firefox.settings.services.mozilla.com/v1/
143.204.55.27200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 1b3053fa528e28810f8a2cc9284cc921
cca9eb471d941881a6b9a1793aecb6c281908f6a
a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sat, 24 Sep 2022 18:14:34 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 bb1da7862c4968b28920b91b324095c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: -Ire5J2SBbmoxTGXM3F6mpHn9I0SyQeDiEHlPX9ZpMW59oTUAC3khw==
Age: 2999
www.fantasysnuff.com/2020/06/amazon-warriors-70.html?m=1
142.250.74.179301 Moved Permanently 205 B URL HTTP/1.1 www.fantasysnuff.com/2020/06/amazon-warriors-70.html?m=1
IP 142.250.74.179:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash ba5460aee79bc23f04da53b0bd6f010d
b3ef9bb23dcf8a86e2d166123f1f4fc72be9c401
d7355b3a07702c82a2db3974b30bd4959b7ae042ceb86b777d24d5b65bfd8ba0
GET /2020/06/amazon-warriors-70.html?m=1 HTTP/1.1
Host: www.fantasysnuff.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Location: https://www.fantasysnuff.com/2020/06/amazon-warriors-70.html?m=1
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Sat, 24 Sep 2022 19:04:33 GMT
Expires: Sat, 24 Sep 2022 19:04:33 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 205
Server: GSE
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 09a973de929ab7452edc342c780d3668
3f14f6e0a36f76863c0aea6fb561c266404a7ea3
e82ca5f310e37267fbf792427747e65c2bb35e684d3f629c0aa302f688bc4f80
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E82CA5F310E37267FBF792427747E65C2BB35E684D3F629C0AA302F688BC4F80"
Last-Modified: Fri, 23 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3291
Expires: Sat, 24 Sep 2022 19:59:24 GMT
Date: Sat, 24 Sep 2022 19:04:33 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.49200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.49:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sat, 24 Sep 2022 04:35:15 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ta1PUdcaNa3O5gOsaa9q2WoTPqEtR12xrTWVTjKQ-h5OyLoPQDGbPA==
age: 52159
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 19:04:33 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/EGY9kBwAG2o
142.250.74.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/EGY9kBwAG2o
IP 142.250.74.3:0
Hash ad78cac5542dd5d6985ceef71be6e12d
49f67c800606efe914504f26e6848e3f84dc14cd
2e26240f2cc8e0b52b8c152c403da6c0edb44f120eeedc5a7d67f9f05a4e0da1
POST /s/gts1d4/EGY9kBwAG2o HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 19:04:33 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.27200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sat, 24 Sep 2022 19:04:17 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Sat, 24 Sep 2022 19:53:07 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: fyfWVjqBYa-H7gMsWAeGEQXqSMEzNtXedaxFvYox9Pqgc2D_jtXmQw==
Age: 16
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a7809de115ea73f8b61f3d20a9978493
01fc65a2b694d7aadd5204d21801e87b2b55b73e
72692486033feeb149424c59576c6c75b17228dfc89b4c369d2e17cc4bff3d52
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2789
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 19:04:34 GMT
Last-Modified: Sat, 24 Sep 2022 18:18:05 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 14c4f50e0f41f858e858b124dcc866ec
1ad2814c77a84887c0f1547a775737e3e6c83f01
fa075971e9f184bf8d79929bbd7e981414d78f12ea06e3246ea4adfa2fbf4eeb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5974
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 19:04:34 GMT
Last-Modified: Sat, 24 Sep 2022 17:25:01 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash f81d321c15c87e7147d792d08ebb7513
47f30d4ca38e6753a393965219321b0394ebb597
390ae5f5435d3f8c8b7f1fa8d7e2a3ebf55ea5dbe98aa3528dd562df4c295753
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 19:04:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.fantasysnuff.com/2020/06/amazon-warriors-70.html?m=1
142.250.74.179200 OK 35 kB URL HTTP/2 www.fantasysnuff.com/2020/06/amazon-warriors-70.html?m=1
IP 142.250.74.179:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (6967)
Hash 11e3c73e09d906d21a354c2bddae9dab
d28ee31b3c40e43e4a491853b0f79efa06e34051
025fa3521ef0f50f6d1669c540807b124f8db914c5cbf78176e3a4180333e78f
GET /2020/06/amazon-warriors-70.html?m=1 HTTP/1.1
Host: www.fantasysnuff.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
expires: Sat, 24 Sep 2022 19:04:33 GMT
date: Sat, 24 Sep 2022 19:04:33 GMT
cache-control: private, max-age=0
last-modified: Fri, 23 Sep 2022 14:13:35 GMT
etag: W/"2ea442bcdb620968eeff34ddbe4084450811d0c4e7382128cadcfcbd142aae80"
x-robots-tag: all
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 34709
server: GSE
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash cfbe772bfdcc656e94ceed53256863ca
34055ed3761ab4b69af25a2cb70ca7a337a9f79b
7464464772c70e6a9f1b516b9fc3b60f4e567c10f968c573d5a187f5f22d0722
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 19:04:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash fa5a7fd1c3d5eed2a8816ac62ad73e51
6536f3880457c6ced9534d5cf10615b6daf42aea
3c3a74be5d72d9e2b5ecdaeafbbf3d0029cd5848d2483cfa10da14859deff436
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 19:04:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=UA-158619477-1
142.250.74.72200 OK 42 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-158619477-1
IP 142.250.74.72:0
File type ASCII text, with very long lines (1720)
Hash 7134f212925fc9391abd7b31b2f3dfd7
ea153843654391e1ba21f970ffbcd603b78ff9bd
aa0976d17deb752f6d031f904bf857fced8c474796732319c2875d9b41c08441
GET /gtag/js?id=UA-158619477-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.fantasysnuff.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 24 Sep 2022 19:04:34 GMT
expires: Sat, 24 Sep 2022 19:04:34 GMT
cache-control: private, max-age=900
last-modified: Sat, 24 Sep 2022 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 42208
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.fantasysnuff.com/js/cookienotice.js
142.250.74.179200 OK 2.0 kB URL HTTP/2 www.fantasysnuff.com/js/cookienotice.js
IP 142.250.74.179:0
Hash c4e1ed83d89245089b8a1203be20a377
f3940e1215b89300ef97d57a25993f25243b8688
afa801a129ff6fc98533118275db8a7d4a38fc91f8ab55ed4c19b864255e68d2
GET /js/cookienotice.js HTTP/1.1
Host: www.fantasysnuff.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.fantasysnuff.com/2020/06/amazon-warriors-70.html?m=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 2026
date: Sat, 24 Sep 2022 19:04:34 GMT
expires: Sat, 01 Oct 2022 19:04:34 GMT
cache-control: public, max-age=604800
last-modified: Sat, 24 Sep 2022 17:50:40 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 14c4f50e0f41f858e858b124dcc866ec
1ad2814c77a84887c0f1547a775737e3e6c83f01
fa075971e9f184bf8d79929bbd7e981414d78f12ea06e3246ea4adfa2fbf4eeb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5974
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 19:04:34 GMT
Last-Modified: Sat, 24 Sep 2022 17:25:01 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 279
fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
142.250.74.163200 OK 24 kB URL HTTP/2 fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data
Hash e1b3b5908c9cf23dfb2b9c52b9a023ab
fcd4136085f2a03481d9958cc6793a5ed98e714c
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
GET /s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.fantasysnuff.com
Connection: keep-alive
Referer: https://www.fantasysnuff.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 20 Sep 2022 17:10:21 GMT
expires: Wed, 20 Sep 2023 17:10:21 GMT
cache-control: public, max-age=31536000
age: 352453
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 87f943bbdb905bb7d98cd09ed471f1cb
8aa4bc6edf772758a59d9c4be16583a8fd8c96a3
a22b7ec1475d498aeb0e8eb80aef4f424c5d2651ee231650b116c739273dc4e5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 19:04:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 87f943bbdb905bb7d98cd09ed471f1cb
8aa4bc6edf772758a59d9c4be16583a8fd8c96a3
a22b7ec1475d498aeb0e8eb80aef4f424c5d2651ee231650b116c739273dc4e5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 19:04:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.betteradsystem.com/jquery.dropdown.min.js
185.76.9.26200 OK 43 kB URL HTTP/2 www.betteradsystem.com/jquery.dropdown.min.js
IP 185.76.9.26:0
ASN #60068 Datacamp Limited
File type HTML document, ASCII text, with very long lines (1568), with CRLF line terminators
Hash dbd1f3e74e9563f62205491ba1cf9d52
3af1e08265ea21f11f2b9c01f867ea97fd36385e
e8de28bec278fc7748ccadedbb3744add7df84df27b27bb41845a1ad99e48f4b
GET /jquery.dropdown.min.js HTTP/1.1
Host: www.betteradsystem.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.fantasysnuff.com
Connection: keep-alive
Referer: https://www.fantasysnuff.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 24 Sep 2022 19:04:34 GMT
content-type: application/x-javascript
alt-svc: quic="185.76.9.20:443"; ma=2592000; v="44,43,39"
expires: Fri, 30 Sep 2022 07:22:15 GMT
access-control-allow-origin: *
link: <https://betteradsystem.com/>;rel=preconnect,<https://c.adsco.re/>;rel=preconnect,<https://adsco.re/>;rel=preconnect
cache-control: public, max-age=604800
x-accel-expires: @1664522535
server: CDN77-Turbo
x-77-nzt: AblMCRR97m3/G/YBAA
x-77-nzt-ray: uIeHpn3xPT4
x-cache: HIT
x-age: 128539
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 47522bfe7c507b9d129a4097c9b02dbc
1e8dba4f3f7eae99d80930eee3771641300ae583
7f74cf92e1a8f8e1b91c9a8310cecb336209520e3a1b784bfb2cd1c9035fd257
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 19:04:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2
142.250.74.163200 OK 23 kB URL HTTP/2 fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 23040, version 1.0\012- data
Hash de69cf9e514df447d1b0bb16f49d2457
2ac78601179c3a63ba3f3f3081556b12ddcaf655
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
GET /s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.fantasysnuff.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23040
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 20 Sep 2022 17:10:21 GMT
expires: Wed, 20 Sep 2023 17:10:21 GMT
cache-control: public, max-age=31536000
age: 352453
last-modified: Tue, 26 Apr 2022 15:56:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
apis.google.com/js/platform.js
142.250.74.174200 OK 20 kB URL HTTP/2 apis.google.com/js/platform.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1277)
Hash b5a31516be83fe4f962609045d824f88
939a49a9858bf23561279f9ca2d1941d3256c66f
edb661aa461800e97e3847608a8b2d81cfe345f69a6f84abaa001d8a60500328
GET /js/platform.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.fantasysnuff.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 20361
date: Sat, 24 Sep 2022 19:04:34 GMT
expires: Sat, 24 Sep 2022 19:04:34 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "40c22a9ccbd70870"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash f81d321c15c87e7147d792d08ebb7513
47f30d4ca38e6753a393965219321b0394ebb597
390ae5f5435d3f8c8b7f1fa8d7e2a3ebf55ea5dbe98aa3528dd562df4c295753
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 19:04:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
1.bp.blogspot.com/-2G2I8OCOiT4/Xt0b-aQik1I/AAAAAAAAB94/ABzFXRQkKMUDdQE7WqClT16Xldz-fQbpACLcBGAsYHQ/s1600/7.%2BImage%2BDownload%2Bbutton%2B-%2Btechtspot.png
142.250.74.161200 OK 1.9 kB URL HTTP/2 1.bp.blogspot.com/-2G2I8OCOiT4/Xt0b-aQik1I/AAAAAAAAB94/ABzFXRQkKMUDdQE7WqClT16Xldz-fQbpACLcBGAsYHQ/s1600/7.%2BImage%2BDownload%2Bbutton%2B-%2Btechtspot.png
IP 142.250.74.161:0
File type PNG image data, 238 x 64, 8-bit/color RGB, non-interlaced\012- data
Hash 900d8634c5ca895651c6e8d64c603288
eba861738b785ad5038d9b157dcf9efda0d75ae8
faf25d88e2bb75bd08268feba71f1a7df308a332503431a0b69a48b49a06bdf0
GET /-2G2I8OCOiT4/Xt0b-aQik1I/AAAAAAAAB94/ABzFXRQkKMUDdQE7WqClT16Xldz-fQbpACLcBGAsYHQ/s1600/7.%2BImage%2BDownload%2Bbutton%2B-%2Btechtspot.png HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.fantasysnuff.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v7df"
expires: Sun, 25 Sep 2022 19:04:34 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="7. Image Download button - techtspot.png"
content-type: image/png
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Sat, 24 Sep 2022 19:04:34 GMT
server: fife
content-length: 1873
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/lato/v23/S6u8w4BMUTPHjxsAXC-q.woff2
142.250.74.163200 OK 24 kB URL HTTP/2 fonts.gstatic.com/s/lato/v23/S6u8w4BMUTPHjxsAXC-q.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 24408, version 1.0\012- data
Hash efee2d080d7bebdd2e0aeb2e030813a0
f8d38f9f9584e48c2e469877ebd94232265585f1
bca1d88ada544d9c80872d4da27133fab6d347361fa26e932b47ec9559088fd0
GET /s/lato/v23/S6u8w4BMUTPHjxsAXC-q.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.fantasysnuff.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 24408
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 19 Sep 2022 20:02:00 GMT
expires: Tue, 19 Sep 2023 20:02:00 GMT
cache-control: public, max-age=31536000
age: 428554
last-modified: Tue, 26 Apr 2022 15:50:25 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
push.services.mozilla.com/
44.238.202.79101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.238.202.79:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: cRelaAW3e8NZJ96nhpjA1Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: j7H7RNSlmd0ZRI5nF3nnL70rpiw=
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 4fb51016b82f43bc6ee9f5ace001690c
5390a86aa0a7b82f5d09605b10812567b309d27a
73283fa4b416ee80d2ac87c30d2183afa1ae487a8650563b79adc1f001030f73
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 19:04:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 1cff4f56be1b217fd676fff4644d9673
5ba2a68749b8a9a9d8a3863b18e8f896400a7660
8984cd65d1108783e8a05574eafe5471cc98f807e314ef009d104b9739413946
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 19:04:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 04e873763c0e6e10784b42fa55f10039
02d40b9831cb977e35f3d003515f24d4570efac3
a3f90bd7f0e9d96a3405a9bc52650f338c4e8befbfbe09cc5da2b7778e409713
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 19:04:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 2d756a7c9fda1e845826f4e525b1f83e
749ebb8d4bcf9588c9fda29cb2065e8255512bb3
94294cf693204f6a0dac9228ed7d983d239c045af9fd26db5f274ecf01e5172a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5507
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 19:04:34 GMT
Last-Modified: Sat, 24 Sep 2022 17:32:47 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 280
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash fa5a7fd1c3d5eed2a8816ac62ad73e51
6536f3880457c6ced9534d5cf10615b6daf42aea
3c3a74be5d72d9e2b5ecdaeafbbf3d0029cd5848d2483cfa10da14859deff436
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 19:04:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blogger.com/static/v1/jsbin/3262169375-comment_from_post_iframe.js
216.58.207.201200 OK 6.5 kB URL HTTP/2 www.blogger.com/static/v1/jsbin/3262169375-comment_from_post_iframe.js
IP 216.58.207.201:0
File type ASCII text, with very long lines (1264)
Hash 30af015884191ce4fe52ce1e707baed9
faa1418efa036704d31eb90f4fbd82de456b81b7
0456cf81299c957c8e54dabb00b4d6d96b76be729b1e112d478b34ba56d8059d
GET /static/v1/jsbin/3262169375-comment_from_post_iframe.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.fantasysnuff.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 6499
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 22 Sep 2022 08:22:29 GMT
expires: Fri, 22 Sep 2023 08:22:29 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 21 Sep 2022 20:54:01 GMT
content-type: text/javascript
age: 211325
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 87f943bbdb905bb7d98cd09ed471f1cb
8aa4bc6edf772758a59d9c4be16583a8fd8c96a3
a22b7ec1475d498aeb0e8eb80aef4f424c5d2651ee231650b116c739273dc4e5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 19:04:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 423331d8bae78ba045bea86f1e4c6e7f
8ed72a508ba25a95e6899569180a02728d5edb5c
fb27ab0f1591889639eff81fa012d5c185ecb1b04be5060af2e89e378fc264a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 19:04:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blogger.com/static/v1/widgets/1416043673-widgets.js
216.58.207.201200 OK 57 kB URL HTTP/2 www.blogger.com/static/v1/widgets/1416043673-widgets.js
IP 216.58.207.201:0
File type ASCII text, with very long lines (2221)
Hash c6aef9cbd2abf926a23970b70f8a24c2
78972b4f41a7d2580c383da41e3a472c4cfc647a
111111066b8f3fddcd24cedce8c4e8b93a1d9e9b8e3f5f2959172da5adda14b6
GET /static/v1/widgets/1416043673-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.fantasysnuff.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 56913
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 02:21:33 GMT
expires: Thu, 21 Sep 2023 02:21:33 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 21 Sep 2022 00:51:51 GMT
content-type: text/javascript
age: 319381
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.20.226:0
Hash e01ee5820ee2e89ed1feb83c49ff9da6
9aa47b740e0d76b1da6d8e26dcc42dc8ddb5ad59
1e1d99983fd7627e8ee158ca8ceacb42359d45c744dda41b8a2ac3215bd2d5b3
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 24 Sep 2022 19:04:34 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Wed, 28 Sep 2022 15:55:44 GMT
ETag: "9aa47b740e0d76b1da6d8e26dcc42dc8ddb5ad59"
Last-Modified: Sat, 24 Sep 2022 15:55:45 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1231
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74fdc95f5f610b4d-OSL
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 04e873763c0e6e10784b42fa55f10039
02d40b9831cb977e35f3d003515f24d4570efac3
a3f90bd7f0e9d96a3405a9bc52650f338c4e8befbfbe09cc5da2b7778e409713
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 19:04:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
streamtape.com/ad.js
104.21.47.209200 OK 20 B IP 104.21.47.209:0
File type ASCII text, with no line terminators
Hash 69a305bcdc8e061bbd43294a477a3678
506582a1d912d546f5942d95ffae95ec7f4c37ce
8964d85afd6d5d84b97872464646809c952ab900cdf5c5d7c3b7b4bdb74202fa
GET /ad.js HTTP/1.1
Host: streamtape.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://streamtape.com/e/0zMxrjPypBcbxAj/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 19:04:34 GMT
content-type: application/javascript; charset=utf-8
content-length: 20
last-modified: Thu, 20 Aug 2020 18:55:14 GMT
etag: "5f3ec712-14"
cache-control: max-age=345600
cf-cache-status: HIT
age: 6333
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EdsbFDmOwPUM78yIR%2F%2BzErTDBX%2BTX1ItoZrqrsIE9eq7XgNc7q9hgvPLhnFcS6mjxYH9jDc7BxE4vWdO%2Bk5tM0GrvFK2NU8i2LsbROQ%2Bqk9JXT0awJHa4o94bTyQOasF9g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fdc95fbeaa0b41-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 2d756a7c9fda1e845826f4e525b1f83e
749ebb8d4bcf9588c9fda29cb2065e8255512bb3
94294cf693204f6a0dac9228ed7d983d239c045af9fd26db5f274ecf01e5172a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5507
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 19:04:34 GMT
Last-Modified: Sat, 24 Sep 2022 17:32:47 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 280
vk.com/js/api/share.js?95
87.240.132.78200 OK 3.0 kB URL HTTP/2 vk.com/js/api/share.js?95
IP 87.240.132.78:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (1077)
Hash 5152f3cb6fe0b11496ea2a8de5bcb963
71572fb3ea4b65b6d9a4d0989b62133b1b39133d
01e8e588dda5b6bfb716d56b7f051f325382b3e0998853757c8e41f66ec30f25
GET /js/api/share.js?95 HTTP/1.1
Host: vk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.fantasysnuff.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: kittenx
date: Sat, 24 Sep 2022 19:04:34 GMT
content-type: application/x-javascript
content-length: 2974
last-modified: Thu, 07 Apr 2022 12:12:57 GMT
etag: "624ed549-b9e"
content-encoding: br
expires: Wed, 28 Sep 2022 19:04:34 GMT
cache-control: max-age=345600
x-frontend: front226205
access-control-expose-headers: X-Frontend
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash e1106bedfa47ab68068e0a8e8e65a5d7
870cf777d1aed7a6191b68b619d83c6c2e965c64
443d9ee4da7dbf8e8b4c178bc8c9ec2e7881070606e5aa99301bea57e549ca78
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 24 Sep 2022 19:04:34 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 22 Sep 2022 00:04:31 GMT
Expires: Thu, 29 Sep 2022 00:04:30 GMT
Etag: "870cf777d1aed7a6191b68b619d83c6c2e965c64"
Cache-Control: max-age=362995,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74fdc95f6e96b4eb-OSL
c.adsco.re/
104.17.166.186200 OK 24 kB IP 104.17.166.186:0
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (689)
Hash a888149012332a18a1a47df7a7c7f362
2e9db990ca5b85c48bf20e2c178f1fe13b10f03a
d1442f81460e9e6b182923628c4b89b00ee7e2c2522442e17dc39267c242b5e5
GET / HTTP/1.1
Host: c.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.fantasysnuff.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 24 Sep 2022 19:04:34 GMT
content-type: text/html
cache-control: public, max-age=2678400
accept-ch: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
permissions-policy: ch-ua=(self "https://adsco.re"),ch-ua-mobile=(self "https://adsco.re"),ch-ua-full-version=(self "https://adsco.re"),ch-ua-platform=(self "https://adsco.re"),ch-ua-platform-version=(self "https://adsco.re"),ch-ua-arch=(self "https://adsco.re"),ch-ua-model=(self "https://adsco.re"),ch-device-memory=(self "https://adsco.re"),ch-downlink=(self "https://adsco.re"),ch-ect=(self "https://adsco.re"),ch-rtt=(self "https://adsco.re"),ch-width=(self "https://adsco.re"),ch-viewport-width=(self "https://adsco.re"),ch-dpr=(self "https://adsco.re")
link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=preconnect
expires: Tue, 25 Oct 2022 19:04:34 GMT
etag: W/"11BCsVfRLqCHC9ZZvH4GUw=="
cf-cache-status: HIT
age: 766786
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fdc95fd87db4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
1.bp.blogspot.com/-Fycs68JvQDA/Xt0b-et7mvI/AAAAAAAAB90/g79NN59azJgwGPf_N2qQgZ2UJWHCqDyzwCLcBGAsYHQ/w320-h302/17.PNG
142.250.74.161200 OK 126 kB URL HTTP/2 1.bp.blogspot.com/-Fycs68JvQDA/Xt0b-et7mvI/AAAAAAAAB90/g79NN59azJgwGPf_N2qQgZ2UJWHCqDyzwCLcBGAsYHQ/w320-h302/17.PNG
IP 142.250.74.161:0
File type PNG image data, 320 x 302, 8-bit/color RGB, non-interlaced\012- data
Size 126 kB (126411 bytes)
Hash a8538ad771e05a481186be75eb5e7002
84c7826a1a26346080893bc7513228b44c2d4bc5
ceb021449841289a3244846e663092c0d93bd62e4c0abff99e846dccf339deb3
GET /-Fycs68JvQDA/Xt0b-et7mvI/AAAAAAAAB90/g79NN59azJgwGPf_N2qQgZ2UJWHCqDyzwCLcBGAsYHQ/w320-h302/17.PNG HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.fantasysnuff.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v7e0"
expires: Sun, 25 Sep 2022 19:04:34 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="17.PNG"
content-type: image/png
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Sat, 24 Sep 2022 19:04:34 GMT
server: fife
content-length: 126411
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
104.18.11.207200 OK 7.4 kB URL HTTP/2 stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
IP 104.18.11.207:0
File type ASCII text, with very long lines (30837)
Hash ebe1839d61a9183b5208ff8c64e3ef75
991f8414554636298a1b9354b05446e430c0ea20
1fc03cd913708e43e0ac658d5d174f2aefde00109c7377f6159927e72e05c10c
GET /font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.fantasysnuff.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 24 Sep 2022 19:04:34 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 11/15/2021 21:49:00
cdn-proxyver: 1.0
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 723
cdn-status: 200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-requestid: 2729ae8f2fc6c761bdc17d91cc795f58
cdn-cache: HIT
cf-cache-status: HIT
age: 9493028
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 74fdc95ddc25b529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Lato:400,400i,500,500i,700,700i
142.250.74.10200 OK 2.7 kB URL HTTP/2 fonts.googleapis.com/css?family=Lato:400,400i,500,500i,700,700i
IP 142.250.74.10:0
File type SVG XML document\012- SVG XML document\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (7657)
Hash 726b8eca84c8d3e3579b79d7b82744cb
52f9543a33060e9275fded5e41fa3b0fa17d9047
7a6d29323d2a4541a039132c3bbec478b45bb17983df8a0f3f9ddd3da7487398
GET /css?family=Lato:400,400i,500,500i,700,700i HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.fantasysnuff.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 24 Sep 2022 19:04:34 GMT
date: Sat, 24 Sep 2022 19:04:34 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash d0ba37610c7690891249cc24d329c2ef
6744d11021e52458b4e9f86200146d3ae6561f60
d94caa42fae0f601596ab7f69ee4ac0d8349986699270bc4d844d38bdd4ea88d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5808
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 19:04:34 GMT
Last-Modified: Sat, 24 Sep 2022 17:27:46 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 278
www.google.com/recaptcha/api.js?render=6LfDWNsUAAAAAGaxIiiQpfv-5_b8zWR4mgv7RKvs
142.250.74.164200 OK 586 B URL HTTP/2 www.google.com/recaptcha/api.js?render=6LfDWNsUAAAAAGaxIiiQpfv-5_b8zWR4mgv7RKvs
IP 142.250.74.164:0
File type ASCII text, with very long lines (884), with no line terminators
Hash 821f83d58fe905f188a9ae45189478ed
03d2c5954a47e954d8ba9dd309cb0ece737c17c4
f1699a6acdd8720b3a096333064e44a987a2138a49d2b19ee0cd30fe8f445708
GET /recaptcha/api.js?render=6LfDWNsUAAAAAGaxIiiQpfv-5_b8zWR4mgv7RKvs HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://streamtape.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Sat, 24 Sep 2022 19:04:34 GMT
date: Sat, 24 Sep 2022 19:04:34 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 586
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
thumb.tapecontent.net/thumb/0zMxrjPypBcbxAj/vYzXLBDLJrfavg.jpg
104.21.235.148200 OK 69 kB URL HTTP/2 thumb.tapecontent.net/thumb/0zMxrjPypBcbxAj/vYzXLBDLJrfavg.jpg
IP 104.21.235.148:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), default quality", baseline, precision 8, 1280x720, components 3\012- data
Hash f5ec21b7d7ba00c920766245a131769a
5ce59b2ed5be9803b58cbb5b06c3ee0ef63594af
31f39cbbc1329292c8b012ac8c0a9dab01d3c1d2dfa3bdcabdfdc97d69b96f26
GET /thumb/0zMxrjPypBcbxAj/vYzXLBDLJrfavg.jpg HTTP/1.1
Host: thumb.tapecontent.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://streamtape.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 24 Sep 2022 19:04:34 GMT
content-type: image/jpeg
content-length: 69265
last-modified: Wed, 30 Sep 2020 14:12:18 GMT
etag: 511c2548b8f3
access-control-allow-origin: *
allow: OPTIONS, GET, HEAD, POST
access-control-allow-headers: Upgrade-Insecure-Requests,Range,Content-Type,If-Modified-Since
access-control-expose-headers: ETag,Expires,Location,Content-Length,Accept-Ranges,Content-Encoding,Content-Range
content-disposition: inline; filename="vYzXLBDLJrfavg.jpg"
cache-control: public, max-age=259200
expires: Tue, 27 Sep 2022 01:14:45 GMT
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7g%2Fzi6RlPJDrp%2BAX79yupo8XyS3dMSfT2YZGABFmVAfSIBxrvnmH0eZbDIUwgXlwymYFdAYKaffOXS6kVNFGmMlydM37MsMMOcVtKmON%2FEoPpa%2BovsIodRRpv3zAlm3otvtnQ7Ns3NM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fdc960ebdd772f-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
6.adsco.re/
104.17.167.186200 OK 0 B IP 104.17.167.186:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: 6.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.fantasysnuff.com
Connection: keep-alive
Referer: https://www.fantasysnuff.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 24 Sep 2022 19:04:34 GMT
content-type: text/plain;charset=UTF-8
content-length: 0
access-control-allow-origin: https://www.fantasysnuff.com
cache-control: private, max-age=10
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-max-age: 2592000
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fdc9618d581bfa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash d0ba37610c7690891249cc24d329c2ef
6744d11021e52458b4e9f86200146d3ae6561f60
d94caa42fae0f601596ab7f69ee4ac0d8349986699270bc4d844d38bdd4ea88d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5808
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 19:04:34 GMT
Last-Modified: Sat, 24 Sep 2022 17:27:46 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 278
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9f344afdec1772f9878becf3ddf39c64
22c87158cb20247fe5e89181ab124e86cbc2948a
2aacf7565424844abc48a116384275b85cc8731c7588f0f027c4dc1f1a5fa925
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2AACF7565424844ABC48A116384275B85CC8731C7588F0F027C4DC1F1A5FA925"
Last-Modified: Sat, 24 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5571
Expires: Sat, 24 Sep 2022 20:37:25 GMT
Date: Sat, 24 Sep 2022 19:04:34 GMT
Connection: keep-alive
4.adsco.re/
162.252.214.5200 OK 62 B IP 162.252.214.5:0
File type ASCII text, with no line terminators
Hash adde5febc7b5b6c2c759ec735cce83a0
77ec17be8a9970ff04663294d41c590d0d24fde4
ce2b9f2e5005195de7add565505005be6f2ef0d37521771e15106d1e1b9260ff
GET / HTTP/1.1
Host: 4.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.fantasysnuff.com
Connection: keep-alive
Referer: https://www.fantasysnuff.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 24 Sep 2022 19:04:34 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Origin: https://www.fantasysnuff.com
Access-Control-Max-Age: 2592000
Cache-Control: private, max-age=5
Content-Encoding: gzip
emavnnqq4o1a.l4.adsco.re/
185.200.118.90200 OK 0 B URL HTTP/1.1 emavnnqq4o1a.l4.adsco.re/
IP 185.200.118.90:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: emavnnqq4o1a.l4.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://www.fantasysnuff.com
Connection: keep-alive
Referer: https://www.fantasysnuff.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 24 Sep 2022 19:04:34 GMT
Content-Type: text/html
Content-Length: 0
Last-Modified: Tue, 31 Jul 2018 22:16:15 GMT
Connection: close
ETag: "5b60dfaf-0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Accept-Ranges: bytes
ocsp.sectigo.com/
104.18.32.68200 OK 281 B IP 104.18.32.68:0
Hash acfbcadde701fb86bc70f74356f4da4c
2ba30a75a3707961f8729e65465a4ca2272e1f63
f84e8390045fb1d1a3153e5b8f3b884328371e70c84de974f1026eed842fe999
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 24 Sep 2022 19:04:34 GMT
Content-Type: application/ocsp-response
Content-Length: 281
Connection: keep-alive
Last-Modified: Fri, 23 Sep 2022 21:53:49 GMT
Expires: Fri, 30 Sep 2022 21:53:48 GMT
Etag: "2ba30a75a3707961f8729e65465a4ca2272e1f63"
Cache-Control: max-age=527953,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74fdc960d838b4eb-OSL
vk.com/images/icons/like_widget.png
87.240.132.78200 OK 538 B URL HTTP/2 vk.com/images/icons/like_widget.png
IP 87.240.132.78:0
File type PNG image data, 19 x 59, 8-bit/color RGBA, non-interlaced\012- data
Hash 88db15ca955d5c8410cfcb486c31ce12
a5b91356b3c67898db40b623689b5c87cb3de8ab
3795726557f64bf66677a94511e34f7d67dd58c73baef60ddb3f9a0cb8f38c1e
GET /images/icons/like_widget.png HTTP/1.1
Host: vk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.fantasysnuff.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: kittenx
date: Sat, 24 Sep 2022 19:04:34 GMT
content-type: image/png
content-length: 538
last-modified: Tue, 22 Sep 2020 20:29:56 GMT
etag: "5f6a5ec4-21a"
expires: Sat, 01 Oct 2022 19:04:34 GMT
cache-control: max-age=604800
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash da90409c72d710432ed4c105d169e42b
7bd965dbe69c0774bd7c6e7735588c9d4beea9ec
bc344255517fec731eb512fa75ff7a6286fd79938d20b9cfe277759c65455612
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 19:04:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 64b39684d4c80b63458f11ed8b8c5d17
6abc0bd0c0318d9e7a362eb3949bfe81a48c6343
c307464d222c4a9e1206586f0ebd7155de49baa84bbce8c8d0d4ce5e122cb076
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 19:04:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 64b39684d4c80b63458f11ed8b8c5d17
6abc0bd0c0318d9e7a362eb3949bfe81a48c6343
c307464d222c4a9e1206586f0ebd7155de49baa84bbce8c8d0d4ce5e122cb076
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 19:04:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 64b39684d4c80b63458f11ed8b8c5d17
6abc0bd0c0318d9e7a362eb3949bfe81a48c6343
c307464d222c4a9e1206586f0ebd7155de49baa84bbce8c8d0d4ce5e122cb076
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 19:04:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash de8a1674c758de5b139275e7e3ba5b39
423ddc60d0c3ee7e0f0504fdc7069f1642ea1763
c7d3b88654a756307bbbb661dc6cd144d057bf7d2752e819d70874a056a2052a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C7D3B88654A756307BBBB661DC6CD144D057BF7D2752E819D70874A056A2052A"
Last-Modified: Sat, 24 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6113
Expires: Sat, 24 Sep 2022 20:46:28 GMT
Date: Sat, 24 Sep 2022 19:04:35 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash da90409c72d710432ed4c105d169e42b
7bd965dbe69c0774bd7c6e7735588c9d4beea9ec
bc344255517fec731eb512fa75ff7a6286fd79938d20b9cfe277759c65455612
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 19:04:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 419de8bd44f32435f5730ab5925e843b
6b352afe88897d6f3c3c2944de370eb96c670644
0c74e6e47c5fb7501624f8e88e5e53ad25e0d059a07ff5df2882bcb86b94a62a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6431
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 19:04:35 GMT
Last-Modified: Sat, 24 Sep 2022 17:17:24 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
connect.facebook.net/en_US/sdk.js
157.240.200.14200 OK 1.7 kB URL HTTP/2 connect.facebook.net/en_US/sdk.js
IP 157.240.200.14:0
File type ASCII text, with very long lines (1961)
Hash 3b0e7a3723389ca599e20f91f0a5df3d
9c1a569b8ab9d2e490630f12b3c36400f248ba65
ec8b7a08f7a9860eb34fbd47334bb19723c6ea9382eaf5606bedc94d97fa6264
GET /en_US/sdk.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.fantasysnuff.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 438d4983a06b708578bde52be8d98d6c
etag: "289b16171396151fcdb434ec7bb5f1a0"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Sat, 24 Sep 2022 19:19:03 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: Ow56NyM4nKWZ4g+R8KXfPQ==
x-fb-debug: oGwzs2LA4l8S30DciTeoSinqGXmFenpahhFJIRdjlW31QTnsbo1ba436uKmcrRFEDeAqTYWLLcJOB8wCAwLzKw==
priority: u=5,i
content-length: 1687
x-fb-trip-id: 1679558926
date: Sat, 24 Sep 2022 19:04:35 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
lh3.googleusercontent.com/-o0HsD7EC5J4/YLkJrDi3NfI/AAAAAAAACxo/exAvOAuuMg4vif48cPhoef3KWYvugCXDwCLcBGAsYHQ/w680/image.png
142.250.74.33200 OK 161 kB URL HTTP/2 lh3.googleusercontent.com/-o0HsD7EC5J4/YLkJrDi3NfI/AAAAAAAACxo/exAvOAuuMg4vif48cPhoef3KWYvugCXDwCLcBGAsYHQ/w680/image.png
IP 142.250.74.33:0
File type PNG image data, 356 x 455, 8-bit/color RGB, non-interlaced\012- data
Size 161 kB (161138 bytes)
Hash bdd2398d565dc43e341539f3cb85aca8
c33dc4b1f0d1df57f2d775fab3b923e1443b58c9
a97d9b352e2fa2d0c0d5eec67f387f7a12f4709b11bb44c0ad5112125f4951d9
GET /-o0HsD7EC5J4/YLkJrDi3NfI/AAAAAAAACxo/exAvOAuuMg4vif48cPhoef3KWYvugCXDwCLcBGAsYHQ/w680/image.png HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.fantasysnuff.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="image.png"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 161138
x-xss-protection: 0
date: Sat, 24 Sep 2022 19:04:35 GMT
expires: Fri, 16 Sep 2022 19:41:34 GMT
cache-control: public, max-age=86400, no-transform
etag: "vb1b"
content-type: image/png
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.fantasysnuff.com/favicon.ico
142.250.74.179200 OK 191 B URL HTTP/2 www.fantasysnuff.com/favicon.ico
IP 142.250.74.179:0
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 3b62c57192271333c729227265b14b12
b31e254f516930a58e26d4973d0ca0da3c94e052
57eda37145b5a4b5137680a1fd30ea38c6d62bbe0534e46987d1b0e9d3468bfa
GET /favicon.ico HTTP/1.1
Host: www.fantasysnuff.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.fantasysnuff.com/2020/06/amazon-warriors-70.html?m=1
Cookie: a=piXkxMlAV0R1vxWhC6MMNa4NR4Ob0RJM
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/x-icon
expires: Sat, 24 Sep 2022 19:04:35 GMT
date: Sat, 24 Sep 2022 19:04:35 GMT
cache-control: private, max-age=86400
last-modified: Fri, 23 Sep 2022 14:13:35 GMT
etag: W/"2ea442bcdb620968eeff34ddbe4084450811d0c4e7382128cadcfcbd142aae80"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 191
server: GSE
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash da90409c72d710432ed4c105d169e42b
7bd965dbe69c0774bd7c6e7735588c9d4beea9ec
bc344255517fec731eb512fa75ff7a6286fd79938d20b9cfe277759c65455612
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 19:04:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 419de8bd44f32435f5730ab5925e843b
6b352afe88897d6f3c3c2944de370eb96c670644
0c74e6e47c5fb7501624f8e88e5e53ad25e0d059a07ff5df2882bcb86b94a62a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6431
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 19:04:35 GMT
Last-Modified: Sat, 24 Sep 2022 17:17:24 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
emavnnqq4o1a.n4.adsco.re/
38.132.109.186200 OK 32 kB URL HTTP/1.1 emavnnqq4o1a.n4.adsco.re/
IP 38.132.109.186:0
Hash 93babd0d47aa9ec1732ced250bfec0d6
6f23859b152582d53a9d18ffe455992a311b8318
d0a24e45e9147d4c8a3bf19be35dcc8ef912e3b0957143088a02ebf0577dfaae
POST / HTTP/1.1
Host: emavnnqq4o1a.n4.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://www.fantasysnuff.com
Connection: keep-alive
Referer: https://www.fantasysnuff.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 24 Sep 2022 19:04:35 GMT
Content-Type: text/html
Content-Length: 0
Last-Modified: Mon, 30 Jul 2018 15:32:42 GMT
Connection: close
ETag: "5b5f2f9a-0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Accept-Ranges: bytes
connect.facebook.net/en_US/sdk.js?hash=f814b6023ad795868767349eeac377a0
157.240.200.14200 OK 89 kB URL HTTP/2 connect.facebook.net/en_US/sdk.js?hash=f814b6023ad795868767349eeac377a0
IP 157.240.200.14:0
File type ASCII text, with very long lines (18598)
Hash 3c0d761491000fd238a19ddb882f9240
f623c055fa926d6ca0d77a05d4d2c394d06096eb
59a57247bbeaaefacb130c8ff3517968f30ddde6b04dc28553ca4711f6d4ceac
GET /en_US/sdk.js?hash=f814b6023ad795868767349eeac377a0 HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.fantasysnuff.com
Connection: keep-alive
Referer: https://www.fantasysnuff.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: c8087d7aa15fad6e2c0b26341ff4277c
etag: "8ccdb7996f3cc80b95311a79991b1b98"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Sun, 24 Sep 2023 17:19:29 GMT
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: PA12FJEAD9I4oZ3biC+SQA==
x-fb-debug: mkhoqILVbbvptGicTp40ac8IpryePaaZYuduv92JosRC9Ssb8x93ccy7JCYyQ0qCXAezl35CuXT4NLvPAwUvww==
content-length: 88799
x-fb-trip-id: 1679558926
date: Sat, 24 Sep 2022 19:04:35 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ad.a-ads.com/1956304?size=250x250
148.251.1.246200 OK 8.2 kB URL HTTP/2 ad.a-ads.com/1956304?size=250x250
IP 148.251.1.246:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (16828)
Hash dbbc45d250ebb27e5deab99bb34eefb8
e7c43fecf1ac3c93954a96ee0291b4c200d350bc
336955701c2e3110e2fb76a679abbc65aacf6e988a5c262338655f10f09b2367
GET /1956304?size=250x250 HTTP/1.1
Host: ad.a-ads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.fantasysnuff.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 19:04:34 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding, Accept-Encoding
status: 200 OK
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-powered-by: Phusion Passenger(R)
x-original-referer: https://www.fantasysnuff.com/
x-robots-tag: noindex, nofollow, nosnippet, noarchive
content-encoding: gzip
X-Firefox-Spdy: h2
fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wWw.ttf
142.250.74.163200 OK 50 kB URL HTTP/2 fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wWw.ttf
IP 142.250.74.163:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (33976)
Hash 8bc0eeb171e27e21fb8da91c7e0bd3e8
50136ec82e63744b5fdba88d170094e4e1175c9a
ccb61b9d9dfd34e0984791c140009fdcba12f30e54c686c6c627d7236476e69c
GET /s/lato/v23/S6uyw4BMUTPHjx4wWw.ttf HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
Origin: https://www.blogger.com
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30418
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 04:16:12 GMT
expires: Thu, 21 Sep 2023 04:16:12 GMT
cache-control: public, max-age=31536000
age: 312503
last-modified: Tue, 26 Apr 2022 15:48:57 GMT
content-type: font/ttf
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiGFH2bqvaM6diDssFyW6PDmH5nMNJSAbKD7TRkQalmrof_Vv85a6Au55ZuwGLZ6Jfuas_ei9O5sKR9VxxNSAALZDw08ixrmH-UmYlXpNvfOfMGd_J5cG-BxwoqAxQAZKsuGBurlkG7c5YtYsz1bG8JhJ36r4gs2CWHbx5BqL1IGMDohDBL148TUiET/w680/image.png
142.250.74.33200 OK 273 kB URL HTTP/2 blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiGFH2bqvaM6diDssFyW6PDmH5nMNJSAbKD7TRkQalmrof_Vv85a6Au55ZuwGLZ6Jfuas_ei9O5sKR9VxxNSAALZDw08ixrmH-UmYlXpNvfOfMGd_J5cG-BxwoqAxQAZKsuGBurlkG7c5YtYsz1bG8JhJ36r4gs2CWHbx5BqL1IGMDohDBL148TUiET/w680/image.png
IP 142.250.74.33:0
File type PNG image data, 581 x 409, 8-bit/color RGB, non-interlaced\012- data
Size 273 kB (273322 bytes)
Hash b4e2fa47ef160583d02747c2848131e1
3e3021384260953084abdc43723e69dd40332952
c41823ba2ac877cda31d0efcb8764dd520f5d9908bf94099f1b500c3c1372528
GET /img/b/R29vZ2xl/AVvXsEiGFH2bqvaM6diDssFyW6PDmH5nMNJSAbKD7TRkQalmrof_Vv85a6Au55ZuwGLZ6Jfuas_ei9O5sKR9VxxNSAALZDw08ixrmH-UmYlXpNvfOfMGd_J5cG-BxwoqAxQAZKsuGBurlkG7c5YtYsz1bG8JhJ36r4gs2CWHbx5BqL1IGMDohDBL148TUiET/w680/image.png HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.fantasysnuff.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "vd31"
expires: Sun, 25 Sep 2022 19:04:35 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="image.png"
content-type: image/png
vary: Origin
x-content-type-options: nosniff
date: Sat, 24 Sep 2022 19:04:35 GMT
server: fife
content-length: 273322
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ee18f2c9c519aef0dc727c9a251df249
3ec6566850ac5c938ffa5add30d3c6a536e71ace
02d8d85298afa297ff4be4f055089b2216d1255b37ea691f6489486511b28c93
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "02D8D85298AFA297FF4BE4F055089B2216D1255B37EA691F6489486511B28C93"
Last-Modified: Sat, 24 Sep 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12145
Expires: Sat, 24 Sep 2022 22:27:00 GMT
Date: Sat, 24 Sep 2022 19:04:35 GMT
Connection: keep-alive
static.a-ads.com/a-ads-banners/407269/250x250?region=eu-central-1
148.251.1.246200 OK 466 kB URL HTTP/2 static.a-ads.com/a-ads-banners/407269/250x250?region=eu-central-1
IP 148.251.1.246:0
ASN #24940 Hetzner Online GmbH
File type GIF image data, version 89a, 250 x 250\012- data
Size 466 kB (465937 bytes)
Hash c4755c4fed7ebf11ab043cf518d6511a
771c5b7d51eb43a325136731308d5a7ceca0fd2c
f51458465793205f1d092a1fb60da41eefe931f0cd1567435dcd21daf3d9f7bd
GET /a-ads-banners/407269/250x250?region=eu-central-1 HTTP/1.1
Host: static.a-ads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ad.a-ads.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 19:04:35 GMT
content-type: image/gif
content-length: 465937
x-amz-id-2: oM2RN5yEJCY2SKIMh1MXjkwROdEJeId/RWyl5Xq5siB1JXlOWsgE9tW0cIh3isoKmkxRaogHuAg=
x-amz-request-id: 4NBSWDMFWWCJJTYP
x-amz-replication-status: COMPLETED
last-modified: Fri, 05 Aug 2022 10:27:43 GMT
etag: "c4755c4fed7ebf11ab043cf518d6511a"
cache-control: max-age=315360000
x-amz-version-id: 5JWGvoRu4Es6R.NbD2PCDMUgcPhG960d
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2
blogger.googleusercontent.com/img/a/AVvXsEg8LDjJxi3sBw2Qk-9wDpmBpL_nA1LDAQwff-DS03LIr0drtqK6mOC07SiSG1iROHpufsl22P9h8wxXmFisepJPJf-Kw0eNbuLtn6XLdMIB2PBdFYYB76RCbKMABtW06jtKdrn9V46VVUkdv6QKqgMEEzWU5FKgKYEJLH2kbbd0joDoIaj30try_wFl=w680
142.250.74.33200 OK 271 kB URL HTTP/2 blogger.googleusercontent.com/img/a/AVvXsEg8LDjJxi3sBw2Qk-9wDpmBpL_nA1LDAQwff-DS03LIr0drtqK6mOC07SiSG1iROHpufsl22P9h8wxXmFisepJPJf-Kw0eNbuLtn6XLdMIB2PBdFYYB76RCbKMABtW06jtKdrn9V46VVUkdv6QKqgMEEzWU5FKgKYEJLH2kbbd0joDoIaj30try_wFl=w680
IP 142.250.74.33:0
File type PNG image data, 554 x 520, 8-bit/color RGB, non-interlaced\012- data
Size 271 kB (270584 bytes)
Hash 8b1cac3b18388f22c7177f701f8bc0f3
e4b2dd7b781a652b80161847b8224cacd9a67c1f
0c797e6f838a76741e0e743c064e7ce0a6ba7744b904f397415f64f955888687
GET /img/a/AVvXsEg8LDjJxi3sBw2Qk-9wDpmBpL_nA1LDAQwff-DS03LIr0drtqK6mOC07SiSG1iROHpufsl22P9h8wxXmFisepJPJf-Kw0eNbuLtn6XLdMIB2PBdFYYB76RCbKMABtW06jtKdrn9V46VVUkdv6QKqgMEEzWU5FKgKYEJLH2kbbd0joDoIaj30try_wFl=w680 HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.fantasysnuff.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "vd3b"
expires: Sun, 25 Sep 2022 19:04:35 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="image.png"
content-type: image/png
vary: Origin
x-content-type-options: nosniff
date: Sat, 24 Sep 2022 19:04:35 GMT
server: fife
content-length: 270584
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
blogger.googleusercontent.com/img/a/AVvXsEiWf5BbW1CwmsPHk99SahSUv4Pph0scjWe31BhgF_8bv-bz2-RqBq1Zw6M9AQBHApc6jgjIlBvk4sHP4hy4z5PLpMM7z2c2PVnvNWACW5wFEdskVLjRZXmSaIgvmu9E7Az6-LI0WXkDvO7zU1deKj9WgJT4JfMcoZ-oEY73WyvcJyRgOHiq16jwojP4=w680
142.250.74.33200 OK 218 kB URL HTTP/2 blogger.googleusercontent.com/img/a/AVvXsEiWf5BbW1CwmsPHk99SahSUv4Pph0scjWe31BhgF_8bv-bz2-RqBq1Zw6M9AQBHApc6jgjIlBvk4sHP4hy4z5PLpMM7z2c2PVnvNWACW5wFEdskVLjRZXmSaIgvmu9E7Az6-LI0WXkDvO7zU1deKj9WgJT4JfMcoZ-oEY73WyvcJyRgOHiq16jwojP4=w680
IP 142.250.74.33:0
File type PNG image data, 680 x 369, 8-bit/color RGB, non-interlaced\012- data
Size 218 kB (217865 bytes)
Hash ec5f898f147033ceadb97662b39d81a1
2ea8a99fd7344a3ed30b95a4a6fbf8b036244bff
9458954c968d147acbd452109046d6305c02f6652228fd7944c7a57988bd189d
GET /img/a/AVvXsEiWf5BbW1CwmsPHk99SahSUv4Pph0scjWe31BhgF_8bv-bz2-RqBq1Zw6M9AQBHApc6jgjIlBvk4sHP4hy4z5PLpMM7z2c2PVnvNWACW5wFEdskVLjRZXmSaIgvmu9E7Az6-LI0WXkDvO7zU1deKj9WgJT4JfMcoZ-oEY73WyvcJyRgOHiq16jwojP4=w680 HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.fantasysnuff.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "vd1e"
expires: Sun, 25 Sep 2022 19:04:35 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="image.png"
content-type: image/png
vary: Origin
x-content-type-options: nosniff
date: Sat, 24 Sep 2022 19:04:35 GMT
server: fife
content-length: 217865
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b8675067bf584b754f29d07c751de97d
a89dee4c5ce59ff8234d9a355bf12a2639f2c21d
93b8dc16172b02c03531b5874d9630bd1acf75e3250908270b29ee983030aa6f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "93B8DC16172B02C03531B5874D9630BD1ACF75E3250908270B29EE983030AA6F"
Last-Modified: Sat, 24 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5646
Expires: Sat, 24 Sep 2022 20:38:41 GMT
Date: Sat, 24 Sep 2022 19:04:35 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5456
Expires: Sat, 24 Sep 2022 20:35:31 GMT
Date: Sat, 24 Sep 2022 19:04:35 GMT
Connection: keep-alive
blogger.googleusercontent.com/img/a/AVvXsEglEX0HqaNHT8tLqLoxazcBR5orlSd_uz_rFMR5aL3ftln0VLL5ePAo2ba_YW1zg_Ml356CWKWlgpUXWQ8FpSUqDeNrZ59-8p7t47QjcvcllF-ne2S5BrSfUC3_lVbrO5pF3XvFJ4aJLq0iLlvlGF0otbRtNY8Mdo9sX8VraEFHxeosjWL0Pdvhow8E=w680
142.250.74.33200 OK 236 kB URL HTTP/2 blogger.googleusercontent.com/img/a/AVvXsEglEX0HqaNHT8tLqLoxazcBR5orlSd_uz_rFMR5aL3ftln0VLL5ePAo2ba_YW1zg_Ml356CWKWlgpUXWQ8FpSUqDeNrZ59-8p7t47QjcvcllF-ne2S5BrSfUC3_lVbrO5pF3XvFJ4aJLq0iLlvlGF0otbRtNY8Mdo9sX8VraEFHxeosjWL0Pdvhow8E=w680
IP 142.250.74.33:0
File type PNG image data, 632 x 441, 8-bit/color RGB, non-interlaced\012- data
Size 236 kB (235774 bytes)
Hash f0713a131ec72e3c4972f005f99aa118
fb79d4fa2a9a5e7ef47b5445791a75e99558b0b7
c19c59a5c8e0ed06b9cab5d0bfd6b9865225eb59afe3cb0a783654c1a5e1bbee
GET /img/a/AVvXsEglEX0HqaNHT8tLqLoxazcBR5orlSd_uz_rFMR5aL3ftln0VLL5ePAo2ba_YW1zg_Ml356CWKWlgpUXWQ8FpSUqDeNrZ59-8p7t47QjcvcllF-ne2S5BrSfUC3_lVbrO5pF3XvFJ4aJLq0iLlvlGF0otbRtNY8Mdo9sX8VraEFHxeosjWL0Pdvhow8E=w680 HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.fantasysnuff.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "vd38"
expires: Sun, 25 Sep 2022 19:04:35 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="image.png"
content-type: image/png
vary: Origin
x-content-type-options: nosniff
date: Sat, 24 Sep 2022 19:04:35 GMT
server: fife
content-length: 235774
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5456
Expires: Sat, 24 Sep 2022 20:35:31 GMT
Date: Sat, 24 Sep 2022 19:04:35 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5456
Expires: Sat, 24 Sep 2022 20:35:31 GMT
Date: Sat, 24 Sep 2022 19:04:35 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F96ebb238-493f-4ccc-a8d9-7a7c6f8ab469.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F96ebb238-493f-4ccc-a8d9-7a7c6f8ab469.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5a4b36e1bf29c9c82f069cdd3c50874c
d2180d40ceb16924a87a41aad90dedb0bb912085
aab96d28ea8e21e6d37449eba400cac45acced1825ebdb27853d17ae4f993b00
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F96ebb238-493f-4ccc-a8d9-7a7c6f8ab469.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7963
x-amzn-requestid: cadfa4ff-473d-4927-bdf6-3aad64cddf18
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y7sQbHTCIAMFfZg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632e2735-41d711e5210099aa6273dd86;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 21:37:57 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: g0NS7XamCzSMKmm1-mLnWLwUuBoJczvwSmTb0c_7klsY78wbrg4bRw==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 21:57:02 GMT
age: 76053
etag: "d2180d40ceb16924a87a41aad90dedb0bb912085"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd719f7db-20e1-4834-9525-3117f1824f36.webp
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd719f7db-20e1-4834-9525-3117f1824f36.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash aa150280eb113504d61a25935c0f0127
ed04f74fbb4c77b21e2babc51a82857f5e23d169
07df17fffb391aa82efb09e30d97e88fa4dbe6df00e37bb90304f69179f4848e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd719f7db-20e1-4834-9525-3117f1824f36.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10032
x-amzn-requestid: 521c4012-9834-4100-a7ed-30093502f1a9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y7sPBHGYoAMFh-Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632e272c-77b03c321240d76a572d603a;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 21:37:48 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: lAQOV9_fZ2RFvhRKMtDOeRTWJc-Jo1u-DrtJshcQuCSOUXVbNMjhaw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 21:56:56 GMT
age: 76059
etag: "ed04f74fbb4c77b21e2babc51a82857f5e23d169"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5039669-74cb-4d54-9208-94257c765b35.jpeg
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5039669-74cb-4d54-9208-94257c765b35.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 55d224ac83a417772c98bc5080fb6689
a30f9044330824e70dde0dcc785890d981e6fdf5
b2ea4dea200109019a65834b98e31e8fac718a199513810a2819858be2b4470a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5039669-74cb-4d54-9208-94257c765b35.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9935
x-amzn-requestid: 9eb8463d-172a-40a2-8eed-3c97b1260afe
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y7sQ5FARoAMFXQQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632e2738-3709a2f22ecc033532223b26;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 21:38:00 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: e5eETCL5yFnoG4HPx0Qv8hjGnlXx5vOL4syMx9uato8nuIHkSvMezg==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 21:53:50 GMT
age: 76245
etag: "a30f9044330824e70dde0dcc785890d981e6fdf5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb77ad616-c829-40b4-8b70-2be46252d64c.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb77ad616-c829-40b4-8b70-2be46252d64c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8ea5f06ad31f0cedd2cb5c6df82f35f4
60a83a1618ffae06e49ca3002bac1db9980dcfe8
5f6a4cb92c016ef0f229b11d727e9680a15b10782b5bfe9e66ad9d100b458d8d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb77ad616-c829-40b4-8b70-2be46252d64c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10279
x-amzn-requestid: 0f361c26-1f12-421a-9752-7d4fcdf839ac
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4V65GTXIAMF9-Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd045-25677a637307879044de8242;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:14:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: NcnEyVD-vG10pOpPCBMjKGqVw-rstkPIt-oqkIc5urAGE934fxL0VQ==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 04:12:38 GMT
age: 53517
etag: "60a83a1618ffae06e49ca3002bac1db9980dcfe8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffccf6ade-04f7-4d15-943c-bde343725d94.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffccf6ade-04f7-4d15-943c-bde343725d94.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 02a682b4703bb9d6381c762726c05531
1d7f7b4cfdd7425213a21afdd1d5a5d8d11d0e54
fb672de67420a239fe5d7e2588f640150ed29883fe2a46ded160385e3265004c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffccf6ade-04f7-4d15-943c-bde343725d94.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8029
x-amzn-requestid: 2fc5c63d-5cef-42f4-a6d2-b55f51c57af6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4Y0tHjGoAMFcFw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd4ea-73f2f78a2d1ca8fc666d2571;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:34:34 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 7DX67a-HmEh76IorINvRU61AKtSiimdPnHFnYeR2OJezZJ1_mJq0MA==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 21:59:08 GMT
age: 75927
etag: "1d7f7b4cfdd7425213a21afdd1d5a5d8d11d0e54"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 423331d8bae78ba045bea86f1e4c6e7f
8ed72a508ba25a95e6899569180a02728d5edb5c
fb27ab0f1591889639eff81fa012d5c185ecb1b04be5060af2e89e378fc264a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 19:04:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F76fa20bb-9883-4867-b55e-fc56c8f8fc57.jpeg
34.120.237.76200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F76fa20bb-9883-4867-b55e-fc56c8f8fc57.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d8d9af95acfc8b9b431eb1e020157f6d
f6f926be6e265a597aaede424f05fcd7c76fcc20
0b61d6cb0e0908cb8d303b9e951e2854166bd232e0291b5d698a6b757c064e88
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F76fa20bb-9883-4867-b55e-fc56c8f8fc57.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6386
x-amzn-requestid: 4380489e-d0ba-4f67-ac4f-67619ba34422
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y7shGHryIAMF6zg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632e27a0-005f9c783c7722f16c178026;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 21:39:44 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: RuUOjTDRTkcaGFf_hTWrHZ89edOajgGUdl5PjbaUV7CUppat6IYsRg==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 21:52:36 GMT
age: 76319
etag: "f6f926be6e265a597aaede424f05fcd7c76fcc20"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 267300d587831dda7559c30c40cc614e
d7ff0b9754e61f5d4178eddb5e63c3390ab559c8
ec7aad1a3116ce8ef5258b49de87cf3456c8c4890206fa5d46c8e510ded80ac0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 19:04:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
play.google.com/log?format=json&hasfast=true&authuser=0
216.58.207.206200 OK 0 B URL HTTP/2 play.google.com/log?format=json&hasfast=true&authuser=0
IP 216.58.207.206:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Referer: https://www.blogger.com/
Origin: https://www.blogger.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.blogger.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Sat, 24 Sep 2022 19:04:35 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: CONSENT=PENDING+564; expires=Mon, 23-Sep-2024 19:04:35 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 24 Sep 2022 19:04:35 GMT
cache-control: private
X-Firefox-Spdy: h2
play.google.com/log?format=json&hasfast=true&authuser=0
216.58.207.206200 OK 131 B URL HTTP/2 play.google.com/log?format=json&hasfast=true&authuser=0
IP 216.58.207.206:0
File type JSON data\012- , ASCII text, with no line terminators
Hash babb6f090aeebc6f421624475b4aefff
06079b7547949822c118224e51604f4c5ebf80c8
b2fe8b91f31edc7284cc9690e90dd4a38d985598374df68967d917590beb55dd
POST /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
X-Goog-AuthUser: 0
Content-Type: application/x-www-form-urlencoded;charset=utf-8
Content-Length: 1557
Origin: https://www.blogger.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.blogger.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web
content-type: text/plain; charset=UTF-8
content-encoding: gzip
date: Sat, 24 Sep 2022 19:04:35 GMT
server: Playlog
cache-control: private
content-length: 131
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: CONSENT=PENDING+511; expires=Mon, 23-Sep-2024 19:04:35 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 24 Sep 2022 19:04:35 GMT
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js
104.17.24.14200 OK 28 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js
IP 104.17.24.14:0
File type ASCII text, with very long lines (65451)
Hash 4b5f47439b640180cc3450f7de05d0d8
5a0dc9bcab80ddc409dd35fcb00a88fe6846fee2
1f85e8b327f42c17c025d69849914068536d9aa95412fe473ae90ffb2f4ebd82
GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dood.so/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 24 Sep 2022 19:04:35 GMT
content-type: application/javascript; charset=utf-8
content-length: 27958
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb09ed3-15d84"
last-modified: Mon, 04 May 2020 23:01:39 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 9489979
expires: Thu, 14 Sep 2023 19:04:35 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KKJnDfXu1TVY%2Bph%2B0sNqOGyLMB0i3GoE7DZToCbA5QSqtZDi4CKd%2FtIpeIxAEmCixSfjAFnazIBakqS58uYZdvALiLGiQv6rKXeGhM6tKQ2tCDPOnr6fisajgP%2FmgOvSa8oLgUq5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 74fdc9678a2fb518-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.1/jquery.cookie.min.js
104.17.24.14200 OK 591 B URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.1/jquery.cookie.min.js
IP 104.17.24.14:0
File type ASCII text, with very long lines (1266)
Hash 414869f16aa77a65b4928a018f7f1abb
cea521f7a2958a50239526ed6b068f0937527653
afee364ce513c6517247b81cce5eb5eadb1dbbb35e439eb3fa97bbc15fac2cd3
GET /ajax/libs/jquery-cookie/1.4.1/jquery.cookie.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dood.so/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 24 Sep 2022 19:04:35 GMT
content-type: application/javascript; charset=utf-8
content-length: 591
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec1-514"
last-modified: Mon, 04 May 2020 16:11:45 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1863256
expires: Thu, 14 Sep 2023 19:04:35 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KI2b1TjS2DQKnMkhpAzQUmJ0HFDLCn%2Buwksx0J%2BOMeuSN%2FoT8qS0pGdJO9vk%2F1rmKF%2B62ygv5uLSTGeLRvOQFqCvCj8eHQOF3UBEcMKaLkG3JSgJMF0kI%2BGWEPvk5MyvMmlUa31j"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 74fdc967aa59b518-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.fantasysnuff.com/feeds/posts/default?alt=json-in-script&max-results=3&callback=jQuery112408402094514473777_1664046273381&_=1664046273382
142.250.74.179200 OK 3.0 kB URL HTTP/2 www.fantasysnuff.com/feeds/posts/default?alt=json-in-script&max-results=3&callback=jQuery112408402094514473777_1664046273381&_=1664046273382
IP 142.250.74.179:0
File type ASCII text, with very long lines (13117)
Hash 2ef3804e7876a004d0a698c833e9bd29
fbd96802e51878169c7f3dd26148f22a4b065454
587c808d51184606cb469eecdaf1c695d289d127023ac0c9c102e19845e9f640
GET /feeds/posts/default?alt=json-in-script&max-results=3&callback=jQuery112408402094514473777_1664046273381&_=1664046273382 HTTP/1.1
Host: www.fantasysnuff.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.fantasysnuff.com/2020/06/amazon-warriors-70.html?m=1
Cookie: a=piXkxMlAV0R1vxWhC6MMNa4NR4Ob0RJM
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
content-encoding: gzip
etag: W/"b7e021421a2e219e9ffb291bbf96b1ab8568f5541d17fec42f4721e37302c2b2"
date: Sat, 24 Sep 2022 19:04:35 GMT
content-type: text/javascript; charset=UTF-8
server: blogger-renderd
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
vary: Accept-Encoding
expires: Sat, 24 Sep 2022 19:04:36 GMT
x-content-type-options: nosniff
x-xss-protection: 0
last-modified: Fri, 23 Sep 2022 14:13:35 GMT
content-length: 2998
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
zap.buzz/8YbYQea
104.21.53.136302 Found 714 B IP 104.21.53.136:0
Hash cc22176b44624a6648577c9ecdcbbfa3
e1785d767504c9f22a31cb76f6c14afe8b9d76b2
191ded394abd060b71fea59a16ee9862d33485b39e5b3d2a5fc7bc5f67e0359f
GET /8YbYQea HTTP/1.1
Host: zap.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sat, 24 Sep 2022 19:04:35 GMT
content-type: text/html; charset=utf-8
location: https://xml.popmonetizer.com/redirect?feed=457655&auth=BcObps&pubid=155183
vary: Cookie
set-cookie: session=eyJfcGVybWFuZW50Ijp0cnVlfQ.Yy9Uww.OQfvxMlpe9AVnBbR5wi-x0BdKaw; Expires=Sat, 24 Sep 2022 19:34:35 GMT; HttpOnly; Path=/
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AJjYGw26X9lKnREsNjeTIk89fHTb4lcXRr5zlHvAI5%2BX2MjRtgJpFBEH8Gr0zygLg4P%2B2l6NIylFilgmgM3mwxY2HfNARxPTNE4wd4YKS95IKeVa2gVIHq6uAg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74fdc967080c0b4d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 344 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b8361edb2d37c71e715b6e297767afb9
a164e40a38f4083cad7868c0326b475b97e6ea35
dcddfda5b8fe7620475d5bec9f121c5e28df523643fdad582b1a4291f1ef2bf4
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "DCDDFDA5B8FE7620475D5BEC9F121C5E28DF523643FDAD582B1A4291F1EF2BF4"
Last-Modified: Fri, 23 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9453
Expires: Sat, 24 Sep 2022 21:42:08 GMT
Date: Sat, 24 Sep 2022 19:04:35 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 344 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b8361edb2d37c71e715b6e297767afb9
a164e40a38f4083cad7868c0326b475b97e6ea35
dcddfda5b8fe7620475d5bec9f121c5e28df523643fdad582b1a4291f1ef2bf4
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "DCDDFDA5B8FE7620475D5BEC9F121C5E28DF523643FDAD582B1A4291F1EF2BF4"
Last-Modified: Fri, 23 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9453
Expires: Sat, 24 Sep 2022 21:42:08 GMT
Date: Sat, 24 Sep 2022 19:04:35 GMT
Connection: keep-alive
i.doodcdn.co/ads/ad.js
104.26.7.74200 OK 18 B IP 104.26.7.74:0
File type ASCII text, with no line terminators
Hash 071c641b229d2bfadd243b8fa2a9c88d
4048ed3ad506f9bb9052c23283912d0cfea8bcc6
3716878d3ceb2042b22c092b31c6f43cc862f8464e92ddde416a49624b32716e
GET /ads/ad.js HTTP/1.1
Host: i.doodcdn.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dood.so/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 24 Sep 2022 19:04:35 GMT
content-type: application/javascript
content-length: 18
access-control-allow-origin: *
cache-control: public, max-age=2592000
cf-bgj: minify
cf-polished: origSize=20
expires: Sat, 23 Sep 2023 08:04:32 GMT
last-modified: Mon, 03 Jan 2022 15:38:36 GMT
vary: User-Agent,Accept-Encoding
cf-cache-status: HIT
age: 69039
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zJmRmo%2BBJbpJkv2j0joF2kGV%2B9DI9TUHUoKuY0aEMrTGQNprwNr3T22yx3cNELGuv%2FFSeU0IoUlraoPB%2FoWj2gJqHKHN6Pgi013aBQNQpLflMMOFuYrFlidyjHvQdA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74fdc9680c40b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
i.doodcdn.co/img/no_video_3.svg
104.26.7.74200 OK 2.8 kB URL HTTP/2 i.doodcdn.co/img/no_video_3.svg
IP 104.26.7.74:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document, ASCII text, with very long lines (2789)
Hash 077bfdaa49ae4877a42611b739ec4752
a2f9e1222b7af9abc05122411ab8902efcc08ead
70d6a17097a8c27edfaad6740e11359d9363f3f04bff1b93483e29c25609fa6c
GET /img/no_video_3.svg HTTP/1.1
Host: i.doodcdn.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dood.so/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 19:04:35 GMT
content-type: image/svg+xml
content-length: 2812
last-modified: Mon, 03 Jan 2022 15:38:36 GMT
etag: "61d3187c-afc"
expires: Sun, 23 Oct 2022 08:07:28 GMT
cache-control: public, max-age=2592000, no-transform
access-control-allow-origin: *
cf-cache-status: HIT
age: 77588
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lcsiO%2BdSjhb3WP7pngx%2BWhwhHLTAq6%2F9vX0lNL0gg7bNT2peMSsa8%2B%2BHrqExRgI5h0aMvyUF%2FyZ9IFG%2FPCxl8f8jGBDyvnBM%2B13XieONeFk%2FWVIxZbJsbJNcPGTAYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fdc967fc37b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
i.doodcdn.co/css/embed.css
104.26.7.74200 OK 80 kB URL HTTP/2 i.doodcdn.co/css/embed.css
IP 104.26.7.74:0
File type Unicode text, UTF-8 text, with very long lines (65532), with no line terminators
Hash 010e9740f2148647b93ae896d452119c
888e44accbd7e78a0654fd4eaf7541269d95e4e9
d33d9d5fc2eef77dd7cda0770e9bc8213f058f2ead19b7d9b7ed731bcd081a47
GET /css/embed.css HTTP/1.1
Host: i.doodcdn.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dood.so/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 24 Sep 2022 19:04:35 GMT
content-type: text/css
content-length: 79720
access-control-allow-origin: *
cache-control: public, max-age=2592000, no-transform
cf-bgj: minify
cf-polished: origSize=79890
etag: "61d3187c-13812"
expires: Sun, 23 Oct 2022 08:04:46 GMT
last-modified: Mon, 03 Jan 2022 15:38:36 GMT
cf-cache-status: HIT
age: 74618
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ECtxTFOb2m4BZS4GRbIlMQE1i1Je%2B0%2BZaoy%2BpaKVHfBEV%2FN583pAxUnouJR3UncMzu6kseORXLqrnqG3AmyinMMNtB9GBmANWxfgaqUjSV7KSnyxk%2B5MrIk4dOCn7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fdc9680c41b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
i.doodcdn.co/js/embed2.js
104.26.7.74200 OK 339 kB URL HTTP/2 i.doodcdn.co/js/embed2.js
IP 104.26.7.74:0
File type Unicode text, UTF-8 text, with very long lines (65528), with no line terminators
Size 339 kB (339271 bytes)
Hash cac27d72c22014f70500e507a7a82231
edcac36287bfc654b2ee6c0fe0727cdc725a9fe5
01c49e02b98bc8a4275650b65787cdd100c362abc7e54e8b9e99396b6117c2c6
GET /js/embed2.js HTTP/1.1
Host: i.doodcdn.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dood.so/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 24 Sep 2022 19:04:35 GMT
content-type: application/javascript
content-length: 339271
access-control-allow-origin: *
cache-control: public, max-age=2592000, no-transform
cf-bgj: minify
cf-polished: origSize=339527
etag: "61d3187c-52e47"
expires: Sun, 23 Oct 2022 19:46:34 GMT
last-modified: Mon, 03 Jan 2022 15:38:36 GMT
cf-cache-status: HIT
age: 69039
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YqHSdRjIGOFsJCDU7hS0PYfXvwA87ZHc7WRkkP2rtMyGt1nHHvcC9fLxwsT9k%2FjUDLzin2AQ5lrfygCbt9OOkeME6D3rv18C74Re5EoRpg%2BySUpUJ2lXsPz%2BDirCTw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fdc967fc30b511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.pncloudfl.com/pn/d1d/5b1/0e9/d1d5b10e96667ea474ba01aad28a028b482d9728.jpg
104.22.59.221200 OK 46 kB URL HTTP/2 cdn.pncloudfl.com/pn/d1d/5b1/0e9/d1d5b10e96667ea474ba01aad28a028b482d9728.jpg
IP 104.22.59.221:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash cb401e4c33d49fa9d4188923cf08d544
57b14ff029de6b8666b8c664d162ee0fdc4b7a6f
983e3b4fda9e9f8e8b0d946d445b0ab6012da61dc792e3e0c290d3797d45c1b6
GET /pn/d1d/5b1/0e9/d1d5b10e96667ea474ba01aad28a028b482d9728.jpg HTTP/1.1
Host: cdn.pncloudfl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://streamtape.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 24 Sep 2022 19:04:35 GMT
content-type: image/webp
content-length: 46146
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
cache-control: max-age=172800
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=86488
content-disposition: inline; filename="d1d5b10e96667ea474ba01aad28a028b482d9728.webp"
etag: c01da817c5a876888f54f0a7e75d5206
expires: Sat, 24 Sep 2022 22:07:36 GMT
last-modified: Sat, 25 Jun 2022 06:05:59 GMT
vary: Accept
x-openstack-request-id: tx0d886941daf84458a6cc7-0062b6a5e4
x-proxy-cache: HIT
x-timestamp: 1656137158.01526
x-trans-id: tx0d886941daf84458a6cc7-0062b6a5e4
cf-cache-status: HIT
age: 161819
accept-ranges: bytes
access-control-allow-origin: *
server: cloudflare
cf-ray: 74fdc968685ab4ff-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.fantasysnuff.com/feeds/posts/default/-/Amazon%20Warriors?alt=json-in-script&max-results=3&callback=jQuery112408402094514473777_1664046273383&_=1664046273384
142.250.74.179200 OK 3.1 kB URL HTTP/2 www.fantasysnuff.com/feeds/posts/default/-/Amazon%20Warriors?alt=json-in-script&max-results=3&callback=jQuery112408402094514473777_1664046273383&_=1664046273384
IP 142.250.74.179:0
File type ASCII text, with very long lines (14058)
Hash 9f49912c9f7d067106453087255ce2a9
37f52ab1c68d5e8a3fd0a3243eb387ef71449c30
a83f765075d475923c10d959c272d7915860306cf1577f7ef91d6382535678fc
GET /feeds/posts/default/-/Amazon%20Warriors?alt=json-in-script&max-results=3&callback=jQuery112408402094514473777_1664046273383&_=1664046273384 HTTP/1.1
Host: www.fantasysnuff.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.fantasysnuff.com/2020/06/amazon-warriors-70.html?m=1
Cookie: a=piXkxMlAV0R1vxWhC6MMNa4NR4Ob0RJM
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
etag: W/"300b7a113ea45a72faba61c30d0a0e5a94a1ea963dadd57829b1f4f9b2baadc8"
date: Sat, 24 Sep 2022 19:04:35 GMT
content-type: text/javascript; charset=UTF-8
server: blogger-renderd
expires: Sat, 24 Sep 2022 19:04:36 GMT
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
x-content-type-options: nosniff
x-xss-protection: 0
last-modified: Fri, 23 Sep 2022 14:13:35 GMT
content-encoding: gzip
content-length: 3135
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
cdn.pncloudfl.com/pn/7e4/14a/f69/7e414af69a8398dbd277d2a568900209aadf8344.png
104.22.59.221200 OK 26 kB URL HTTP/2 cdn.pncloudfl.com/pn/7e4/14a/f69/7e414af69a8398dbd277d2a568900209aadf8344.png
IP 104.22.59.221:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash b6d761b7b5c023024688500314127cd4
f551b98cae17ec049b718c69cb2331d90a6f6744
83007760fba67e5f90582e905166ea09d3898fcadee33c1cbd648aa8570c9fd6
GET /pn/7e4/14a/f69/7e414af69a8398dbd277d2a568900209aadf8344.png HTTP/1.1
Host: cdn.pncloudfl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://streamtape.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 24 Sep 2022 19:04:35 GMT
content-type: image/webp
content-length: 25916
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control: max-age=172800
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=43190
content-disposition: inline; filename="7e414af69a8398dbd277d2a568900209aadf8344.webp"
etag: f61b34793263f04710039a549ae72cbc
expires: Sat, 24 Sep 2022 21:44:45 GMT
last-modified: Mon, 23 Mar 2020 14:47:21 GMT
vary: Accept
x-openstack-request-id: tx4718e70e0011494f8a57f-0061b0ba7a
x-proxy-cache: HIT
x-timestamp: 1584974840.94302
x-trans-id: tx4718e70e0011494f8a57f-0061b0ba7a
cf-cache-status: HIT
age: 163190
accept-ranges: bytes
access-control-allow-origin: *
server: cloudflare
cf-ray: 74fdc9686860b4ff-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.pncloudfl.com/pn/087/982/9a0/0879829a09c40b64dbdc0f242a35b72ffac08aa6.png
104.22.59.221200 OK 48 kB URL HTTP/2 cdn.pncloudfl.com/pn/087/982/9a0/0879829a09c40b64dbdc0f242a35b72ffac08aa6.png
IP 104.22.59.221:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 42bb8b4570405a983f11eff4dcd64805
56c53e3cd3ce629d4abc85fdc51eb0f24707490b
0acafaf87c21729534ca344a86bf598dc835166b211241b8f221d28fa90f0851
GET /pn/087/982/9a0/0879829a09c40b64dbdc0f242a35b72ffac08aa6.png HTTP/1.1
Host: cdn.pncloudfl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://streamtape.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 24 Sep 2022 19:04:35 GMT
content-type: image/webp
content-length: 47686
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
cache-control: max-age=172800
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=78045
content-disposition: inline; filename="0879829a09c40b64dbdc0f242a35b72ffac08aa6.webp"
etag: 0713b5bb31c6e4567cfad608b49c7b62
expires: Sat, 24 Sep 2022 22:06:48 GMT
last-modified: Sat, 25 Jun 2022 11:34:30 GMT
vary: Accept
x-openstack-request-id: tx91ee5175127347938240f-0062b6fb07
x-proxy-cache: HIT
x-timestamp: 1656156869.15703
x-trans-id: tx91ee5175127347938240f-0062b6fb07
cf-cache-status: HIT
age: 161867
accept-ranges: bytes
access-control-allow-origin: *
server: cloudflare
cf-ray: 74fdc968887cb4ff-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img.doodcdn.co/snaps/s352uctm18vjuhma.jpg
104.26.7.74200 OK 13 kB URL HTTP/2 img.doodcdn.co/snaps/s352uctm18vjuhma.jpg
IP 104.26.7.74:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 720x405, components 3\012- data
Hash 3a1620c33fdfb097d6bfe36659b04677
d4ec7bf49576d868822bbbff0876ddae5e3b6766
421426a5c8b9457fd2fd306d14e5783a256874e451cbe4bcd002388f19c15d4e
GET /snaps/s352uctm18vjuhma.jpg HTTP/1.1
Host: img.doodcdn.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dood.so/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 19:04:35 GMT
content-type: image/jpeg
content-length: 12876
access-control-allow-origin: *
cache-control: max-age=1209600
cf-bgj: imgq:100,h2pri
cf-polished: origSize=15063, status=webp_bigger
etag: "61ea2633-3ad7"
expires: Fri, 07 Oct 2022 20:56:53 GMT
last-modified: Fri, 21 Jan 2022 03:19:15 GMT
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EtqkwSfQZKgFl2UIHLnJ8PFhlqxsdJu%2Bo%2FTiZbjEJH9lopk58M7912ajfafW6cg55uhZ5PAFS0hB6sNKlEynnHGN4NPZIZKy2pRbmAmUqwgUrovxLk2pXETlkSs3oon9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fdc9684c7bb511-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 344 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b8361edb2d37c71e715b6e297767afb9
a164e40a38f4083cad7868c0326b475b97e6ea35
dcddfda5b8fe7620475d5bec9f121c5e28df523643fdad582b1a4291f1ef2bf4
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "DCDDFDA5B8FE7620475D5BEC9F121C5E28DF523643FDAD582B1A4291F1EF2BF4"
Last-Modified: Fri, 23 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9453
Expires: Sat, 24 Sep 2022 21:42:08 GMT
Date: Sat, 24 Sep 2022 19:04:35 GMT
Connection: keep-alive
cdn.pncloudfl.com/pn/cc3/2cb/abf/cc32cbabff4fd2a7482b60d45f37106ee5abab6f.jpg
104.22.59.221200 OK 34 kB URL HTTP/2 cdn.pncloudfl.com/pn/cc3/2cb/abf/cc32cbabff4fd2a7482b60d45f37106ee5abab6f.jpg
IP 104.22.59.221:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 3452c983a6ff7b32d714fc78d5789c44
42b5eb7e18e318c8ab7bc8559a6c7cfa77a95fd4
a7e3057f3cbce05ac4940a33154db62c63afc0ae3e10841f5445f863d564b01e
GET /pn/cc3/2cb/abf/cc32cbabff4fd2a7482b60d45f37106ee5abab6f.jpg HTTP/1.1
Host: cdn.pncloudfl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://streamtape.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 24 Sep 2022 19:04:35 GMT
content-type: image/webp
content-length: 33700
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control: max-age=172800
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=64020
content-disposition: inline; filename="cc32cbabff4fd2a7482b60d45f37106ee5abab6f.webp"
etag: 69e4bc13d35070d7a2d598e0e172a4d6
expires: Sat, 24 Sep 2022 21:10:53 GMT
last-modified: Tue, 30 Jun 2020 07:57:49 GMT
vary: Accept
x-openstack-request-id: tx5cdb40085d6d40f28165a-0061b0ba82
x-proxy-cache: HIT
x-timestamp: 1593503868.31965
x-trans-id: tx5cdb40085d6d40f28165a-0061b0ba82
cf-cache-status: HIT
age: 165222
accept-ranges: bytes
access-control-allow-origin: *
server: cloudflare
cf-ray: 74fdc968a8a5b4ff-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.globalsign.com/gseccovsslca2018
104.18.21.226200 OK 940 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.21.226:0
Hash 6d1a9767025d5d794469bf6fc478ed03
14c73686f9deaa726ee72fd0cc02bd8c5e7e8d2b
b2e46e3d65e96402bd375257924e118fdbbf66095136c6d2904fde2ac6fd365d
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 24 Sep 2022 19:04:35 GMT
Content-Type: application/ocsp-response
Content-Length: 940
Connection: keep-alive
Expires: Wed, 28 Sep 2022 18:19:44 GMT
ETag: "14c73686f9deaa726ee72fd0cc02bd8c5e7e8d2b"
Last-Modified: Sat, 24 Sep 2022 18:19:45 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 489
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74fdc968df4d0afa-OSL
dood.so/e/6wvgc59tuvnj
190.115.31.133200 OK 177 kB IP 190.115.31.133:0
ASN #262254 DDOS-GUARD CORP.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (49626), with no line terminators
Size 177 kB (176641 bytes)
Hash ce18c4ec03ac2d08e846377892cb6be8
c0b870b2d765732703d226f1bfe15b22adf9c085
e750722dd077ab751200c7b6ab2bb25903d922c3c1dbd33665890fa03c31cc47
GET /e/6wvgc59tuvnj HTTP/1.1
Host: dood.so
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.fantasysnuff.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Sat, 24 Sep 2022 19:04:35 GMT
content-type: text/html; charset=UTF-8
expires: Fri, 23 Sep 2022 19:04:35 GMT
set-cookie: __ddg1_=nrEU6mtZMuco981cjJb3; Domain=.dood.so; HttpOnly; Path=/; Expires=Sun, 24-Sep-2023 19:04:35 GMT
lang=1; domain=.dood.so; path=/; HttpOnly
content-encoding: br
vary: Accept-Encoding
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 892c0f8dca499bbd4d6a30db75212ad4
c3bd53c9de1b998ff5d65cf24c9ddd8773375dae
872ad1fc95a5f0125096371e3f58511a2c92289be8a7643107aa6cd88f37a2aa
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 24 Sep 2022 19:04:36 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 22 Sep 2022 11:22:15 GMT
Expires: Thu, 29 Sep 2022 11:22:14 GMT
Etag: "c3bd53c9de1b998ff5d65cf24c9ddd8773375dae"
Cache-Control: max-age=403658,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74fdc968cb76b4eb-OSL
emavnnqq4o1a.s4.adsco.re/
185.200.116.90200 OK 0 B URL HTTP/1.1 emavnnqq4o1a.s4.adsco.re/
IP 185.200.116.90:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: emavnnqq4o1a.s4.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://www.fantasysnuff.com
Connection: keep-alive
Referer: https://www.fantasysnuff.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 24 Sep 2022 19:04:35 GMT
Content-Type: text/html
Content-Length: 0
Last-Modified: Mon, 30 Jul 2018 15:38:01 GMT
Connection: close
ETag: "5b5f30d9-0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Accept-Ranges: bytes
e1.o.lencr.org/
23.36.76.226200 OK 346 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1391a391baf2c6a479b024b43d279964
1eb7d19bf2c877ceb2637b1837358fe92250650d
9ee4c2c0719165bce0567e7cf3977c0690f17bdb23d19ff485314ea7f533a3f1
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "9EE4C2C0719165BCE0567E7CF3977C0690F17BDB23D19FF485314EA7F533A3F1"
Last-Modified: Sat, 24 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11678
Expires: Sat, 24 Sep 2022 22:19:14 GMT
Date: Sat, 24 Sep 2022 19:04:36 GMT
Connection: keep-alive
lame7bsqu8barters.com/solid.gif?z=1876944&abvar=0
62.122.171.6200 OK 43 B URL HTTP/2 lame7bsqu8barters.com/solid.gif?z=1876944&abvar=0
IP 62.122.171.6:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28e463819a210071de3b45ebe7633613
6dccd571828ec0912629119cf7eabfea9f33ddbc
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
Analyzer Verdict Alert quad9 Sinkholed
POST /solid.gif?z=1876944&abvar=0 HTTP/1.1
Host: lame7bsqu8barters.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://streamtape.com
Connection: keep-alive
Referer: https://streamtape.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 19:04:36 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.tag.loaded
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 346 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1391a391baf2c6a479b024b43d279964
1eb7d19bf2c877ceb2637b1837358fe92250650d
9ee4c2c0719165bce0567e7cf3977c0690f17bdb23d19ff485314ea7f533a3f1
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "9EE4C2C0719165BCE0567E7CF3977C0690F17BDB23D19FF485314EA7F533A3F1"
Last-Modified: Sat, 24 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11678
Expires: Sat, 24 Sep 2022 22:19:14 GMT
Date: Sat, 24 Sep 2022 19:04:36 GMT
Connection: keep-alive
mc.yandex.ru/metrika/tag.js
77.88.21.119200 OK 72 kB URL HTTP/2 mc.yandex.ru/metrika/tag.js
IP 77.88.21.119:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (593)
Hash 7a68c8644032413981e4ba5bc0d66c4a
2d46ca8055e8577ae7138140e34a6e633434973c
e0573e9a9cbfc3f00a921fa64c50270f5941a1ebb253ab70af2cc0dac45cb0d5
GET /metrika/tag.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://streamtape.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 72341
date: Sat, 24 Sep 2022 19:04:36 GMT
access-control-allow-origin: *
etag: "632d6d03-11a95"
expires: Sat, 24 Sep 2022 20:04:36 GMT
last-modified: Fri, 23 Sep 2022 11:23:31 GMT
cache-control: max-age=3600
content-encoding: br
content-type: application/javascript
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
cwqljsecvr.com/get/1938828?zoneid=1938828&jp=_claezyrmq0aae9mxo7x1s2&nojs=0&ix=0&abvar=0&t=0&x=630&y=500&wcks=0&wgl=0&cnvs=1&os=0&md=undefined&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=1797904796906579
62.122.171.6200 OK 22 kB URL HTTP/2 cwqljsecvr.com/get/1938828?zoneid=1938828&jp=_claezyrmq0aae9mxo7x1s2&nojs=0&ix=0&abvar=0&t=0&x=630&y=500&wcks=0&wgl=0&cnvs=1&os=0&md=undefined&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=1797904796906579
IP 62.122.171.6:0
Hash e91f0e13d90212453e3eb794c142deac
cfce902bed1856f92d199f19500075366d2fab6d
163a43fd5115fb83301692e237fe0212270b0efe163a40717401948e31565af3
Analyzer Verdict Alert quad9 Sinkholed
GET /get/1938828?zoneid=1938828&jp=_claezyrmq0aae9mxo7x1s2&nojs=0&ix=0&abvar=0&t=0&x=630&y=500&wcks=0&wgl=0&cnvs=1&os=0&md=undefined&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=1797904796906579 HTTP/1.1
Host: cwqljsecvr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://streamtape.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 19:04:35 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-route-id: config
set-cookie: UID=220924140415de29b15a55408aadb21dabcb; Path=/; Expires=Sun, 24 Sep 2023 19:04:35 GMT; HttpOnly; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7bd5580d90b5a527a55e9a38cc01af6b
b848c697b16dab03fc39d4d8ab83b80a904041d5
636254c9e68a20b7e17b59a35bcffe36c74db6592bdffde2d2a2f322113b41c0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "636254C9E68A20B7E17B59A35BCFFE36C74DB6592BDFFDE2D2A2F322113B41C0"
Last-Modified: Sat, 24 Sep 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16142
Expires: Sat, 24 Sep 2022 23:33:38 GMT
Date: Sat, 24 Sep 2022 19:04:36 GMT
Connection: keep-alive
xml.popmonetizer.com/redirect?feed=457655&auth=BcObps&pubid=155183
174.137.133.18302 Found 0 B URL HTTP/1.1 xml.popmonetizer.com/redirect?feed=457655&auth=BcObps&pubid=155183
IP 174.137.133.18:0
ASN #27257 WEBAIR-INTERNET
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect?feed=457655&auth=BcObps&pubid=155183 HTTP/1.1
Host: xml.popmonetizer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Sat, 24 Sep 2022 19:04:36 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
Age: 0
Location: http://tsyndicate.com/api/v1/direct/8426a20f1fc94977be4dba886eab95f2?extID=448865_459805
Pragma: no-cache
lame7bsqu8barters.com/aas/r45d/vki/1876944/105dadc5.js
62.122.171.6200 OK 26 kB URL HTTP/2 lame7bsqu8barters.com/aas/r45d/vki/1876944/105dadc5.js
IP 62.122.171.6:0
Hash c7e7000f4344109b169dc48446fb255b
53a818c5fe0ff1c9f553840bccd247fb2a918a74
fd58b5a59b982c95615282f7f3bbc2c30b2b5548b704172fc0a8dd641cc94ae5
Analyzer Verdict Alert quad9 Sinkholed
GET /aas/r45d/vki/1876944/105dadc5.js HTTP/1.1
Host: lame7bsqu8barters.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://streamtape.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 19:04:36 GMT
content-type: application/javascript
last-modified: Wed, 07 Sep 2022 13:38:24 GMT
vary: Accept-Encoding
etag: W/"63189ed0-1091a"
x-js-ab1: current
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2
passedofferundertake.com/6c/1b/11/6c1b1180db34ecc485ebd9c5b6822bfa.js
192.243.59.20200 OK 20 kB URL HTTP/1.1 passedofferundertake.com/6c/1b/11/6c1b1180db34ecc485ebd9c5b6822bfa.js
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with very long lines (59906)
Hash e0e45201276a15081d0f1007982369ab
318d827c4f290a96654a18cbe45ad365e9c4a97c
35802e67dee3aeeae6deb29b3ae26468d8db44c8d4e11d9fc187b7b681ac69f2
Analyzer Verdict Alert quad9 Sinkholed
GET /6c/1b/11/6c1b1180db34ecc485ebd9c5b6822bfa.js HTTP/1.1
Host: passedofferundertake.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dood.so/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Sat, 24 Sep 2022 19:04:36 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: 4b4e7ab587d59b22ad7bcd2439afc363_hd-28118_1=1; expires=Sun, 02 Oct 2022 19:04:36 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 22cc898812f1dd0589fce2a58d66ac79
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
adsco.re/p
162.252.214.5200 OK 170 B IP 162.252.214.5:0
File type ASCII text, with no line terminators
Hash 63515f08c70ab99b5fb4414e76816736
c1ce497656780a24f53093ee8ac7b642923fcf78
73252d7b14180e80b87ecf80134f4974b0d429648e12bb828304a55353559605
POST /p HTTP/1.1
Host: adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 1846
Origin: https://www.fantasysnuff.com
Connection: keep-alive
Referer: https://www.fantasysnuff.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 24 Sep 2022 19:04:36 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
AS-P-1: OK lon123
AS-P-2: OK
AS-P-3: OK
Access-Control-Max-Age: 2592000
Cache-Control: no-transform
Access-Control-Allow-Origin: https://www.fantasysnuff.com
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
vjwpgefcafke.l4.adsco.re/
185.200.118.90200 OK 0 B URL HTTP/1.1 vjwpgefcafke.l4.adsco.re/
IP 185.200.118.90:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: vjwpgefcafke.l4.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://dood.so
Connection: keep-alive
Referer: https://dood.so/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 24 Sep 2022 19:04:36 GMT
Content-Type: text/html
Content-Length: 0
Last-Modified: Tue, 31 Jul 2018 22:16:15 GMT
Connection: close
ETag: "5b60dfaf-0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Accept-Ranges: bytes
limurol.com/ssp/req/1876944/?pb=de6ddc1d5570f6c82c507f1df54333001664053476&psp=SGKGxxj9kdcERJqWiOYAUs9NVMh562pPfSiT0yDQIqqmhb8eV1X_rUqNjdG54gkgCntQQ021Obl1ezrlbAMr6WDrTTlx-cl9f9EgRF-AhCtShlWH3cYNHmEqkbGV-nNzoDiMniMdxe3Z2vrEpPbk8F2PZcqDVo9G8FZyvaYZkr0nyhD7nY4MhWO5CXMUB2_npG0Z2vrQLfOmg15oxGUnBVokRaqPvl3BGmyloHVktcoEKETzc41nDEeY6je3PynwfXFPNGT5RNHAhvvW-O8PuPquqpPjSknYaOnTB90MEPjwQvh1m0789y1QW7VEylSIK2A65FWA9m6ywfFz649dM5-1L-_WzhxZGiMjq8_T0f60uCQnrVCk6Rp08CTSW3ZWmzTDJOOiwEkWq8Zb8rCsSOJQJiC0py8-Vb6Jy5dHDVNtoHJ_Q5XmSKePIdk3feK764LzIiXXinzobRh51NMDbxL16BZC2j_oVXMHrgNRPn9QC-jmVVjJmg1zRR0bEtVZU-jf0E2b_A2QhIZyev1TQWyTzkTeiJUsdqWIEDbO6Y6WTEFD1miUbB0mewL5UYh2nyU2Ex6PJKioTulP2pueobFMFuM4tYcXBWMwSQpjW0kvQgCVTQgBUcRjX04Mb2y6FZ4Z8-A2m2WE&cb=_cl0i9jrkz5d29deu7tlfx6&nojs=0&ix=0&abvar=0&t=0&x=630&y=500&wcks=0&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24
62.122.171.6200 OK 7 B URL HTTP/2 limurol.com/ssp/req/1876944/?pb=de6ddc1d5570f6c82c507f1df54333001664053476&psp=SGKGxxj9kdcERJqWiOYAUs9NVMh562pPfSiT0yDQIqqmhb8eV1X_rUqNjdG54gkgCntQQ021Obl1ezrlbAMr6WDrTTlx-cl9f9EgRF-AhCtShlWH3cYNHmEqkbGV-nNzoDiMniMdxe3Z2vrEpPbk8F2PZcqDVo9G8FZyvaYZkr0nyhD7nY4MhWO5CXMUB2_npG0Z2vrQLfOmg15oxGUnBVokRaqPvl3BGmyloHVktcoEKETzc41nDEeY6je3PynwfXFPNGT5RNHAhvvW-O8PuPquqpPjSknYaOnTB90MEPjwQvh1m0789y1QW7VEylSIK2A65FWA9m6ywfFz649dM5-1L-_WzhxZGiMjq8_T0f60uCQnrVCk6Rp08CTSW3ZWmzTDJOOiwEkWq8Zb8rCsSOJQJiC0py8-Vb6Jy5dHDVNtoHJ_Q5XmSKePIdk3feK764LzIiXXinzobRh51NMDbxL16BZC2j_oVXMHrgNRPn9QC-jmVVjJmg1zRR0bEtVZU-jf0E2b_A2QhIZyev1TQWyTzkTeiJUsdqWIEDbO6Y6WTEFD1miUbB0mewL5UYh2nyU2Ex6PJKioTulP2pueobFMFuM4tYcXBWMwSQpjW0kvQgCVTQgBUcRjX04Mb2y6FZ4Z8-A2m2WE&cb=_cl0i9jrkz5d29deu7tlfx6&nojs=0&ix=0&abvar=0&t=0&x=630&y=500&wcks=0&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24
IP 62.122.171.6:0
File type ASCII text, with no line terminators
Hash a97eb6fbe6f13b601d5d48c0eba8baae
736efb938caf3d0edec406932ada889f1a4f2268
a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821
Analyzer Verdict Alert quad9 Sinkholed
GET /ssp/req/1876944/?pb=de6ddc1d5570f6c82c507f1df54333001664053476&psp=SGKGxxj9kdcERJqWiOYAUs9NVMh562pPfSiT0yDQIqqmhb8eV1X_rUqNjdG54gkgCntQQ021Obl1ezrlbAMr6WDrTTlx-cl9f9EgRF-AhCtShlWH3cYNHmEqkbGV-nNzoDiMniMdxe3Z2vrEpPbk8F2PZcqDVo9G8FZyvaYZkr0nyhD7nY4MhWO5CXMUB2_npG0Z2vrQLfOmg15oxGUnBVokRaqPvl3BGmyloHVktcoEKETzc41nDEeY6je3PynwfXFPNGT5RNHAhvvW-O8PuPquqpPjSknYaOnTB90MEPjwQvh1m0789y1QW7VEylSIK2A65FWA9m6ywfFz649dM5-1L-_WzhxZGiMjq8_T0f60uCQnrVCk6Rp08CTSW3ZWmzTDJOOiwEkWq8Zb8rCsSOJQJiC0py8-Vb6Jy5dHDVNtoHJ_Q5XmSKePIdk3feK764LzIiXXinzobRh51NMDbxL16BZC2j_oVXMHrgNRPn9QC-jmVVjJmg1zRR0bEtVZU-jf0E2b_A2QhIZyev1TQWyTzkTeiJUsdqWIEDbO6Y6WTEFD1miUbB0mewL5UYh2nyU2Ex6PJKioTulP2pueobFMFuM4tYcXBWMwSQpjW0kvQgCVTQgBUcRjX04Mb2y6FZ4Z8-A2m2WE&cb=_cl0i9jrkz5d29deu7tlfx6&nojs=0&ix=0&abvar=0&t=0&x=630&y=500&wcks=0&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24 HTTP/1.1
Host: limurol.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://streamtape.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 19:04:36 GMT
content-type: text/javascript
content-length: 7
x-route-id: ssp.bet
set-cookie: UID=22092414044bdd1287d33945fd9b1a950c73; Path=/; Expires=Sun, 24 Sep 2023 19:04:36 GMT; HttpOnly; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 344 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 13e24f9bf04d6d50a8c2ac7d0e45be55
3ca87e41be3d7f907715ca6f7f8d43cd007bb481
711e7a95012b4c71d8500e0f51be4a3332495c7d29438a813d7cfc30269dc2c1
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "711E7A95012B4C71D8500E0F51BE4A3332495C7D29438A813D7CFC30269DC2C1"
Last-Modified: Fri, 23 Sep 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19555
Expires: Sun, 25 Sep 2022 00:30:31 GMT
Date: Sat, 24 Sep 2022 19:04:36 GMT
Connection: keep-alive
mc.yandex.ru/watch/61426822/1?wmode=7&page-url=https%3A%2F%2Fstreamtape.com%2Fe%2F0zMxrjPypBcbxAj%2F&page-ref=https%3A%2F%2Fwww.fantasysnuff.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afp%3A639%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A92581388593%3Ahid%3A475913410%3Az%3A0%3Ai%3A20220924190435%3Aet%3A1664046275%3Arn%3A597953371%3Arqn%3A1%3Au%3A1664046275629095066%3Aw%3A630x500%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Ads%3A0%2C0%2C0%2C%2C%2C0%2C%2C511%2C0%2C%2C%2C%2C692%3Ans%3A1664046273812%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1664046275%3At%3AStreamtape.com&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29
77.88.21.119200 OK 419 B URL HTTP/2 mc.yandex.ru/watch/61426822/1?wmode=7&page-url=https%3A%2F%2Fstreamtape.com%2Fe%2F0zMxrjPypBcbxAj%2F&page-ref=https%3A%2F%2Fwww.fantasysnuff.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afp%3A639%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A92581388593%3Ahid%3A475913410%3Az%3A0%3Ai%3A20220924190435%3Aet%3A1664046275%3Arn%3A597953371%3Arqn%3A1%3Au%3A1664046275629095066%3Aw%3A630x500%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Ads%3A0%2C0%2C0%2C%2C%2C0%2C%2C511%2C0%2C%2C%2C%2C692%3Ans%3A1664046273812%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1664046275%3At%3AStreamtape.com&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29
IP 77.88.21.119:0
File type JSON data\012- , ASCII text, with very long lines (419), with no line terminators
Hash b15d53e00774041949e5afff2c122149
79b1e642ecaaea6012a14f37281dfc5c8bc84487
8c057da83d9e73bb5e4a1bb3c8aa212fe0c4d90eb0263f8301c6c467385dc7a7
GET /watch/61426822/1?wmode=7&page-url=https%3A%2F%2Fstreamtape.com%2Fe%2F0zMxrjPypBcbxAj%2F&page-ref=https%3A%2F%2Fwww.fantasysnuff.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afp%3A639%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A92581388593%3Ahid%3A475913410%3Az%3A0%3Ai%3A20220924190435%3Aet%3A1664046275%3Arn%3A597953371%3Arqn%3A1%3Au%3A1664046275629095066%3Aw%3A630x500%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Ads%3A0%2C0%2C0%2C%2C%2C0%2C%2C511%2C0%2C%2C%2C%2C692%3Ans%3A1664046273812%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1664046275%3At%3AStreamtape.com&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29 HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://streamtape.com
Referer: https://streamtape.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 419
date: Sat, 24 Sep 2022 19:04:36 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://streamtape.com
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sat, 24-Sep-2022 19:04:36 GMT
last-modified: Sat, 24-Sep-2022 19:04:36 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: application/json; charset=utf-8
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash 0748503adde2cb95a8d0b7a1611c5f80
eee215487ae9ac3cae37a92a4c761fc6d01f3320
67f8645c49b34ea64abd33c9f9429c2b032517d904fd0cddaa5e3d1c44458fa3
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sat, 24 Sep 2022 19:04:36 GMT
Last-Modified: Sat, 24 Sep 2022 17:16:57 GMT
Server: ECS (nyb/1D0D)
X-Cache: Miss from cloudfront
Via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: nY4Z3ZOvS-8DInmeGDS3ieB1HvHPmQnxcQ0oHlQX75qRY_FbjnKpNQ==
Age: 6459
simplewebanalysis.com/stats
52.29.95.124200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 52.29.95.124:0
File type ASCII text, with no line terminators
Hash 0ef4d7a99a2df5d7fcd829213c629227
c4e442e8f93a8cd8c04a991a2da8a3ca6d3001aa
7d625fe2418fafa0174d0c3588bdbf4a334f1edeeb64178153f117c561cd0bf5
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dood.so
Connection: keep-alive
Referer: https://dood.so/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 24 Sep 2022 19:04:37 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://dood.so
access-control-allow-credentials: true
set-cookie: uid_id2=b6203d9f-66ec-4c55-be14-93476794272c:1:1; expires=Tue, 21 Sep 2032 19:04:37 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
limurol.com/ssp/req/1876944/?pb=de6ddc1d5570f6c82c507f1df54333001664053476&psp=SGKGxxj9kdcERJqWiOYAUs9NVMh562pPfSiT0yDQIqqmhb8eV1X_rUqNjdG54gkgCntQQ021Obl1ezrlbAMr6WDrTTlx-cl9f9EgRF-AhCtShlWH3cYNHmEqkbGV-nNzoDiMniMdxe3Z2vrEpPbk8F2PZcqDVo9G8FZyvaYZkr0nyhD7nY4MhWO5CXMUB2_npG0Z2vrQLfOmg15oxGUnBVokRaqPvl3BGmyloHVktcoEKETzc41nDEeY6je3PynwfXFPNGT5RNHAhvvW-O8PuPquqpPjSknYaOnTB90MEPjwQvh1m0789y1QW7VEylSIK2A65FWA9m6ywfFz649dM5-1L-_WzhxZGiMjq8_T0f60uCQnrVCk6Rp08CTSW3ZWmzTDJOOiwEkWq8Zb8rCsSOJQJiC0py8-Vb6Jy5dHDVNtoHJ_Q5XmSKePIdk3feK764LzIiXXinzobRh51NMDbxL16BZC2j_oVXMHrgNRPn9QC-jmVVjJmg1zRR0bEtVZU-jf0E2b_A2QhIZyev1TQWyTzkTeiJUsdqWIEDbO6Y6WTEFD1miUbB0mewL5UYh2nyU2Ex6PJKioTulP2pueobFMFuM4tYcXBWMwSQpjW0kvQgCVTQgBUcRjX04Mb2y6FZ4Z8-A2m2WE&cb=_cl0i9jrkz5d29deu7tlfx6&nojs=0&ix=0&abvar=0&t=0&x=630&y=500&wcks=0&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24
62.122.171.6200 OK 7 B URL HTTP/2 limurol.com/ssp/req/1876944/?pb=de6ddc1d5570f6c82c507f1df54333001664053476&psp=SGKGxxj9kdcERJqWiOYAUs9NVMh562pPfSiT0yDQIqqmhb8eV1X_rUqNjdG54gkgCntQQ021Obl1ezrlbAMr6WDrTTlx-cl9f9EgRF-AhCtShlWH3cYNHmEqkbGV-nNzoDiMniMdxe3Z2vrEpPbk8F2PZcqDVo9G8FZyvaYZkr0nyhD7nY4MhWO5CXMUB2_npG0Z2vrQLfOmg15oxGUnBVokRaqPvl3BGmyloHVktcoEKETzc41nDEeY6je3PynwfXFPNGT5RNHAhvvW-O8PuPquqpPjSknYaOnTB90MEPjwQvh1m0789y1QW7VEylSIK2A65FWA9m6ywfFz649dM5-1L-_WzhxZGiMjq8_T0f60uCQnrVCk6Rp08CTSW3ZWmzTDJOOiwEkWq8Zb8rCsSOJQJiC0py8-Vb6Jy5dHDVNtoHJ_Q5XmSKePIdk3feK764LzIiXXinzobRh51NMDbxL16BZC2j_oVXMHrgNRPn9QC-jmVVjJmg1zRR0bEtVZU-jf0E2b_A2QhIZyev1TQWyTzkTeiJUsdqWIEDbO6Y6WTEFD1miUbB0mewL5UYh2nyU2Ex6PJKioTulP2pueobFMFuM4tYcXBWMwSQpjW0kvQgCVTQgBUcRjX04Mb2y6FZ4Z8-A2m2WE&cb=_cl0i9jrkz5d29deu7tlfx6&nojs=0&ix=0&abvar=0&t=0&x=630&y=500&wcks=0&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24
IP 62.122.171.6:0
File type ASCII text, with no line terminators
Hash a97eb6fbe6f13b601d5d48c0eba8baae
736efb938caf3d0edec406932ada889f1a4f2268
a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821
Analyzer Verdict Alert quad9 Sinkholed
GET /ssp/req/1876944/?pb=de6ddc1d5570f6c82c507f1df54333001664053476&psp=SGKGxxj9kdcERJqWiOYAUs9NVMh562pPfSiT0yDQIqqmhb8eV1X_rUqNjdG54gkgCntQQ021Obl1ezrlbAMr6WDrTTlx-cl9f9EgRF-AhCtShlWH3cYNHmEqkbGV-nNzoDiMniMdxe3Z2vrEpPbk8F2PZcqDVo9G8FZyvaYZkr0nyhD7nY4MhWO5CXMUB2_npG0Z2vrQLfOmg15oxGUnBVokRaqPvl3BGmyloHVktcoEKETzc41nDEeY6je3PynwfXFPNGT5RNHAhvvW-O8PuPquqpPjSknYaOnTB90MEPjwQvh1m0789y1QW7VEylSIK2A65FWA9m6ywfFz649dM5-1L-_WzhxZGiMjq8_T0f60uCQnrVCk6Rp08CTSW3ZWmzTDJOOiwEkWq8Zb8rCsSOJQJiC0py8-Vb6Jy5dHDVNtoHJ_Q5XmSKePIdk3feK764LzIiXXinzobRh51NMDbxL16BZC2j_oVXMHrgNRPn9QC-jmVVjJmg1zRR0bEtVZU-jf0E2b_A2QhIZyev1TQWyTzkTeiJUsdqWIEDbO6Y6WTEFD1miUbB0mewL5UYh2nyU2Ex6PJKioTulP2pueobFMFuM4tYcXBWMwSQpjW0kvQgCVTQgBUcRjX04Mb2y6FZ4Z8-A2m2WE&cb=_cl0i9jrkz5d29deu7tlfx6&nojs=0&ix=0&abvar=0&t=0&x=630&y=500&wcks=0&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24 HTTP/1.1
Host: limurol.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://streamtape.com/
Cookie: UID=22092414044bdd1287d33945fd9b1a950c73
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 19:04:37 GMT
content-type: text/javascript
content-length: 7
x-route-id: ssp.bet
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 344 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 13e24f9bf04d6d50a8c2ac7d0e45be55
3ca87e41be3d7f907715ca6f7f8d43cd007bb481
711e7a95012b4c71d8500e0f51be4a3332495c7d29438a813d7cfc30269dc2c1
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "711E7A95012B4C71D8500E0F51BE4A3332495C7D29438A813D7CFC30269DC2C1"
Last-Modified: Fri, 23 Sep 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19554
Expires: Sun, 25 Sep 2022 00:30:31 GMT
Date: Sat, 24 Sep 2022 19:04:37 GMT
Connection: keep-alive
vjwpgefcafke.n4.adsco.re/
38.132.109.186200 OK 0 B URL HTTP/1.1 vjwpgefcafke.n4.adsco.re/
IP 38.132.109.186:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: vjwpgefcafke.n4.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://dood.so
Connection: keep-alive
Referer: https://dood.so/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 24 Sep 2022 19:04:37 GMT
Content-Type: text/html
Content-Length: 0
Last-Modified: Mon, 30 Jul 2018 15:32:42 GMT
Connection: close
ETag: "5b5f2f9a-0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Accept-Ranges: bytes
mc.yandex.ru/metrika/advert.gif
77.88.21.119200 OK 43 B URL HTTP/2 mc.yandex.ru/metrika/advert.gif
IP 77.88.21.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /metrika/advert.gif HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://streamtape.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Sat, 24 Sep 2022 19:04:37 GMT
access-control-allow-origin: *
etag: "632d6d03-2b"
expires: Sat, 24 Sep 2022 20:04:37 GMT
accept-ranges: bytes
last-modified: Fri, 23 Sep 2022 11:23:31 GMT
cache-control: max-age=3600
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
xml.popmonetizer.com/redirect?feed=457655&auth=BcObps&pubid=155183
174.137.133.18302 Found 0 B URL HTTP/1.1 xml.popmonetizer.com/redirect?feed=457655&auth=BcObps&pubid=155183
IP 174.137.133.18:0
ASN #27257 WEBAIR-INTERNET
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect?feed=457655&auth=BcObps&pubid=155183 HTTP/1.1
Host: xml.popmonetizer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Sat, 24 Sep 2022 19:04:37 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
Age: 0
Location: http://2x2mfeed.com/1cas1mqAMRUL2McMAUAjEoCAE5PFgAMAOBvfooAbeQesXLi5c8kobbGK6C5yjr27p1_8v9xUe30aEvGpDoClq0-AJuRNFXMxklV3M1_UIrfaiKd030n1tFVdfaAE3n_m0wPqLFfJ_L1GGvj-gls5-tcP7KiHRertDQcvLo6AZTgKBGHkjdSjYwyHJqHPSOUnTO9y99RtMzGVrglmgLpZJYd5WY8FqA2Zkf-dThM-jFoDdRyfOPQenHZy1N0t5wJLr6DGBGikkpW4tFeSO7ZU3Lzr19UzvlNQcTuJVDEqyJP3qIiL8bpdyaFvGN_2O4xdYuBOWKghT5npYtSbq-OUW6vyQlW5ZZdUOCcS1u5nVEErj1LV4t0QkXAYfNE2iruDdMgreiCKb-jn2iuudx157DOBvLhPxS5_HYVk79jXJqtKFnbnCABmoN_SI6bLwmRxG59goAELc-IH3jl0Fpx848IObv8A2H7418rjK1JLIisSwOvuC0K4qE0HYb_IB-TuT0vjYg-AIqXa0nB3GJOztxsppaQGtuchQu1M9dZvDTOXqAtcR7LZmQUpSA-Q7pnYSHUYmHn-3Zxu5kFaebNRHjj1UVVzcBWVfOFV0Do2VRZ8qlVWoS0TWrPqSEEmft-G96iJCzdiyw307knIMy5CCTa3Wpk8tVqY-CYETangzg4toA0FbuZCgqjjE5a7MxRHaxvFh69dA0chW2-ScQ_tEreILungmbg6JlH4OyOaP7jmVOmtDVmuqc0Wsb3bknVyXdAzoQgBoqWVxOWmyhI0947comUFQCZxVQnrtZ1ObXREzi_tUIn6vZ3feGPH26R_xANuacsB7O8JQPW9ykDivh8NoiNIgTK1hALmo1_T7Pce7LNlUe3u8dDujWdC_hm2F3UXEwL131kIKBpPDvdQmkzzT4jt5ZZTPbxBiu_nmVZ1N9AQqH6bWGn3nZDo98PZMqlCnbGjWhQ3o4bY9-nEVLK4xsD_IIsF8aJMn_u6XJ_i9IdFbWoZzv1nQ8PhosmFfbDGQujxQks5pwlWLSkDiaKck4ArX0PGa9q6jGye9M3q1T417F728yHadesyCmlz5RY7d1qaczDbkbBr2J4yfI9WvjHJVOd0nRC-f1-SPDUZimCyXQn_s9vA7CIGn-l-Bk4j6BVPrr3ZxeRjmJvhK5SBbKYCCfv7GNa1usIXdGRekiciycQvr1hLdbbb0612gfXorJU0Z2tBeRrkS__XasayDp2B9hGR0DCeUwb8TI_S5JdWPDqXHbP3Vt_3pxiU9_VG3H9-Xts-P9aUMrTD0HV5QkEkIJ8X_f8IW3YjRRe35sDccq4BivAnBIHn-5if_zFaWTwoi1hhZgHPKi_PQivhwcEtcM9H6OrRxi1pToptHFLBKpiCyO-QvUW2GXCNtpb2MaFXv-3gVuqzs1x79mdBamkMGLUwG8f6_xAX9KlNljd6VxVycozCoabWEjm_GQF3YhbMf6Haga11ksJ_9l5EY7zF2b693QX4a5yCYaodS2UohYOnPB0XdGbCTTf7xwns5EIEJnAZE3Bry4Kut0Vt7_EVPOduyznUZ4wxkuwA8Y6UjqnR24ArjY7T65VejHxflbk1l5Uo5oWKs6JFSi99A1T5tZwVffRVxSqkgUcrPMKAYS3SleX9XcJnPt1DoikOSDWsRAn37xueZTuZn-N0Wt3t5AyCrWHFiupiVo4_8ZZUreVCgO3zkpZ6ssRS6t0Fi6RawoHhW3cEI4xtE7XKbK31GPi2pRx97TKMqW8zBOqoSRT8sp0XMHGaHPT5H5VltJ6W9g=
Pragma: no-cache
adsco.re/p
162.252.214.5200 OK 167 B IP 162.252.214.5:0
File type ASCII text, with no line terminators
Hash 5f1f7f98f4830e2af0981a87d1befb20
778516663e055e9db470e89c47190e63f9b001b5
7f6c5472da9990660360f3694b1101fbcf26bc38a8cfb7c19752b01ebd4d5f43
POST /p HTTP/1.1
Host: adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 1772
Origin: https://dood.so
Connection: keep-alive
Referer: https://dood.so/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 24 Sep 2022 19:04:37 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
AS-P-1: OK lon123
AS-P-2: OK
AS-P-3: OK
Access-Control-Max-Age: 2592000
Cache-Control: no-transform
Access-Control-Allow-Origin: https://dood.so
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
addresseepaper.com/sfp.js
172.64.132.22200 OK 32 kB URL HTTP/2 addresseepaper.com/sfp.js
IP 172.64.132.22:0
File type Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Hash 2e658bd6b3066274cde48cced4ee8130
0f0419a6ac748561d1f38283da62cca3f2dcbee1
c246288ba227d7841f4610c54425c388178c4acfafc12e79d5f02f6bb9595c6b
GET /sfp.js HTTP/1.1
Host: addresseepaper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dood.so/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 24 Sep 2022 19:04:37 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 5fc73175e6ad3efaed38cfedb96de382
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Sat, 24 Sep 2022 19:04:36 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AKO%2BEOfdGPH1j1TQsjg9LEpnrgpHN6wKCEuelxjQhKKB1zVPi2EkgDCcv3vEmgRw8uOODN10OayHFOdK8zyo1L6ur1rgGy%2F1l3rmp5HJF70aP491UyfhmLZ55Ygc%2FqtpnzM4lWc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fdc96ea8c2067a-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1b47e4cf984ab984afa2d7e28253a0de
80a555d6d0303fb05d39fbbbb2838ca7af5aa7e0
61b140f9d6cdff8debf56a84d340b8eaa827704371b6bc82eb8e19b131a3e4f8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "61B140F9D6CDFF8DEBF56A84D340B8EAA827704371B6BC82EB8E19B131A3E4F8"
Last-Modified: Sat, 24 Sep 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1748
Expires: Sat, 24 Sep 2022 19:33:45 GMT
Date: Sat, 24 Sep 2022 19:04:37 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1b47e4cf984ab984afa2d7e28253a0de
80a555d6d0303fb05d39fbbbb2838ca7af5aa7e0
61b140f9d6cdff8debf56a84d340b8eaa827704371b6bc82eb8e19b131a3e4f8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "61B140F9D6CDFF8DEBF56A84D340B8EAA827704371B6BC82EB8E19B131A3E4F8"
Last-Modified: Sat, 24 Sep 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1748
Expires: Sat, 24 Sep 2022 19:33:45 GMT
Date: Sat, 24 Sep 2022 19:04:37 GMT
Connection: keep-alive
jm305k.dood.video/favicon.ico?i
141.94.139.162200 OK 15 kB URL HTTP/1.1 jm305k.dood.video/favicon.ico?i
IP 141.94.139.162:0
File type MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Hash 30d3656f43c817e38c3e7d70b2bfbdad
1aa43b43755e7cba5e145d0978517f7bedad7da6
a558a4796f60f07743027eec96b538b2e7758cca8c544ed796ff745837478555
GET /favicon.ico?i HTTP/1.1
Host: jm305k.dood.video
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 24 Sep 2022 19:04:37 GMT
Content-Type: image/vnd.microsoft.icon
Content-Length: 15406
Connection: keep-alive
Last-Modified: Sat, 29 Feb 2020 09:26:04 GMT
ETag: "3c2e-59fb38b06e300"
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
dictatepantry.com/pixel/purst?dl=0&th=0&sc=0&rs=1643&rd=1643&fd=911&bv=22.9.v.2&tmpl=70
192.243.61.227200 OK 0 B URL HTTP/1.1 dictatepantry.com/pixel/purst?dl=0&th=0&sc=0&rs=1643&rd=1643&fd=911&bv=22.9.v.2&tmpl=70
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/purst?dl=0&th=0&sc=0&rs=1643&rd=1643&fd=911&bv=22.9.v.2&tmpl=70 HTTP/1.1
Host: dictatepantry.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dood.so/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sat, 24 Sep 2022 19:04:37 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash def05e4dd1dfd7f8918c86fb175b9e69
956c76ce7f9c09883875599bc4ca4df8b53b15a7
c3a7eb3689bdfb063d216eaae9bc593e55eb82a924b2fcd01fea9d2ab2c79e0d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C3A7EB3689BDFB063D216EAAE9BC593E55EB82A924B2FCD01FEA9D2AB2C79E0D"
Last-Modified: Fri, 23 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8011
Expires: Sat, 24 Sep 2022 21:18:08 GMT
Date: Sat, 24 Sep 2022 19:04:37 GMT
Connection: keep-alive
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash a04b7cd7883447daeedf202a6efec8e2
d3ce5a5769f23b081cadc8fdb7ce621b0793385b
975a282dd280e2fb61b39c515d252c6842930ac1c673943a1bf0133dc43e0607
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 24 Sep 2022 19:04:37 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 22 Sep 2022 09:39:37 GMT
Expires: Thu, 29 Sep 2022 09:39:36 GMT
Etag: "d3ce5a5769f23b081cadc8fdb7ce621b0793385b"
Cache-Control: max-age=397498,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74fdc971ffb8b4eb-OSL
dictatepantry.com/61/0c/b7/610cb7d81095a978163ef69489eedef5.js
192.243.61.227200 OK 13 kB URL HTTP/1.1 dictatepantry.com/61/0c/b7/610cb7d81095a978163ef69489eedef5.js
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with very long lines (37108), with no line terminators
Hash 4a3ba9910a0a3f0204eeb9f66e4ccdcb
4eee5d964011bbb63cde5b1c86f11223aff32100
6b1b2c797963c28f76b179b6e621428748d289cc1d7cda523e8be174572ec000
Analyzer Verdict Alert quad9 Sinkholed
GET /61/0c/b7/610cb7d81095a978163ef69489eedef5.js HTTP/1.1
Host: dictatepantry.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dood.so/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sat, 24 Sep 2022 19:04:37 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d4d4b3107a4b6a2db3946cc9f6afbc68
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
simplewebanalysis.com/stats
52.29.95.124200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 52.29.95.124:0
File type ASCII text, with no line terminators
Hash 0ef4d7a99a2df5d7fcd829213c629227
c4e442e8f93a8cd8c04a991a2da8a3ca6d3001aa
7d625fe2418fafa0174d0c3588bdbf4a334f1edeeb64178153f117c561cd0bf5
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dood.so
Connection: keep-alive
Referer: https://dood.so/
Cookie: uid_id2=b6203d9f-66ec-4c55-be14-93476794272c:1:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 19:04:37 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://dood.so
access-control-allow-credentials: true
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 5da3959b026bf5be18695162cb216306
7b4195903a0e2c596dfdbfa54288b12ebf1942a3
299a4c9af2c147fa29fade82f146a2275070d7381cfe5677b61a5bcb28dd4b4d
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 24 Sep 2022 19:04:37 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 24 Sep 2022 13:12:44 GMT
Expires: Sat, 01 Oct 2022 13:12:43 GMT
Etag: "7b4195903a0e2c596dfdbfa54288b12ebf1942a3"
Cache-Control: max-age=583085,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74fdc9720e47b4ff-OSL
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 2338e1414e4604bf10cc4f355202987d
ca3965bc38ed1526f1b06e5aa287fcdecfda2c63
7cf0b01024337e5635a47070b6aecd0dcf6867c9fc247c6fb93a0aeeb364ab63
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 486
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 19:04:37 GMT
Last-Modified: Sat, 24 Sep 2022 18:56:31 GMT
Server: ECS (amb/6BC7)
X-Cache: HIT
Content-Length: 279
banquetunarmedgrater.com/advertisers.js
192.243.61.225200 OK 0 B URL HTTP/1.1 banquetunarmedgrater.com/advertisers.js
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /advertisers.js HTTP/1.1
Host: banquetunarmedgrater.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dood.so/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sat, 24 Sep 2022 19:04:37 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 36cc3b8bf3b60193d33eb80599b41199
Strict-Transport-Security: max-age=0; includeSubdomains
betteradsystem.com/vj.aspx?_=BAYAYy9UxAFjL1TEgAGBAsAAICuZz_xHi_DdUHDEXq3Wx61aUFNyQ__-H8XZUx7AOO9wwQBHMEUCIHSeSRV05X35wpBQgxsEa6ucKsfkoefFR8urlOIIMHO6AiEAkSiRioU-SN_IggHPVDKRDx0tyCK-C2Rz9JcxwivQpv4&v=4&MBDfNonX=4644526&hEcgpbOB=0.0005&QwhyBCHa=0:1,0&IHdZVoFl=&jMHmZQvS=&s=1280,1024,1,1280,1024,0
162.252.213.208200 OK 44 B URL HTTP/2 betteradsystem.com/vj.aspx?_=BAYAYy9UxAFjL1TEgAGBAsAAICuZz_xHi_DdUHDEXq3Wx61aUFNyQ__-H8XZUx7AOO9wwQBHMEUCIHSeSRV05X35wpBQgxsEa6ucKsfkoefFR8urlOIIMHO6AiEAkSiRioU-SN_IggHPVDKRDx0tyCK-C2Rz9JcxwivQpv4&v=4&MBDfNonX=4644526&hEcgpbOB=0.0005&QwhyBCHa=0:1,0&IHdZVoFl=&jMHmZQvS=&s=1280,1024,1,1280,1024,0
IP 162.252.213.208:0
File type ASCII text, with no line terminators
Hash d5f0a25e4d3522d56d48ce7bc3e518fb
86794caff58f7fee6e684c2ba7195f970a8d6f4c
9d781128a8ece413b003d5612b8398bf9340ef7f5b751d12bd125ba523d3ceb5
GET /vj.aspx?_=BAYAYy9UxAFjL1TEgAGBAsAAICuZz_xHi_DdUHDEXq3Wx61aUFNyQ__-H8XZUx7AOO9wwQBHMEUCIHSeSRV05X35wpBQgxsEa6ucKsfkoefFR8urlOIIMHO6AiEAkSiRioU-SN_IggHPVDKRDx0tyCK-C2Rz9JcxwivQpv4&v=4&MBDfNonX=4644526&hEcgpbOB=0.0005&QwhyBCHa=0:1,0&IHdZVoFl=&jMHmZQvS=&s=1280,1024,1,1280,1024,0 HTTP/1.1
Host: betteradsystem.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.fantasysnuff.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
asf: 6
cache-control: private, no-store, no-cache, must-revalidate, no-transform, max-age=0
pragma: no-cache
set-cookie: PP_CV=yes; expires=Sat, 24-Sep-2022 20:04:37 GMT; Max-Age=3600
fraudcheck=582205f59482ab1725b4b29dea5ed950; expires=Mon, 24-Oct-2022 19:04:37 GMT; Max-Age=2592000; path=/; domain=.popads.net
popads-ec: 5
content-type: text/javascript;charset=UTF-8
content-length: 44
date: Sat, 24 Sep 2022 19:04:37 GMT
X-Firefox-Spdy: h2
cwqljsecvr.com/chicken.gif?z=1938828&pb=5e10b1a3567347a451de2c061f80e0981664053475&psp=NuHZ_jyI5Y_xgVkn8KsX6F1urGg77B1vhSULldG_gEFw4F6W7IfQdotDs_-8zNFDwkyGg6smpMuMdZpXpKYzRe1xqksk3HLfZddW2NmZJgYEox6Y3A9KfjSlIY7HzYrRac9OfPnSfEbZwydvSx65aR-J9Uaz39EgNjmGOCFayZA3ZBvjZROGEu3PG3rvcwzfJZuu_ZM49R8LDms8bOgQ-GK5P6PiikHJ1lA7gpEgDsjq5Ie8JlKdLGGpklb3_bHlG0H1tfbiHG7kmc4CSuvFglOC22d37CAG35WG31tvIlNIUoJkHfycxFG9ZGrKj4EHahQX3MEeHYqT0P3FjGOT0HqvAXOwgutgEjSQAt46vCM8lRGc5Dw0K4JECOWa5W7pAr_CV6HBTqLa0uj7ZlASk9MJsk_e3CnVrC4gdgldGz4tggV0uVgAEARI7KW6GuTBowcfstzrC4B7BNxAfHzvQW0ZUwrFEf1sHBSg-C9VnhtjTPTkIH1oIOHD2Iv9XNPnhqX8NRb2CjswXIQ1W3Zpk_SQyKcGKey9lq-H4em-DdFqNSgeDv5A1tFNrj-ohtr37Azm1uY1AVQZhx43yWQ1sYY0I0OjjMZ9_0Z2vZ5pEWjuTqMxg2czIV2CGxh3f5Vb0xmtAhFgERvcOZ118GWwIv2DnThqCi1FGGZoq069g0SO6p5nNVqqxtKa_JOfObg5_MGcsmEugiK1OrCo5gIq4wKjp3vTtirIWa8xcFVJir-PQxRRF6aUIIskZ9uelM2jL5HM3zmS9ruElEcSmpTLX-H2pT6933zwfGmY2_b0LCjz2NWfWiTvMR7f55A3XCPE-d-CGrmzOyI_pANE0nc9SuD5RKjBdQXjyRw0SUXvoUZ1CIjf33DSrLWWacQwkjHa8VaSjg3sDIKZQg7lU4ep1YKHkNFkJv7TaDtjvpVIXc5BJrmCeSypd4wBy0FQ9aJCVHcxt7h38U_kY5jmwQZm6xYgM_WusXtVO6J9vC67kyVeIgbVGSBwIABwanb7TaR4lP87OqCMpvk_l1zQTNP8ODmkQCq27bQ05jo25J00K2TKOj64MYzssh_LYoEYyjVBIPvuYvKyqwa_Kj80JB0WV8G1oc2OVszeOaZb6rs8vSnz0wEQmlv0k10z0VbKZHObBH4NpLOt16RSQQtGd8qQOwgcJy37SIb90s17_xtY-nV35t55vCLMuONi19dNcSJoADJM5MCbonqk_uEe2Etsj94K4cGtkNI_wQHIKjDWbVoKSoznT-pywCD-qjYXJRgzqCkacD_5rxyjKmQRr1GYziBhDGVEXXn9i9WV6CHvUxuoJYqw0UShYrsLIY5TkePM3ty0o1WU8jrHAtWb183XPArp1O2MxjttgJAPjqQH&abvar=0&os=0
62.122.171.6200 OK 43 B URL HTTP/2 cwqljsecvr.com/chicken.gif?z=1938828&pb=5e10b1a3567347a451de2c061f80e0981664053475&psp=NuHZ_jyI5Y_xgVkn8KsX6F1urGg77B1vhSULldG_gEFw4F6W7IfQdotDs_-8zNFDwkyGg6smpMuMdZpXpKYzRe1xqksk3HLfZddW2NmZJgYEox6Y3A9KfjSlIY7HzYrRac9OfPnSfEbZwydvSx65aR-J9Uaz39EgNjmGOCFayZA3ZBvjZROGEu3PG3rvcwzfJZuu_ZM49R8LDms8bOgQ-GK5P6PiikHJ1lA7gpEgDsjq5Ie8JlKdLGGpklb3_bHlG0H1tfbiHG7kmc4CSuvFglOC22d37CAG35WG31tvIlNIUoJkHfycxFG9ZGrKj4EHahQX3MEeHYqT0P3FjGOT0HqvAXOwgutgEjSQAt46vCM8lRGc5Dw0K4JECOWa5W7pAr_CV6HBTqLa0uj7ZlASk9MJsk_e3CnVrC4gdgldGz4tggV0uVgAEARI7KW6GuTBowcfstzrC4B7BNxAfHzvQW0ZUwrFEf1sHBSg-C9VnhtjTPTkIH1oIOHD2Iv9XNPnhqX8NRb2CjswXIQ1W3Zpk_SQyKcGKey9lq-H4em-DdFqNSgeDv5A1tFNrj-ohtr37Azm1uY1AVQZhx43yWQ1sYY0I0OjjMZ9_0Z2vZ5pEWjuTqMxg2czIV2CGxh3f5Vb0xmtAhFgERvcOZ118GWwIv2DnThqCi1FGGZoq069g0SO6p5nNVqqxtKa_JOfObg5_MGcsmEugiK1OrCo5gIq4wKjp3vTtirIWa8xcFVJir-PQxRRF6aUIIskZ9uelM2jL5HM3zmS9ruElEcSmpTLX-H2pT6933zwfGmY2_b0LCjz2NWfWiTvMR7f55A3XCPE-d-CGrmzOyI_pANE0nc9SuD5RKjBdQXjyRw0SUXvoUZ1CIjf33DSrLWWacQwkjHa8VaSjg3sDIKZQg7lU4ep1YKHkNFkJv7TaDtjvpVIXc5BJrmCeSypd4wBy0FQ9aJCVHcxt7h38U_kY5jmwQZm6xYgM_WusXtVO6J9vC67kyVeIgbVGSBwIABwanb7TaR4lP87OqCMpvk_l1zQTNP8ODmkQCq27bQ05jo25J00K2TKOj64MYzssh_LYoEYyjVBIPvuYvKyqwa_Kj80JB0WV8G1oc2OVszeOaZb6rs8vSnz0wEQmlv0k10z0VbKZHObBH4NpLOt16RSQQtGd8qQOwgcJy37SIb90s17_xtY-nV35t55vCLMuONi19dNcSJoADJM5MCbonqk_uEe2Etsj94K4cGtkNI_wQHIKjDWbVoKSoznT-pywCD-qjYXJRgzqCkacD_5rxyjKmQRr1GYziBhDGVEXXn9i9WV6CHvUxuoJYqw0UShYrsLIY5TkePM3ty0o1WU8jrHAtWb183XPArp1O2MxjttgJAPjqQH&abvar=0&os=0
IP 62.122.171.6:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28e463819a210071de3b45ebe7633613
6dccd571828ec0912629119cf7eabfea9f33ddbc
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
Analyzer Verdict Alert quad9 Sinkholed
GET /chicken.gif?z=1938828&pb=5e10b1a3567347a451de2c061f80e0981664053475&psp=NuHZ_jyI5Y_xgVkn8KsX6F1urGg77B1vhSULldG_gEFw4F6W7IfQdotDs_-8zNFDwkyGg6smpMuMdZpXpKYzRe1xqksk3HLfZddW2NmZJgYEox6Y3A9KfjSlIY7HzYrRac9OfPnSfEbZwydvSx65aR-J9Uaz39EgNjmGOCFayZA3ZBvjZROGEu3PG3rvcwzfJZuu_ZM49R8LDms8bOgQ-GK5P6PiikHJ1lA7gpEgDsjq5Ie8JlKdLGGpklb3_bHlG0H1tfbiHG7kmc4CSuvFglOC22d37CAG35WG31tvIlNIUoJkHfycxFG9ZGrKj4EHahQX3MEeHYqT0P3FjGOT0HqvAXOwgutgEjSQAt46vCM8lRGc5Dw0K4JECOWa5W7pAr_CV6HBTqLa0uj7ZlASk9MJsk_e3CnVrC4gdgldGz4tggV0uVgAEARI7KW6GuTBowcfstzrC4B7BNxAfHzvQW0ZUwrFEf1sHBSg-C9VnhtjTPTkIH1oIOHD2Iv9XNPnhqX8NRb2CjswXIQ1W3Zpk_SQyKcGKey9lq-H4em-DdFqNSgeDv5A1tFNrj-ohtr37Azm1uY1AVQZhx43yWQ1sYY0I0OjjMZ9_0Z2vZ5pEWjuTqMxg2czIV2CGxh3f5Vb0xmtAhFgERvcOZ118GWwIv2DnThqCi1FGGZoq069g0SO6p5nNVqqxtKa_JOfObg5_MGcsmEugiK1OrCo5gIq4wKjp3vTtirIWa8xcFVJir-PQxRRF6aUIIskZ9uelM2jL5HM3zmS9ruElEcSmpTLX-H2pT6933zwfGmY2_b0LCjz2NWfWiTvMR7f55A3XCPE-d-CGrmzOyI_pANE0nc9SuD5RKjBdQXjyRw0SUXvoUZ1CIjf33DSrLWWacQwkjHa8VaSjg3sDIKZQg7lU4ep1YKHkNFkJv7TaDtjvpVIXc5BJrmCeSypd4wBy0FQ9aJCVHcxt7h38U_kY5jmwQZm6xYgM_WusXtVO6J9vC67kyVeIgbVGSBwIABwanb7TaR4lP87OqCMpvk_l1zQTNP8ODmkQCq27bQ05jo25J00K2TKOj64MYzssh_LYoEYyjVBIPvuYvKyqwa_Kj80JB0WV8G1oc2OVszeOaZb6rs8vSnz0wEQmlv0k10z0VbKZHObBH4NpLOt16RSQQtGd8qQOwgcJy37SIb90s17_xtY-nV35t55vCLMuONi19dNcSJoADJM5MCbonqk_uEe2Etsj94K4cGtkNI_wQHIKjDWbVoKSoznT-pywCD-qjYXJRgzqCkacD_5rxyjKmQRr1GYziBhDGVEXXn9i9WV6CHvUxuoJYqw0UShYrsLIY5TkePM3ty0o1WU8jrHAtWb183XPArp1O2MxjttgJAPjqQH&abvar=0&os=0 HTTP/1.1
Host: cwqljsecvr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: UID=220924140415de29b15a55408aadb21dabcb
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 19:04:37 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.impression
set-cookie: OACICAP=AB8A3gAAAAAAAAAB; Path=/; Expires=Mon, 24 Oct 2022 19:04:37 GMT; Secure; SameSite=None
OACIBLOCK=AB8A3gAAAABjLo7Q; Path=/; Expires=Mon, 24 Oct 2022 19:04:37 GMT; Secure; SameSite=None
ppucnt=0; Path=/; Expires=Sun, 25 Sep 2022 19:04:37 GMT; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
blockadsnot.com/pLF.html?_=BAYAYy9UxQFjL1TFgAGBAsAAIEw89hJ3-F9QlOzzJvlQ_Is-9AfF9f-AcIy-KRkG7kAUwQBHMEUCIQDapxxZI_EovjlRkG53dHF76xRFZQUbdJQUQj7iyvlQ7gIgfvRhdZ9ldxTJKHF0HPdEB73tEAhuJHUwQQKKAU4KAb4&v=4&CgQVMruI=3881765&KDHFRzPL=&lJFQbdCT=0,0&eilDvSQE=&ApfEzQyI=https%3A%2F%2Fwww.fantasysnuff.com%2F&s=1280,1024,1,1280,1024,1
208.95.112.254200 OK 832 B URL HTTP/2 blockadsnot.com/pLF.html?_=BAYAYy9UxQFjL1TFgAGBAsAAIEw89hJ3-F9QlOzzJvlQ_Is-9AfF9f-AcIy-KRkG7kAUwQBHMEUCIQDapxxZI_EovjlRkG53dHF76xRFZQUbdJQUQj7iyvlQ7gIgfvRhdZ9ldxTJKHF0HPdEB73tEAhuJHUwQQKKAU4KAb4&v=4&CgQVMruI=3881765&KDHFRzPL=&lJFQbdCT=0,0&eilDvSQE=&ApfEzQyI=https%3A%2F%2Fwww.fantasysnuff.com%2F&s=1280,1024,1,1280,1024,1
IP 208.95.112.254:0
File type ASCII text, with very long lines (1168), with no line terminators
Hash b02b710167cb63106ecff62205257ae3
caa6eb8f521277cc517f742c7b423f7944a4bbb6
86933646d69d6dc8884c6e6b3ac6208178f0ca6b9024634548df5378dc19c417
GET /pLF.html?_=BAYAYy9UxQFjL1TFgAGBAsAAIEw89hJ3-F9QlOzzJvlQ_Is-9AfF9f-AcIy-KRkG7kAUwQBHMEUCIQDapxxZI_EovjlRkG53dHF76xRFZQUbdJQUQj7iyvlQ7gIgfvRhdZ9ldxTJKHF0HPdEB73tEAhuJHUwQQKKAU4KAb4&v=4&CgQVMruI=3881765&KDHFRzPL=&lJFQbdCT=0,0&eilDvSQE=&ApfEzQyI=https%3A%2F%2Fwww.fantasysnuff.com%2F&s=1280,1024,1,1280,1024,1 HTTP/1.1
Host: blockadsnot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dood.so/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
asf: 6
cache-control: private, no-store, no-cache, must-revalidate, no-transform, max-age=0
pragma: no-cache
content-type: application/javascript; charset=utf-8
set-cookie: PP_CV=yes; expires=Sat, 24-Sep-2022 20:04:37 GMT; Max-Age=3600
fraudcheck=5559ee92370444ebd3fcc4a1ae93892f; expires=Mon, 24-Oct-2022 19:04:37 GMT; Max-Age=2592000; path=/; domain=.popads.net
PopAds_CF_Pass=1; expires=Sun, 25-Sep-2022 01:04:37 GMT; Max-Age=21600
link: <https://free-cosmetics-online.com>;rel=preconnect
content-length: 832
content-encoding: br
vary: Accept-Encoding
date: Sat, 24 Sep 2022 19:04:37 GMT
X-Firefox-Spdy: h2
vjwpgefcafke.s4.adsco.re/
185.200.116.90200 OK 0 B URL HTTP/1.1 vjwpgefcafke.s4.adsco.re/
IP 185.200.116.90:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: vjwpgefcafke.s4.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://dood.so
Connection: keep-alive
Referer: https://dood.so/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 24 Sep 2022 19:04:37 GMT
Content-Type: text/html
Content-Length: 0
Last-Modified: Mon, 30 Jul 2018 15:38:01 GMT
Connection: close
ETag: "5b5f30d9-0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Accept-Ranges: bytes
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f3a3cb805a7ce3e5dcc0a68f67662707
4092b65b1f38f40372fbe1380f5e3d4cfb5ff5a3
c8fba094b176bb1b29e573d3e1d2539c068d7f3786b32e7f41d6e107e7c1a5fd
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "C8FBA094B176BB1B29E573D3E1D2539C068D7F3786B32E7F41D6E107E7C1A5FD"
Last-Modified: Fri, 23 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3367
Expires: Sat, 24 Sep 2022 20:00:44 GMT
Date: Sat, 24 Sep 2022 19:04:37 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f3a3cb805a7ce3e5dcc0a68f67662707
4092b65b1f38f40372fbe1380f5e3d4cfb5ff5a3
c8fba094b176bb1b29e573d3e1d2539c068d7f3786b32e7f41d6e107e7c1a5fd
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "C8FBA094B176BB1B29E573D3E1D2539C068D7F3786B32E7F41D6E107E7C1A5FD"
Last-Modified: Fri, 23 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3366
Expires: Sat, 24 Sep 2022 20:00:44 GMT
Date: Sat, 24 Sep 2022 19:04:38 GMT
Connection: keep-alive
creepingbrings.com/sfp.js
104.21.234.233200 OK 30 kB URL HTTP/2 creepingbrings.com/sfp.js
IP 104.21.234.233:0
File type Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Hash 37e24ebc3dcd28b1a2beb766861bb563
3c37f8aea536d69324903e1508ae13a257ae7aa2
05e9bf835d6f0087452714c4b6b0d781881192688a700a8401e9ed32e5916277
GET /sfp.js HTTP/1.1
Host: creepingbrings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dood.so/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 24 Sep 2022 19:04:37 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: fd3ad9c00bb6fc23a0da832a9e539d53
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Sat, 24 Sep 2022 19:04:37 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kL8lw0gmw8NnAV4u8sP8IQGaN%2BxUNExsT5NNiZc3wQLlSw6TSxk9V8zccv0VeWo%2Bb46Osh29eW2BvCoBOEBH5X0ehQ4ZctBgBwOkOFvvwb8se18HtTDt29njVd6eCoD9XFaQERw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fdc9742abce688-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 2338e1414e4604bf10cc4f355202987d
ca3965bc38ed1526f1b06e5aa287fcdecfda2c63
7cf0b01024337e5635a47070b6aecd0dcf6867c9fc247c6fb93a0aeeb364ab63
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 487
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 19:04:38 GMT
Last-Modified: Sat, 24 Sep 2022 18:56:31 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 279
simplewebanalysis.com/stats
52.29.95.124200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 52.29.95.124:0
File type ASCII text, with no line terminators
Hash 0ef4d7a99a2df5d7fcd829213c629227
c4e442e8f93a8cd8c04a991a2da8a3ca6d3001aa
7d625fe2418fafa0174d0c3588bdbf4a334f1edeeb64178153f117c561cd0bf5
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dood.so
Connection: keep-alive
Referer: https://dood.so/
Cookie: uid_id2=b6203d9f-66ec-4c55-be14-93476794272c:1:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 19:04:38 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://dood.so
access-control-allow-credentials: true
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
52.29.95.124200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 52.29.95.124:0
File type ASCII text, with no line terminators
Hash 0ef4d7a99a2df5d7fcd829213c629227
c4e442e8f93a8cd8c04a991a2da8a3ca6d3001aa
7d625fe2418fafa0174d0c3588bdbf4a334f1edeeb64178153f117c561cd0bf5
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dood.so
Connection: keep-alive
Referer: https://dood.so/
Cookie: uid_id2=b6203d9f-66ec-4c55-be14-93476794272c:1:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 24 Sep 2022 19:04:38 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://dood.so
access-control-allow-credentials: true
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash fe9a3d56bc66feee637522fcffe9dd02
cc7bb4703713057c7d84a0c57b3d608917e0e07b
a667aa1ae0957f1f19b826e3ab2e0165c88ad1a161aaa9ba03803b4d9614406d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A667AA1AE0957F1F19B826E3AB2E0165C88AD1A161AAA9BA03803B4D9614406D"
Last-Modified: Sat, 24 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15081
Expires: Sat, 24 Sep 2022 23:15:59 GMT
Date: Sat, 24 Sep 2022 19:04:38 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 968198a1616f58bae179ece51ddee081
255d4fd03085e47ca29f32aa918ecb9e2c6d0f31
5cceecab1e6a45fc389eb9f39fd24a346e8b7dae16d37c2bc9ffe6bd52a46c02
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5CCEECAB1E6A45FC389EB9F39FD24A346E8B7DAE16D37C2BC9FFE6BD52A46C02"
Last-Modified: Sat, 24 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16972
Expires: Sat, 24 Sep 2022 23:47:30 GMT
Date: Sat, 24 Sep 2022 19:04:38 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 968198a1616f58bae179ece51ddee081
255d4fd03085e47ca29f32aa918ecb9e2c6d0f31
5cceecab1e6a45fc389eb9f39fd24a346e8b7dae16d37c2bc9ffe6bd52a46c02
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5CCEECAB1E6A45FC389EB9F39FD24A346E8B7DAE16D37C2BC9FFE6BD52A46C02"
Last-Modified: Sat, 24 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16972
Expires: Sat, 24 Sep 2022 23:47:30 GMT
Date: Sat, 24 Sep 2022 19:04:38 GMT
Connection: keep-alive
cwqljsecvr.com/chicken.gif?z=1938828&pb=5e10b1a3567347a451de2c061f80e0981664053475&psp=JwDK1AmvK6HD-o0ra5eVR44NdKfSQDKieed_r17JdJHPSA9M8GnbhSs8GGM-RrpLCdjbIiQVayUZFbEEgEw1wIxNGFCAuuGYlplcfMpZIwcZ64VunVfw8wnZBgTQHoX9fd5IWCTNKcBd1cYdX7K1mD0m5D-E-g2QFEcYWvpGmBN2ZS9OSTeNPlMGY5A5LiwQRheJS88NAayD1Eg1ePG6rPt0CZqVgcCm66Tu-IK5VlJm3W8VQ7rL6ZXLvaXWO0pGXEvdIxkpY4QYnkaFEWD7ABXou85gRSeZFpoX25RFy_y---98vkL1w04cNfE-UIaslv8PF-mOeIV2Mnm3nZCSNUYXSkkXqzpTkSmeR9LQkttnZRpeqragxEuOvgih9guQLpaDbZirAmEKft4JU71fZgklz21fZQzXkO64JMNPVjUNstNPz6VdCWidTMyr9MllFNlExOMxSkMwdMEDXL3RMNQNy0BIBnIF16epBWhhZuh2tK8xMWHqRkjEm9tMJma-dl5DdiIU5i5wjmbSPxYOskSf2pPmB48aP0BPZOKwLVK0lcgGfFuxlj7K2lEfnM4vmR7f86i3LuVCNQSnCghWeLPQUX1N4GGBmcQdjTR_-pmOPVgOgdtjR-Qi06xEJeNxCQ-D3j45M3Ncp_mqGY6xryb_gj2RLME8Cxdh8EHP5JZnKp4BkuzV9RehrmSZmDZHiX5DBegyrEOCGxonaog80eGGjbnWS-f4oBv_C2yGsRMGrv9bDf_nC8jbZq9zLJDGNT4yRCyCaalqDys9ZF9oxdfEWXsoh6TyeAlY2Gq6eAHR1A4N8L8PdT5py2sKD1l3gw7TYqabC2R9JjlWPdu4BpVOJztlh6T0iBopwqeFWOwLMyM5SugSf_xLR4z8aa6_OqrmCRBHD9Dk-iFn1zKxSHVnZLPK8C1Cbygfk9jKG1h2X6UnKxHhYvy9BAoIbzghqahppdS-zsfpgwFnhTkU6sAy4m7_w_JVs0-Sg4LV4QMUDUXmy7vyIthTZXScoQsGjxvRIIrLetgr8eCRSh2Rbn0LvSj6HnCF2abragAEgo97KrQezeWoFjNJWbxWZ-4jCR3OIQaF6HNqzMY2D2DUjuG7LLAqBrvvCevTr9M7Jj8QI_FqSNwwgMsdCEVJpq3dUjzaqk6wM0LRbtEatEfkk2cdjVncISHHm0KAdwkqB4vQSvWWG1u8kwvzJZWY0n8vDDvsNklJAEeKV0ZhtQ9DmQfoDxmV1ZVZbGtCTR0zjf49bHGTMlTlLNkLf8IHkyOdz8X0qzmGlOOZgPPCL3148_NAb_S7rP4qmAo=&abvar=0&os=0
62.122.171.6200 OK 43 B URL HTTP/2 cwqljsecvr.com/chicken.gif?z=1938828&pb=5e10b1a3567347a451de2c061f80e0981664053475&psp=JwDK1AmvK6HD-o0ra5eVR44NdKfSQDKieed_r17JdJHPSA9M8GnbhSs8GGM-RrpLCdjbIiQVayUZFbEEgEw1wIxNGFCAuuGYlplcfMpZIwcZ64VunVfw8wnZBgTQHoX9fd5IWCTNKcBd1cYdX7K1mD0m5D-E-g2QFEcYWvpGmBN2ZS9OSTeNPlMGY5A5LiwQRheJS88NAayD1Eg1ePG6rPt0CZqVgcCm66Tu-IK5VlJm3W8VQ7rL6ZXLvaXWO0pGXEvdIxkpY4QYnkaFEWD7ABXou85gRSeZFpoX25RFy_y---98vkL1w04cNfE-UIaslv8PF-mOeIV2Mnm3nZCSNUYXSkkXqzpTkSmeR9LQkttnZRpeqragxEuOvgih9guQLpaDbZirAmEKft4JU71fZgklz21fZQzXkO64JMNPVjUNstNPz6VdCWidTMyr9MllFNlExOMxSkMwdMEDXL3RMNQNy0BIBnIF16epBWhhZuh2tK8xMWHqRkjEm9tMJma-dl5DdiIU5i5wjmbSPxYOskSf2pPmB48aP0BPZOKwLVK0lcgGfFuxlj7K2lEfnM4vmR7f86i3LuVCNQSnCghWeLPQUX1N4GGBmcQdjTR_-pmOPVgOgdtjR-Qi06xEJeNxCQ-D3j45M3Ncp_mqGY6xryb_gj2RLME8Cxdh8EHP5JZnKp4BkuzV9RehrmSZmDZHiX5DBegyrEOCGxonaog80eGGjbnWS-f4oBv_C2yGsRMGrv9bDf_nC8jbZq9zLJDGNT4yRCyCaalqDys9ZF9oxdfEWXsoh6TyeAlY2Gq6eAHR1A4N8L8PdT5py2sKD1l3gw7TYqabC2R9JjlWPdu4BpVOJztlh6T0iBopwqeFWOwLMyM5SugSf_xLR4z8aa6_OqrmCRBHD9Dk-iFn1zKxSHVnZLPK8C1Cbygfk9jKG1h2X6UnKxHhYvy9BAoIbzghqahppdS-zsfpgwFnhTkU6sAy4m7_w_JVs0-Sg4LV4QMUDUXmy7vyIthTZXScoQsGjxvRIIrLetgr8eCRSh2Rbn0LvSj6HnCF2abragAEgo97KrQezeWoFjNJWbxWZ-4jCR3OIQaF6HNqzMY2D2DUjuG7LLAqBrvvCevTr9M7Jj8QI_FqSNwwgMsdCEVJpq3dUjzaqk6wM0LRbtEatEfkk2cdjVncISHHm0KAdwkqB4vQSvWWG1u8kwvzJZWY0n8vDDvsNklJAEeKV0ZhtQ9DmQfoDxmV1ZVZbGtCTR0zjf49bHGTMlTlLNkLf8IHkyOdz8X0qzmGlOOZgPPCL3148_NAb_S7rP4qmAo=&abvar=0&os=0
IP 62.122.171.6:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28e463819a210071de3b45ebe7633613
6dccd571828ec0912629119cf7eabfea9f33ddbc
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
Analyzer Verdict Alert quad9 Sinkholed
GET /chicken.gif?z=1938828&pb=5e10b1a3567347a451de2c061f80e0981664053475&psp=JwDK1AmvK6HD-o0ra5eVR44NdKfSQDKieed_r17JdJHPSA9M8GnbhSs8GGM-RrpLCdjbIiQVayUZFbEEgEw1wIxNGFCAuuGYlplcfMpZIwcZ64VunVfw8wnZBgTQHoX9fd5IWCTNKcBd1cYdX7K1mD0m5D-E-g2QFEcYWvpGmBN2ZS9OSTeNPlMGY5A5LiwQRheJS88NAayD1Eg1ePG6rPt0CZqVgcCm66Tu-IK5VlJm3W8VQ7rL6ZXLvaXWO0pGXEvdIxkpY4QYnkaFEWD7ABXou85gRSeZFpoX25RFy_y---98vkL1w04cNfE-UIaslv8PF-mOeIV2Mnm3nZCSNUYXSkkXqzpTkSmeR9LQkttnZRpeqragxEuOvgih9guQLpaDbZirAmEKft4JU71fZgklz21fZQzXkO64JMNPVjUNstNPz6VdCWidTMyr9MllFNlExOMxSkMwdMEDXL3RMNQNy0BIBnIF16epBWhhZuh2tK8xMWHqRkjEm9tMJma-dl5DdiIU5i5wjmbSPxYOskSf2pPmB48aP0BPZOKwLVK0lcgGfFuxlj7K2lEfnM4vmR7f86i3LuVCNQSnCghWeLPQUX1N4GGBmcQdjTR_-pmOPVgOgdtjR-Qi06xEJeNxCQ-D3j45M3Ncp_mqGY6xryb_gj2RLME8Cxdh8EHP5JZnKp4BkuzV9RehrmSZmDZHiX5DBegyrEOCGxonaog80eGGjbnWS-f4oBv_C2yGsRMGrv9bDf_nC8jbZq9zLJDGNT4yRCyCaalqDys9ZF9oxdfEWXsoh6TyeAlY2Gq6eAHR1A4N8L8PdT5py2sKD1l3gw7TYqabC2R9JjlWPdu4BpVOJztlh6T0iBopwqeFWOwLMyM5SugSf_xLR4z8aa6_OqrmCRBHD9Dk-iFn1zKxSHVnZLPK8C1Cbygfk9jKG1h2X6UnKxHhYvy9BAoIbzghqahppdS-zsfpgwFnhTkU6sAy4m7_w_JVs0-Sg4LV4QMUDUXmy7vyIthTZXScoQsGjxvRIIrLetgr8eCRSh2Rbn0LvSj6HnCF2abragAEgo97KrQezeWoFjNJWbxWZ-4jCR3OIQaF6HNqzMY2D2DUjuG7LLAqBrvvCevTr9M7Jj8QI_FqSNwwgMsdCEVJpq3dUjzaqk6wM0LRbtEatEfkk2cdjVncISHHm0KAdwkqB4vQSvWWG1u8kwvzJZWY0n8vDDvsNklJAEeKV0ZhtQ9DmQfoDxmV1ZVZbGtCTR0zjf49bHGTMlTlLNkLf8IHkyOdz8X0qzmGlOOZgPPCL3148_NAb_S7rP4qmAo=&abvar=0&os=0 HTTP/1.1
Host: cwqljsecvr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: UID=220924140415de29b15a55408aadb21dabcb; OACICAP=AB8A3gAAAAAAAAAB; OACIBLOCK=AB8A3gAAAABjLo7Q; ppucnt=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 19:04:38 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.impression
set-cookie: OACICAP=ACH1gAAAAAAAAAABAB8A3gAAAAAAAAAB; Path=/; Expires=Mon, 24 Oct 2022 19:04:38 GMT; Secure; SameSite=None
OACIBLOCK=AB8A3gAAAABjLo7QACH1gAAAAABjLo7Q; Path=/; Expires=Mon, 24 Oct 2022 19:04:38 GMT; Secure; SameSite=None
ppucnt=0; Path=/; Expires=Sun, 25 Sep 2022 19:04:38 GMT; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
unseenreport.com/pxf.gif?uuid=b6203d9f-66ec-4c55-be14-93476794272c&eb=ecca27e85eb071c355aaa120865c0cc2&te=f7dfd0652d10ff8b14a5022fb9b430fe&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=1&pk=610cb7d81095a978163ef69489eedef5&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=19
192.243.61.225200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=b6203d9f-66ec-4c55-be14-93476794272c&eb=ecca27e85eb071c355aaa120865c0cc2&te=f7dfd0652d10ff8b14a5022fb9b430fe&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=1&pk=610cb7d81095a978163ef69489eedef5&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=19
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=b6203d9f-66ec-4c55-be14-93476794272c&eb=ecca27e85eb071c355aaa120865c0cc2&te=f7dfd0652d10ff8b14a5022fb9b430fe&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=1&pk=610cb7d81095a978163ef69489eedef5&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=19 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dood.so/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sat, 24 Sep 2022 19:04:38 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 4519152983f6db06883a77e30b36e224
Strict-Transport-Security: max-age=0; includeSubdomains
unseenreport.com/pxf.gif?uuid=b6203d9f-66ec-4c55-be14-93476794272c&eb=ecca27e85eb071c355aaa120865c0cc2&te=f7dfd0652d10ff8b14a5022fb9b430fe&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=1&pk=6c1b1180db34ecc485ebd9c5b6822bfa&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=19
192.243.61.225200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=b6203d9f-66ec-4c55-be14-93476794272c&eb=ecca27e85eb071c355aaa120865c0cc2&te=f7dfd0652d10ff8b14a5022fb9b430fe&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=1&pk=6c1b1180db34ecc485ebd9c5b6822bfa&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=19
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=b6203d9f-66ec-4c55-be14-93476794272c&eb=ecca27e85eb071c355aaa120865c0cc2&te=f7dfd0652d10ff8b14a5022fb9b430fe&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=13.31&b_frame=1&pk=6c1b1180db34ecc485ebd9c5b6822bfa&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=19 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dood.so/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sat, 24 Sep 2022 19:04:38 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 55c56080d82857669f91e469ec7da9b6
Strict-Transport-Security: max-age=0; includeSubdomains
reapinject.com/sbar.json?key=610cb7d81095a978163ef69489eedef5&uuid=b6203d9f-66ec-4c55-be14-93476794272c%3A1%3A1
192.243.59.20200 OK 4.1 kB URL HTTP/1.1 reapinject.com/sbar.json?key=610cb7d81095a978163ef69489eedef5&uuid=b6203d9f-66ec-4c55-be14-93476794272c%3A1%3A1
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (6110), with no line terminators
Hash f0476c896616e31ee836bf5231262b28
5a9939c1eddd10ae9c55725560cb65d7d621f709
7a26171836fd4789e1099061b088cd6d69b1ef846830b35a41f5dd5680a4173a
GET /sbar.json?key=610cb7d81095a978163ef69489eedef5&uuid=b6203d9f-66ec-4c55-be14-93476794272c%3A1%3A1 HTTP/1.1
Host: reapinject.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dood.so
Connection: keep-alive
Referer: https://dood.so/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Sat, 24 Sep 2022 19:04:39 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://dood.so
Access-Control-Allow-Origin: https://dood.so
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=16945929; expires=Sun, 25 Sep 2022 19:04:38 GMT; secure; SameSite=None
uid_id2=b6203d9f-66ec-4c55-be14-93476794272c:1:1; expires=Sat, 01 Oct 2022 19:04:38 GMT; secure; SameSite=None
pdhtkv=true; expires=Sun, 25 Sep 2022 19:04:39 GMT; secure; SameSite=None
uncs=1; expires=Sun, 25 Sep 2022 19:04:39 GMT; secure; SameSite=None
pdhtkv29=true; expires=Sun, 25 Sep 2022 19:04:39 GMT; secure; SameSite=None
uncs29=1; expires=Sun, 25 Sep 2022 19:04:39 GMT; secure; SameSite=None
slec610cb7d81095a978163ef69489eedef5=[3551995]; expires=Sat, 24 Sep 2022 19:04:44 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d994e3b95b09cf91da242e083029e7b7
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
reapinject.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skxR%2Bt3gS%2BLN%2BLP%2FYiqMxBQcFMuntmuqfdQzDGSDD7g90VvUl1VfWkNtVdTVX39CRegguyBw8j4r3zJtmg7oqCN3GRycKCuZjxlIP5Jxa8CCIzG4x%2BoPm8rvcKXr3P59Pd8pS4KOnJyhW9LZWii52m23jtQ8%2B73FiXWTloDLrBR0H7csP034yCpvt6413BNvWi73qu67leY1UakejB4pSEzO9HXjNym22%2F6XXaGJj%2F%2FtvSgaUOeP%2BUPAfJJ%2FOPnEuQbIws%2FW5F2M1C52%2B8k5aKFtqgzw%2FezzYzXWVIz2FiHCTZwZka2h6vPoTO9md2ofv%2FCGM5Ic7jh4izgzOTiPt7M5%2BxgsgQ8%2F%2Bj6o8h1BiSjsH0HUh%2BTADGcfUasvTeVW0quvWUpVN2Qub%2FeAJZTcj875eQpd8uKzlo3NSqLKTOLAZJDTkYQ%2FbGyMtDFNsXIKtDsOITSE6QpTUkP3klDny3xaNkIQgEW2izTmchFl57IWq1wyCM2n7os1kwUo4hkzGUGIJaB%2BX0kw7KxEGZO0j5SYN5nhe6nFG3GzHW4qGIA%2B56NEw86rlBFyWbeh%2BiyIdgaghmdpCbHWzKIUz5M%2BxGDcsd2IKgz2tUgqCyBBUlqCRBVRBU%2FXqfK%2Bvb%2Bh5Xtoy9s%2B6f9VY90kVvl%2B7roicyspufkmengTkXvriITXHSCDyXxSHvem7UoVHY9YKWSIKo3Y2E4CLpwMoa0l6YPXNbTsjzX76KXB7%2Fr0BMD2HVIZh8BrR8CbQahb4LujFqd11sZz9QXqqiybXmtjCCpk2mU3BdIy%2FmUWw5u%2BqUvDAbX%2BD%2FCcGOln4lswIzNXJT47Z8RNBTd0c3dEX2bujKku%2Bv5YVM5TadjvZmQQsx9%2FV7YqvShq%2Bt2OFXb7EpMYX3bwlbrNOMy6xnyTfLknNhVrVhgvy0Zj8Q8fXSbiyXJivz9etvr66luRHWSp2NQeWx%2FQxMTshFqmc7%2B%2BLtHyHNGKaskZZH5Kwg9SFYvgObn7u3eg5GnWvi3EFV1iPjx%2BeHSk6I%2F%2BQXKHG09OBjduWB9xdoXMOKf108x7v2LnrmZdDizmxd%2B6ZGX9Wgaghbzo2K3Bwt%2FdaaFWLljGJlnL1YGfX503itPGmErZZLg6jjhSEVYdz2u0ngcUr9duAHAW2hsBO2eOvx3wAAAP%2F%2FAQAA%2F%2F8bv6uyggQAAA%3D%3D
192.243.59.20200 OK 7 B URL HTTP/1.1 reapinject.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skxR%2Bt3gS%2BLN%2BLP%2FYiqMxBQcFMuntmuqfdQzDGSDD7g90VvUl1VfWkNtVdTVX39CRegguyBw8j4r3zJtmg7oqCN3GRycKCuZjxlIP5Jxa8CCIzG4x%2BoPm8rvcKXr3P59Pd8pS4KOnJyhW9LZWii52m23jtQ8%2B73FiXWTloDLrBR0H7csP034yCpvt6413BNvWi73qu67leY1UakejB4pSEzO9HXjNym22%2F6XXaGJj%2F%2FtvSgaUOeP%2BUPAfJJ%2FOPnEuQbIws%2FW5F2M1C52%2B8k5aKFtqgzw%2FezzYzXWVIz2FiHCTZwZka2h6vPoTO9md2ofv%2FCGM5Ic7jh4izgzOTiPt7M5%2BxgsgQ8%2F%2Bj6o8h1BiSjsH0HUh%2BTADGcfUasvTeVW0quvWUpVN2Qub%2FeAJZTcj875eQpd8uKzlo3NSqLKTOLAZJDTkYQ%2FbGyMtDFNsXIKtDsOITSE6QpTUkP3klDny3xaNkIQgEW2izTmchFl57IWq1wyCM2n7os1kwUo4hkzGUGIJaB%2BX0kw7KxEGZO0j5SYN5nhe6nFG3GzHW4qGIA%2B56NEw86rlBFyWbeh%2BiyIdgaghmdpCbHWzKIUz5M%2BxGDcsd2IKgz2tUgqCyBBUlqCRBVRBU%2FXqfK%2Bvb%2Bh5Xtoy9s%2B6f9VY90kVvl%2B7roicyspufkmengTkXvriITXHSCDyXxSHvem7UoVHY9YKWSIKo3Y2E4CLpwMoa0l6YPXNbTsjzX76KXB7%2Fr0BMD2HVIZh8BrR8CbQahb4LujFqd11sZz9QXqqiybXmtjCCpk2mU3BdIy%2FmUWw5u%2BqUvDAbX%2BD%2FCcGOln4lswIzNXJT47Z8RNBTd0c3dEX2bujKku%2Bv5YVM5TadjvZmQQsx9%2FV7YqvShq%2Bt2OFXb7EpMYX3bwlbrNOMy6xnyTfLknNhVrVhgvy0Zj8Q8fXSbiyXJivz9etvr66luRHWSp2NQeWx%2FQxMTshFqmc7%2B%2BLtHyHNGKaskZZH5Kwg9SFYvgObn7u3eg5GnWvi3EFV1iPjx%2BeHSk6I%2F%2BQXKHG09OBjduWB9xdoXMOKf108x7v2LnrmZdDizmxd%2B6ZGX9Wgaghbzo2K3Bwt%2FdaaFWLljGJlnL1YGfX503itPGmErZZLg6jjhSEVYdz2u0ngcUr9duAHAW2hsBO2eOvx3wAAAP%2F%2FAQAA%2F%2F8bv6uyggQAAA%3D%3D
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skxR%2Bt3gS%2BLN%2BLP%2FYiqMxBQcFMuntmuqfdQzDGSDD7g90VvUl1VfWkNtVdTVX39CRegguyBw8j4r3zJtmg7oqCN3GRycKCuZjxlIP5Jxa8CCIzG4x%2BoPm8rvcKXr3P59Pd8pS4KOnJyhW9LZWii52m23jtQ8%2B73FiXWTloDLrBR0H7csP034yCpvt6413BNvWi73qu67leY1UakejB4pSEzO9HXjNym22%2F6XXaGJj%2F%2FtvSgaUOeP%2BUPAfJJ%2FOPnEuQbIws%2FW5F2M1C52%2B8k5aKFtqgzw%2FezzYzXWVIz2FiHCTZwZka2h6vPoTO9md2ofv%2FCGM5Ic7jh4izgzOTiPt7M5%2BxgsgQ8%2F%2Bj6o8h1BiSjsH0HUh%2BTADGcfUasvTeVW0quvWUpVN2Qub%2FeAJZTcj875eQpd8uKzlo3NSqLKTOLAZJDTkYQ%2FbGyMtDFNsXIKtDsOITSE6QpTUkP3klDny3xaNkIQgEW2izTmchFl57IWq1wyCM2n7os1kwUo4hkzGUGIJaB%2BX0kw7KxEGZO0j5SYN5nhe6nFG3GzHW4qGIA%2B56NEw86rlBFyWbeh%2BiyIdgaghmdpCbHWzKIUz5M%2BxGDcsd2IKgz2tUgqCyBBUlqCRBVRBU%2FXqfK%2Bvb%2Bh5Xtoy9s%2B6f9VY90kVvl%2B7roicyspufkmengTkXvriITXHSCDyXxSHvem7UoVHY9YKWSIKo3Y2E4CLpwMoa0l6YPXNbTsjzX76KXB7%2Fr0BMD2HVIZh8BrR8CbQahb4LujFqd11sZz9QXqqiybXmtjCCpk2mU3BdIy%2FmUWw5u%2BqUvDAbX%2BD%2FCcGOln4lswIzNXJT47Z8RNBTd0c3dEX2bujKku%2Bv5YVM5TadjvZmQQsx9%2FV7YqvShq%2Bt2OFXb7EpMYX3bwlbrNOMy6xnyTfLknNhVrVhgvy0Zj8Q8fXSbiyXJivz9etvr66luRHWSp2NQeWx%2FQxMTshFqmc7%2B%2BLtHyHNGKaskZZH5Kwg9SFYvgObn7u3eg5GnWvi3EFV1iPjx%2BeHSk6I%2F%2BQXKHG09OBjduWB9xdoXMOKf108x7v2LnrmZdDizmxd%2B6ZGX9Wgaghbzo2K3Bwt%2FdaaFWLljGJlnL1YGfX503itPGmErZZLg6jjhSEVYdz2u0ngcUr9duAHAW2hsBO2eOvx3wAAAP%2F%2FAQAA%2F%2F8bv6uyggQAAA%3D%3D HTTP/1.1
Host: reapinject.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dood.so/
Cookie: u_pl=16945929; uid_id2=b6203d9f-66ec-4c55-be14-93476794272c:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec610cb7d81095a978163ef69489eedef5=[3551995]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Sat, 24 Sep 2022 19:04:39 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 33ba2266ed2bca7c6c7ba665ab724e15
Strict-Transport-Security: max-age=0; includeSubdomains
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 18f73dcabd57eb79e247a6f74eaef381
0cc2a2a586323c4aed2b530f0bb3a3ea39ec6b80
2cce5a62bdfc3e16ea9faeebf636e5ae092ca45c2d7efedfd42ab5abde1518b1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2CCE5A62BDFC3E16EA9FAEEBF636E5AE092CA45C2D7EFEDFD42AB5ABDE1518B1"
Last-Modified: Thu, 22 Sep 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4790
Expires: Sat, 24 Sep 2022 20:24:29 GMT
Date: Sat, 24 Sep 2022 19:04:39 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 344 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a0f884d959b986684bb199e29ea6c2af
91d2654bea2dd92ae95b844b32cc345d16c398b7
3d98dc7fc457cb7b3ed70e41609f5f4d5e1c14da530dc876d2a695db704238ed
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "3D98DC7FC457CB7B3ED70E41609F5F4D5E1C14DA530DC876D2A695DB704238ED"
Last-Modified: Sat, 24 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11794
Expires: Sat, 24 Sep 2022 22:21:13 GMT
Date: Sat, 24 Sep 2022 19:04:39 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 344 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a0f884d959b986684bb199e29ea6c2af
91d2654bea2dd92ae95b844b32cc345d16c398b7
3d98dc7fc457cb7b3ed70e41609f5f4d5e1c14da530dc876d2a695db704238ed
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "3D98DC7FC457CB7B3ED70E41609F5F4D5E1C14DA530DC876D2A695DB704238ED"
Last-Modified: Sat, 24 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11794
Expires: Sat, 24 Sep 2022 22:21:13 GMT
Date: Sat, 24 Sep 2022 19:04:39 GMT
Connection: keep-alive
reapinject.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2Fb6%2Fcf%2F48%2Fb6cf48ca3e8ab4bdbcfaa2279b0fb2bc%2F1613726822.html&l=1274&fd=396
192.243.59.20200 OK 0 B URL HTTP/1.1 reapinject.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2Fb6%2Fcf%2F48%2Fb6cf48ca3e8ab4bdbcfaa2279b0fb2bc%2F1613726822.html&l=1274&fd=396
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2Fb6%2Fcf%2F48%2Fb6cf48ca3e8ab4bdbcfaa2279b0fb2bc%2F1613726822.html&l=1274&fd=396 HTTP/1.1
Host: reapinject.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dood.so/
Cookie: u_pl=16945929; uid_id2=b6203d9f-66ec-4c55-be14-93476794272c:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec610cb7d81095a978163ef69489eedef5=[3551995]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Sat, 24 Sep 2022 19:04:39 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
e1.o.lencr.org/
23.36.76.226200 OK 1.0 kB IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
File type gzip compressed data, max compression\012- data
Hash adcabad3e961ec28e7fa2053de6b32d7
405b121cc245d316a10a4871c43a904324d8ce95
009cd9ba96a3b647653acd7f92a43c9ab5cb1461136a3c4596b7ceea5930e4cf
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "3D98DC7FC457CB7B3ED70E41609F5F4D5E1C14DA530DC876D2A695DB704238ED"
Last-Modified: Sat, 24 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11794
Expires: Sat, 24 Sep 2022 22:21:13 GMT
Date: Sat, 24 Sep 2022 19:04:39 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d6ee5ae00f81eebec5b2df19615bf961
a5dad2f2ab11f399da5016e8d944fd3422a03974
2b0151b6a2c52676ab8de2403c9d6854439051654eacea98975c1ae070659439
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2B0151B6A2C52676AB8DE2403C9D6854439051654EACEA98975C1AE070659439"
Last-Modified: Sat, 24 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17733
Expires: Sun, 25 Sep 2022 00:00:12 GMT
Date: Sat, 24 Sep 2022 19:04:39 GMT
Connection: keep-alive
cdn.sb4you1.com/sb/ssp/utility/social-media/facebook/css/style.css
172.64.200.2200 OK 1.5 kB URL HTTP/2 cdn.sb4you1.com/sb/ssp/utility/social-media/facebook/css/style.css
IP 172.64.200.2:0
Hash 908dce303e802b45f99455bfa3c26ef2
2f064693d34a6eac3903455fc3de8477c4554e40
60eed66130c70fbeb214c6ab5a7f747cfaaad001a5f10d33d3da7d57f70d6f98
GET /sb/ssp/utility/social-media/facebook/css/style.css HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dood.so
Connection: keep-alive
Referer: https://dood.so/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 24 Sep 2022 19:04:39 GMT
content-type: text/css
last-modified: Fri, 27 Aug 2021 12:19:14 GMT
etag: W/"6128d842-18be"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 4525094
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sDGjKva2WG4TqXWjFbNY96Q7EInobPnqh1zMZGqViDOZ%2B31wnPMHRP98DX060uSvhBQEsoZTprNkv7P2QLsl5kU%2Fd%2BIk%2BE4eP%2FZ%2FssdhcgW9pvhhb6VkQy7YTvBOMH9ux8g%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fdc97fc9377717-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.cloudimagesb.com/si/f4/8f/27/f48f278d5573f6712a27ddf0cda0e79c/1658144797.jpg
45.133.44.10200 OK 12 kB URL HTTP/2 cdn.cloudimagesb.com/si/f4/8f/27/f48f278d5573f6712a27ddf0cda0e79c/1658144797.jpg
IP 45.133.44.10:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3\012- data
Hash 80fd4412ef8de332749aa9078fd43dcc
17b0ae5b23e4e2b14110c21935a390db1e40c213
dce2df47202e23cff5dc1b198884109f96219679dc1d762c29d2c602bae0c643
GET /si/f4/8f/27/f48f278d5573f6712a27ddf0cda0e79c/1658144797.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 24 Sep 2022 19:04:39 GMT
content-type: image/jpeg
content-length: 12303
server: nginx/1.17.6
last-modified: Mon, 18 Jul 2022 11:46:46 GMT
etag: "62d54826-300f"
expires: Mon, 26 Sep 2022 19:04:39 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.sb4you1.com/sb/ssp/utility/social-media/facebook/css/animate.css
172.64.200.2200 OK 4.8 kB URL HTTP/2 cdn.sb4you1.com/sb/ssp/utility/social-media/facebook/css/animate.css
IP 172.64.200.2:0
Hash 21eb7a65c17a2c22ba104a7ecbf1dc0f
ea8c53be54889c7489aed04e30e3eb83af64dec9
090bd9ceb9a58da038e5ed4a39dfbb63ece49ed4f4f0656ce35f7faa41a3b237
GET /sb/ssp/utility/social-media/facebook/css/animate.css HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dood.so
Connection: keep-alive
Referer: https://dood.so/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 24 Sep 2022 19:04:39 GMT
content-type: text/css
last-modified: Sat, 20 Feb 2021 08:44:40 GMT
etag: W/"6030cbf8-1358d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 1929426
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M%2FwpbkI5m0DwyprDvt%2FdvrGZPbrY4HB5EYj6HxfVpxIKsG9RC2xQ7JcswDR7bFeZ88oYg4uILqVf1VFSQqULQTAQHWuk2etcxQt6N5TpWpOF2EAkpuo0lsNn2q0a5PGtQGI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fdc97fc92b7717-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
reapinject.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fssp%2Futility%2Fsocial-media%2Ffacebook%2Fjs%2Fscript.js&l=444&fd=106
192.243.59.20200 OK 0 B URL HTTP/1.1 reapinject.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fssp%2Futility%2Fsocial-media%2Ffacebook%2Fjs%2Fscript.js&l=444&fd=106
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fssp%2Futility%2Fsocial-media%2Ffacebook%2Fjs%2Fscript.js&l=444&fd=106 HTTP/1.1
Host: reapinject.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dood.so/
Cookie: u_pl=16945929; uid_id2=b6203d9f-66ec-4c55-be14-93476794272c:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec610cb7d81095a978163ef69489eedef5=[3551995]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Sat, 24 Sep 2022 19:04:39 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
reapinject.com/pixel/sbs?c=1
192.243.59.20200 OK 0 B URL HTTP/1.1 reapinject.com/pixel/sbs?c=1
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel/sbs?c=1 HTTP/1.1
Host: reapinject.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dood.so/
Cookie: u_pl=16945929; uid_id2=b6203d9f-66ec-4c55-be14-93476794272c:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec610cb7d81095a978163ef69489eedef5=[3551995]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Sat, 24 Sep 2022 19:04:40 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
reapinject.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSzWskxRuu3gR%2BLL%2BLH3sRVOagoGAm3fPRM%2B0egjFGgtkPdlf0JvXVk9pUdzVV3dOTeAkuyB48jIj3zjPJBnVXFLyJi0wWFszFjKcczD%2Bx4EUQmdlg9IXmfbqep%2BCp530%2F3S1OiY%2BCnqxcMdtKa7rYrvu11z4Mgsu1dZUWg9qgG34Uti7XbP%2FNKKz7r9felXzTLDb8wPcDP6itKitjM1icklDZ%2FSioR3691agH7RYG9r%2F%2FrvDgqAfRPyXPQYnJ%2FCPvEhQfI02%2BW5FuMzfZG%2B8khaa5seiLg%2FfTzdSUKZJzGFsPcXpwpoZxx6sPYdL9mV2Y%2Fj9CpibEe%2FwQLD04MwnW35v5ZBoyBRP%2FR9kfQ%2BoxFB2DmztQ4pgAXODqNaTJvavGlnTrKUun7ITM%2F%2FEEqpyQ%2Bd8vIU2%2BXdZqULtpdJErkzoM4gpqMIbqjZEVh8i3L0CVh%2BD5J1CCIE0qKHHyCgsbflNE8UIYSr7Q4u32ApNBayFqtjphJ2o1Og0%2BC0apMVQ8hpZDUOehmH7KQxF7KDIPiTip8SAIOr7g1O9GnDdFR7JQ%2BAHtxAEN%2FLCLgk%2B9D5FnQ3A9BLc7yOwONtUQtvgZbqOCEx5cTtAXFUpJUDqCkhKUiqDMCcp%2BtS%2B0a7jqntCuYMFZb5z1ZjUyeW%2BX7pu8J1Oym52SZ6eBeRe%2BuIhNeVILA5%2BzjugGftSmUacbhE0Zh1GrG0kpZNyGUxWUuzB75raakOe%2FfBWZOv5fDkYP4fQhuHoGtHgJtBx1Gj7oxqjV9bGd%2FkBFofO6MEa43Eqa1LlJIEyFLJ9HvuXt6lPywmx8YeNPSH609CuZFbitkNkKt9Ujgp6%2BO7phSrJ3w5SOfH8ty1Witul0tDdzmsu5r9%2BTW6WxYm3FDb96i0%2BJKbx%2FS7p8naZCpT1HvllWQki7aiyX5Kc194Fk1wu3sVzYtMjWr7%2B9upZkVjqnTDoGVcfuM3A1IRepme3si7d%2FhLJj2KJCUhyRs4Iyh%2BDZDlx27t6ZOVh9rmGZh7KoRrbBzg%2B1mpDGk1%2Bg5dHSg4%2F5lQfBX6CsgpP%2FuniOd91d9OzLoPmd2br2bYW%2BrkD1EK6YG%2BWZPVr6rTkrMO2NmLbeHtNWf%2F40XqdOak1fdJiMZYfJVrsVSy5Yu818HnPWFN0uR%2B4mfPHW478BAAD%2F%2FwEAAP%2F%2Fm2t%2BWoIEAAA%3D
192.243.59.20200 OK 7 B URL HTTP/1.1 reapinject.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSzWskxRuu3gR%2BLL%2BLH3sRVOagoGAm3fPRM%2B0egjFGgtkPdlf0JvXVk9pUdzVV3dOTeAkuyB48jIj3zjPJBnVXFLyJi0wWFszFjKcczD%2Bx4EUQmdlg9IXmfbqep%2BCp530%2F3S1OiY%2BCnqxcMdtKa7rYrvu11z4Mgsu1dZUWg9qgG34Uti7XbP%2FNKKz7r9felXzTLDb8wPcDP6itKitjM1icklDZ%2FSioR3691agH7RYG9r%2F%2FrvDgqAfRPyXPQYnJ%2FCPvEhQfI02%2BW5FuMzfZG%2B8khaa5seiLg%2FfTzdSUKZJzGFsPcXpwpoZxx6sPYdL9mV2Y%2Fj9CpibEe%2FwQLD04MwnW35v5ZBoyBRP%2FR9kfQ%2BoxFB2DmztQ4pgAXODqNaTJvavGlnTrKUun7ITM%2F%2FEEqpyQ%2Bd8vIU2%2BXdZqULtpdJErkzoM4gpqMIbqjZEVh8i3L0CVh%2BD5J1CCIE0qKHHyCgsbflNE8UIYSr7Q4u32ApNBayFqtjphJ2o1Og0%2BC0apMVQ8hpZDUOehmH7KQxF7KDIPiTip8SAIOr7g1O9GnDdFR7JQ%2BAHtxAEN%2FLCLgk%2B9D5FnQ3A9BLc7yOwONtUQtvgZbqOCEx5cTtAXFUpJUDqCkhKUiqDMCcp%2BtS%2B0a7jqntCuYMFZb5z1ZjUyeW%2BX7pu8J1Oym52SZ6eBeRe%2BuIhNeVILA5%2BzjugGftSmUacbhE0Zh1GrG0kpZNyGUxWUuzB75raakOe%2FfBWZOv5fDkYP4fQhuHoGtHgJtBx1Gj7oxqjV9bGd%2FkBFofO6MEa43Eqa1LlJIEyFLJ9HvuXt6lPywmx8YeNPSH609CuZFbitkNkKt9Ujgp6%2BO7phSrJ3w5SOfH8ty1Witul0tDdzmsu5r9%2BTW6WxYm3FDb96i0%2BJKbx%2FS7p8naZCpT1HvllWQki7aiyX5Kc194Fk1wu3sVzYtMjWr7%2B9upZkVjqnTDoGVcfuM3A1IRepme3si7d%2FhLJj2KJCUhyRs4Iyh%2BDZDlx27t6ZOVh9rmGZh7KoRrbBzg%2B1mpDGk1%2Bg5dHSg4%2F5lQfBX6CsgpP%2FuniOd91d9OzLoPmd2br2bYW%2BrkD1EK6YG%2BWZPVr6rTkrMO2NmLbeHtNWf%2F40XqdOak1fdJiMZYfJVrsVSy5Yu818HnPWFN0uR%2B4mfPHW478BAAD%2F%2FwEAAP%2F%2Fm2t%2BWoIEAAA%3D
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSzWskxRuu3gR%2BLL%2BLH3sRVOagoGAm3fPRM%2B0egjFGgtkPdlf0JvXVk9pUdzVV3dOTeAkuyB48jIj3zjPJBnVXFLyJi0wWFszFjKcczD%2Bx4EUQmdlg9IXmfbqep%2BCp530%2F3S1OiY%2BCnqxcMdtKa7rYrvu11z4Mgsu1dZUWg9qgG34Uti7XbP%2FNKKz7r9felXzTLDb8wPcDP6itKitjM1icklDZ%2FSioR3691agH7RYG9r%2F%2FrvDgqAfRPyXPQYnJ%2FCPvEhQfI02%2BW5FuMzfZG%2B8khaa5seiLg%2FfTzdSUKZJzGFsPcXpwpoZxx6sPYdL9mV2Y%2Fj9CpibEe%2FwQLD04MwnW35v5ZBoyBRP%2FR9kfQ%2BoxFB2DmztQ4pgAXODqNaTJvavGlnTrKUun7ITM%2F%2FEEqpyQ%2Bd8vIU2%2BXdZqULtpdJErkzoM4gpqMIbqjZEVh8i3L0CVh%2BD5J1CCIE0qKHHyCgsbflNE8UIYSr7Q4u32ApNBayFqtjphJ2o1Og0%2BC0apMVQ8hpZDUOehmH7KQxF7KDIPiTip8SAIOr7g1O9GnDdFR7JQ%2BAHtxAEN%2FLCLgk%2B9D5FnQ3A9BLc7yOwONtUQtvgZbqOCEx5cTtAXFUpJUDqCkhKUiqDMCcp%2BtS%2B0a7jqntCuYMFZb5z1ZjUyeW%2BX7pu8J1Oym52SZ6eBeRe%2BuIhNeVILA5%2BzjugGftSmUacbhE0Zh1GrG0kpZNyGUxWUuzB75raakOe%2FfBWZOv5fDkYP4fQhuHoGtHgJtBx1Gj7oxqjV9bGd%2FkBFofO6MEa43Eqa1LlJIEyFLJ9HvuXt6lPywmx8YeNPSH609CuZFbitkNkKt9Ujgp6%2BO7phSrJ3w5SOfH8ty1Witul0tDdzmsu5r9%2BTW6WxYm3FDb96i0%2BJKbx%2FS7p8naZCpT1HvllWQki7aiyX5Kc194Fk1wu3sVzYtMjWr7%2B9upZkVjqnTDoGVcfuM3A1IRepme3si7d%2FhLJj2KJCUhyRs4Iyh%2BDZDlx27t6ZOVh9rmGZh7KoRrbBzg%2B1mpDGk1%2Bg5dHSg4%2F5lQfBX6CsgpP%2FuniOd91d9OzLoPmd2br2bYW%2BrkD1EK6YG%2BWZPVr6rTkrMO2NmLbeHtNWf%2F40XqdOak1fdJiMZYfJVrsVSy5Yu818HnPWFN0uR%2B4mfPHW478BAAD%2F%2FwEAAP%2F%2Fm2t%2BWoIEAAA%3D HTTP/1.1
Host: reapinject.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://dood.so/
Cookie: u_pl=16945929; uid_id2=b6203d9f-66ec-4c55-be14-93476794272c:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec610cb7d81095a978163ef69489eedef5=[3551995]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Sat, 24 Sep 2022 19:04:40 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 8138be6b7e1f9f860da43c5959bd360a
Strict-Transport-Security: max-age=0; includeSubdomains
i.doodcdn.com/theme_2/img/loader.svg
104.21.34.210301 Moved Permanently 0 B URL HTTP/2 i.doodcdn.com/theme_2/img/loader.svg
IP 104.21.34.210:0
GET /theme_2/img/loader.svg HTTP/1.1
Host: i.doodcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://i.doodcdn.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Sat, 24 Sep 2022 19:04:36 GMT
location: https://i.doodcdn.co/theme_2/img/loader.svg
cache-control: max-age=3600
expires: Sat, 24 Sep 2022 20:04:36 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KTfuBHOtKSuDH8U%2FWP0Gdds7FOWXVHMT5AXEcYKvkAy9torJYIzvLQGFCdeyi3kwPufy0iWnfzmCIFLtRmEZFwDUgE6Kx%2BwTUio35kQdmpZJtGVnDV0faf%2FK%2BKAE00S5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fdc969ce40b4f7-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
dood.so/?op=player_error&token=ks5mt4bem0yxhh8hnvtny2bu&error_code=4
190.115.31.133200 OK 0 B URL HTTP/2 dood.so/?op=player_error&token=ks5mt4bem0yxhh8hnvtny2bu&error_code=4
IP 190.115.31.133:0
ASN #262254 DDOS-GUARD CORP.
GET /?op=player_error&token=ks5mt4bem0yxhh8hnvtny2bu&error_code=4 HTTP/1.1
Host: dood.so
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://dood.so/e/6wvgc59tuvnj
Cookie: a=aDcxSWphTP5oMwp9nBIsMhofHBT0iLQZ
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
set-cookie: __ddg1_=r3EzPFPm1wQ1OH5k091i; Domain=.dood.so; HttpOnly; Path=/; Expires=Sun, 24-Sep-2023 19:04:37 GMT
date: Sat, 24 Sep 2022 19:04:37 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
content-encoding: br
vary: Accept-Encoding
X-Firefox-Spdy: h2
www.blockadsnot.com/audio.min.js
185.76.9.24200 OK 0 B URL HTTP/2 www.blockadsnot.com/audio.min.js
IP 185.76.9.24:0
ASN #60068 Datacamp Limited
GET /audio.min.js HTTP/1.1
Host: www.blockadsnot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dood.so
Connection: keep-alive
Referer: https://dood.so/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 24 Sep 2022 19:04:36 GMT
content-type: application/x-javascript
alt-svc: quic="185.76.9.20:443"; ma=2592000; v="44,43,39"
expires: Fri, 30 Sep 2022 20:33:53 GMT
access-control-allow-origin: *
link: <https://blockadsnot.com/>;rel=preconnect,<https://c.adsco.re/>;rel=preconnect,<https://adsco.re/>;rel=preconnect
cache-control: public, max-age=604800
x-accel-expires: @1664570033
server: CDN77-Turbo
x-77-nzt: AblMCRRj7Zn/kzwBAA
x-77-nzt-ray: UTztHI/z3sw
x-cache: HIT
x-age: 81043
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
cdn.barscreative1.com/sb/au/b6/cf/48/b6cf48ca3e8ab4bdbcfaa2279b0fb2bc/1613726822.html
45.133.44.3200 OK 0 B URL HTTP/2 cdn.barscreative1.com/sb/au/b6/cf/48/b6cf48ca3e8ab4bdbcfaa2279b0fb2bc/1613726822.html
IP 45.133.44.3:0
ASN #39572 DataWeb Global Group B.V.
Analyzer Verdict Alert fortinet Phishing
GET /sb/au/b6/cf/48/b6cf48ca3e8ab4bdbcfaa2279b0fb2bc/1613726822.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dood.so
Connection: keep-alive
Referer: https://dood.so/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 24 Sep 2022 19:04:39 GMT
content-type: text/html; charset=utf-8
server: nginx/1.17.6
last-modified: Fri, 19 Feb 2021 09:27:09 GMT
etag: W/"602f846d-4fa"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Sat, 24 Sep 2022 20:04:39 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2
mc.yandex.ru/watch/61426822?wmode=7&page-url=https%3A%2F%2Fstreamtape.com%2Fe%2F0zMxrjPypBcbxAj%2F&page-ref=https%3A%2F%2Fwww.fantasysnuff.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afp%3A639%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A92581388593%3Ahid%3A475913410%3Az%3A0%3Ai%3A20220924190435%3Aet%3A1664046275%3Arn%3A597953371%3Arqn%3A1%3Au%3A1664046275629095066%3Aw%3A630x500%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Ads%3A0%2C0%2C0%2C%2C%2C0%2C%2C511%2C0%2C%2C%2C%2C692%3Ans%3A1664046273812%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1664046275%3At%3AStreamtape.com&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2)
77.88.21.119302 Found 0 B URL HTTP/2 mc.yandex.ru/watch/61426822?wmode=7&page-url=https%3A%2F%2Fstreamtape.com%2Fe%2F0zMxrjPypBcbxAj%2F&page-ref=https%3A%2F%2Fwww.fantasysnuff.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afp%3A639%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A92581388593%3Ahid%3A475913410%3Az%3A0%3Ai%3A20220924190435%3Aet%3A1664046275%3Arn%3A597953371%3Arqn%3A1%3Au%3A1664046275629095066%3Aw%3A630x500%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Ads%3A0%2C0%2C0%2C%2C%2C0%2C%2C511%2C0%2C%2C%2C%2C692%3Ans%3A1664046273812%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1664046275%3At%3AStreamtape.com&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2)
IP 77.88.21.119:0
GET /watch/61426822?wmode=7&page-url=https%3A%2F%2Fstreamtape.com%2Fe%2F0zMxrjPypBcbxAj%2F&page-ref=https%3A%2F%2Fwww.fantasysnuff.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afp%3A639%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A92581388593%3Ahid%3A475913410%3Az%3A0%3Ai%3A20220924190435%3Aet%3A1664046275%3Arn%3A597953371%3Arqn%3A1%3Au%3A1664046275629095066%3Aw%3A630x500%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Ads%3A0%2C0%2C0%2C%2C%2C0%2C%2C511%2C0%2C%2C%2C%2C692%3Ans%3A1664046273812%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1664046275%3At%3AStreamtape.com&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://streamtape.com
Connection: keep-alive
Referer: https://streamtape.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /watch/61426822/1?wmode=7&page-url=https%3A%2F%2Fstreamtape.com%2Fe%2F0zMxrjPypBcbxAj%2F&page-ref=https%3A%2F%2Fwww.fantasysnuff.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afp%3A639%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A92581388593%3Ahid%3A475913410%3Az%3A0%3Ai%3A20220924190435%3Aet%3A1664046275%3Arn%3A597953371%3Arqn%3A1%3Au%3A1664046275629095066%3Aw%3A630x500%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Awv%3A2%3Ads%3A0%2C0%2C0%2C%2C%2C0%2C%2C511%2C0%2C%2C%2C%2C692%3Ans%3A1664046273812%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1664046275%3At%3AStreamtape.com&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29
date: Sat, 24 Sep 2022 19:04:36 GMT
access-control-allow-origin: https://streamtape.com
set-cookie: yandexuid=8225936921664046276; Expires=Sun, 24-Sep-2023 19:04:36 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=8225936921664046276; Expires=Sun, 24-Sep-2023 19:04:36 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yabs-sid=1686430001664046276; Path=/; SameSite=None; Secure
i=baDrLLByWnJ57BrhJqVrvWCwfYGdyorMx262HhCXu1m89DrvTORSw7GQC+bIT0ioQX2htXAzs3dnWcN/Ovyi1tm9HGI=; Expires=Tue, 21-Sep-2032 19:04:33 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
ymex=1695582276.yrts.1664046276#1695582276.yrtsi.1664046276; Expires=Sun, 24-Sep-2023 19:04:36 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sat, 24-Sep-2022 19:04:36 GMT
last-modified: Sat, 24-Sep-2022 19:04:36 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ad.a-ads.com/1956304?size=250x250
148.251.1.246200 OK 0 B URL HTTP/2 ad.a-ads.com/1956304?size=250x250
IP 148.251.1.246:0
ASN #24940 Hetzner Online GmbH
GET /1956304?size=250x250 HTTP/1.1
Host: ad.a-ads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.fantasysnuff.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 19:04:35 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding, Accept-Encoding
status: 200 OK
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-powered-by: Phusion Passenger(R)
x-original-referer: https://www.fantasysnuff.com/
x-robots-tag: noindex, nofollow, nosnippet, noarchive
content-encoding: gzip
X-Firefox-Spdy: h2
lame7bsqu8barters.com/get/1876944?zoneid=1876944&jp=_cl7bqvh464i9ygb4sz9bwp&nojs=0&ix=0&abvar=0&t=0&x=630&y=500&wcks=0&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=8834779214643253
62.122.171.6200 OK 0 B URL HTTP/2 lame7bsqu8barters.com/get/1876944?zoneid=1876944&jp=_cl7bqvh464i9ygb4sz9bwp&nojs=0&ix=0&abvar=0&t=0&x=630&y=500&wcks=0&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=8834779214643253
IP 62.122.171.6:0
Analyzer Verdict Alert quad9 Sinkholed
GET /get/1876944?zoneid=1876944&jp=_cl7bqvh464i9ygb4sz9bwp&nojs=0&ix=0&abvar=0&t=0&x=630&y=500&wcks=0&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=8834779214643253 HTTP/1.1
Host: lame7bsqu8barters.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://streamtape.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 19:04:36 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-route-id: config
set-cookie: UID=2209241404112c705ff0be42a393629d0447; Path=/; Expires=Sun, 24 Sep 2023 19:04:36 GMT; HttpOnly; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
free-cosmetics-online.com/favicon.ico
104.21.23.47404 Not Found 0 B URL HTTP/2 free-cosmetics-online.com/favicon.ico
IP 104.21.23.47:0
GET /favicon.ico HTTP/1.1
Host: free-cosmetics-online.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
date: Sat, 24 Sep 2022 19:04:37 GMT
content-type: text/html
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 111
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gay%2Fri3%2BT8PG0AHrvQEUlnjq3DGyEl4cRRJvx36DYyeAyLINzYuuoZbOEx%2BkPXux2Lil74kfQCjzXfbQN%2FlyrzLJaYmymlm4xYlqoc08lQlQOSdpgkbvky4ACEx9wbuYnf%2BktsYZo0%2FBxxoU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74fdc97558d8b4fd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.sb4you1.com/sb/ssp/utility/social-media/facebook/js/script.js
172.64.200.2200 OK 0 B URL HTTP/2 cdn.sb4you1.com/sb/ssp/utility/social-media/facebook/js/script.js
IP 172.64.200.2:0
GET /sb/ssp/utility/social-media/facebook/js/script.js HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://dood.so
Connection: keep-alive
Referer: https://dood.so/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 24 Sep 2022 19:04:39 GMT
content-type: application/javascript
last-modified: Sat, 20 Feb 2021 08:47:14 GMT
etag: W/"6030cc92-1bc"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 4525094
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E3dltPtcZijRW2ji6WcpjJku33%2BpKMKqbqTh1j6TkJEVVDAjWTfmWDSAY8UhJhIPMP%2FCzAjNHEMIN9dXl8KYcPfwwLEzCPexUn1Z8DboS%2F%2Fxn3I2Q4obdxZRIhjQgySZLLg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74fdc97fd94c7717-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
streamtape.com/e/0zMxrjPypBcbxAj/
104.21.47.209200 OK 0 B URL HTTP/2 streamtape.com/e/0zMxrjPypBcbxAj/
IP 104.21.47.209:0
GET /e/0zMxrjPypBcbxAj/ HTTP/1.1
Host: streamtape.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.fantasysnuff.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 24 Sep 2022 19:04:34 GMT
content-type: text/html; charset=UTF-8
cache-control: private
set-cookie: _b=kube13; path=/
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9IWUu4Wmv1ZVW0LwXEfjCOq7M%2FVK4y3jhc6jFjJTFSvqQjPk9hBqeNwxO7YT4gJJFvqoeDm%2B%2Bzxu%2FLSAatNpPNyCWkMatwV9PBcwPs6RkdA4lfxN%2FIGb2zTg%2F25kzE2AaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74fdc95f4e2f0b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2