r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2d2e7649ce9e9ba6fc8b68aa89352e3c
0153d1d3d830a457043e16bb40d48a0b9ddef4b8
8eed57c91b42ef7b2d5eff1309e306e23e13c3de21219af24a693cbf3e8977fc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8EED57C91B42EF7B2D5EFF1309E306E23E13C3DE21219AF24A693CBF3E8977FC"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9290
Expires: Tue, 29 Nov 2022 21:36:50 GMT
Date: Tue, 29 Nov 2022 19:02:00 GMT
Connection: keep-alive
mylink.cx/?url=magnet:?xt=urn:btih:B4FBDF6DCFE4A75AE1EF171BEA3DBB6E38B3F221&dn=Peter+Tosh+-+Original+Album+Series+(2014)+[FLAC]+[DJ]&tr=udp://tracker.coppersurfer.tk:6969/announce&tr=udp://tracker.leechers-paradise.org:6969/announce&tr=seed.datascene.net/9195069bf4e82f843e0f9e7c1e26c58d/announce&tr=udp://9.rarbg.to:2710/announce&tr=udp://exodus.desync.com:6969/announce&tr=udp://open.stealth.si:80/announce&tr=udp://tracker.tiny-vps.com:6969/announce&tr=udp://open.demonii.si:1337/announce&tr=udp://p4p.arenabg.com:1337/announce&tr=udp://zephir.monocul.us:6969/announce&tr=udp://opentor.org:2710/announce&tr=udp://tracker.zerobytes.xyz:1337/announce&tr=udp://tracker.opentrackr.org:1337/announce&tr=udp://retracker.lanta-net.ru:2710/announce&tr=udp://tracker.opentrackr.org:1337/announce&tr=http://tracker.openbittorrent.com:80/announce&tr=udp://opentracker.i2p.rocks:6969/announce&tr=udp://tracker.internetwarriors.net:1337/announce&tr=udp://tracker.leechers-paradise.org:6969/announce&tr=udp://coppersurfer.tk:6969/announce&tr=udp://tracker.zer0day.to:1337/announce
172.67.189.23302 Found 145 B URL HTTP/1.1 mylink.cx/?url=magnet:?xt=urn:btih:B4FBDF6DCFE4A75AE1EF171BEA3DBB6E38B3F221&dn=Peter+Tosh+-+Original+Album+Series+(2014)+[FLAC]+[DJ]&tr=udp://tracker.coppersurfer.tk:6969/announce&tr=udp://tracker.leechers-paradise.org:6969/announce&tr=seed.datascene.net/9195069bf4e82f843e0f9e7c1e26c58d/announce&tr=udp://9.rarbg.to:2710/announce&tr=udp://exodus.desync.com:6969/announce&tr=udp://open.stealth.si:80/announce&tr=udp://tracker.tiny-vps.com:6969/announce&tr=udp://open.demonii.si:1337/announce&tr=udp://p4p.arenabg.com:1337/announce&tr=udp://zephir.monocul.us:6969/announce&tr=udp://opentor.org:2710/announce&tr=udp://tracker.zerobytes.xyz:1337/announce&tr=udp://tracker.opentrackr.org:1337/announce&tr=udp://retracker.lanta-net.ru:2710/announce&tr=udp://tracker.opentrackr.org:1337/announce&tr=http://tracker.openbittorrent.com:80/announce&tr=udp://opentracker.i2p.rocks:6969/announce&tr=udp://tracker.internetwarriors.net:1337/announce&tr=udp://tracker.leechers-paradise.org:6969/announce&tr=udp://coppersurfer.tk:6969/announce&tr=udp://tracker.zer0day.to:1337/announce
IP 172.67.189.23:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash dca33d79e50624118086e38d6f06474d
f77dbf575df9d76c5c06e861651654c090e7df96
05b793fb24af6aad057ea4eaebfa26c14ced0e694e7bb243ef80ed6f2931f541
GET /?url=magnet:?xt=urn:btih:B4FBDF6DCFE4A75AE1EF171BEA3DBB6E38B3F221&dn=Peter+Tosh+-+Original+Album+Series+(2014)+[FLAC]+[DJ]&tr=udp://tracker.coppersurfer.tk:6969/announce&tr=udp://tracker.leechers-paradise.org:6969/announce&tr=seed.datascene.net/9195069bf4e82f843e0f9e7c1e26c58d/announce&tr=udp://9.rarbg.to:2710/announce&tr=udp://exodus.desync.com:6969/announce&tr=udp://open.stealth.si:80/announce&tr=udp://tracker.tiny-vps.com:6969/announce&tr=udp://open.demonii.si:1337/announce&tr=udp://p4p.arenabg.com:1337/announce&tr=udp://zephir.monocul.us:6969/announce&tr=udp://opentor.org:2710/announce&tr=udp://tracker.zerobytes.xyz:1337/announce&tr=udp://tracker.opentrackr.org:1337/announce&tr=udp://retracker.lanta-net.ru:2710/announce&tr=udp://tracker.opentrackr.org:1337/announce&tr=http://tracker.openbittorrent.com:80/announce&tr=udp://opentracker.i2p.rocks:6969/announce&tr=udp://tracker.internetwarriors.net:1337/announce&tr=udp://tracker.leechers-paradise.org:6969/announce&tr=udp://coppersurfer.tk:6969/announce&tr=udp://tracker.zer0day.to:1337/announce HTTP/1.1
Host: mylink.cx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Tue, 29 Nov 2022 19:02:00 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Location: http://mylink.name/?url=magnet:?xt=urn:btih:B4FBDF6DCFE4A75AE1EF171BEA3DBB6E38B3F221&dn=Peter+Tosh+-+Original+Album+Series+(2014)+[FLAC]+[DJ]&tr=udp://tracker.coppersurfer.tk:6969/announce&tr=udp://tracker.leechers-paradise.org:6969/announce&tr=seed.datascene.net/9195069bf4e82f843e0f9e7c1e26c58d/announce&tr=udp://9.rarbg.to:2710/announce&tr=udp://exodus.desync.com:6969/announce&tr=udp://open.stealth.si:80/announce&tr=udp://tracker.tiny-vps.com:6969/announce&tr=udp://open.demonii.si:1337/announce&tr=udp://p4p.arenabg.com:1337/announce&tr=udp://zephir.monocul.us:6969/announce&tr=udp://opentor.org:2710/announce&tr=udp://tracker.zerobytes.xyz:1337/announce&tr=udp://tracker.opentrackr.org:1337/announce&tr=udp://retracker.lanta-net.ru:2710/announce&tr=udp://tracker.opentrackr.org:1337/announce&tr=http://tracker.openbittorrent.com:80/announce&tr=udp://opentracker.i2p.rocks:6969/announce&tr=udp://tracker.internetwarriors.net:1337/announce&tr=udp://tracker.leechers-paradise.org:6969/announce&tr=udp://coppersurfer.tk:6969/announce&tr=udp://tracker.zer0day.to:1337/announce
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vWd3WWwVeSKM2gLYDSUmVXKPZhRULjt2iyEfCDbrc59ZQMdy2VFh1THSr9zg8PpbudTuAN2ayTVGKZKakT40MOKClVK6C2XKkcjFzroPUXbhCwQi2D%2FmEvOtGMc%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 771d985b0e45b4eb-OSL
alt-svc: h2=":443"; ma=60
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 4ed065cb23b5fca1a179dd73b3c5b7b2
4422eb24688f5e056fc1b18b127c7f63b1dbf5e0
b723d770d0dec7441d8505dc5a4e7d34f55c9f564ec52f20d9b70c7c3a0d9d35
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5177
Cache-Control: max-age=147328
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 19:02:00 GMT
Etag: "6385df6f-1d7"
Expires: Thu, 01 Dec 2022 11:57:28 GMT
Last-Modified: Tue, 29 Nov 2022 10:31:11 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 29 Nov 2022 18:17:55 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2645
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6d9d34c96b9a826ae5676640c966469c
8052a16d41a637e420478b7de1ff5a2dc951fccd
f18ac558cb786126bb7efb159e03353d268d5f5796bcfd2691a349dfc68d863c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F18AC558CB786126BB7EFB159E03353D268D5F5796BCFD2691A349DFC68D863C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5026
Expires: Tue, 29 Nov 2022 20:25:46 GMT
Date: Tue, 29 Nov 2022 19:02:00 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 5RDnZ5e1rp5q5+uT/c+pok7xW1B5sPMSzEHPvESVGf2fo+634Q+WgKvtTsDP6a0wP5ItFth66B8=
x-amz-request-id: 14EV2ZYEJXXKXDN1
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 29 Nov 2022 18:45:34 GMT
age: 986
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 19:02:00 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
mylink.name/?url=magnet:?xt=urn:btih:B4FBDF6DCFE4A75AE1EF171BEA3DBB6E38B3F221&dn=Peter+Tosh+-+Original+Album+Series+(2014)+[FLAC]+[DJ]&tr=udp://tracker.coppersurfer.tk:6969/announce&tr=udp://tracker.leechers-paradise.org:6969/announce&tr=seed.datascene.net/9195069bf4e82f843e0f9e7c1e26c58d/announce&tr=udp://9.rarbg.to:2710/announce&tr=udp://exodus.desync.com:6969/announce&tr=udp://open.stealth.si:80/announce&tr=udp://tracker.tiny-vps.com:6969/announce&tr=udp://open.demonii.si:1337/announce&tr=udp://p4p.arenabg.com:1337/announce&tr=udp://zephir.monocul.us:6969/announce&tr=udp://opentor.org:2710/announce&tr=udp://tracker.zerobytes.xyz:1337/announce&tr=udp://tracker.opentrackr.org:1337/announce&tr=udp://retracker.lanta-net.ru:2710/announce&tr=udp://tracker.opentrackr.org:1337/announce&tr=http://tracker.openbittorrent.com:80/announce&tr=udp://opentracker.i2p.rocks:6969/announce&tr=udp://tracker.internetwarriors.net:1337/announce&tr=udp://tracker.leechers-paradise.org:6969/announce&tr=udp://coppersurfer.tk:6969/announce&tr=udp://tracker.zer0day.to:1337/announce
188.114.96.1302 Found 145 B URL HTTP/1.1 mylink.name/?url=magnet:?xt=urn:btih:B4FBDF6DCFE4A75AE1EF171BEA3DBB6E38B3F221&dn=Peter+Tosh+-+Original+Album+Series+(2014)+[FLAC]+[DJ]&tr=udp://tracker.coppersurfer.tk:6969/announce&tr=udp://tracker.leechers-paradise.org:6969/announce&tr=seed.datascene.net/9195069bf4e82f843e0f9e7c1e26c58d/announce&tr=udp://9.rarbg.to:2710/announce&tr=udp://exodus.desync.com:6969/announce&tr=udp://open.stealth.si:80/announce&tr=udp://tracker.tiny-vps.com:6969/announce&tr=udp://open.demonii.si:1337/announce&tr=udp://p4p.arenabg.com:1337/announce&tr=udp://zephir.monocul.us:6969/announce&tr=udp://opentor.org:2710/announce&tr=udp://tracker.zerobytes.xyz:1337/announce&tr=udp://tracker.opentrackr.org:1337/announce&tr=udp://retracker.lanta-net.ru:2710/announce&tr=udp://tracker.opentrackr.org:1337/announce&tr=http://tracker.openbittorrent.com:80/announce&tr=udp://opentracker.i2p.rocks:6969/announce&tr=udp://tracker.internetwarriors.net:1337/announce&tr=udp://tracker.leechers-paradise.org:6969/announce&tr=udp://coppersurfer.tk:6969/announce&tr=udp://tracker.zer0day.to:1337/announce
IP 188.114.96.1:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash dca33d79e50624118086e38d6f06474d
f77dbf575df9d76c5c06e861651654c090e7df96
05b793fb24af6aad057ea4eaebfa26c14ced0e694e7bb243ef80ed6f2931f541
GET /?url=magnet:?xt=urn:btih:B4FBDF6DCFE4A75AE1EF171BEA3DBB6E38B3F221&dn=Peter+Tosh+-+Original+Album+Series+(2014)+[FLAC]+[DJ]&tr=udp://tracker.coppersurfer.tk:6969/announce&tr=udp://tracker.leechers-paradise.org:6969/announce&tr=seed.datascene.net/9195069bf4e82f843e0f9e7c1e26c58d/announce&tr=udp://9.rarbg.to:2710/announce&tr=udp://exodus.desync.com:6969/announce&tr=udp://open.stealth.si:80/announce&tr=udp://tracker.tiny-vps.com:6969/announce&tr=udp://open.demonii.si:1337/announce&tr=udp://p4p.arenabg.com:1337/announce&tr=udp://zephir.monocul.us:6969/announce&tr=udp://opentor.org:2710/announce&tr=udp://tracker.zerobytes.xyz:1337/announce&tr=udp://tracker.opentrackr.org:1337/announce&tr=udp://retracker.lanta-net.ru:2710/announce&tr=udp://tracker.opentrackr.org:1337/announce&tr=http://tracker.openbittorrent.com:80/announce&tr=udp://opentracker.i2p.rocks:6969/announce&tr=udp://tracker.internetwarriors.net:1337/announce&tr=udp://tracker.leechers-paradise.org:6969/announce&tr=udp://coppersurfer.tk:6969/announce&tr=udp://tracker.zer0day.to:1337/announce HTTP/1.1
Host: mylink.name
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Tue, 29 Nov 2022 19:02:00 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://mylink.name/?url=magnet:?xt=urn:btih:B4FBDF6DCFE4A75AE1EF171BEA3DBB6E38B3F221&dn=Peter+Tosh+-+Original+Album+Series+(2014)+[FLAC]+[DJ]&tr=udp://tracker.coppersurfer.tk:6969/announce&tr=udp://tracker.leechers-paradise.org:6969/announce&tr=seed.datascene.net/9195069bf4e82f843e0f9e7c1e26c58d/announce&tr=udp://9.rarbg.to:2710/announce&tr=udp://exodus.desync.com:6969/announce&tr=udp://open.stealth.si:80/announce&tr=udp://tracker.tiny-vps.com:6969/announce&tr=udp://open.demonii.si:1337/announce&tr=udp://p4p.arenabg.com:1337/announce&tr=udp://zephir.monocul.us:6969/announce&tr=udp://opentor.org:2710/announce&tr=udp://tracker.zerobytes.xyz:1337/announce&tr=udp://tracker.opentrackr.org:1337/announce&tr=udp://retracker.lanta-net.ru:2710/announce&tr=udp://tracker.opentrackr.org:1337/announce&tr=http://tracker.openbittorrent.com:80/announce&tr=udp://opentracker.i2p.rocks:6969/announce&tr=udp://tracker.internetwarriors.net:1337/announce&tr=udp://tracker.leechers-paradise.org:6969/announce&tr=udp://coppersurfer.tk:6969/announce&tr=udp://tracker.zer0day.to:1337/announce
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a%2BYHH3L8MQZZd9Jq1uAYEkkN2OmVIeTl7KUo5KT3qWwHXQbcatO04alLYpYll5WdeFRxVwJpFHbEXIVXkn40lFo8sEL%2BQIbT6yz0oYZm2vwz%2BAilH%2B4J1fgJQ147cg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 771d985c9aeeb4ed-OSL
alt-svc: h2=":443"; ma=60
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 1b13af3de10fc52d59c358995231bf71
ec17e0350523d78dc05a0442a32fa2d3997f1fd2
8cea7ff776c86e3e5c7336a5b0571b4de9ee52901c237421c474e4c99f972f2b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5997
Cache-Control: max-age=154598
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 19:02:00 GMT
Etag: "6385f8a1-117"
Expires: Thu, 01 Dec 2022 13:58:38 GMT
Last-Modified: Tue, 29 Nov 2022 12:18:41 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 279
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, ETag, Alert, Expires, Cache-Control, Backoff, Content-Length, Content-Type, Pragma, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 29 Nov 2022 18:11:13 GMT
cache-control: public,max-age=3600
age: 3047
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 1b13af3de10fc52d59c358995231bf71
ec17e0350523d78dc05a0442a32fa2d3997f1fd2
8cea7ff776c86e3e5c7336a5b0571b4de9ee52901c237421c474e4c99f972f2b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5997
Cache-Control: max-age=154598
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 19:02:00 GMT
Etag: "6385f8a1-117"
Expires: Thu, 01 Dec 2022 13:58:38 GMT
Last-Modified: Tue, 29 Nov 2022 12:18:41 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 3c8c689bd654417640d85f3da51af313
85123b6d46230a23d03768bf304b386e5d301305
516138ca79703b45e904d32d7dde1c1e9fd35995b9f1bb1331c547542745676d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1689
Cache-Control: max-age=138776
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 19:02:01 GMT
Etag: "6385cba8-1d7"
Expires: Thu, 01 Dec 2022 09:34:57 GMT
Last-Modified: Tue, 29 Nov 2022 09:06:48 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
mylink.name/?hash=LXID1-1%2-Yy8iqC6I
188.114.96.1302 Found 145 B URL HTTP/1.1 mylink.name/?hash=LXID1-1%2-Yy8iqC6I
IP 188.114.96.1:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash dca33d79e50624118086e38d6f06474d
f77dbf575df9d76c5c06e861651654c090e7df96
05b793fb24af6aad057ea4eaebfa26c14ced0e694e7bb243ef80ed6f2931f541
GET /?hash=LXID1-1%2-Yy8iqC6I HTTP/1.1
Host: mylink.name
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Tue, 29 Nov 2022 19:02:01 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://mylink.name/?hash=LXID1-1%2-Yy8iqC6I
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oQzhT5GB6kzuq1M6P96KInBX8o6M0COlB87nuoctbrbKHnIMbW%2BLM8eyaCnfzS7YhxFmSY6JJbwzTGxiYWADVwgs9oYuOr9uZzNy2FW0vP7M1J11TnFR8PLlxzJ2Ww%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 771d986068d4b4ed-OSL
alt-svc: h2=":443"; ma=60
push.services.mozilla.com/
35.162.125.72101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.162.125.72:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 2GDKBw8Y6F5vEq1FDZDDgQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: yV+Si6NQlZ6z4qzAptNagO6D03s=
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 07b8296613be09905e34b09dce4a203f
c97c67e8c4b1247423d089c028c31e05734f124e
c8c7b7cd00d5818bbe4a4ddb1b734a1b766dc6474cce300171bd5a0947adc6b2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 19:02:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 07b8296613be09905e34b09dce4a203f
c97c67e8c4b1247423d089c028c31e05734f124e
c8c7b7cd00d5818bbe4a4ddb1b734a1b766dc6474cce300171bd5a0947adc6b2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 19:02:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i.imgur.com/L1mnmKp.png
151.101.244.193200 OK 1.4 kB IP 151.101.244.193:0
File type PNG image data, 142 x 45, 8-bit/color RGBA, non-interlaced\012- data
Hash ab23bd56d3e717cb2660ba291537f049
143a9dee1d74680ea17ea3b6a9fdb7f1d2b9ccd4
01abba926066a54d2d0443c2cef2b647c97eaff6df81d3a9762b3661d660f024
GET /L1mnmKp.png HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mylink.name/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Mon, 03 Dec 2018 19:06:27 GMT
etag: "ab23bd56d3e717cb2660ba291537f049"
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Tue, 29 Nov 2022 19:02:01 GMT
age: 3043814
x-served-by: cache-iad-kiad7000030-IAD, cache-hel1410030-HEL
x-cache: HIT, HIT
x-cache-hits: 4640, 240
x-timer: S1669748522.529720,VS0,VE0
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 1443
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 49eee25f3ccd585a29e34e80cf5bb160
73eca8be91deedd049304862759a3d8084c0b07e
531e5685527861b3ed7e8e3865c5a6a40d3f92f5c9d89df3f385dab72406fb56
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 19:02:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72.woff2
216.58.207.227200 OK 35 kB URL HTTP/2 fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 34852, version 1.0\012- data
Hash 0e8eefb4549a2edf26c560cb9845952e
8d0b1718aacad934fd0043c87cbc54aa091396bf
7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a
GET /s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mylink.name
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 34852
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Nov 2022 12:29:21 GMT
expires: Fri, 24 Nov 2023 12:29:21 GMT
cache-control: public, max-age=31536000
age: 455560
last-modified: Wed, 27 Apr 2022 16:31:23 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 55 B IP 93.184.220.29:0
File type HTML document, ASCII text
Hash 9f073354411bbaf7a319b1519f10b4b7
571498f38548829bf186f49f5be9d5fa6e689a68
4a7aaaa1c093dee8a191d4469c9f701c5e62e88896bc778a13cc4ffedf9be89a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: text/html
Date: Tue, 29 Nov 2022 19:02:01 GMT
Etag: "638651c4-37"
Last-Modified: Tue, 29 Nov 2022 18:39:00 GMT
Server: nginx
Content-Length: 55
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 49eee25f3ccd585a29e34e80cf5bb160
73eca8be91deedd049304862759a3d8084c0b07e
531e5685527861b3ed7e8e3865c5a6a40d3f92f5c9d89df3f385dab72406fb56
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 19:02:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
mylink.vc/static/image/footer.png
104.21.68.225200 OK 147 B URL HTTP/2 mylink.vc/static/image/footer.png
IP 104.21.68.225:0
File type PNG image data, 1 x 25, 8-bit/color RGBA, non-interlaced\012- data
Hash 1f53132a7fed7833af820aaf254079e2
2ff3404e71bbf12104d0416c8e3e30d20a3837b5
70010137433e423b4167b3cb2f65f778888adf5884ea9ef6c2eeb578df66f033
GET /static/image/footer.png HTTP/1.1
Host: mylink.vc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mylink.name/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 29 Nov 2022 19:02:01 GMT
content-type: image/png
content-length: 147
last-modified: Thu, 13 Jun 2019 00:06:47 GMT
etag: "5d019397-93"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 15190912
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f0VnnzGPsxQx3xNupyJcaqJysHYJ5UuyFEfxpuYaA01IISA9rqTwale6N%2FHBM%2B%2B5XtB2n1IOQJtC909r2nVfbh6LQJM1%2BAWRwJwTI0VmyK6mfrYhpnikksyDE0w%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 771d9863ef47b50c-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
mylink.vc/static/image/favicon.ico
104.21.68.225200 OK 1.1 kB URL HTTP/2 mylink.vc/static/image/favicon.ico
IP 104.21.68.225:0
File type PNG image data, 15 x 14, 8-bit/color RGBA, non-interlaced\012- data
Hash 080632d6740f69b30fd17992773e41f6
f66c5fc64495ffc6644118397982cf9205ae4d3c
da02cf80de0ab44d36a4c735ddb159c8bb819c489fb865dcbf3ec69a735b300c
GET /static/image/favicon.ico HTTP/1.1
Host: mylink.vc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mylink.name/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 19:02:01 GMT
content-type: image/x-icon
last-modified: Thu, 13 Jun 2019 00:06:46 GMT
etag: W/"5d019396-d8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 50577236
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qWvdAeOwBR2izFfJo80y%2Ftp3E8uN%2FRzDAtW%2F5eWC4BkrybQ7buSwUXFb4%2FAQAX0AVaybKNwP7htHBjbmc93OhUGPbEL65q%2BowufNfXV0dLUvn0TIiuOQ7i6lBPk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 771d9863ff6eb50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
mc.yandex.ru/metrika/tag.js
87.250.251.119200 OK 73 kB URL HTTP/2 mc.yandex.ru/metrika/tag.js
IP 87.250.251.119:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (587)
Hash 1d79426653c3b55939eaec59a2ce8ef5
c6db0314df7a4e5c08047f6306e0b79a1ad3bab2
2729cfe8b2f5142cf99734cbb4e1a3c6cd35868d279cd796db49ef62742ef993
GET /metrika/tag.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mylink.name/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 73267
date: Tue, 29 Nov 2022 19:02:01 GMT
access-control-allow-origin: *
etag: "6384bff1-11e33"
expires: Tue, 29 Nov 2022 20:02:01 GMT
last-modified: Mon, 28 Nov 2022 17:04:33 GMT
cache-control: max-age=3600
content-encoding: br
content-type: application/javascript
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 55 B IP 93.184.220.29:0
File type HTML document, ASCII text
Hash 9f073354411bbaf7a319b1519f10b4b7
571498f38548829bf186f49f5be9d5fa6e689a68
4a7aaaa1c093dee8a191d4469c9f701c5e62e88896bc778a13cc4ffedf9be89a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Content-Type: text/html
Date: Tue, 29 Nov 2022 19:02:01 GMT
Etag: "638651c4-37"
Last-Modified: Tue, 29 Nov 2022 18:39:00 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 55
mc.yandex.ru/metrika/advert.gif
87.250.251.119200 OK 43 B URL HTTP/2 mc.yandex.ru/metrika/advert.gif
IP 87.250.251.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /metrika/advert.gif HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mylink.name/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Tue, 29 Nov 2022 19:02:02 GMT
access-control-allow-origin: *
etag: "6384bff1-2b"
expires: Tue, 29 Nov 2022 20:02:02 GMT
accept-ranges: bytes
last-modified: Mon, 28 Nov 2022 17:04:33 GMT
cache-control: max-age=3600
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/90922072?wmode=7&page-url=https%3A%2F%2Fmylink.name%2F%3Fhash%3DLXID1-1%252-Yy8iqC6I&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afp%3A1369%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A2%3Adp%3A0%3Als%3A154768355532%3Ahid%3A128473909%3Az%3A0%3Ai%3A20221129190201%3Aet%3A1669748521%3Ac%3A1%3Arn%3A772347373%3Arqn%3A1%3Au%3A1669748521208325520%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C169%2C0%2C1014%2C0%2C%2C175%2C3%2C%2C%2C%2C1360%3Ans%3A1669748519163%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669748521%3At%3ALoading..&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)rqnl(1)ti(2)
87.250.251.119302 Found 419 B URL HTTP/2 mc.yandex.ru/watch/90922072?wmode=7&page-url=https%3A%2F%2Fmylink.name%2F%3Fhash%3DLXID1-1%252-Yy8iqC6I&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afp%3A1369%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A2%3Adp%3A0%3Als%3A154768355532%3Ahid%3A128473909%3Az%3A0%3Ai%3A20221129190201%3Aet%3A1669748521%3Ac%3A1%3Arn%3A772347373%3Arqn%3A1%3Au%3A1669748521208325520%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C169%2C0%2C1014%2C0%2C%2C175%2C3%2C%2C%2C%2C1360%3Ans%3A1669748519163%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669748521%3At%3ALoading..&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)rqnl(1)ti(2)
IP 87.250.251.119:0
File type JSON data\012- , ASCII text, with very long lines (419), with no line terminators
Hash c7a20fa83a660e3df4d54f2eb87c70e9
b65eaa78294d09f19ec0f8e556f0b11eb67e58cb
23ad3e29437b379df6fad1900001f81a5517f8b39a70016e96349250e28972c0
GET /watch/90922072?wmode=7&page-url=https%3A%2F%2Fmylink.name%2F%3Fhash%3DLXID1-1%252-Yy8iqC6I&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afp%3A1369%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A2%3Adp%3A0%3Als%3A154768355532%3Ahid%3A128473909%3Az%3A0%3Ai%3A20221129190201%3Aet%3A1669748521%3Ac%3A1%3Arn%3A772347373%3Arqn%3A1%3Au%3A1669748521208325520%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C169%2C0%2C1014%2C0%2C%2C175%2C3%2C%2C%2C%2C1360%3Ans%3A1669748519163%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669748521%3At%3ALoading..&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mylink.name
Connection: keep-alive
Referer: https://mylink.name/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /watch/90922072/1?wmode=7&page-url=https%3A%2F%2Fmylink.name%2F%3Fhash%3DLXID1-1%252-Yy8iqC6I&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afp%3A1369%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A2%3Adp%3A0%3Als%3A154768355532%3Ahid%3A128473909%3Az%3A0%3Ai%3A20221129190201%3Aet%3A1669748521%3Ac%3A1%3Arn%3A772347373%3Arqn%3A1%3Au%3A1669748521208325520%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C169%2C0%2C1014%2C0%2C%2C175%2C3%2C%2C%2C%2C1360%3Ans%3A1669748519163%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669748521%3At%3ALoading..&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29rqnl%281%29ti%282%29
date: Tue, 29 Nov 2022 19:02:02 GMT
access-control-allow-origin: https://mylink.name
set-cookie: yandexuid=2465838531669748522; Expires=Wed, 29-Nov-2023 19:02:02 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=2465838531669748522; Expires=Wed, 29-Nov-2023 19:02:02 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yabs-sid=700514811669748522; Path=/; SameSite=None; Secure
i=Smkz4T0/p39yPsUuoiHRk2SvjJ+gAD0aJrNeVfuK6HNN+7RrCCg5lmVg3uK1YIZ+y7LWheIj7s6KfHrWa2Ca9FMET9M=; Expires=Fri, 26-Nov-2032 19:01:59 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
ymex=1701284522.yc.1669748522#1701284522.yrts.1669748522#1701284522.yrtsi.1669748522; Expires=Wed, 29-Nov-2023 19:02:02 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Tue, 29-Nov-2022 19:02:02 GMT
last-modified: Tue, 29-Nov-2022 19:02:02 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/62513368?wmode=7&page-url=https%3A%2F%2Fmylink.name%2F%3Fhash%3DLXID1-1%252-Yy8iqC6I&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afp%3A1369%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A934662750073%3Ahid%3A128473909%3Az%3A0%3Ai%3A20221129190201%3Aet%3A1669748521%3Ac%3A1%3Arn%3A983915432%3Arqn%3A1%3Au%3A1669748521208325520%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C169%2C0%2C1014%2C0%2C%2C175%2C3%2C%2C%2C%2C1360%3Ans%3A1669748519163%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669748521%3At%3ALoading..&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)rqnl(1)ti(2)
87.250.251.119302 Found 407 B URL HTTP/2 mc.yandex.ru/watch/62513368?wmode=7&page-url=https%3A%2F%2Fmylink.name%2F%3Fhash%3DLXID1-1%252-Yy8iqC6I&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afp%3A1369%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A934662750073%3Ahid%3A128473909%3Az%3A0%3Ai%3A20221129190201%3Aet%3A1669748521%3Ac%3A1%3Arn%3A983915432%3Arqn%3A1%3Au%3A1669748521208325520%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C169%2C0%2C1014%2C0%2C%2C175%2C3%2C%2C%2C%2C1360%3Ans%3A1669748519163%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669748521%3At%3ALoading..&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)rqnl(1)ti(2)
IP 87.250.251.119:0
File type JSON data\012- , ASCII text, with very long lines (407), with no line terminators
Hash 2b5e978fdf9b2fe0edf667a153d513ed
03c2dc46f74c7dd28495f9022350031fc740f19d
9a5eb0eb8f196a6d97cb96ac785d0aa770ae3f0b264f2dbd953a1715ec897c2b
GET /watch/62513368?wmode=7&page-url=https%3A%2F%2Fmylink.name%2F%3Fhash%3DLXID1-1%252-Yy8iqC6I&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afp%3A1369%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A934662750073%3Ahid%3A128473909%3Az%3A0%3Ai%3A20221129190201%3Aet%3A1669748521%3Ac%3A1%3Arn%3A983915432%3Arqn%3A1%3Au%3A1669748521208325520%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C169%2C0%2C1014%2C0%2C%2C175%2C3%2C%2C%2C%2C1360%3Ans%3A1669748519163%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669748521%3At%3ALoading..&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mylink.name
Connection: keep-alive
Referer: https://mylink.name/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /watch/62513368/1?wmode=7&page-url=https%3A%2F%2Fmylink.name%2F%3Fhash%3DLXID1-1%252-Yy8iqC6I&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afp%3A1369%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A934662750073%3Ahid%3A128473909%3Az%3A0%3Ai%3A20221129190201%3Aet%3A1669748521%3Ac%3A1%3Arn%3A983915432%3Arqn%3A1%3Au%3A1669748521208325520%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C169%2C0%2C1014%2C0%2C%2C175%2C3%2C%2C%2C%2C1360%3Ans%3A1669748519163%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669748521%3At%3ALoading..&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29rqnl%281%29ti%282%29
date: Tue, 29 Nov 2022 19:02:02 GMT
access-control-allow-origin: https://mylink.name
set-cookie: yandexuid=1132946881669748522; Expires=Wed, 29-Nov-2023 19:02:02 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=1132946881669748522; Expires=Wed, 29-Nov-2023 19:02:02 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yabs-sid=280655691669748522; Path=/; SameSite=None; Secure
i=/g2lvXnHrcuqulqp0BJtQnL9jbZ+rR2AILk5Alf0xv1Xwds3hDLTQIP2OuBQOXGR52nF27UrECJnDb7L16IU8T85wu4=; Expires=Fri, 26-Nov-2032 19:01:53 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
ymex=1701284522.yc.1669748522#1701284522.yrts.1669748522#1701284522.yrtsi.1669748522; Expires=Wed, 29-Nov-2023 19:02:02 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Tue, 29-Nov-2022 19:02:02 GMT
last-modified: Tue, 29-Nov-2022 19:02:02 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a97c452e75cf1d4833e777d7ba7f2c47
58f15763fd33f742ce870f49f1c2dbed5b41205f
39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9233
Expires: Tue, 29 Nov 2022 21:35:55 GMT
Date: Tue, 29 Nov 2022 19:02:02 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a97c452e75cf1d4833e777d7ba7f2c47
58f15763fd33f742ce870f49f1c2dbed5b41205f
39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9233
Expires: Tue, 29 Nov 2022 21:35:55 GMT
Date: Tue, 29 Nov 2022 19:02:02 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a97c452e75cf1d4833e777d7ba7f2c47
58f15763fd33f742ce870f49f1c2dbed5b41205f
39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9233
Expires: Tue, 29 Nov 2022 21:35:55 GMT
Date: Tue, 29 Nov 2022 19:02:02 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 2.8 kB IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 656acda8de328659ada330530bec1b99
be9b7faac768409d13c6fb4eb898f816385849fb
71455e75350548aa8fa71134298b29e2b1b16bbd443d15776377ec033dd6acd1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9233
Expires: Tue, 29 Nov 2022 21:35:55 GMT
Date: Tue, 29 Nov 2022 19:02:02 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F165667de-df17-4cc6-832c-94f49703bdf2.jpeg
34.120.237.76200 OK 9.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F165667de-df17-4cc6-832c-94f49703bdf2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1f434933b5bd6377d299ada22d1ae7ef
075531f525e625b117b2497f31139c9824d0e9c5
b587a3249e4f20112088608e3651c2ccbc44225a5c9d88d3bf5884d7f0e9029c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F165667de-df17-4cc6-832c-94f49703bdf2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9430
x-amzn-requestid: 454ca8bd-a256-45f2-8b41-feee86c5af82
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR7wyGCIIAMFhgw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d99e-1488f8ce71a91ebc3ad6b7e0;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:41:50 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ibLuLI6j9EWh0dgk51O7kiPBRyURZ0UdNtlgbBD-SXnDg_GT_tJm8Q==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 02:55:32 GMT
age: 57990
etag: "075531f525e625b117b2497f31139c9824d0e9c5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fabddece8-6c4f-4cb5-9041-4d427b16b826.jpeg
34.120.237.76200 OK 4.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fabddece8-6c4f-4cb5-9041-4d427b16b826.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a2a5c8d4113d282600462749315f2c4f
e2b4d2e15bb7c086333c0da438873e4c139ba931
9b5d0e5dd11d4cbf1c78a71730cd63544170c91ab635bf3cf917827ac84874e6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fabddece8-6c4f-4cb5-9041-4d427b16b826.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4417
x-amzn-requestid: 01de83c2-51d2-4329-98f6-09a0edf46942
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cVNnGEcRIAMFaXA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63852960-34583b6c588a0e937fcfaa46;Sampled=0
x-amzn-remapped-date: Mon, 28 Nov 2022 21:34:24 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Jb1eLyzn88lV_UTId-Fl3OnftDn8c7o5j8d16_nzHCNST_68MZ1pvA==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 21:50:08 GMT
age: 76314
etag: "e2b4d2e15bb7c086333c0da438873e4c139ba931"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3527eb28-888e-447d-90fd-1226d5b94433.jpeg
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3527eb28-888e-447d-90fd-1226d5b94433.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 823e92f62ff7b3c2093828817d7f2866
c501de9eaa581a10b0b5fce40b54bb10f57f7c29
7d89669e23682f167b2fe1eff9edc5939112ec66b6b4e6389ef8aec78ccbdfe5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3527eb28-888e-447d-90fd-1226d5b94433.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8921
x-amzn-requestid: 98baf100-c007-4c44-89aa-b9cf55fa3f94
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cVNnwFYToAMFoWg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63852964-1227b5a9100c206e0c64f4b2;Sampled=0
x-amzn-remapped-date: Mon, 28 Nov 2022 21:34:28 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: awi49MMMlK51wHPbyBrBkL4N4g9lX3ea40LxyrYbYxe_FsfqelTcTQ==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 21:57:05 GMT
etag: "c501de9eaa581a10b0b5fce40b54bb10f57f7c29"
content-type: image/jpeg
age: 75897
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe059c7ce-454d-453b-aead-18fae338f84c.jpeg
34.120.237.76200 OK 4.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe059c7ce-454d-453b-aead-18fae338f84c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a4058fd62595d15c58b3d3266de9865a
d0dff35eb78f129b5da407043037bcf9c27e55c0
ab996c23d58871a2ad53f0c34688c87f0d7c0eac5d0c1d8265b86951248449fe
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe059c7ce-454d-453b-aead-18fae338f84c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4871
x-amzn-requestid: e2dfa7b8-ded7-4104-a913-1b84746a3c6f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLDUUEy_oAMFgSQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638118e8-0b229e0f60ff019d26800dd9;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 19:35:04 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 9BUuT9WFwAQMnl8JiTDKo-zHgDL0AdjAAAIh0Mx405zbGwhvRouebQ==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 12:20:15 GMT
age: 24107
etag: "d0dff35eb78f129b5da407043037bcf9c27e55c0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe5e6403-f1a3-4b44-a62d-0e47d56bb08e.webp
34.120.237.76200 OK 4.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe5e6403-f1a3-4b44-a62d-0e47d56bb08e.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 83c1fedec73299637cc7dc47c48af758
2e3f7326aeea6be8a34bf2c39b34862c07bfdc41
1fea143e23bb0156062f4c06569824900a67ed83cb99fd635d4c4ab968dc65e9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe5e6403-f1a3-4b44-a62d-0e47d56bb08e.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4916
x-amzn-requestid: b8c80a6c-e3f1-4f20-beb8-27b0af760692
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cPYcrELFoAMFaeQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6382d450-155cfb365525173c0ede8adb;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 03:06:56 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Twtw6dO3pjTB9OLi0HliKKCDgCuHRqgtx4PFTczrZQ9f8JztgXZoSg==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 03:01:17 GMT
age: 57645
etag: "2e3f7326aeea6be8a34bf2c39b34862c07bfdc41"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c32283b-8309-408e-85df-cad97da6bc80.png
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c32283b-8309-408e-85df-cad97da6bc80.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 03014221d7f49b50ffc2d1b0a0e75457
772d86ad983042a728ee3490630a9cf1134ad0dd
81fb954fa569955907952987e9d8efd1dac80e0e4a682826abf3c5d90eb31771
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c32283b-8309-408e-85df-cad97da6bc80.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10176
x-amzn-requestid: 768fc69c-e91b-4dd9-8add-63634762b2d0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cMpbgEFOIAMF71A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381bc49-21756db31c4714af0553f21b;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 07:12:09 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: jS-AS3x8V3XacXRNkU63UJjBxA6unvBer5WcxUYseR5p4eZPK64o2g==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 04:52:21 GMT
age: 50981
etag: "772d86ad983042a728ee3490630a9cf1134ad0dd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
mylink.name/?me=protected&id=1
188.114.96.1302 Found 145 B URL HTTP/1.1 mylink.name/?me=protected&id=1
IP 188.114.96.1:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash dca33d79e50624118086e38d6f06474d
f77dbf575df9d76c5c06e861651654c090e7df96
05b793fb24af6aad057ea4eaebfa26c14ced0e694e7bb243ef80ed6f2931f541
GET /?me=protected&id=1 HTTP/1.1
Host: mylink.name
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Tue, 29 Nov 2022 19:02:03 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://mylink.name/?me=protected&id=1
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MGLIrgsgcmSKUVTAvvwBHM%2F%2FVU1rea6kO7tPec7of0uRNoCZ1LWQowlbs6S%2FAO9QeVcYDEeWKJqtxDMwVklP%2F%2BB2hr4%2BGvlXLkZFxwHkoPiABha74sVOsFfsgPQiTg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 771d986dfce7b4ed-OSL
alt-svc: h2=":443"; ma=60
ocsp.digicert.com/
93.184.220.29200 OK 55 B IP 93.184.220.29:0
File type HTML document, ASCII text
Hash 9f073354411bbaf7a319b1519f10b4b7
571498f38548829bf186f49f5be9d5fa6e689a68
4a7aaaa1c093dee8a191d4469c9f701c5e62e88896bc778a13cc4ffedf9be89a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2
Content-Type: text/html
Date: Tue, 29 Nov 2022 19:02:03 GMT
Etag: "638651c4-37"
Last-Modified: Tue, 29 Nov 2022 18:39:00 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 55
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash a0fe20d41a043db700a84924cd9793f3
c0da481fef6cd00558f6e68b074acb34bef8292f
03caeb65ab9e22f6d6fe0d344d327950d20ee9ed144e2da0e5e062943a03fc56
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 19:02:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 07b8296613be09905e34b09dce4a203f
c97c67e8c4b1247423d089c028c31e05734f124e
c8c7b7cd00d5818bbe4a4ddb1b734a1b766dc6474cce300171bd5a0947adc6b2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 19:02:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
mylink.vc/get.php?url=bWFnbmV0Oj94dD11cm46YnRpaDpCNEZCREY2RENGRTRBNzVBRTFFRjE3MUJFQTNEQkI2RTM4QjNGMjIx&version=v2
104.21.68.225302 Found 553 B URL HTTP/2 mylink.vc/get.php?url=bWFnbmV0Oj94dD11cm46YnRpaDpCNEZCREY2RENGRTRBNzVBRTFFRjE3MUJFQTNEQkI2RTM4QjNGMjIx&version=v2
IP 104.21.68.225:0
File type gzip compressed data\012- data
Hash 1309ff133720d219cc98090d66a051ed
b96fc5a893e42be16d687d7abdecdb13d348a019
358683c66634ea5ee3021c93111d8621d583880bcbbfadf3ec2ff87a15ea1038
GET /get.php?url=bWFnbmV0Oj94dD11cm46YnRpaDpCNEZCREY2RENGRTRBNzVBRTFFRjE3MUJFQTNEQkI2RTM4QjNGMjIx&version=v2 HTTP/1.1
Host: mylink.vc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Tue, 29 Nov 2022 19:02:03 GMT
content-type: text/html; charset=UTF-8
location: https://a.mylink.vc/hkzrLb9mu8Yq
set-cookie: PHPSESSID=nuc2aqecv7p7rjnu17ltk990kd; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=owrScO7X5Gj5QLz1JSWr3lmrMto1VWNouPLr75%2Bk4Vj2WOPpu%2FBAsrGiUBvn4Dj1XmAnDLMwZhJyazgrwcXvGSCsoypfzpHb77krHYr5iSdhNzr%2B8cQshusudfI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 771d986f6d04b517-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash f50fd635895870df33a17fe377a6a038
dd65dfbbc810b095432cfd59f971af04a9e31ab7
ebd9b6c3f67865c297d08802839c940994424000df3bf8a3f1316b8e13666e94
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 19:02:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 60236405437e1deece8b75d9e36bb5a8
a1dd69709f7e0d1f8bacdaafad9589b51e28f891
38ef8e06705bd2c637c4a7b116e616754709c6ff58ad1279b351c712d6cb9bb0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "38EF8E06705BD2C637C4A7B116E616754709C6FF58AD1279B351C712D6CB9BB0"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16209
Expires: Tue, 29 Nov 2022 23:32:13 GMT
Date: Tue, 29 Nov 2022 19:02:04 GMT
Connection: keep-alive
www.googletagmanager.com/gtm.js?id=GTM-PC2RG39
142.250.74.168200 OK 43 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-PC2RG39
IP 142.250.74.168:0
File type ASCII text, with very long lines (9671)
Hash e6fbdb1499a0deea7cfb1db82314c04b
944839497a92ec921d56b2722248d74d48cd958a
3d230ba82d9a30ec0930070954191c9d132687a06de5366076b175e8a7de7724
GET /gtm.js?id=GTM-PC2RG39 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.mylink.vc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 29 Nov 2022 19:02:04 GMT
expires: Tue, 29 Nov 2022 19:02:04 GMT
cache-control: private, max-age=900
last-modified: Tue, 29 Nov 2022 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43158
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash abd55ecd24d357a9f02612558f723a90
6a1e6963864f0b53ddc6205d35225e6cf0bcbeec
195fa531e0462be58d5c62ebbe6060e147c94bdb1d38ff46c341c74e0ab2671a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 19:02:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 75d307c9d9de716b7e75a47ced01b2e0
5cb368e44df47e6ab47d364a5c0e608b8e970f9a
c892ced7570d246ac5c78a53a3110b8f45fbfd59dcdb1ca56787fcf031b42f30
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C892CED7570D246AC5C78A53A3110B8F45FBFD59DCDB1CA56787FCF031B42F30"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9838
Expires: Tue, 29 Nov 2022 21:46:02 GMT
Date: Tue, 29 Nov 2022 19:02:04 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash f50fd635895870df33a17fe377a6a038
dd65dfbbc810b095432cfd59f971af04a9e31ab7
ebd9b6c3f67865c297d08802839c940994424000df3bf8a3f1316b8e13666e94
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 19:02:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ads.themoneytizer.com/s/requestform.js?siteId=59857&formatId=6
185.76.9.17200 OK 32 kB URL HTTP/2 ads.themoneytizer.com/s/requestform.js?siteId=59857&formatId=6
IP 185.76.9.17:0
ASN #60068 Datacamp Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (32414), with CRLF, LF line terminators
Hash a3150ea011ffbef4979d2f94c80ab672
7309d216b7de7d486eb3dcc2906c66b7f0d5c8f8
e488aa7699714bdc2571184fda515edfcbb38bf922612f185af2b1c9e1c21ace
GET /s/requestform.js?siteId=59857&formatId=6 HTTP/1.1
Host: ads.themoneytizer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.mylink.vc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 29 Nov 2022 19:02:04 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=604800
x-accel-expires: @1670313280
server: CDN77-Turbo
x-77-nzt: AblMCQ1fxVT/bJwAAA
x-77-nzt-ray: c0a4cc287cebbeb12c578663af34eb18
x-cache: HIT
x-age: 40044
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 282 B IP 93.184.220.29:0
File type Targa image data - Mono 3073 x 33328 x 1 +1 +33440 - 8-bit alpha "\006\011+\006\001\005\005\0070\001\001\004\201\3720\201\3670\201\236\242\026\004\024\245\3167\352\353\260u\016\224g\210\264E\372\331$\020\207\226\037\030\01720221129081856Z0s0q0I0\011\006\005+\016\003\002\032\005"\012- data
Hash ff8a410948d180fb63c070c8d4cfc7c5
a8a50a35cfd9525cba455755d7dcf0b790340da5
7775cc5a495762eef219be06e02c8df1106a7766a9118ee864bacc5c41e4a96c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6115
Cache-Control: max-age=140327
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 19:02:04 GMT
Etag: "6385c070-117"
Expires: Thu, 01 Dec 2022 10:00:51 GMT
Last-Modified: Tue, 29 Nov 2022 08:18:56 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 3cd0fd948abe36dde839876f320da5cb
43c48bcb33ef9acc08d774a8a24a696ad11a6170
84dc4aaf35014b9362f78eb3416cf9db24d049164f9b7b7a6ca3e39e3813de9f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2010
Cache-Control: max-age=107800
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 19:02:04 GMT
Etag: "6385516a-13a"
Expires: Thu, 01 Dec 2022 00:58:44 GMT
Last-Modified: Tue, 29 Nov 2022 00:25:14 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 314
ads.themoneytizer.com/s/requestform.js?siteId=59857&formatId=1
185.76.9.17200 OK 17 kB URL HTTP/2 ads.themoneytizer.com/s/requestform.js?siteId=59857&formatId=1
IP 185.76.9.17:0
ASN #60068 Datacamp Limited
File type ASCII text, with very long lines (34992)
Hash 56e304a21671d271b32126ff452d9e27
5a1fcfea33bb4c7739c63cef4dd6a49d04cceba8
3113d9bfe15f06086df8e018633a0eb4034135e1936a7b4bf8ac10a9a0e83d0c
GET /s/requestform.js?siteId=59857&formatId=1 HTTP/1.1
Host: ads.themoneytizer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.mylink.vc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 29 Nov 2022 19:02:04 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=604800
x-accel-expires: @1670313280
server: CDN77-Turbo
x-77-nzt: AblMCQ3Vk/r/bJwAAA
x-77-nzt-ray: c0a4cc287cebbeb12c5786637409fd17
x-cache: HIT
x-age: 40044
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
spl.zeotap.com/mapper.js?env=mWeb&eventType=pageview&zdid=1258
104.22.25.87200 OK 21 kB URL HTTP/2 spl.zeotap.com/mapper.js?env=mWeb&eventType=pageview&zdid=1258
IP 104.22.25.87:0
File type Unicode text, UTF-8 text, with very long lines (50946), with LF, NEL line terminators
Hash 1b1cd8d30b95a5970f7ed5ac485dc9ba
0b5cc9eaeece3c96d58a4b1aa4a1a9ba868f72e4
a70dd83d3068ab47e4d0d60d0b1138a9e871c19e1fc5df42c7283f3879f44821
GET /mapper.js?env=mWeb&eventType=pageview&zdid=1258 HTTP/1.1
Host: spl.zeotap.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.mylink.vc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 29 Nov 2022 19:02:04 GMT
content-type: application/javascript
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-origin: https://a.mylink.vc
vary: Origin, Accept-Encoding
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 771d98768aceb51b-OSL
content-encoding: br
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2350f4317b92b5b92e6a7c403a2929e9
78e317eccc92b1201a956197dd1bbb6758c2c131
afdbc7962cd50c88c6de742a02eb004efe629e7935773ac872237afcc600ebbf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AFDBC7962CD50C88C6DE742A02EB004EFE629E7935773AC872237AFCC600EBBF"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2630
Expires: Tue, 29 Nov 2022 19:45:54 GMT
Date: Tue, 29 Nov 2022 19:02:04 GMT
Connection: keep-alive
c.tmyzer.com/c/?s=59857&f=6&fi=99
54.38.64.100200 OK 0 B URL HTTP/1.1 c.tmyzer.com/c/?s=59857&f=6&fi=99
IP 54.38.64.100:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c/?s=59857&f=6&fi=99 HTTP/1.1
Host: c.tmyzer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://a.mylink.vc
Connection: keep-alive
Referer: https://a.mylink.vc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 29 Nov 2022 19:02:04 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Access-Control-Allow-Origin: *
X-IPLB-Request-ID: 5B5A2A9A:5CED_36264064:01BB_6386572C_1A5DB88:5CD5
X-IPLB-Instance: 24858
www.reuters.com/pf/resources/images/reuters/reuters-default.png?d=120
54.230.111.69200 OK 39 kB URL HTTP/2 www.reuters.com/pf/resources/images/reuters/reuters-default.png?d=120
IP 54.230.111.69:0
File type PNG image data, 1200 x 628, 8-bit/color RGBA, interlaced\012- data
Hash 14816acc4f46e7c03d2b1181b0432443
983c96e11e1cb1b4db99abb286cdd7e53fee7f0b
d2c7fa85d25219c6f1f5b34693cf804c4863e1e150eaf1eefbbc2e307f3a5224
GET /pf/resources/images/reuters/reuters-default.png?d=120 HTTP/1.1
Host: www.reuters.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.mylink.vc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/png
content-length: 39330
server: openresty
x-amz-id-2: 5oaDFaOFd8aoJ9lX/LfHAC5CAD8rs6GZ8cvQ+pb8iIX1w/l3ZQ6d/EdMeCOzWeHkVptqUNpU9Us=
x-amz-request-id: 8SBFX6YMFVJ0RTM5
last-modified: Thu, 10 Nov 2022 16:09:08 GMT
etag: W/"1a005cad25bb7575f3b4e6763fae9af0"
x-amz-server-side-encryption: AES256
access-control-allow-origin: *
content-encoding: gzip
vary: Accept-Encoding
akamai-true-ttl: 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000, 31536000
cache-control: public, max-age=31536000
expires: Wed, 29 Nov 2023 19:02:04 GMT
date: Tue, 29 Nov 2022 19:02:04 GMT
set-cookie: reuters-geo={"country":"NO", "region":"-"}; path=/; secure
server-timing: cdn-cache; desc=HIT, edge; dur=1
strict-transport-security: max-age=31536000
x-cache: Miss from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 8WlAFy3ohIOB5THVElzanmauDsM6uC_nHYjuOm5ibH9vY0lD3d3C1Q==
X-Firefox-Spdy: h2
ads.themoneytizer.com/s/gen.js?type=6
185.76.9.17200 OK 7.8 kB URL HTTP/2 ads.themoneytizer.com/s/gen.js?type=6
IP 185.76.9.17:0
ASN #60068 Datacamp Limited
File type ASCII text, with very long lines (2659)
Hash 2c36e4a89ed99193da188300aeeafaa8
158eaf76fd4f2615f1190e2236885ad122528c87
83b4e75bf1ed079182d548f1691300a4584029a5a02bf5c9ab59ada1f0ec3875
GET /s/gen.js?type=6 HTTP/1.1
Host: ads.themoneytizer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.mylink.vc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 29 Nov 2022 19:02:04 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=604800
x-accel-expires: @1670302963
server: CDN77-Turbo
x-77-nzt: AblMCQ2Oi3H/ucQAAA
x-77-nzt-ray: c0a4cc287cebbeb12c57866386475f19
x-cache: HIT
x-age: 50361
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
c.aaxads.com/pxusr.gif
104.88.23.134200 OK 43 B IP 104.88.23.134:0
File type GIF image data, version 87a, 1 x 1\012- data
Hash 6f1d74c7168076c7666246504a8c03f2
00656377deb1a4393e0cf0055385b08b2b81b46c
8ac1703c1c34b2be426deda409d39258f82fae17f13e645f377f337a954aedde
GET /pxusr.gif HTTP/1.1
Host: c.aaxads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.mylink.vc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 26 Feb 2018 13:29:58 GMT
server: Apache
unused62: 8096267
accept-ranges: bytes
content-length: 43
content-type: image/gif
cache-control: max-age=952260
expires: Sat, 10 Dec 2022 19:33:04 GMT
date: Tue, 29 Nov 2022 19:02:04 GMT
strict-transport-security: max-age=604800
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 72e278c32e6d5f06a97a7c36dfe35514
f5d9c5bb4a10ea9bfb7f829dcff2a3fc7298397e
fe9de8dbde2a414f1a4ff1b02b923be949c46ddfabc7e4324955e3de70c4916b
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 19:02:04 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 28 Nov 2022 00:52:21 GMT
Expires: Mon, 05 Dec 2022 00:52:20 GMT
Etag: "f5d9c5bb4a10ea9bfb7f829dcff2a3fc7298397e"
Cache-Control: max-age=452415,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 771d98781d49b4ee-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 7bb7a9e05d9175acfed67cf1000a5fce
d46c3ed61290110a2162cfbd73639a825f01e136
f0ac081e3ae61a9283f4e6a3e7ca4f75273f28f60b1673193fa907ed72935ea2
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 19:02:04 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 29 Nov 2022 00:11:59 GMT
Expires: Tue, 06 Dec 2022 00:11:58 GMT
Etag: "d46c3ed61290110a2162cfbd73639a825f01e136"
Cache-Control: max-age=536393,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 771d987748f8b4e8-OSL
www.aaxdetect.com/pxext.gif
23.32.103.114200 OK 43 B URL HTTP/1.1 www.aaxdetect.com/pxext.gif
IP 23.32.103.114:0
File type GIF image data, version 87a, 1 x 1\012- data
Hash 6f1d74c7168076c7666246504a8c03f2
00656377deb1a4393e0cf0055385b08b2b81b46c
8ac1703c1c34b2be426deda409d39258f82fae17f13e645f377f337a954aedde
GET /pxext.gif HTTP/1.1
Host: www.aaxdetect.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.mylink.vc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Mon, 26 Feb 2018 13:29:58 GMT
Server: Apache
Accept-Ranges: bytes
Content-Length: 43
Content-Type: image/gif
Cache-Control: max-age=452236
Expires: Mon, 05 Dec 2022 00:39:20 GMT
Date: Tue, 29 Nov 2022 19:02:04 GMT
Connection: keep-alive
fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
139.45.195.254200 OK 12 B URL HTTP/1.1 fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
IP 139.45.195.254:0
File type JSON data\012- , ASCII text, with no line terminators
Hash adb4650bfc9d2a73d4dd69583b0ceb14
1ce399d6e936232aaf2192cd7903a279c5015f22
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed
Analyzer Verdict Alert quad9 Sinkholed
POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f HTTP/1.1
Host: fleraprt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 900
Origin: https://a.mylink.vc
Connection: keep-alive
Referer: https://a.mylink.vc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Tue, 29 Nov 2022 19:02:07 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://a.mylink.vc
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8e8c89c17e336cca7a61b55895462e74
e27f9646f415cb235ed8eef9de30639dd355fad1
3cf03691d11e79366511035adff2fabce3d362860e670f4de949794d3b6268ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3CF03691D11E79366511035ADFF2FABCE3D362860E670F4DE949794D3B6268BA"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8480
Expires: Tue, 29 Nov 2022 21:23:24 GMT
Date: Tue, 29 Nov 2022 19:02:04 GMT
Connection: keep-alive
in-page-push.com/400/3565140
139.45.197.15200 OK 33 kB URL HTTP/2 in-page-push.com/400/3565140
IP 139.45.197.15:0
Hash 682f957707f88e3c0b2b0cfc2eaabd2f
78faec3a2e602185e5abd2db7fb575c483c67631
5fc510901edc111a410fb3683162c8425fc585914999b602d3b53ef0bcfd7f72
Analyzer Verdict Alert quad9 Sinkholed
GET /400/3565140 HTTP/1.1
Host: in-page-push.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.mylink.vc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 19:02:04 GMT
content-type: application/javascript
x-trace-id: 67bc7bff0beb2cb957f875acacbd9182
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=ce074018fad2427b8c1baeb052fc3c0e; expires=Wed, 29 Nov 2023 19:02:04 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
l3.aaxads.com/log?___stu13p=aveoaamactga5dnnuee25ti2rm86bcrodqacb&lwbsh=AAX&wHos=101&dgw=desktop&flg=AAX23QE99&fw=OSLO&ff=NO&xjg=4&dss=0&skw=939&slg=8PR6YK195&gq=a.mylink.vc&vhuyqdph=ssp-serving-854f99f6c4-pw5qp&vyu=112307_490_112304_460_ssp&vf=&yhuvlrq=4&yk=939&yz=1280&yvlg=&ylg=00001669748523864015326356481266&vvsDeExfnhw=CONTROL&oz=1&gdss=green&lwbshlg=6&vg=1&dgeg=0&qsd=0&jgsu_hqi=1&fvha=0&jgivwu=Y-N&jgsu=1&fvvwu=&wfi_fps=&wfi_vwdwxv=&wfi_sus=&vxf=0&wfi_dsl=1&xvs_hqi=1&xvs_vwdwxv=0&xvs_ogi=&xvs_vwulqj=&xifd=-1&frssd_vwdwxv=&frssd_dssolhg=&lg_ghwdlov=&dewh=SSP_CLIENT_control°=2&fdeg=0&gdeg=2&ghqg=100&fhqg=16&hqg=41&gvwduw=16&fvwduw=16&vwduw=16&uhtxuo=https%3A%2F%2Fa.mylink.vc%2Fmy%2Fcredit&nzui=
104.88.23.134200 OK 35 B URL HTTP/2 l3.aaxads.com/log?___stu13p=aveoaamactga5dnnuee25ti2rm86bcrodqacb&lwbsh=AAX&wHos=101&dgw=desktop&flg=AAX23QE99&fw=OSLO&ff=NO&xjg=4&dss=0&skw=939&slg=8PR6YK195&gq=a.mylink.vc&vhuyqdph=ssp-serving-854f99f6c4-pw5qp&vyu=112307_490_112304_460_ssp&vf=&yhuvlrq=4&yk=939&yz=1280&yvlg=&ylg=00001669748523864015326356481266&vvsDeExfnhw=CONTROL&oz=1&gdss=green&lwbshlg=6&vg=1&dgeg=0&qsd=0&jgsu_hqi=1&fvha=0&jgivwu=Y-N&jgsu=1&fvvwu=&wfi_fps=&wfi_vwdwxv=&wfi_sus=&vxf=0&wfi_dsl=1&xvs_hqi=1&xvs_vwdwxv=0&xvs_ogi=&xvs_vwulqj=&xifd=-1&frssd_vwdwxv=&frssd_dssolhg=&lg_ghwdlov=&dewh=SSP_CLIENT_control°=2&fdeg=0&gdeg=2&ghqg=100&fhqg=16&hqg=41&gvwduw=16&fvwduw=16&vwduw=16&uhtxuo=https%3A%2F%2Fa.mylink.vc%2Fmy%2Fcredit&nzui=
IP 104.88.23.134:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 349909ce1e0bc971d452284590236b09
adfc01f8a9de68b9b27e6f98a68737c162167066
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
GET /log?___stu13p=aveoaamactga5dnnuee25ti2rm86bcrodqacb&lwbsh=AAX&wHos=101&dgw=desktop&flg=AAX23QE99&fw=OSLO&ff=NO&xjg=4&dss=0&skw=939&slg=8PR6YK195&gq=a.mylink.vc&vhuyqdph=ssp-serving-854f99f6c4-pw5qp&vyu=112307_490_112304_460_ssp&vf=&yhuvlrq=4&yk=939&yz=1280&yvlg=&ylg=00001669748523864015326356481266&vvsDeExfnhw=CONTROL&oz=1&gdss=green&lwbshlg=6&vg=1&dgeg=0&qsd=0&jgsu_hqi=1&fvha=0&jgivwu=Y-N&jgsu=1&fvvwu=&wfi_fps=&wfi_vwdwxv=&wfi_sus=&vxf=0&wfi_dsl=1&xvs_hqi=1&xvs_vwdwxv=0&xvs_ogi=&xvs_vwulqj=&xifd=-1&frssd_vwdwxv=&frssd_dssolhg=&lg_ghwdlov=&dewh=SSP_CLIENT_control°=2&fdeg=0&gdeg=2&ghqg=100&fhqg=16&hqg=41&gvwduw=16&fvwduw=16&vwduw=16&uhtxuo=https%3A%2F%2Fa.mylink.vc%2Fmy%2Fcredit&nzui= HTTP/1.1
Host: l3.aaxads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.mylink.vc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/gif
access-control-allow-origin: *
content-length: 35
expires: Tue, 29 Nov 2022 19:02:04 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Tue, 29 Nov 2022 19:02:04 GMT
X-Firefox-Spdy: h2
my.rtmark.net/gid.js
139.45.195.8200 OK 65 B IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash ca94ba9a6b955ce4c29c7a87f183bfd7
41aa8e420d4da4fd3f89d0eb90935f6fbaa964aa
291852d5d07805f87c374030f4c407dc816fcdf2a551d2b4bb38055e570a1db8
GET /gid.js HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://a.mylink.vc
Connection: keep-alive
Referer: https://a.mylink.vc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 19:02:04 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://a.mylink.vc
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=65f377b519c645af8ba5c068f4d2ae05; expires=Wed, 29 Nov 2023 19:02:04 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ca834245a0f8926c89d00657eca9d3f1
7a2fd0e8dcb27dbd348d5774b2b60392560d61f2
ea284e721d1de4a718f7595ebc5b2a0466f14104620d236a605358ff8010561b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EA284E721D1DE4A718F7595EBC5B2A0466F14104620D236A605358FF8010561B"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8356
Expires: Tue, 29 Nov 2022 21:21:21 GMT
Date: Tue, 29 Nov 2022 19:02:05 GMT
Connection: keep-alive
in-page-push.com/500/3565140?excludes=&oaid=65f377b519c645af8ba5c068f4d2ae05&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=2&pl=https%3A%2F%2Fa.mylink.vc%2Fmy%2Fcredit&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.15200 OK 0 B URL HTTP/2 in-page-push.com/500/3565140?excludes=&oaid=65f377b519c645af8ba5c068f4d2ae05&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=2&pl=https%3A%2F%2Fa.mylink.vc%2Fmy%2Fcredit&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.15:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
OPTIONS /500/3565140?excludes=&oaid=65f377b519c645af8ba5c068f4d2ae05&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=2&pl=https%3A%2F%2Fa.mylink.vc%2Fmy%2Fcredit&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: in-page-push.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://a.mylink.vc/
Origin: https://a.mylink.vc
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 19:02:05 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://a.mylink.vc
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-credentials: true
access-control-max-age: 600
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2
hosehonoured.com/01/e8/35/01e835b4b880f0a66ecd3cd0ff9e49d1.js
173.233.139.164200 OK 13 kB URL HTTP/1.1 hosehonoured.com/01/e8/35/01e835b4b880f0a66ecd3cd0ff9e49d1.js
IP 173.233.139.164:0
File type ASCII text, with very long lines (37129), with no line terminators
Hash 1a9feb384efd7468c510adcb5915d2a2
27d72850cc9f427c668ba2926b21a0d86bf61ee3
7461a1518e56dd28caa57bcba1bdb99cd4fe1a48838c1a164ca257f6d0b56fa4
GET /01/e8/35/01e835b4b880f0a66ecd3cd0ff9e49d1.js HTTP/1.1
Host: hosehonoured.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.mylink.vc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 29 Nov 2022 19:02:05 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 91d4abbeb9fc71acb514879acdf0afc6
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
in-page-push.com/500/3565140?excludes=&oaid=65f377b519c645af8ba5c068f4d2ae05&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=2&pl=https%3A%2F%2Fa.mylink.vc%2Fmy%2Fcredit&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.15200 OK 12 kB URL HTTP/2 in-page-push.com/500/3565140?excludes=&oaid=65f377b519c645af8ba5c068f4d2ae05&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=2&pl=https%3A%2F%2Fa.mylink.vc%2Fmy%2Fcredit&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.15:0
Hash 85a4c6c0c3dd4c2aad1f6ce2e7cb3a4f
62e3d195fea7a5f197d890ff72c1bdf94a38b1eb
9ffe10b194fef5fb8d5c978e3f4b78eabd99a85c41d9c2372fab46718ac395ab
Analyzer Verdict Alert quad9 Sinkholed
GET /500/3565140?excludes=&oaid=65f377b519c645af8ba5c068f4d2ae05&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=2&pl=https%3A%2F%2Fa.mylink.vc%2Fmy%2Fcredit&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: in-page-push.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://a.mylink.vc
Connection: keep-alive
Referer: https://a.mylink.vc/
Cookie: OAID=ce074018fad2427b8c1baeb052fc3c0e
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 19:02:05 GMT
content-type: application/javascript
x-trace-id: 5f43551b2b457dbd898804e0feead8b2
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
vary: Origin
access-control-allow-origin: https://a.mylink.vc
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=65f377b519c645af8ba5c068f4d2ae05; expires=Wed, 29 Nov 2023 19:02:05 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 346 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 635eba2ec841f80118a858a94bb84ff5
591895548f1f166a16c790740656cb194d0f7760
d2e62fd34b70872cb8f68cd1fdae7f1476019968f63accab24e4d822933c07ff
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "D2E62FD34B70872CB8F68CD1FDAE7F1476019968F63ACCAB24E4D822933C07FF"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12476
Expires: Tue, 29 Nov 2022 22:30:01 GMT
Date: Tue, 29 Nov 2022 19:02:05 GMT
Connection: keep-alive
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 6d4aa81497d78e8890f1833dfd810f3b
1a661b0ea7a2272d32a364d110f8b2525a13a72a
c3127cd2765f7a80a75f4000fbbd0680b93a944448f0260b6c4a1dd6b041bbfa
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=155155
Date: Tue, 29 Nov 2022 19:02:05 GMT
Etag: "63860997-1d7"
Expires: Thu, 01 Dec 2022 14:08:00 GMT
Last-Modified: Tue, 29 Nov 2022 13:31:03 GMT
Server: ECS (nyb/1D22)
X-Cache: Miss from cloudfront
Via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: hehSTlWKdfv7LdEJ3sSziuIWhVpmM__bnrLG93Ew0MtVJnTgpCslqw==
Age: 2217
simplewebanalysis.com/stats
18.185.190.54200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 18.185.190.54:0
File type ASCII text, with no line terminators
Hash 75b184b1aa767cadadd4b2c6aad42aca
0068cd92992734f9c542b26c40cd0fd24be2439f
36af49e5e7e4389321bb1d342c550413de129d194b31f42f33f4492cec14a6a7
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://a.mylink.vc
Connection: keep-alive
Referer: https://a.mylink.vc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 29 Nov 2022 19:02:05 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://a.mylink.vc
access-control-allow-credentials: true
set-cookie: uid_id2=73a684b7-4f62-462b-b405-3a0b20b8bc65:2:1; expires=Fri, 26 Nov 2032 19:02:05 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
c.tmyzer.com/c/?s=59857&f=1&fi=99
54.38.64.100200 OK 0 B URL HTTP/1.1 c.tmyzer.com/c/?s=59857&f=1&fi=99
IP 54.38.64.100:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c/?s=59857&f=1&fi=99 HTTP/1.1
Host: c.tmyzer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://a.mylink.vc
Connection: keep-alive
Referer: https://a.mylink.vc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 29 Nov 2022 19:02:05 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Access-Control-Allow-Origin: *
X-IPLB-Request-ID: 5B5A2A9A:5CED_36264064:01BB_6386572C_1A5DB90:5CD5
X-IPLB-Instance: 24858
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 49eee25f3ccd585a29e34e80cf5bb160
73eca8be91deedd049304862759a3d8084c0b07e
531e5685527861b3ed7e8e3865c5a6a40d3f92f5c9d89df3f385dab72406fb56
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 19:02:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72.woff2
216.58.207.227200 OK 35 kB URL HTTP/2 fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 34852, version 1.0\012- data
Hash 0e8eefb4549a2edf26c560cb9845952e
8d0b1718aacad934fd0043c87cbc54aa091396bf
7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a
GET /s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://a.mylink.vc
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 34852
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Nov 2022 12:29:21 GMT
expires: Fri, 24 Nov 2023 12:29:21 GMT
cache-control: public, max-age=31536000
age: 455564
last-modified: Wed, 27 Apr 2022 16:31:23 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
i.imgur.com/L1mnmKp.png
151.101.244.193200 OK 1.4 kB IP 151.101.244.193:0
File type PNG image data, 142 x 45, 8-bit/color RGBA, non-interlaced\012- data
Hash ab23bd56d3e717cb2660ba291537f049
143a9dee1d74680ea17ea3b6a9fdb7f1d2b9ccd4
01abba926066a54d2d0443c2cef2b647c97eaff6df81d3a9762b3661d660f024
GET /L1mnmKp.png HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.mylink.vc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Mon, 03 Dec 2018 19:06:27 GMT
etag: "ab23bd56d3e717cb2660ba291537f049"
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Tue, 29 Nov 2022 19:02:05 GMT
age: 3043818
x-served-by: cache-iad-kiad7000030-IAD, cache-hel1410029-HEL
x-cache: HIT, HIT
x-cache-hits: 4640, 1
x-timer: S1669748526.661749,VS0,VE2
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 1443
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 346 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 635eba2ec841f80118a858a94bb84ff5
591895548f1f166a16c790740656cb194d0f7760
d2e62fd34b70872cb8f68cd1fdae7f1476019968f63accab24e4d822933c07ff
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "D2E62FD34B70872CB8F68CD1FDAE7F1476019968F63ACCAB24E4D822933C07FF"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12476
Expires: Tue, 29 Nov 2022 22:30:01 GMT
Date: Tue, 29 Nov 2022 19:02:05 GMT
Connection: keep-alive
glimtors.net/zone?pub=0&zone_id=3150479&is_mobile=false&domain=a.mylink.vc&var=&ymid=&var_3=
139.45.197.251200 OK 705 B URL HTTP/2 glimtors.net/zone?pub=0&zone_id=3150479&is_mobile=false&domain=a.mylink.vc&var=&ymid=&var_3=
IP 139.45.197.251:0
File type JSON data\012- , ASCII text, with very long lines (704)
Hash f70ddedaa762c339ee5d74dff5d4c8f0
7a39b23bd9c1412be8f36c4111629c1f8c4de5da
a847bb43b0c7b9602dfb61fd0cb04d72dc569fe88d4d7c5de88bf6f6e91c55a8
GET /zone?pub=0&zone_id=3150479&is_mobile=false&domain=a.mylink.vc&var=&ymid=&var_3= HTTP/1.1
Host: glimtors.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://a.mylink.vc/
Origin: https://a.mylink.vc
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 19:02:05 GMT
content-type: application/json; charset=utf-8
content-length: 705
x-trace-id: 59b9ea2edfe053b32aa36d2870e6c432
access-control-allow-origin: https://a.mylink.vc
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
i.imgur.com/lGgcRNc_d.webp?maxwidth=760&fidelity=grand
151.101.244.193200 OK 9.2 kB URL HTTP/2 i.imgur.com/lGgcRNc_d.webp?maxwidth=760&fidelity=grand
IP 151.101.244.193:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x295, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 74772022d08c845ca28a44a78d2c94fb
07481936e56852d7d846faa8e468de2982532434
c9e9e6a374c8b4d222c9631778ef298f707a9d1d091c62f004c7ee7d8802b7ed
GET /lGgcRNc_d.webp?maxwidth=760&fidelity=grand HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.mylink.vc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/webp
last-modified: Sat, 12 Nov 2022 06:23:06 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Tue, 29 Nov 2022 19:02:05 GMT
age: 1514339
x-served-by: cache-iad-kjyo7100150-IAD, cache-hel1410029-HEL
x-cache: HIT, HIT
x-cache-hits: 622, 1
x-timer: S1669748526.754392,VS0,VE1
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 9192
X-Firefox-Spdy: h2
d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
143.204.42.87200 OK 26 kB URL HTTP/1.1 d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
IP 143.204.42.87:0
File type ASCII text, with very long lines (16085)
Hash 8703fc9eead243fe2f47380e962d7fa2
3d9f707259112fa9ccdd1e676f00eadcff71906c
b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213
GET /a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js HTTP/1.1
Host: d2zur9cc2gf1tx.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.mylink.vc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/javascript
Content-Length: 25704
Connection: keep-alive
Accept-Ranges: bytes
Last-Modified: Mon, 18 Feb 2019 16:54:28 GMT
Server: Apache
Date: Tue, 29 Nov 2022 02:56:44 GMT
X-Cache: Hit from cloudfront
Via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: qZx7K4LO18bpTftnjdShPJPs9vYVxDkFPdbFy5gRGn2TWAlGNZNlWg==
Age: 57927
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 4334032aadde00885f1ac8dc1b42475e
2eec08a9fa9ff03fae3d30078584d3540e70555a
969cbab753fcbc0692fc274ccdc93c5ea8be9797eac783fcdcc4d8976530c8b9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4617
Cache-Control: max-age=87705
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 19:02:05 GMT
Etag: "6384f8bd-1d7"
Expires: Wed, 30 Nov 2022 19:23:50 GMT
Last-Modified: Mon, 28 Nov 2022 18:06:53 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash f1cfa609ebdf236e2f3e3ff25dd05caf
c8117b0187d4d9021ed1a42907bd93d24ed4ebf0
7a2761aa36168d4f2c9034486777f5588aaf0fa1f7d1e55006db7320259303b3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 19:02:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash f1cfa609ebdf236e2f3e3ff25dd05caf
c8117b0187d4d9021ed1a42907bd93d24ed4ebf0
7a2761aa36168d4f2c9034486777f5588aaf0fa1f7d1e55006db7320259303b3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 19:02:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.globalsign.com/gseccovsslca2018
104.18.21.226200 OK 938 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.21.226:0
Hash ca27fc67794db301648b1fe3c0b785a6
ff5fab3d522ffe7d23be2e27f865533aaf8e2103
14fb227d7ebbac5da461b065bcb39aa9e524e2cf529f4453679299a644149261
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 19:02:05 GMT
Content-Type: application/ocsp-response
Content-Length: 938
Connection: keep-alive
Expires: Sat, 03 Dec 2022 15:07:02 GMT
ETag: "ff5fab3d522ffe7d23be2e27f865533aaf8e2103"
Last-Modified: Tue, 29 Nov 2022 15:07:03 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3330
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 771d987e4a12b509-OSL
www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js
142.250.74.35200 OK 163 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js
IP 142.250.74.35:0
File type ASCII text, with very long lines (730)
Size 163 kB (162976 bytes)
Hash 79d18cf4265108d7cecca1bf4ada6109
e51d0285a545381d4c39e9e0292a650ffeeecbb9
59ce7253f371df0833c3f72d4748ef812002b90a49413c56d0ca7c40bb5a0ab6
GET /recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://a.mylink.vc
Connection: keep-alive
Referer: https://a.mylink.vc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 162976
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 28 Nov 2022 19:09:57 GMT
expires: Tue, 28 Nov 2023 19:09:57 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 14 Nov 2022 03:01:59 GMT
content-type: text/javascript
age: 85928
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 4ed4504c8b02fc509f234707dc77781f
19acd03459e36691bfe55062056b824e39033cb1
b83b1242e3991a8c4b50fc7218fc5f838baef5281a58f8c4d72409f10e5b9e32
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3065
Cache-Control: max-age=147343
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 19:02:05 GMT
Etag: "6385e7c3-139"
Expires: Thu, 01 Dec 2022 11:57:48 GMT
Last-Modified: Tue, 29 Nov 2022 11:06:43 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 313
ocsp.globalsign.com/gseccovsslca2018
104.18.21.226200 OK 938 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.21.226:0
Hash ca27fc67794db301648b1fe3c0b785a6
ff5fab3d522ffe7d23be2e27f865533aaf8e2103
14fb227d7ebbac5da461b065bcb39aa9e524e2cf529f4453679299a644149261
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 19:02:05 GMT
Content-Type: application/ocsp-response
Content-Length: 938
Connection: keep-alive
Expires: Sat, 03 Dec 2022 15:07:02 GMT
ETag: "ff5fab3d522ffe7d23be2e27f865533aaf8e2103"
Last-Modified: Tue, 29 Nov 2022 15:07:03 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3330
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 771d987e5a2bb509-OSL
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
142.250.74.130200 OK 49 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
IP 142.250.74.130:0
File type ASCII text, with very long lines (4885)
Hash 35f198df628fcb52b9125b7739b5d6c0
816add726cb295d2b39a9142e78980f70414448b
9abb77f7a88863c7f44c122ef73ec5c26ed5853fa91e7d496491502f613c012d
GET /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://a.mylink.vc
Connection: keep-alive
Referer: https://a.mylink.vc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 29 Nov 2022 19:02:05 GMT
expires: Tue, 29 Nov 2022 19:02:05 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 8764309744637598965
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 49042
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=b36f488a-1a73-4701-7c3b-b84ce6021023&reqId=44bdc9ff-f5eb-451f-7a03-ea946154f67b&zdid=1258
142.250.74.34302 Found 447 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=b36f488a-1a73-4701-7c3b-b84ce6021023&reqId=44bdc9ff-f5eb-451f-7a03-ea946154f67b&zdid=1258
IP 142.250.74.34:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash de30d37c84c35e8eeb9ec8a538ac6540
de0285884f0ce005c34a227fa8bdd2686d3bcf3a
3ed5a6ed78c08070c0facf507734df16a1e0cfeea6233f4f98371742684f0774
GET /pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=b36f488a-1a73-4701-7c3b-b84ce6021023&reqId=44bdc9ff-f5eb-451f-7a03-ea946154f67b&zdid=1258 HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.mylink.vc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm=&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=b36f488a-1a73-4701-7c3b-b84ce6021023&reqId=44bdc9ff-f5eb-451f-7a03-ea946154f67b&zdid=1258&google_tc=
date: Tue, 29 Nov 2022 19:02:05 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 447
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 29-Nov-2022 19:17:05 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
mc.yandex.ru/metrika/tag.js
87.250.250.119200 OK 73 kB URL HTTP/2 mc.yandex.ru/metrika/tag.js
IP 87.250.250.119:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (587)
Hash 1d79426653c3b55939eaec59a2ce8ef5
c6db0314df7a4e5c08047f6306e0b79a1ad3bab2
2729cfe8b2f5142cf99734cbb4e1a3c6cd35868d279cd796db49ef62742ef993
GET /metrika/tag.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.mylink.vc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 73267
date: Tue, 29 Nov 2022 19:02:05 GMT
access-control-allow-origin: *
etag: "6384bff1-11e33"
expires: Tue, 29 Nov 2022 20:02:05 GMT
last-modified: Mon, 28 Nov 2022 17:04:33 GMT
cache-control: max-age=3600
content-encoding: br
content-type: application/javascript
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash f1cfa609ebdf236e2f3e3ff25dd05caf
c8117b0187d4d9021ed1a42907bd93d24ed4ebf0
7a2761aa36168d4f2c9034486777f5588aaf0fa1f7d1e55006db7320259303b3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 19:02:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash f1cfa609ebdf236e2f3e3ff25dd05caf
c8117b0187d4d9021ed1a42907bd93d24ed4ebf0
7a2761aa36168d4f2c9034486777f5588aaf0fa1f7d1e55006db7320259303b3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 19:02:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm=&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=b36f488a-1a73-4701-7c3b-b84ce6021023&reqId=44bdc9ff-f5eb-451f-7a03-ea946154f67b&zdid=1258&google_tc=
142.250.74.34302 Found 437 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm=&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=b36f488a-1a73-4701-7c3b-b84ce6021023&reqId=44bdc9ff-f5eb-451f-7a03-ea946154f67b&zdid=1258&google_tc=
IP 142.250.74.34:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 53f46f181118b9be3209c07887947cc3
5f2139c04305bf6a9c6bd033e603505094b25242
1b219b91d94f9e189cd1b5b034021df322b97197f96bf972433992e1eecb5c38
GET /pixel?google_nid=zeotap_ddp&google_cm=&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=b36f488a-1a73-4701-7c3b-b84ce6021023&reqId=44bdc9ff-f5eb-451f-7a03-ea946154f67b&zdid=1258&google_tc= HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://a.mylink.vc/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: https://mwzeom.zeotap.com/mw?google_gid=&google_cver=&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=b36f488a-1a73-4701-7c3b-b84ce6021023&reqId=44bdc9ff-f5eb-451f-7a03-ea946154f67b&zdid=1258&google_error=3
date: Tue, 29 Nov 2022 19:02:05 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 437
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
mc.yandex.ru/metrika/watch.js
87.250.250.119200 OK 58 kB URL HTTP/2 mc.yandex.ru/metrika/watch.js
IP 87.250.250.119:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (586)
Hash 89185e037b366ee6c6b5d55bd893c11d
6a0e2cd6189b890da76b827beaeeca41097e8cf1
2b46f64d745301de1b0f94206157e0373db1e5db20e7725794fb34adaab08423
GET /metrika/watch.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.mylink.vc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 57741
date: Tue, 29 Nov 2022 19:02:05 GMT
access-control-allow-origin: *
etag: "6384bff1-e18d"
expires: Tue, 29 Nov 2022 20:02:05 GMT
last-modified: Mon, 28 Nov 2022 17:04:33 GMT
cache-control: max-age=3600
content-encoding: br
content-type: application/javascript
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
glimtors.net/custom
139.45.197.251200 OK 0 B IP 139.45.197.251:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /custom HTTP/1.1
Host: glimtors.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://a.mylink.vc/
Origin: https://a.mylink.vc
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 19:02:05 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://a.mylink.vc
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
glimtors.net/custom
139.45.197.251200 OK 39 B IP 139.45.197.251:0
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: glimtors.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://a.mylink.vc/
Content-Type: application/json
Origin: https://a.mylink.vc
Content-Length: 368
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 19:02:05 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 9678cad2989e671ade90aa67cdb4c525
access-control-allow-origin: https://a.mylink.vc
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html
142.250.74.162200 OK 4.2 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html
IP 142.250.74.162:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2579)
Hash 2fb3574102373e2e076cfa2ff90cdf25
d06c985183def975546d6e47ab6369c11dcf7195
e61cbc207f7fc2f429deceff11e7a339a3d9a9574da6d035054eba02ee381345
GET /pagead/html/r20221110/r20190131/zrt_lookup.html HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.mylink.vc/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 4242
x-xss-protection: 0
date: Tue, 29 Nov 2022 11:45:52 GMT
expires: Tue, 13 Dec 2022 11:45:52 GMT
cache-control: public, max-age=1209600
age: 26174
etag: 10353107486223812946
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
mc.yandex.ru/metrika/advert.gif
87.250.250.119200 OK 43 B URL HTTP/2 mc.yandex.ru/metrika/advert.gif
IP 87.250.250.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /metrika/advert.gif HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.mylink.vc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Tue, 29 Nov 2022 19:02:06 GMT
access-control-allow-origin: *
etag: "6384bff1-2b"
expires: Tue, 29 Nov 2022 20:02:06 GMT
accept-ranges: bytes
last-modified: Mon, 28 Nov 2022 17:04:33 GMT
cache-control: max-age=3600
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
142.250.74.42200 OK 30 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
IP 142.250.74.42:0
File type ASCII text, with very long lines (32034)
Hash c54aac7ef64c39b4f384e0d5771d3b46
d3e059104378a3844862a5ed12a13f5d423e86b6
3e1b5002dd64d185f806edeefd333348f423584d876cfc966b5c13884c8fe3da
GET /ajax/libs/jquery/3.0.0/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.mylink.vc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30186
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 26 Nov 2022 22:25:29 GMT
expires: Sun, 26 Nov 2023 22:25:29 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 246997
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c98063a5875a4153829eaa80be458262
9522070e97907c1f147c44284e4d7d9591518fb5
ad8607d475238f00a7328e41f35d5f50595455bef11db64d45ead1a64bc261a2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AD8607D475238F00A7328E41F35D5F50595455BEF11DB64D45EAD1A64BC261A2"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8731
Expires: Tue, 29 Nov 2022 21:27:37 GMT
Date: Tue, 29 Nov 2022 19:02:06 GMT
Connection: keep-alive
mwzeom.zeotap.com/mw?google_gid=&google_cver=&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=b36f488a-1a73-4701-7c3b-b84ce6021023&reqId=44bdc9ff-f5eb-451f-7a03-ea946154f67b&zdid=1258&google_error=3
104.22.25.87200 OK 95 B URL HTTP/2 mwzeom.zeotap.com/mw?google_gid=&google_cver=&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=b36f488a-1a73-4701-7c3b-b84ce6021023&reqId=44bdc9ff-f5eb-451f-7a03-ea946154f67b&zdid=1258&google_error=3
IP 104.22.25.87:0
File type PNG image data, 1 x 1, 1-bit colormap, non-interlaced\012- data
Hash 71a50dbba44c78128b221b7df7bb51f1
0ec63b140374ba704a58fa0c743cb357683313dd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
GET /mw?google_gid=&google_cver=&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=b36f488a-1a73-4701-7c3b-b84ce6021023&reqId=44bdc9ff-f5eb-451f-7a03-ea946154f67b&zdid=1258&google_error=3 HTTP/1.1
Host: mwzeom.zeotap.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://a.mylink.vc/
Connection: keep-alive
Cookie: zc=b36f488a-1a73-4701-7c3b-b84ce6021023; zsc=%F4%40%C2%3E%F8%0F%EE%A4.%BA%29%B88%9B%92c%FF%B2%5C%03%ADX%EF9%89%12W5PO%8A%83%F2%12Z%14%84%B9%9Dl8%B9%8706%D6%FEB%F1%A5lH%F9%EDg%D0%1F%BC%19e_%90dm%92Y%07TM%E3%3CD%FB%B6%F5%14%0D%8AG%FE%9FA%1F
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 19:02:06 GMT
content-type: image/png
content-length: 95
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-origin: https://a.mylink.vc
set-cookie: zc=b36f488a-1a73-4701-7c3b-b84ce6021023; Path=/; Domain=.zeotap.com; Max-Age=31536000; SameSite=None; Secure
vary: Origin
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 771d9880ee77b51b-OSL
X-Firefox-Spdy: h2
mc.yandex.ru/watch/90922076/1?wmode=7&page-url=https%3A%2F%2Fa.mylink.vc%2Fmy%2Fcredit&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afp%3A2551%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A2%3Adp%3A0%3Als%3A1487223639149%3Ahid%3A828446951%3Az%3A0%3Ai%3A20221129190205%3Aet%3A1669748525%3Ac%3A1%3Arn%3A518747806%3Arqn%3A1%3Au%3A1669748525250345588%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C237%2C2%2C849%2C0%2C%2C1476%2C3%2C%2C%2C%2C2616%3Ans%3A1669748522050%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669748525%3At%3AmyLink%20-%20Protect%20your%20link%20-%20Select%20and%20Go&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29rqnl%281%29ti%282%29
87.250.250.119200 OK 407 B URL HTTP/2 mc.yandex.ru/watch/90922076/1?wmode=7&page-url=https%3A%2F%2Fa.mylink.vc%2Fmy%2Fcredit&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afp%3A2551%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A2%3Adp%3A0%3Als%3A1487223639149%3Ahid%3A828446951%3Az%3A0%3Ai%3A20221129190205%3Aet%3A1669748525%3Ac%3A1%3Arn%3A518747806%3Arqn%3A1%3Au%3A1669748525250345588%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C237%2C2%2C849%2C0%2C%2C1476%2C3%2C%2C%2C%2C2616%3Ans%3A1669748522050%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669748525%3At%3AmyLink%20-%20Protect%20your%20link%20-%20Select%20and%20Go&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29rqnl%281%29ti%282%29
IP 87.250.250.119:0
File type JSON data\012- , ASCII text, with very long lines (407), with no line terminators
Hash ba2aed948e26e6e4d0fcbd8d02cf5bf9
d4a88d10e19a78942c49c94b608d0eb71784065d
29e3ee33230c32d90e93cbc02ec75fa703fcf924eb7da7fb0003acb8108085a3
GET /watch/90922076/1?wmode=7&page-url=https%3A%2F%2Fa.mylink.vc%2Fmy%2Fcredit&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afp%3A2551%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A2%3Adp%3A0%3Als%3A1487223639149%3Ahid%3A828446951%3Az%3A0%3Ai%3A20221129190205%3Aet%3A1669748525%3Ac%3A1%3Arn%3A518747806%3Arqn%3A1%3Au%3A1669748525250345588%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C237%2C2%2C849%2C0%2C%2C1476%2C3%2C%2C%2C%2C2616%3Ans%3A1669748522050%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669748525%3At%3AmyLink%20-%20Protect%20your%20link%20-%20Select%20and%20Go&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29rqnl%281%29ti%282%29 HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://a.mylink.vc
Referer: https://a.mylink.vc/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 407
date: Tue, 29 Nov 2022 19:02:06 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://a.mylink.vc
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Tue, 29-Nov-2022 19:02:06 GMT
last-modified: Tue, 29-Nov-2022 19:02:06 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: application/json; charset=utf-8
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
id5-sync.com/i/12/9.gif?gdpr=true&gdpr_consent=
162.19.138.119200 2.5 kB URL HTTP/1.1 id5-sync.com/i/12/9.gif?gdpr=true&gdpr_consent=
IP 162.19.138.119:0
Hash c0e4747ecb4e1e0a8233038ff44eb613
fca2ff55a8a656773e8cb03013bee463e2fd910f
536e8d517a2344b314d364057583c667f95fd41692451acd647066ac4a17909d
GET /i/12/9.gif?gdpr=true&gdpr_consent= HTTP/1.1
Host: id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.mylink.vc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="CAO PSA OUR"
set-cookie: cf=; Max-Age=300; Expires=Tue, 29-Nov-2022 19:07:06 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
cip=; Max-Age=300; Expires=Tue, 29-Nov-2022 19:07:06 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
cnac=; Max-Age=300; Expires=Tue, 29-Nov-2022 19:07:06 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
car=; Max-Age=300; Expires=Tue, 29-Nov-2022 19:07:06 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
gdpr=; Max-Age=300; Expires=Tue, 29-Nov-2022 19:07:06 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
callback=; Max-Age=300; Expires=Tue, 29-Nov-2022 19:07:06 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
content-type: image/gif;charset=UTF-8
transfer-encoding: chunked
date: Tue, 29 Nov 2022 19:02:06 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
mc.yandex.ru/watch/46177350/1?wmode=7&page-url=https%3A%2F%2Fa.mylink.vc%2Fmy%2Fcredit&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aeaqp9qze4zeusy7lq5yic%3Afp%3A2551%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A1099061328975%3Ahid%3A828446951%3Az%3A0%3Ai%3A20221129190205%3Aet%3A1669748525%3Ac%3A1%3Arn%3A1005378552%3Arqn%3A1%3Au%3A1669748525250345588%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A0%2C0%2C237%2C2%2C849%2C0%2C%2C1476%2C3%2C%2C%2C%2C2616%3Ans%3A1669748522050%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669748525%3At%3AmyLink%20-%20Protect%20your%20link%20-%20Select%20and%20Go&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29rqnl%281%29ti%282%29
87.250.250.119200 OK 419 B URL HTTP/2 mc.yandex.ru/watch/46177350/1?wmode=7&page-url=https%3A%2F%2Fa.mylink.vc%2Fmy%2Fcredit&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aeaqp9qze4zeusy7lq5yic%3Afp%3A2551%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A1099061328975%3Ahid%3A828446951%3Az%3A0%3Ai%3A20221129190205%3Aet%3A1669748525%3Ac%3A1%3Arn%3A1005378552%3Arqn%3A1%3Au%3A1669748525250345588%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A0%2C0%2C237%2C2%2C849%2C0%2C%2C1476%2C3%2C%2C%2C%2C2616%3Ans%3A1669748522050%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669748525%3At%3AmyLink%20-%20Protect%20your%20link%20-%20Select%20and%20Go&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29rqnl%281%29ti%282%29
IP 87.250.250.119:0
File type JSON data\012- , ASCII text, with very long lines (419), with no line terminators
Hash c3c8eee821b4a3dbed18b34f42269723
aed4625c5fec964baef3d736f5b5304bcf5eeabf
f4d75ec5a780c8dc281855b31273891fe9133d93cac58ad7e86d89f1f348c6f5
GET /watch/46177350/1?wmode=7&page-url=https%3A%2F%2Fa.mylink.vc%2Fmy%2Fcredit&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aeaqp9qze4zeusy7lq5yic%3Afp%3A2551%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A1099061328975%3Ahid%3A828446951%3Az%3A0%3Ai%3A20221129190205%3Aet%3A1669748525%3Ac%3A1%3Arn%3A1005378552%3Arqn%3A1%3Au%3A1669748525250345588%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A0%2C0%2C237%2C2%2C849%2C0%2C%2C1476%2C3%2C%2C%2C%2C2616%3Ans%3A1669748522050%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669748525%3At%3AmyLink%20-%20Protect%20your%20link%20-%20Select%20and%20Go&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29rqnl%281%29ti%282%29 HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://a.mylink.vc
Referer: https://a.mylink.vc/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 419
date: Tue, 29 Nov 2022 19:02:06 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://a.mylink.vc
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Tue, 29-Nov-2022 19:02:06 GMT
last-modified: Tue, 29-Nov-2022 19:02:06 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: application/json; charset=utf-8
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
cmp.quantcast.com/tcfv2/google-atp-list.json
143.204.55.17200 OK 38 kB URL HTTP/2 cmp.quantcast.com/tcfv2/google-atp-list.json
IP 143.204.55.17:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (65532), with no line terminators
Hash 508b60359a070afb1b11d2cab3748f06
ffe7800dfd0ab198916e5c53e1d350a73e0390b8
2287365e695db95ecf567dabefee211cb90e081a38fb26ce372134d5cc6a7f24
GET /tcfv2/google-atp-list.json HTTP/1.1
Host: cmp.quantcast.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://a.mylink.vc
Connection: keep-alive
Referer: https://a.mylink.vc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
access-control-max-age: 3000
cache-control: max-age=172800
date: Tue, 29 Nov 2022 03:00:29 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-credentials: true
last-modified: Tue, 29 Nov 2022 03:00:27 GMT
etag: W/"5e5c32e11030f411462907ffac99a722"
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: br
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Xs8SACF0-lkzE-SXvTq-iQujCCAcv44kLTa39j_O6XBzVQyd6A7cig==
age: 57698
X-Firefox-Spdy: h2
test.cmp.quantcast.com/GVL-v2/cmp-list.json
143.204.55.59200 OK 53 kB URL HTTP/2 test.cmp.quantcast.com/GVL-v2/cmp-list.json
IP 143.204.55.59:0
File type JSON data\012- , ASCII text, with very long lines (9979), with no line terminators
Hash 3e5e42955f2bc9f2e9fd8894a73968cc
27990264e4cc632b070b3e5c56e8d7328be0563b
40921193e89809faa2b47fb13706fcb4d9b69a00ce21ed30d4b42badff82dbf1
GET /GVL-v2/cmp-list.json HTTP/1.1
Host: test.cmp.quantcast.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://a.mylink.vc
Connection: keep-alive
Referer: https://a.mylink.vc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json
access-control-max-age: 86400
cache-control: max-age=172800
date: Tue, 29 Nov 2022 03:00:43 GMT
last-modified: Tue, 15 Nov 2022 19:52:30 GMT
etag: W/"67643b5faa0950a5532c47758ba39d2f"
x-amz-server-side-encryption: AES256
x-amz-version-id: xPMKnfS8YcqF2frTT5_I_M_eoLLd3kli
server: AmazonS3
access-control-allow-origin: *
access-control-allow-methods: GET
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: T2KBLsAiJINS44wrjJCqG6D3EwGRGr_s32o_16-WfWiGu7UFhMRWkA==
age: 57683
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Nov 2022 21:48:03 GMT
expires: Fri, 24 Nov 2023 21:48:03 GMT
cache-control: public, max-age=31536000
age: 422043
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 0e3715eedd8e6500e3c5b107da5cacbc
8967db89fffacb6f8ab57c2fa408634f02fa2440
3fb9445ec8391ec7596b82a48a1379784480abdd9362cb887c59ffb1606d4ab9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3FB9445EC8391EC7596B82A48A1379784480ABDD9362CB887C59FFB1606D4AB9"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10230
Expires: Tue, 29 Nov 2022 21:52:36 GMT
Date: Tue, 29 Nov 2022 19:02:06 GMT
Connection: keep-alive
audit-tcfv2.cmp.quantcast.com/?log=%7B%22accountId%22%3A%226Fv0cGNfc_bw8%22%2C%22domain%22%3A%22a.mylink.vc%22%2C%22publisher%22%3A%22themoneytizer.com%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.42%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%22zqyqLXlGhIEyBziKWX6tNg%22%2C%22clientTimestamp%22%3A1669748525387%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-e9do9ucpx1o5gbelkwym%22%7D
35.156.66.115200 OK 2 B URL HTTP/2 audit-tcfv2.cmp.quantcast.com/?log=%7B%22accountId%22%3A%226Fv0cGNfc_bw8%22%2C%22domain%22%3A%22a.mylink.vc%22%2C%22publisher%22%3A%22themoneytizer.com%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.42%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%22zqyqLXlGhIEyBziKWX6tNg%22%2C%22clientTimestamp%22%3A1669748525387%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-e9do9ucpx1o5gbelkwym%22%7D
IP 35.156.66.115:0
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
GET /?log=%7B%22accountId%22%3A%226Fv0cGNfc_bw8%22%2C%22domain%22%3A%22a.mylink.vc%22%2C%22publisher%22%3A%22themoneytizer.com%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.42%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%22zqyqLXlGhIEyBziKWX6tNg%22%2C%22clientTimestamp%22%3A1669748525387%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-e9do9ucpx1o5gbelkwym%22%7D HTTP/1.1
Host: audit-tcfv2.cmp.quantcast.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://a.mylink.vc
Connection: keep-alive
Referer: https://a.mylink.vc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 29 Nov 2022 19:02:06 GMT
content-type: text/plain; charset=utf-8
content-length: 2
access-control-allow-origin: *
X-Firefox-Spdy: h2
friendshipmale.com/sfp.js
104.21.234.93200 OK 27 kB URL HTTP/2 friendshipmale.com/sfp.js
IP 104.21.234.93:0
File type Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Hash e408bc8a2e5fd333da63c22b6c8c0a4c
20945d0f134eeb714c5abd5c4388f208a4002534
feecbcc194ba623a06a4ca0f95cc01a8e5fe1159bc854c67b6c8164583d121c6
GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.mylink.vc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 29 Nov 2022 19:02:05 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 2b17c4f3e31cda59ac1c12419934107f
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Tue, 29 Nov 2022 19:02:05 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pCTKGLdwwyMMGExxWezrFGkLyboXmA5Zcqbraiw%2BiXzeG933CO0d4daHlcdchFJ8KkCANidoOs7WII8hlhceKlxHiqcCtPdyDQ1%2BRanI1CEIa8QRGABTBxdwMPfJ%2Bd4CN2N5JZY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 771d987c5f707779-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
mc.yandex.ru/watch/46177350?wmode=7&page-url=https%3A%2F%2Fa.mylink.vc%2Fmy%2Fcredit&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aeaqp9qze4zeusy7lq5yic%3Afp%3A2551%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A1099061328975%3Ahid%3A828446951%3Az%3A0%3Ai%3A20221129190205%3Aet%3A1669748525%3Ac%3A1%3Arn%3A1005378552%3Arqn%3A1%3Au%3A1669748525250345588%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A0%2C0%2C237%2C2%2C849%2C0%2C%2C1476%2C3%2C%2C%2C%2C2616%3Ans%3A1669748522050%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669748525%3At%3AmyLink%20-%20Protect%20your%20link%20-%20Select%20and%20Go&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)rqnl(1)ti(2)
87.250.250.119302 Found 314 B URL HTTP/2 mc.yandex.ru/watch/46177350?wmode=7&page-url=https%3A%2F%2Fa.mylink.vc%2Fmy%2Fcredit&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aeaqp9qze4zeusy7lq5yic%3Afp%3A2551%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A1099061328975%3Ahid%3A828446951%3Az%3A0%3Ai%3A20221129190205%3Aet%3A1669748525%3Ac%3A1%3Arn%3A1005378552%3Arqn%3A1%3Au%3A1669748525250345588%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A0%2C0%2C237%2C2%2C849%2C0%2C%2C1476%2C3%2C%2C%2C%2C2616%3Ans%3A1669748522050%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669748525%3At%3AmyLink%20-%20Protect%20your%20link%20-%20Select%20and%20Go&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)rqnl(1)ti(2)
IP 87.250.250.119:0
Hash 7b7e8b1ae4add42a427a048df71862d8
c2abf5a2f104f0b64edfe2fdc8ab31fe77226057
c2e03803d10179c5fa34ee215da786ab9f4e2048de23030dde6c8ede7593d1d4
GET /watch/46177350?wmode=7&page-url=https%3A%2F%2Fa.mylink.vc%2Fmy%2Fcredit&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aeaqp9qze4zeusy7lq5yic%3Afp%3A2551%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A1099061328975%3Ahid%3A828446951%3Az%3A0%3Ai%3A20221129190205%3Aet%3A1669748525%3Ac%3A1%3Arn%3A1005378552%3Arqn%3A1%3Au%3A1669748525250345588%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A0%2C0%2C237%2C2%2C849%2C0%2C%2C1476%2C3%2C%2C%2C%2C2616%3Ans%3A1669748522050%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669748525%3At%3AmyLink%20-%20Protect%20your%20link%20-%20Select%20and%20Go&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://a.mylink.vc
Connection: keep-alive
Referer: https://a.mylink.vc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /watch/46177350/1?wmode=7&page-url=https%3A%2F%2Fa.mylink.vc%2Fmy%2Fcredit&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aeaqp9qze4zeusy7lq5yic%3Afp%3A2551%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A1%3Adp%3A0%3Als%3A1099061328975%3Ahid%3A828446951%3Az%3A0%3Ai%3A20221129190205%3Aet%3A1669748525%3Ac%3A1%3Arn%3A1005378552%3Arqn%3A1%3Au%3A1669748525250345588%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A0%2C0%2C237%2C2%2C849%2C0%2C%2C1476%2C3%2C%2C%2C%2C2616%3Ans%3A1669748522050%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669748525%3At%3AmyLink%20-%20Protect%20your%20link%20-%20Select%20and%20Go&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29rqnl%281%29ti%282%29
date: Tue, 29 Nov 2022 19:02:06 GMT
access-control-allow-origin: https://a.mylink.vc
set-cookie: yandexuid=4924296651669748526; Expires=Wed, 29-Nov-2023 19:02:06 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=4924296651669748526; Expires=Wed, 29-Nov-2023 19:02:06 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yabs-sid=1562844901669748526; Path=/; SameSite=None; Secure
i=RaJUz0ySkLyhRBkDQO/MlsJT7bxP04D2A8m0+k67LhY4hPWvq0f4ul2fLnjFcs7q6VTqEkalFashQvA8mlws4QxiWeI=; Expires=Fri, 26-Nov-2032 19:02:04 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
ymex=1701284526.yc.1669748526#1701284526.yrts.1669748526#1701284526.yrtsi.1669748526; Expires=Wed, 29-Nov-2023 19:02:06 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Tue, 29-Nov-2022 19:02:06 GMT
last-modified: Tue, 29-Nov-2022 19:02:06 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
csm.fr.eu.criteo.net/iev?entry=c~Idfs.Rtus.147.Events.StartInit~1&entry=c~Idfs.Rtus.147.Events.SyncframeDropped~1
178.250.0.162200 OK 43 B URL HTTP/2 csm.fr.eu.criteo.net/iev?entry=c~Idfs.Rtus.147.Events.StartInit~1&entry=c~Idfs.Rtus.147.Events.SyncframeDropped~1
IP 178.250.0.162:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /iev?entry=c~Idfs.Rtus.147.Events.StartInit~1&entry=c~Idfs.Rtus.147.Events.SyncframeDropped~1 HTTP/1.1
Host: csm.fr.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.mylink.vc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 29 Nov 2022 19:02:06 GMT
pragma: no-cache
server: Finatra
expires: 0
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
content-length: 43
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
gum.criteo.com/sync?c=147&r=2&j=criteoCallback
178.250.0.157200 OK 13 kB URL HTTP/2 gum.criteo.com/sync?c=147&r=2&j=criteoCallback
IP 178.250.0.157:0
File type C source, ASCII text, with very long lines (29466)
Hash 529e7ab3cd3193cb1e4168f19ea6002a
6798ff136c6df0ff328f3f12f2fbaecde3b1105d
6c84caa0a4ea8e2496b909e1aaee8f12c4a583b39f792b2cc92e7e45fb883a71
GET /sync?c=147&r=2&j=criteoCallback HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.mylink.vc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 29 Nov 2022 19:02:04 GMT
content-type: text/javascript; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
expires: 60
server-processing-duration-in-ticks: 629874
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 5ddd10ebd682891c8b8b25882bf94286
8d52a20c75e90abe8f193f3b44f5bc12936004d7
f21b42e8a27687d7e2dc46aa7d98c0f1ed82f69c7783068b1c1df2f648561462
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 29 Nov 2022 19:02:06 GMT
Last-Modified: Tue, 29 Nov 2022 17:40:28 GMT
Server: ECS (nyb/1D0A)
X-Cache: Miss from cloudfront
Via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: -DdPSXoiYvXBPGdy1D1UiYJyiOB2R_gRMiC2xfG7NL22y_ZMk0k0Hg==
Age: 4898
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 38bb14620de55e1982559251c0ebeac9
2a0778a21ec60d9f3cfdf4d5772123a4149729d1
ada2027e8be54e2bb79d0a88473871db54ba9f329a0034cac5413d80d80af1a1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "ADA2027E8BE54E2BB79D0A88473871DB54BA9F329A0034CAC5413D80D80AF1A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13116
Expires: Tue, 29 Nov 2022 22:40:42 GMT
Date: Tue, 29 Nov 2022 19:02:06 GMT
Connection: keep-alive
adtrack.adleadevent.com/notifyme.php?st=a96081b6-db78-48c4-9f82-b93e316fb1f7
52.18.48.214200 OK 20 B URL HTTP/1.1 adtrack.adleadevent.com/notifyme.php?st=a96081b6-db78-48c4-9f82-b93e316fb1f7
IP 52.18.48.214:0
Hash 7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
GET /notifyme.php?st=a96081b6-db78-48c4-9f82-b93e316fb1f7 HTTP/1.1
Host: adtrack.adleadevent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://a.mylink.vc
Connection: keep-alive
Referer: https://a.mylink.vc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://a.mylink.vc
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Content-Encoding: gzip
Content-Type: application/x-javascript
Date: Tue, 29 Nov 2022 19:02:06 GMT
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Last-Modified: Tue, 29 Nov 2022 19:02:06 GMT
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
Content-Length: 20
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dd71cb59bfd5e31191d61da63fec244a
998886e4743fc393838dbee7a6632d392e268e73
54672c525e2462ddbb2e84b80945daede2e13469b8817d636dc12d5bb0b3bc47
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "54672C525E2462DDBB2E84B80945DAEDE2E13469B8817D636DC12D5BB0B3BC47"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4206
Expires: Tue, 29 Nov 2022 20:12:12 GMT
Date: Tue, 29 Nov 2022 19:02:06 GMT
Connection: keep-alive
wastedinvaluable.com/ren.gif?sid=H4sIAAAAAAAC%2F1SSzYscxRvHq%2FPb30UvKvHgQRnEg4I7Wz3TMztjDsEYE4N5I4msR%2ButZ8ut7mqquqd35xQMLDmIjuDBY%2B93NlmMIZg%2FQCKzXmRByCjoIC7kP%2FAFcpaZHVh8DvU8T32ew%2FP9Vm3vFIeEomDTq5fsQBvDVlp1Wnt9TafSlr52%2BUYtpHV6qram03Z0qrY5O1z%2FrZC26vSN2nklNuxKg4aUhjSsndNOxXZzZU6hs%2FvdsN6l9ahRD1sRNt1%2Fe18E8CyA7B%2BSF6Dl5P%2FrPz6EFmOkybdnld%2FIbfbmu0lhWG4d%2BnLvg3QjtWWK5LiMXYA43VtMw%2FoJIV%2BdgE33Fgpg%2B7szBeB6QoJfQ%2FB0b7EmeP%2FO0abcQKXg8lmU%2FTGUGUOzMYS9BS0fE0BIXL6CNLl72bqSbR1RNqMTsvT0H%2BhyQpb%2BOIk0eXDG6M3adWuKXNvUYzOuoDfH0L0xsmIf%2BSCALvch8k%2Bg5U9k5elFpMnuFW8stJy%2Bttpk7U7EV5ejuN1YjtoNvswj2lpuMsoblHe4aLfmFmk9ho7HMGoI5k%2Bg8AEKHaCIAxRZgEROa6zVjSldjXncbHYiIUSzKUSr05Yt2Yw6MUUhZhqGyLMhhBlCuJvI3E1s6CFc8T38egUvA%2FicoC8rlIqg9AQlIyg1QZkTlP3qjjS%2B4au70viCh4vcWORmNbJ5b4fdsXlPpWQnOyTPz437a%2B1TbKhpjYaq02zxiHc6NKas3VZCNoWkcdxVUVeG8LqC9ifAfICBnpAXP%2FsSmZ4Q8vlv4Gwf3uxD6FfBipfBytFqg4Ktj6IOxSC9l2yZMN2oW9eDtBWyfAn5VrBjDslL8y26vzgocXD6yYfP8UuTvyFchcxV%2BFj%2FQNAzt0fXbEl2r9nSk4dXslwnesBmT3s9Z7lauve%2B2iqtkxfO%2BuHXb4sZmJX3byifX2Sp1GnPk2%2FOaCmVO2edUOS7C35N8auFXz9TuLTILl5959yFJHPKe23TMZh%2B%2FNEjCD0hzyTb80%2F7yu%2Fb0G4MV1RIigOyCGi7D5HdhM8OTk%2FPPzg5ePIevCVw5niGZwHKohq5Bj%2B%2BNJrAqOOe8QpeHVvA1cGjP4%2FYjr%2BNngvA8ltIkwp9V6FvKjAzhC%2F%2BN8ozd3D65%2BY8wE0w4sYFu9w488WRtV5Pa6oV01jRhuJxl8erjMpuHHU564ZqlbdYiNxPxPZa%2FV8AAAD%2F%2FwEAAP%2F%2FQvFw64wEAAA%3D
192.243.61.227200 OK 7 B URL HTTP/1.1 wastedinvaluable.com/ren.gif?sid=H4sIAAAAAAAC%2F1SSzYscxRvHq%2FPb30UvKvHgQRnEg4I7Wz3TMztjDsEYE4N5I4msR%2ButZ8ut7mqquqd35xQMLDmIjuDBY%2B93NlmMIZg%2FQCKzXmRByCjoIC7kP%2FAFcpaZHVh8DvU8T32ew%2FP9Vm3vFIeEomDTq5fsQBvDVlp1Wnt9TafSlr52%2BUYtpHV6qram03Z0qrY5O1z%2FrZC26vSN2nklNuxKg4aUhjSsndNOxXZzZU6hs%2FvdsN6l9ahRD1sRNt1%2Fe18E8CyA7B%2BSF6Dl5P%2FrPz6EFmOkybdnld%2FIbfbmu0lhWG4d%2BnLvg3QjtWWK5LiMXYA43VtMw%2FoJIV%2BdgE33Fgpg%2B7szBeB6QoJfQ%2FB0b7EmeP%2FO0abcQKXg8lmU%2FTGUGUOzMYS9BS0fE0BIXL6CNLl72bqSbR1RNqMTsvT0H%2BhyQpb%2BOIk0eXDG6M3adWuKXNvUYzOuoDfH0L0xsmIf%2BSCALvch8k%2Bg5U9k5elFpMnuFW8stJy%2Bttpk7U7EV5ejuN1YjtoNvswj2lpuMsoblHe4aLfmFmk9ho7HMGoI5k%2Bg8AEKHaCIAxRZgEROa6zVjSldjXncbHYiIUSzKUSr05Yt2Yw6MUUhZhqGyLMhhBlCuJvI3E1s6CFc8T38egUvA%2FicoC8rlIqg9AQlIyg1QZkTlP3qjjS%2B4au70viCh4vcWORmNbJ5b4fdsXlPpWQnOyTPz437a%2B1TbKhpjYaq02zxiHc6NKas3VZCNoWkcdxVUVeG8LqC9ifAfICBnpAXP%2FsSmZ4Q8vlv4Gwf3uxD6FfBipfBytFqg4Ktj6IOxSC9l2yZMN2oW9eDtBWyfAn5VrBjDslL8y26vzgocXD6yYfP8UuTvyFchcxV%2BFj%2FQNAzt0fXbEl2r9nSk4dXslwnesBmT3s9Z7lauve%2B2iqtkxfO%2BuHXb4sZmJX3byifX2Sp1GnPk2%2FOaCmVO2edUOS7C35N8auFXz9TuLTILl5959yFJHPKe23TMZh%2B%2FNEjCD0hzyTb80%2F7yu%2Fb0G4MV1RIigOyCGi7D5HdhM8OTk%2FPPzg5ePIevCVw5niGZwHKohq5Bj%2B%2BNJrAqOOe8QpeHVvA1cGjP4%2FYjr%2BNngvA8ltIkwp9V6FvKjAzhC%2F%2BN8ozd3D65%2BY8wE0w4sYFu9w488WRtV5Pa6oV01jRhuJxl8erjMpuHHU564ZqlbdYiNxPxPZa%2FV8AAAD%2F%2FwEAAP%2F%2FQvFw64wEAAA%3D
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1SSzYscxRvHq%2FPb30UvKvHgQRnEg4I7Wz3TMztjDsEYE4N5I4msR%2ButZ8ut7mqquqd35xQMLDmIjuDBY%2B93NlmMIZg%2FQCKzXmRByCjoIC7kP%2FAFcpaZHVh8DvU8T32ew%2FP9Vm3vFIeEomDTq5fsQBvDVlp1Wnt9TafSlr52%2BUYtpHV6qram03Z0qrY5O1z%2FrZC26vSN2nklNuxKg4aUhjSsndNOxXZzZU6hs%2FvdsN6l9ahRD1sRNt1%2Fe18E8CyA7B%2BSF6Dl5P%2FrPz6EFmOkybdnld%2FIbfbmu0lhWG4d%2BnLvg3QjtWWK5LiMXYA43VtMw%2FoJIV%2BdgE33Fgpg%2B7szBeB6QoJfQ%2FB0b7EmeP%2FO0abcQKXg8lmU%2FTGUGUOzMYS9BS0fE0BIXL6CNLl72bqSbR1RNqMTsvT0H%2BhyQpb%2BOIk0eXDG6M3adWuKXNvUYzOuoDfH0L0xsmIf%2BSCALvch8k%2Bg5U9k5elFpMnuFW8stJy%2Bttpk7U7EV5ejuN1YjtoNvswj2lpuMsoblHe4aLfmFmk9ho7HMGoI5k%2Bg8AEKHaCIAxRZgEROa6zVjSldjXncbHYiIUSzKUSr05Yt2Yw6MUUhZhqGyLMhhBlCuJvI3E1s6CFc8T38egUvA%2FicoC8rlIqg9AQlIyg1QZkTlP3qjjS%2B4au70viCh4vcWORmNbJ5b4fdsXlPpWQnOyTPz437a%2B1TbKhpjYaq02zxiHc6NKas3VZCNoWkcdxVUVeG8LqC9ifAfICBnpAXP%2FsSmZ4Q8vlv4Gwf3uxD6FfBipfBytFqg4Ktj6IOxSC9l2yZMN2oW9eDtBWyfAn5VrBjDslL8y26vzgocXD6yYfP8UuTvyFchcxV%2BFj%2FQNAzt0fXbEl2r9nSk4dXslwnesBmT3s9Z7lauve%2B2iqtkxfO%2BuHXb4sZmJX3byifX2Sp1GnPk2%2FOaCmVO2edUOS7C35N8auFXz9TuLTILl5959yFJHPKe23TMZh%2B%2FNEjCD0hzyTb80%2F7yu%2Fb0G4MV1RIigOyCGi7D5HdhM8OTk%2FPPzg5ePIevCVw5niGZwHKohq5Bj%2B%2BNJrAqOOe8QpeHVvA1cGjP4%2FYjr%2BNngvA8ltIkwp9V6FvKjAzhC%2F%2BN8ozd3D65%2BY8wE0w4sYFu9w488WRtV5Pa6oV01jRhuJxl8erjMpuHHU564ZqlbdYiNxPxPZa%2FV8AAAD%2F%2FwEAAP%2F%2FQvFw64wEAAA%3D HTTP/1.1
Host: wastedinvaluable.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.mylink.vc/
Cookie: u_pl=15816588; uid_id2=73a684b7-4f62-462b-b405-3a0b20b8bc65:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec01e835b4b880f0a66ecd3cd0ff9e49d1=[3789938]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Tue, 29 Nov 2022 19:02:06 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 5e0c41b7882448ae35b75832d035e237
Strict-Transport-Security: max-age=0; includeSubdomains
e1.o.lencr.org/
23.36.76.226200 OK 346 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3c22f6742a681063615a548ae5fbc532
631eaaad4049c5b6f54eb2b4e127b77240868636
a8e170fec241ad3ec9acc075fa8d7ce2184d129bf69f5ace3e7229aa3bfd59c7
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "A8E170FEC241AD3EC9ACC075FA8D7CE2184D129BF69F5ACE3E7229AA3BFD59C7"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10506
Expires: Tue, 29 Nov 2022 21:57:13 GMT
Date: Tue, 29 Nov 2022 19:02:07 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 346 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3c22f6742a681063615a548ae5fbc532
631eaaad4049c5b6f54eb2b4e127b77240868636
a8e170fec241ad3ec9acc075fa8d7ce2184d129bf69f5ace3e7229aa3bfd59c7
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "A8E170FEC241AD3EC9ACC075FA8D7CE2184D129BF69F5ACE3E7229AA3BFD59C7"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10506
Expires: Tue, 29 Nov 2022 21:57:13 GMT
Date: Tue, 29 Nov 2022 19:02:07 GMT
Connection: keep-alive
wastedinvaluable.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fnotifications%2Fgames%2Fnutaku%2Fmulti%2F2%2Findex.html&l=1300&fd=125
192.243.61.227200 OK 0 B URL HTTP/1.1 wastedinvaluable.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fnotifications%2Fgames%2Fnutaku%2Fmulti%2F2%2Findex.html&l=1300&fd=125
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fnotifications%2Fgames%2Fnutaku%2Fmulti%2F2%2Findex.html&l=1300&fd=125 HTTP/1.1
Host: wastedinvaluable.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.mylink.vc/
Cookie: u_pl=15816588; uid_id2=73a684b7-4f62-462b-b405-3a0b20b8bc65:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec01e835b4b880f0a66ecd3cd0ff9e49d1=[3789938]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Tue, 29 Nov 2022 19:02:07 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
cdn.creative-bars1.com/sb/notifications/games/nutaku/multi/2/img/girls.png
172.64.108.13200 OK 322 kB URL HTTP/2 cdn.creative-bars1.com/sb/notifications/games/nutaku/multi/2/img/girls.png
IP 172.64.108.13:0
File type PNG image data, 729 x 331, 8-bit/color RGBA, non-interlaced\012- data
Size 322 kB (322399 bytes)
Hash 47b7ae41a98644de6d46d58a0e51a793
b0f736609af3c0b3214ee52cc9f0798dcc972df6
b2ad5bf8fc066203168fbceb53b7df6012e8897be344b240e94105af1b4ba0f2
GET /sb/notifications/games/nutaku/multi/2/img/girls.png HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 19:02:07 GMT
content-type: image/png
content-length: 322399
last-modified: Wed, 07 Sep 2022 14:37:32 GMT
etag: "6318acac-4eb5f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 1228207
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l3mHPGWgDwvpe%2BaZW%2BHckK26Osd3boTkZ8pZLaW4thR9FSezk8SBaDrVQq9g9U5Gwe7j4CIuW%2FraspeIMLZqSIijsrV3he3NgG7ikOVa5irM4KuZpuhtoZQd3499w%2Byvj0puES5icISE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 771d98866d0088a3-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 346 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3c22f6742a681063615a548ae5fbc532
631eaaad4049c5b6f54eb2b4e127b77240868636
a8e170fec241ad3ec9acc075fa8d7ce2184d129bf69f5ace3e7229aa3bfd59c7
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "A8E170FEC241AD3EC9ACC075FA8D7CE2184D129BF69F5ACE3E7229AA3BFD59C7"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10506
Expires: Tue, 29 Nov 2022 21:57:13 GMT
Date: Tue, 29 Nov 2022 19:02:07 GMT
Connection: keep-alive
unseenreport.com/pxf.gif?uuid=73a684b7-4f62-462b-b405-3a0b20b8bc65&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=01e835b4b880f0a66ecd3cd0ff9e49d1&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=19
192.243.59.20200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=73a684b7-4f62-462b-b405-3a0b20b8bc65&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=01e835b4b880f0a66ecd3cd0ff9e49d1&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=19
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=73a684b7-4f62-462b-b405-3a0b20b8bc65&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=01e835b4b880f0a66ecd3cd0ff9e49d1&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=19 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.mylink.vc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Tue, 29 Nov 2022 19:02:07 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a325a298059c738ace414a1288e6f2a4
Strict-Transport-Security: max-age=0; includeSubdomains
wastedinvaluable.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fgames%2Fnutaku%2Fmulti%2F2%2Fcss%2Fstyles.css&l=11401&fd=347
192.243.61.227200 OK 0 B URL HTTP/1.1 wastedinvaluable.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fgames%2Fnutaku%2Fmulti%2F2%2Fcss%2Fstyles.css&l=11401&fd=347
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fgames%2Fnutaku%2Fmulti%2F2%2Fcss%2Fstyles.css&l=11401&fd=347 HTTP/1.1
Host: wastedinvaluable.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.mylink.vc/
Cookie: u_pl=15816588; uid_id2=73a684b7-4f62-462b-b405-3a0b20b8bc65:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec01e835b4b880f0a66ecd3cd0ff9e49d1=[3789938]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Tue, 29 Nov 2022 19:02:07 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
wastedinvaluable.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fgames%2Fnutaku%2Fmulti%2F2%2Fcss%2Fanimate.css&l=79249&fd=358
192.243.61.227200 OK 0 B URL HTTP/1.1 wastedinvaluable.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fgames%2Fnutaku%2Fmulti%2F2%2Fcss%2Fanimate.css&l=79249&fd=358
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fgames%2Fnutaku%2Fmulti%2F2%2Fcss%2Fanimate.css&l=79249&fd=358 HTTP/1.1
Host: wastedinvaluable.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.mylink.vc/
Cookie: u_pl=15816588; uid_id2=73a684b7-4f62-462b-b405-3a0b20b8bc65:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec01e835b4b880f0a66ecd3cd0ff9e49d1=[3789938]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Tue, 29 Nov 2022 19:02:07 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
cdn.barscreative1.com/sb/notifications/games/nutaku/multi/2/index.html
45.133.44.3200 OK 2.9 kB URL HTTP/2 cdn.barscreative1.com/sb/notifications/games/nutaku/multi/2/index.html
IP 45.133.44.3:0
ASN #39572 DataWeb Global Group B.V.
Hash bcc20e374487587866f3892443d80f71
12733a6fb36adeafe4679f05709588fc9cb63cfe
679da7573d2d8178953a6e8324cdc1a0df4fda072a5c05672100ff4291705231
Analyzer Verdict Alert fortinet Phishing
GET /sb/notifications/games/nutaku/multi/2/index.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://a.mylink.vc
Connection: keep-alive
Referer: https://a.mylink.vc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 29 Nov 2022 19:02:06 GMT
content-type: text/html; charset=utf-8
server: nginx/1.17.6
last-modified: Thu, 15 Sep 2022 10:38:26 GMT
etag: W/"632300a2-514"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Tue, 29 Nov 2022 20:02:06 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2
wastedinvaluable.com/pixel/sbs?c=1
192.243.61.227200 OK 0 B URL HTTP/1.1 wastedinvaluable.com/pixel/sbs?c=1
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /pixel/sbs?c=1 HTTP/1.1
Host: wastedinvaluable.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.mylink.vc/
Cookie: u_pl=15816588; uid_id2=73a684b7-4f62-462b-b405-3a0b20b8bc65:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec01e835b4b880f0a66ecd3cd0ff9e49d1=[3789938]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Tue, 29 Nov 2022 19:02:07 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
cdn.creative-bars1.com/sb/notifications/games/nutaku/multi/2/css/animate.css
172.64.108.13200 OK 4.9 kB URL HTTP/2 cdn.creative-bars1.com/sb/notifications/games/nutaku/multi/2/css/animate.css
IP 172.64.108.13:0
Hash 61855a8c3552b95c1485f3e4b31b18f2
7c6af9a2d594bffc30cfdafbdfe7f3ff2f9f4c12
6a81511fba44103cb083c2dc119fa881f1d717b2c1e0952491075946f7e03b1d
GET /sb/notifications/games/nutaku/multi/2/css/animate.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://a.mylink.vc
Connection: keep-alive
Referer: https://a.mylink.vc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 29 Nov 2022 19:02:07 GMT
content-type: text/css
last-modified: Thu, 15 Sep 2022 10:38:28 GMT
etag: W/"632300a4-13591"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oitBd1ql%2Fd%2FaaQ%2BB8izDNBmiTNPGZKn1fFJggChfzdCKHEXv60Gln%2BlhC%2FdKV37rHvDjp0zoHMDgFyz9mZJMkMO%2Bt4ndhD4uUoegwQG0ko8UunycYKKUjrupOMmBW2NUk%2BPPNjTQ%2B5zF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 771d98864cc988a3-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/notifications/games/nutaku/multi/2/js/jquery.min.js
172.64.108.13200 OK 32 kB URL HTTP/2 cdn.creative-bars1.com/sb/notifications/games/nutaku/multi/2/js/jquery.min.js
IP 172.64.108.13:0
File type ASCII text, with very long lines (65451)
Hash 6e4c3ab595e4135f933ffebbd16a11f3
7d901457411fae95ade4a6958b89eeaab55b1840
c5953373777eb5e51023271ef08670639be6e6f89b2ae6387437cf2db875c09f
GET /sb/notifications/games/nutaku/multi/2/js/jquery.min.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 19:02:07 GMT
content-type: application/javascript
last-modified: Thu, 18 Aug 2022 08:55:27 GMT
etag: W/"62fdfe7f-15d94"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 1228207
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I0ZwBgbIpwlD4C2PmWo5Zf6wdj8ByK9PvX7COya3g5lS7w2t2zQwnZnErrwCCMb3hjfAfTu90RlRCaW5sIYiqB6c1gYY8njl7yLhAjh0ZBraqzm888xlG04DfiPg0nDnGgm9XTwJGcxv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 771d98866d0188a3-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/notifications/games/nutaku/multi/2/fonts/Mister-London-Sans.woff2
172.64.108.13200 OK 7.7 kB URL HTTP/2 cdn.creative-bars1.com/sb/notifications/games/nutaku/multi/2/fonts/Mister-London-Sans.woff2
IP 172.64.108.13:0
File type Web Open Font Format (Version 2), TrueType, length 7664, version 1.0\012- data
Hash e41b02c342b94148fdd5e14fb41dcb4a
9d8415fc8df42aa67fa5a6d15d07f58265535cc0
d857f01d0c6fd46a16bf82acf8f6f76e7710524972ef7f88a926a0d97cadca0b
GET /sb/notifications/games/nutaku/multi/2/fonts/Mister-London-Sans.woff2 HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://a.mylink.vc
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 19:02:07 GMT
content-type: application/octet-stream
content-length: 7664
last-modified: Thu, 15 Sep 2022 10:33:29 GMT
etag: "6322ff79-1df0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LQpoHdXmmQOyD5jX3W9b1vp%2FR85T64HGoJdQYq4r95h9e4cUCUEemwTN2S2fV6L2lZZWZPNMP%2BnVRqi524ao22IhM2hHQoCZqSowracZrUDI%2BbtnuXlnr18RRJtjB%2B5EC9S8AJZLxrxf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 771d9888e9ba88a3-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
glimtors.net/custom
139.45.197.251200 OK 39 B IP 139.45.197.251:0
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: glimtors.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://a.mylink.vc/
Content-Type: application/json
Origin: https://a.mylink.vc
Content-Length: 376
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 19:02:09 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: f676738f5fb8120444e1ce431bb4868c
access-control-allow-origin: https://a.mylink.vc
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
my.rtmark.net/gid.js?pub=0&userId=5cbfd9e19473420fbb65e39597928ebb&zoneId=3150479&checkDuplicate=true&ymid=&var=
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?pub=0&userId=5cbfd9e19473420fbb65e39597928ebb&zoneId=3150479&checkDuplicate=true&ymid=&var=
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash ca94ba9a6b955ce4c29c7a87f183bfd7
41aa8e420d4da4fd3f89d0eb90935f6fbaa964aa
291852d5d07805f87c374030f4c407dc816fcdf2a551d2b4bb38055e570a1db8
GET /gid.js?pub=0&userId=5cbfd9e19473420fbb65e39597928ebb&zoneId=3150479&checkDuplicate=true&ymid=&var= HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://a.mylink.vc/
Origin: https://a.mylink.vc
Connection: keep-alive
Cookie: ID=65f377b519c645af8ba5c068f4d2ae05
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 19:02:09 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://a.mylink.vc
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=65f377b519c645af8ba5c068f4d2ae05; expires=Wed, 29 Nov 2023 19:02:09 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/notifications/games/nutaku/multi/2/img/close.svg
172.64.108.13200 OK 0 B URL HTTP/2 cdn.creative-bars1.com/sb/notifications/games/nutaku/multi/2/img/close.svg
IP 172.64.108.13:0
GET /sb/notifications/games/nutaku/multi/2/img/close.svg HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 19:02:07 GMT
content-type: image/svg+xml
last-modified: Thu, 18 Aug 2022 08:55:17 GMT
etag: W/"62fdfe75-415"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 1228207
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zybQjn1urSDEjcbAjVPYgOvHBuweAR6Ytk%2BmEPIphth9JObVO5p9Awtpkz9H%2FFxMG34oXkNvKsF9%2FowYHT5tmIyS5KHy6kvwnNo3SPT8LCODt4z1uOC7Khc7we3V1GvxFOpCmVdbfKDo"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 771d98866cfe88a3-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Ubuntu
142.250.74.138200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Ubuntu
IP 142.250.74.138:0
GET /css?family=Ubuntu HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mylink.name/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 29 Nov 2022 19:02:01 GMT
date: Tue, 29 Nov 2022 19:02:01 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ads.themoneytizer.com/s/gen.js?type=1
185.76.9.17200 OK 0 B URL HTTP/2 ads.themoneytizer.com/s/gen.js?type=1
IP 185.76.9.17:0
ASN #60068 Datacamp Limited
GET /s/gen.js?type=1 HTTP/1.1
Host: ads.themoneytizer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.mylink.vc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 29 Nov 2022 19:02:04 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=604800
x-accel-expires: @1670302965
server: CDN77-Turbo
x-77-nzt: AblMCQ3fAfT/t8QAAA
x-77-nzt-ray: c0a4cc287cebbeb12c578663e4d1c818
x-cache: HIT
x-age: 50359
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
tzegilo.com/stattag.js
172.67.194.45200 OK 0 B IP 172.67.194.45:0
GET /stattag.js HTTP/1.1
Host: tzegilo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.mylink.vc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 29 Nov 2022 19:02:04 GMT
content-type: application/javascript
last-modified: Wed, 23 Nov 2022 15:07:42 GMT
etag: W/"637e373e-32a6"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 2733
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HOEp9LnYWbUll0LvoHm5W5ysebx4IdWRe9EsmsbBK%2FD%2FSGgGSSTqlI1GtiNRkFfaCMMMr2P%2B%2B7uCGTLRb40f81d0n6DSDlREs9a8B%2B74H80%2BYq3DbVP0uM7S2Hb8Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 771d9876cea0b529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
glimtors.net/pfe/current/universal.min.js?v=3.1.407
139.45.197.251200 OK 0 B URL HTTP/2 glimtors.net/pfe/current/universal.min.js?v=3.1.407
IP 139.45.197.251:0
GET /pfe/current/universal.min.js?v=3.1.407 HTTP/1.1
Host: glimtors.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://a.mylink.vc/
Origin: https://a.mylink.vc
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 19:02:05 GMT
content-type: application/javascript
last-modified: Tue, 29 Nov 2022 13:16:49 GMT
etag: W/"63860641-18b14"
access-control-allow-origin: https://a.mylink.vc
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
secure.quantserve.com/quant.js
91.228.74.168200 OK 0 B URL HTTP/2 secure.quantserve.com/quant.js
IP 91.228.74.168:0
GET /quant.js HTTP/1.1
Host: secure.quantserve.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.mylink.vc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 29 Nov 2022 19:02:05 GMT
content-type: application/javascript
accept-ranges: bytes
cache-control: private, max-age=604800
content-encoding: gzip
etag: "nAbmxtqHqaYrwBiADJAeFg=="
expires: Tue, 06 Dec 2022 19:02:05 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
cmp.quantcast.com/tcfv2/42/cmp2ui-en.js
143.204.55.17200 OK 0 B URL HTTP/2 cmp.quantcast.com/tcfv2/42/cmp2ui-en.js
IP 143.204.55.17:0
GET /tcfv2/42/cmp2ui-en.js HTTP/1.1
Host: cmp.quantcast.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.mylink.vc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/javascript;charset=UTF-8
access-control-max-age: 604800
last-modified: Tue, 05 Jul 2022 18:40:26 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
access-control-allow-methods: GET
content-encoding: gzip
date: Mon, 28 Nov 2022 20:03:23 GMT
cache-control: max-age=172800
etag: W/"24932b3e61742029985961c24d35dbb7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Sytjc64-a2CO45cDPVGnTQPIBRrOBpwjX7-kxV1XkrlbSw-gx-u1Ew==
age: 92188
X-Firefox-Spdy: h2
glimtors.net/ntfc.php?p=3150479
139.45.197.251200 OK 0 B URL HTTP/2 glimtors.net/ntfc.php?p=3150479
IP 139.45.197.251:0
GET /ntfc.php?p=3150479 HTTP/1.1
Host: glimtors.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.mylink.vc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 19:02:04 GMT
content-type: application/javascript
last-modified: Tue, 29 Nov 2022 13:16:49 GMT
etag: W/"63860641-37f4"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
mylink.name/?url=magnet:?xt=urn:btih:B4FBDF6DCFE4A75AE1EF171BEA3DBB6E38B3F221&dn=Peter+Tosh+-+Original+Album+Series+(2014)+[FLAC]+[DJ]&tr=udp://tracker.coppersurfer.tk:6969/announce&tr=udp://tracker.leechers-paradise.org:6969/announce&tr=seed.datascene.net/9195069bf4e82f843e0f9e7c1e26c58d/announce&tr=udp://9.rarbg.to:2710/announce&tr=udp://exodus.desync.com:6969/announce&tr=udp://open.stealth.si:80/announce&tr=udp://tracker.tiny-vps.com:6969/announce&tr=udp://open.demonii.si:1337/announce&tr=udp://p4p.arenabg.com:1337/announce&tr=udp://zephir.monocul.us:6969/announce&tr=udp://opentor.org:2710/announce&tr=udp://tracker.zerobytes.xyz:1337/announce&tr=udp://tracker.opentrackr.org:1337/announce&tr=udp://retracker.lanta-net.ru:2710/announce&tr=udp://tracker.opentrackr.org:1337/announce&tr=http://tracker.openbittorrent.com:80/announce&tr=udp://opentracker.i2p.rocks:6969/announce&tr=udp://tracker.internetwarriors.net:1337/announce&tr=udp://tracker.leechers-paradise.org:6969/announce&tr=udp://coppersurfer.tk:6969/announce&tr=udp://tracker.zer0day.to:1337/announce
188.114.97.1302 Found 0 B URL HTTP/2 mylink.name/?url=magnet:?xt=urn:btih:B4FBDF6DCFE4A75AE1EF171BEA3DBB6E38B3F221&dn=Peter+Tosh+-+Original+Album+Series+(2014)+[FLAC]+[DJ]&tr=udp://tracker.coppersurfer.tk:6969/announce&tr=udp://tracker.leechers-paradise.org:6969/announce&tr=seed.datascene.net/9195069bf4e82f843e0f9e7c1e26c58d/announce&tr=udp://9.rarbg.to:2710/announce&tr=udp://exodus.desync.com:6969/announce&tr=udp://open.stealth.si:80/announce&tr=udp://tracker.tiny-vps.com:6969/announce&tr=udp://open.demonii.si:1337/announce&tr=udp://p4p.arenabg.com:1337/announce&tr=udp://zephir.monocul.us:6969/announce&tr=udp://opentor.org:2710/announce&tr=udp://tracker.zerobytes.xyz:1337/announce&tr=udp://tracker.opentrackr.org:1337/announce&tr=udp://retracker.lanta-net.ru:2710/announce&tr=udp://tracker.opentrackr.org:1337/announce&tr=http://tracker.openbittorrent.com:80/announce&tr=udp://opentracker.i2p.rocks:6969/announce&tr=udp://tracker.internetwarriors.net:1337/announce&tr=udp://tracker.leechers-paradise.org:6969/announce&tr=udp://coppersurfer.tk:6969/announce&tr=udp://tracker.zer0day.to:1337/announce
IP 188.114.97.1:0
GET /?url=magnet:?xt=urn:btih:B4FBDF6DCFE4A75AE1EF171BEA3DBB6E38B3F221&dn=Peter+Tosh+-+Original+Album+Series+(2014)+[FLAC]+[DJ]&tr=udp://tracker.coppersurfer.tk:6969/announce&tr=udp://tracker.leechers-paradise.org:6969/announce&tr=seed.datascene.net/9195069bf4e82f843e0f9e7c1e26c58d/announce&tr=udp://9.rarbg.to:2710/announce&tr=udp://exodus.desync.com:6969/announce&tr=udp://open.stealth.si:80/announce&tr=udp://tracker.tiny-vps.com:6969/announce&tr=udp://open.demonii.si:1337/announce&tr=udp://p4p.arenabg.com:1337/announce&tr=udp://zephir.monocul.us:6969/announce&tr=udp://opentor.org:2710/announce&tr=udp://tracker.zerobytes.xyz:1337/announce&tr=udp://tracker.opentrackr.org:1337/announce&tr=udp://retracker.lanta-net.ru:2710/announce&tr=udp://tracker.opentrackr.org:1337/announce&tr=http://tracker.openbittorrent.com:80/announce&tr=udp://opentracker.i2p.rocks:6969/announce&tr=udp://tracker.internetwarriors.net:1337/announce&tr=udp://tracker.leechers-paradise.org:6969/announce&tr=udp://coppersurfer.tk:6969/announce&tr=udp://tracker.zer0day.to:1337/announce HTTP/1.1
Host: mylink.name
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
date: Tue, 29 Nov 2022 19:02:00 GMT
content-type: text/html; charset=UTF-8
location: https://mylink.cx/?hash=LXID1-1%2-Yy8iqC6I
set-cookie: view=1; expires=Wed, 30-Nov-2022 19:02:00 GMT; Max-Age=86400
PHPSESSID=4tmaiss70msr9opf2dt72m2b43; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gi7ZBeBgC9NiQXLIITwILCUX1pyYVzAK9EB%2BNitPxz0ZLofeIx6pT44cdKNrU93keOb14ke91i%2Fz%2FkBhbJRQezf3%2FfikhCW6OkI2XTSt6BmIYdHQCOg4WTubxSbLbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 771d985e1ea11bfe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
quantcast.mgr.consensu.org/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/choice.js
143.204.55.17200 OK 0 B URL HTTP/2 quantcast.mgr.consensu.org/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/choice.js
IP 143.204.55.17:0
GET /choice/6Fv0cGNfc_bw8/www.themoneytizer.com/choice.js HTTP/1.1
Host: quantcast.mgr.consensu.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.mylink.vc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 28 Jun 2022 13:53:56 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
cross-origin-resource-policy: cross-origin
content-encoding: br
date: Tue, 29 Nov 2022 19:02:04 GMT
cache-control: max-age=3600
etag: W/"c53bd785b1ee57b613221019d7d72626"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 4yq_8v29pZfRIktnB58Sv5-dKZAw_AyNohG-tGjTaA_BJJE1Pb1Lxw==
age: 48
X-Firefox-Spdy: h2
rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
54.230.111.4200 OK 0 B URL HTTP/2 rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
IP 54.230.111.4:0
GET /rules-p-6Fv0cGNfc_bw8.js HTTP/1.1
Host: rules.quantcount.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.mylink.vc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 13 Oct 2022 22:35:53 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
access-control-allow-methods: GET
content-encoding: gzip
date: Tue, 29 Nov 2022 18:10:28 GMT
cache-control: max-age=3600
etag: W/"1f431dc94c1f033d6666f0fe637e2d7b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: UBLvEPHIbD-dBwHSE6_KvymXT7wnBOuWabdVZsrdwLQEKvx9bi-h6Q==
age: 3098
X-Firefox-Spdy: h2
gum.criteo.com/sync?c=147&r=2&j=criteoCallback
178.250.0.157200 OK 0 B URL HTTP/2 gum.criteo.com/sync?c=147&r=2&j=criteoCallback
IP 178.250.0.157:0
GET /sync?c=147&r=2&j=criteoCallback HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://a.mylink.vc/
Origin: https://a.mylink.vc
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 29 Nov 2022 19:02:05 GMT
content-type: text/javascript; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
expires: 60
access-control-allow-credentials: true
access-control-allow-origin: https://a.mylink.vc
server-processing-duration-in-ticks: 312405
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
mylink.cx/?hash=LXID1-1%2-Yy8iqC6I
104.21.73.80302 Found 0 B URL HTTP/2 mylink.cx/?hash=LXID1-1%2-Yy8iqC6I
IP 104.21.73.80:0
GET /?hash=LXID1-1%2-Yy8iqC6I HTTP/1.1
Host: mylink.cx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
date: Tue, 29 Nov 2022 19:02:00 GMT
content-type: text/html
location: http://mylink.name/?hash=LXID1-1%2-Yy8iqC6I
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pxkbaEa%2FUtj2AidQVf3KrD%2FUyv6gEmXH%2FZMt8lpf7yNYKcuqP1xZ39phRdrBJDdzH8YuJ6A24uMqVEL%2Bpk0rt9kAeBX4VtLWR7CKKRoQMJeXFs7UNRSrccSG%2Bpw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 771d985f7bb1b518-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Ubuntu
142.250.74.138200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Ubuntu
IP 142.250.74.138:0
GET /css?family=Ubuntu HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.mylink.vc/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 29 Nov 2022 19:02:04 GMT
date: Tue, 29 Nov 2022 19:02:04 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
c.aaxads.com/aax.js?ver=1.2&hst=a.mylink.vc&pub=AAX23QE99
104.88.23.134200 OK 0 B URL HTTP/2 c.aaxads.com/aax.js?ver=1.2&hst=a.mylink.vc&pub=AAX23QE99
IP 104.88.23.134:0
GET /aax.js?ver=1.2&hst=a.mylink.vc&pub=AAX23QE99 HTTP/1.1
Host: c.aaxads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.mylink.vc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Apache
content-type: text/javascript; charset=utf-8
x-mnet-h: E
strict-transport-security: max-age=604800
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=1800
expires: Tue, 29 Nov 2022 19:32:04 GMT
date: Tue, 29 Nov 2022 19:02:04 GMT
X-Firefox-Spdy: h2
in-page-push.com/400/3565140
139.45.197.15200 OK 0 B URL HTTP/2 in-page-push.com/400/3565140
IP 139.45.197.15:0
Analyzer Verdict Alert quad9 Sinkholed
GET /400/3565140 HTTP/1.1
Host: in-page-push.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.mylink.vc/
Cookie: OAID=65f377b519c645af8ba5c068f4d2ae05
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 19:02:05 GMT
content-type: application/javascript
x-trace-id: add9248881aef84a2125368ef9d6cf32
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=65f377b519c645af8ba5c068f4d2ae05; expires=Wed, 29 Nov 2023 19:02:05 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
ads.themoneytizer.com/moneybile.js
185.76.9.17200 OK 0 B URL HTTP/2 ads.themoneytizer.com/moneybile.js
IP 185.76.9.17:0
ASN #60068 Datacamp Limited
GET /moneybile.js HTTP/1.1
Host: ads.themoneytizer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.mylink.vc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 19:02:04 GMT
content-type: application/javascript
last-modified: Fri, 12 Mar 2021 17:07:19 GMT
expires: Wed, 30 Nov 2022 05:02:44 GMT
cache-control: max-age=86400, public, no-transform
pragma: public
x-accel-expires: @1669784564
server: CDN77-Turbo
x-77-nzt: AblMCQ04cKP/uMQAAA
x-77-nzt-ray: c0a4cc287cebbeb12c5786630fdf4c1e
x-cache: HIT
x-age: 50360
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
matomo3.org/matomo.js
172.67.211.223200 OK 0 B IP 172.67.211.223:0
GET /matomo.js HTTP/1.1
Host: matomo3.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://a.mylink.vc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 29 Nov 2022 19:02:05 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Thu, 03 Nov 2022 02:54:10 GMT
etag: W/"63632d52-10132"
expires: Tue, 29 Nov 2022 20:02:05 GMT
cache-control: public, max-age=14400
pragma: public
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5z1gVf6OeRXDS2cuqWLMg3%2Bnx6XrQqUC5FvYLIXB6HBi9voPPGFPB7pt9QoOtJLjm6HfRbLoD50CL3ScYilV%2B9Xx3fRP9MpPyIzXdHFZlbeK8IeNEmlpe1wb%2BUmNHw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 771d987b8c6e0b51-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
mc.yandex.ru/watch/90922076?wmode=7&page-url=https%3A%2F%2Fa.mylink.vc%2Fmy%2Fcredit&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afp%3A2551%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A2%3Adp%3A0%3Als%3A1487223639149%3Ahid%3A828446951%3Az%3A0%3Ai%3A20221129190205%3Aet%3A1669748525%3Ac%3A1%3Arn%3A518747806%3Arqn%3A1%3Au%3A1669748525250345588%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C237%2C2%2C849%2C0%2C%2C1476%2C3%2C%2C%2C%2C2616%3Ans%3A1669748522050%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669748525%3At%3AmyLink%20-%20Protect%20your%20link%20-%20Select%20and%20Go&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)rqnl(1)ti(2)
87.250.250.119302 Found 0 B URL HTTP/2 mc.yandex.ru/watch/90922076?wmode=7&page-url=https%3A%2F%2Fa.mylink.vc%2Fmy%2Fcredit&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afp%3A2551%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A2%3Adp%3A0%3Als%3A1487223639149%3Ahid%3A828446951%3Az%3A0%3Ai%3A20221129190205%3Aet%3A1669748525%3Ac%3A1%3Arn%3A518747806%3Arqn%3A1%3Au%3A1669748525250345588%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C237%2C2%2C849%2C0%2C%2C1476%2C3%2C%2C%2C%2C2616%3Ans%3A1669748522050%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669748525%3At%3AmyLink%20-%20Protect%20your%20link%20-%20Select%20and%20Go&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)rqnl(1)ti(2)
IP 87.250.250.119:0
GET /watch/90922076?wmode=7&page-url=https%3A%2F%2Fa.mylink.vc%2Fmy%2Fcredit&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afp%3A2551%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A2%3Adp%3A0%3Als%3A1487223639149%3Ahid%3A828446951%3Az%3A0%3Ai%3A20221129190205%3Aet%3A1669748525%3Ac%3A1%3Arn%3A518747806%3Arqn%3A1%3Au%3A1669748525250345588%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C237%2C2%2C849%2C0%2C%2C1476%2C3%2C%2C%2C%2C2616%3Ans%3A1669748522050%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669748525%3At%3AmyLink%20-%20Protect%20your%20link%20-%20Select%20and%20Go&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://a.mylink.vc
Connection: keep-alive
Referer: https://a.mylink.vc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /watch/90922076/1?wmode=7&page-url=https%3A%2F%2Fa.mylink.vc%2Fmy%2Fcredit&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Ahbzj7lpjz3smdgzs1sf0c%3Afp%3A2551%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A923%3Acn%3A2%3Adp%3A0%3Als%3A1487223639149%3Ahid%3A828446951%3Az%3A0%3Ai%3A20221129190205%3Aet%3A1669748525%3Ac%3A1%3Arn%3A518747806%3Arqn%3A1%3Au%3A1669748525250345588%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C237%2C2%2C849%2C0%2C%2C1476%2C3%2C%2C%2C%2C2616%3Ans%3A1669748522050%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1669748525%3At%3AmyLink%20-%20Protect%20your%20link%20-%20Select%20and%20Go&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29rqnl%281%29ti%282%29
date: Tue, 29 Nov 2022 19:02:06 GMT
access-control-allow-origin: https://a.mylink.vc
set-cookie: yandexuid=4884835291669748526; Expires=Wed, 29-Nov-2023 19:02:06 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=4884835291669748526; Expires=Wed, 29-Nov-2023 19:02:06 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yabs-sid=1731323931669748526; Path=/; SameSite=None; Secure
i=FM5USGgIr3nRVysxSZ86lKQLEr/vFSgx7G/AlZ4jXqrss9N5acwf4e1xAmHzya3O17Q1Xy19RdZiA4W91opQkeWpyyI=; Expires=Fri, 26-Nov-2032 19:02:04 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
ymex=1701284526.yc.1669748526#1701284526.yrts.1669748526#1701284526.yrtsi.1669748526; Expires=Wed, 29-Nov-2023 19:02:06 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Tue, 29-Nov-2022 19:02:06 GMT
last-modified: Tue, 29-Nov-2022 19:02:06 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/notifications/games/nutaku/multi/2/js/main.js
172.64.108.13200 OK 0 B URL HTTP/2 cdn.creative-bars1.com/sb/notifications/games/nutaku/multi/2/js/main.js
IP 172.64.108.13:0
GET /sb/notifications/games/nutaku/multi/2/js/main.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://a.mylink.vc
Connection: keep-alive
Referer: https://a.mylink.vc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 19:02:07 GMT
content-type: application/javascript
last-modified: Wed, 21 Sep 2022 07:29:33 GMT
etag: W/"632abd5d-20ea"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4TZvXrn70utAms%2F0cgDRqbnPOXUJ5mZkKWF4gqz4WymkcfvnOKs97yidvUWZWnai0tTkg2WkGGFT1rG%2BH6hyl23LdqgaCsuGwdSRErQdvLWiS9KK1Y%2F8aIUWAqK3KrdfRHx5yeyjtKNG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 771d98872e8a88a3-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2