTTMRih06f71pGs%2Bj8V29F24XSfH3VDL98jU2FaXn73chkGzThIukZ8vWK4DzSa0qziPy4bt6LwivWbK1Yndh048rra%2BtxqiMzhR2DipPNh2BTjy88PfuXT%2FzyB4QeQ9sSsT0m84BQR2DpLky6oDfqPLRczISpg8KWI%2B2Hi0spCGS06GlYwvynDxf1nrmJnvZBsxtI4hK5LpHLElQOYezSKEv18aWfP5%2FGFwilMwqldvZDqeWnj1ZrxGm1Xa%2B7tBU0vXabRu2w4Xe6LY9T6jdafqtF68jMhAV3H%2F8HAAD%2F%2FwEAAP%2F%2Fj6DhImIEAAA%3D HTTP/1.1
Host: specificationheadless.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mesmedia.press/
Cookie: u_pl=16497554; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; nlecac00d9905d23c35abfd9985c2b855549=[2229333]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sun, 02 Oct 2022 16:45:03 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: adb97d25342f0346f0f0ddd815d57a53
Strict-Transport-Security: max-age=0; includeSubdomains
cdn.cloudimagesb.com/cti/5e/78/a9/5e78a94057ff65f06ec19e727c7be04f/1588233511.jpg
45.133.44.9200 OK 24 kB URL HTTP/2 cdn.cloudimagesb.com/cti/5e/78/a9/5e78a94057ff65f06ec19e727c7be04f/1588233511.jpg
IP 45.133.44.9:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 320x240, components 3\012- data
Hash d71c872fb9f50bd9383abc0721d1d51e
1f69b40ef2f95798b4e0fd738d630ad4319cd739
6b4a622b9de1ffab8fe905fc8c4633994c732476664b5190ceedd62a3795ab08
GET /cti/5e/78/a9/5e78a94057ff65f06ec19e727c7be04f/1588233511.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mesmedia.press/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 02 Oct 2022 16:45:03 GMT
content-type: image/jpeg
content-length: 24518
server: nginx/1.17.6
last-modified: Thu, 30 Apr 2020 07:58:34 GMT
etag: "5eaa852a-5fc6"
expires: Tue, 04 Oct 2022 16:45:03 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.cloudimagesb.com/cti/7d/00/a0/7d00a008556ebc4e68d1de531274e928/1658920033.png
45.133.44.9200 OK 144 kB URL HTTP/2 cdn.cloudimagesb.com/cti/7d/00/a0/7d00a008556ebc4e68d1de531274e928/1658920033.png
IP 45.133.44.9:0
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 300 x 250, 8-bit/color RGBA, non-interlaced\012- data
Size 144 kB (144379 bytes)
Hash 33c304429dc1a4408a96e6a74ffa2feb
c45fa8e65528d1bb2b46bf8a28af9eeaa1903d04
dbed482e5948ead5587d30a22306a5b611305f704de940bd22c76daf90e0a314
GET /cti/7d/00/a0/7d00a008556ebc4e68d1de531274e928/1658920033.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 02 Oct 2022 16:45:03 GMT
content-type: image/png
content-length: 144379
server: nginx/1.17.6
last-modified: Wed, 27 Jul 2022 11:07:21 GMT
etag: "62e11c69-233fb"
expires: Tue, 04 Oct 2022 16:45:03 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 344 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 73b4a01fa28b7818979653c9b4f3827c
f1281a68d8e452f5d16d561ed601b9b2166dcad2
d22c5e2711704d4e1a30d9fbb9375c0322948fdd4df12d838dfec2c2c3a1df0d
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "D22C5E2711704D4E1A30D9FBB9375C0322948FDD4DF12D838DFEC2C2C3A1DF0D"
Last-Modified: Sat, 01 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2584
Expires: Sun, 02 Oct 2022 17:28:07 GMT
Date: Sun, 02 Oct 2022 16:45:03 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5b1be67d571612118c9ad6574b31fa07
10ee31e5346ce3d07f9c46db458338168cfc188a
1e8183659c0aeca681e6c4b374fa41f98fdefc402c670a77114c5ddaabeb65c1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1E8183659C0AECA681E6C4B374FA41F98FDEFC402C670A77114C5DDAABEB65C1"
Last-Modified: Sat, 01 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7341
Expires: Sun, 02 Oct 2022 18:47:24 GMT
Date: Sun, 02 Oct 2022 16:45:03 GMT
Connection: keep-alive
invaderannihilationperky.com/pixel/purst?dl=0&th=0&sc=0&rs=2375&rd=2375&fd=797&bv=22.8.v.2&tmpl=136
173.233.139.164200 OK 0 B URL HTTP/1.1 invaderannihilationperky.com/pixel/purst?dl=0&th=0&sc=0&rs=2375&rd=2375&fd=797&bv=22.8.v.2&tmpl=136
IP 173.233.139.164:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/purst?dl=0&th=0&sc=0&rs=2375&rd=2375&fd=797&bv=22.8.v.2&tmpl=136 HTTP/1.1
Host: invaderannihilationperky.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mesmedia.press/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 02 Oct 2022 16:45:03 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5b3173eff80b64049bff92afa135727e
3a21ff79d45b6356f8283a87ba8cb2e33040ca29
7a5db34068fb34056744665a1e81460da9473caf812d47b5ee75a64f8d78ae2b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7A5DB34068FB34056744665A1E81460DA9473CAF812D47B5EE75A64F8D78AE2B"
Last-Modified: Fri, 30 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4584
Expires: Sun, 02 Oct 2022 18:01:28 GMT
Date: Sun, 02 Oct 2022 16:45:04 GMT
Connection: keep-alive
unseenreport.com/pxf.gif?uuid=c71ccd31-f0dc-415e-8256-1677b77b1df8&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.31&b_frame=0&pk=3436c8322d86a1583f48e7646f8bef82&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=16
192.243.61.225200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=c71ccd31-f0dc-415e-8256-1677b77b1df8&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.31&b_frame=0&pk=3436c8322d86a1583f48e7646f8bef82&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=16
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=c71ccd31-f0dc-415e-8256-1677b77b1df8&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.31&b_frame=0&pk=3436c8322d86a1583f48e7646f8bef82&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=16 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mesmedia.press/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sun, 02 Oct 2022 16:45:04 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 1a3a97b213583846b4f0ead22c7fe4ec
Strict-Transport-Security: max-age=0; includeSubdomains
maxcdn.bootstrapcdn.com/bootswatch/3.3.6/lumen/bootstrap.min.css
104.18.11.207200 OK 0 B URL HTTP/2 maxcdn.bootstrapcdn.com/bootswatch/3.3.6/lumen/bootstrap.min.css
IP 104.18.11.207:0
GET /bootswatch/3.3.6/lumen/bootstrap.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mesmedia.press/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 02 Oct 2022 16:45:01 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
last-modified: Mon, 25 Jan 2021 22:04:27 GMT
cdn-cachedat: 12/10/2021 15:32:58
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 601
cdn-status: 200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-requestid: e9a4e8c4f93483ac9ad4cfec0ed90682
cdn-cache: HIT
cf-cache-status: HIT
age: 10651347
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 753ee7f419eeb524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
secure.statcounter.com/counter/counter.js
104.20.228.67200 OK 0 B URL HTTP/2 secure.statcounter.com/counter/counter.js
IP 104.20.228.67:0
GET /counter/counter.js HTTP/1.1
Host: secure.statcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mesmedia.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 02 Oct 2022 16:45:02 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Fri, 23 Sep 2022 09:41:24 GMT
etag: W/"632d7f44-aa70"
expires: Sun, 02 Oct 2022 17:42:43 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 39739
server: cloudflare
cf-ray: 753ee7f84b61b527-OSL
content-encoding: br
X-Firefox-Spdy: h2
addresseepaper.com/sfp.js
104.21.235.2200 OK 0 B URL HTTP/2 addresseepaper.com/sfp.js
IP 104.21.235.2:0
GET /sfp.js HTTP/1.1
Host: addresseepaper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mesmedia.press/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 02 Oct 2022 16:45:03 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 3463b1fd7af362464cfcd86ca5e703cb
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Sun, 02 Oct 2022 16:45:02 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tNrKievA3Np%2F3BmQi%2FcdOkKiEDpeNXsnq4%2Ba1fvrLbCup987Ks1HhUWmsynzvS2Ee4d4Ol%2FvQlotEuvhdmzkgGsQrCJ2oWE%2Bk5soePexTi9JYjES4iuAT4GVukBVl4z080u%2F1%2Fo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 753ee7fdb92edc3d-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
c.statcounter.com/t.php?sc_project=11245892&u1=01701469A8204F351BA996C27137490B&java=1&security=504152f4&sc_snum=1&sess=a8f3c4&p=0&rcat=d&rdom=d&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1280&h=1024&camefrom=&u=https%3A//mesmedia.press/med-29056/1453645365&t=Download%20%3A%20Give%20Yourself%20Credit%3A%20Money%20Doesn%27t%20Grow%20On%20Trees!%20By%20David%20E.%20Robinson%20PDF%20Ebook&invisible=1&sc_rum_e_s=1633&sc_rum_e_e=1637&sc_rum_f_s=0&sc_rum_f_e=1622&get_config=true
104.20.228.67200 OK 0 B URL HTTP/2 c.statcounter.com/t.php?sc_project=11245892&u1=01701469A8204F351BA996C27137490B&java=1&security=504152f4&sc_snum=1&sess=a8f3c4&p=0&rcat=d&rdom=d&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1280&h=1024&camefrom=&u=https%3A//mesmedia.press/med-29056/1453645365&t=Download%20%3A%20Give%20Yourself%20Credit%3A%20Money%20Doesn%27t%20Grow%20On%20Trees!%20By%20David%20E.%20Robinson%20PDF%20Ebook&invisible=1&sc_rum_e_s=1633&sc_rum_e_e=1637&sc_rum_f_s=0&sc_rum_f_e=1622&get_config=true
IP 104.20.228.67:0
GET /t.php?sc_project=11245892&u1=01701469A8204F351BA996C27137490B&java=1&security=504152f4&sc_snum=1&sess=a8f3c4&p=0&rcat=d&rdom=d&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1280&h=1024&camefrom=&u=https%3A//mesmedia.press/med-29056/1453645365&t=Download%20%3A%20Give%20Yourself%20Credit%3A%20Money%20Doesn%27t%20Grow%20On%20Trees!%20By%20David%20E.%20Robinson%20PDF%20Ebook&invisible=1&sc_rum_e_s=1633&sc_rum_e_e=1637&sc_rum_f_s=0&sc_rum_f_e=1622&get_config=true HTTP/1.1
Host: c.statcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mesmedia.press
Connection: keep-alive
Referer: https://mesmedia.press/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 02 Oct 2022 16:45:02 GMT
content-type: application/json
p3p: policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
expires: Mon, 26 Jul 1997 05:00:00 GMT
set-cookie: is_unique=sc11245892.1664729102.0; SameSite=None; Secure; Expires=Friday, 01-Oct-2027 23:45:02 WIB; Path=/; Domain=.statcounter.com
is_visitor_unique=1664729102446010048; SameSite=None; Secure; Expires=Tuesday, 01-Oct-2024 23:45:02 WIB; Path=/; Domain=.statcounter.com
access-control-allow-origin: https://mesmedia.press
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 753ee7fbc89eb527-OSL
content-encoding: br
X-Firefox-Spdy: h2