firefox.settings.services.mozilla.com/v1/
143.204.55.36200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 28 Sep 2022 22:37:45 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Ygy1moVX2CVBE8jWMKQh8ANDYr8gDtjjDUN2fR58uvoQepf3FjJcUQ==
Age: 2433
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 490c003436e215e91596f285fcba92f5
0c4c9a5802e7cdb699f4918c252dbdf8431c25ec
9fe6beb1cb3851018168765a243b6de69ec71d30770f8c2dcc57cae7d9978cc1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9FE6BEB1CB3851018168765A243B6DE69EC71D30770F8C2DCC57CAE7D9978CC1"
Last-Modified: Wed, 28 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11020
Expires: Thu, 29 Sep 2022 02:21:58 GMT
Date: Wed, 28 Sep 2022 23:18:18 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.25200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.25:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Wed, 28 Sep 2022 09:24:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: iJm9njegZKLkuv-eiVCSGJ-UCJzNBpO0PBSmlY_qO9tnDuMJ5ImUjA==
age: 64192
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 23:18:18 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9d77eb488578d270d1f35cea8b20e7f7
4e6aecb2c49d4b5b8d2ad996c776c1d4a00ca2ab
d8dc33ba3573073cad16abfc9cd3bb3d12a81a20d6cd00891f33d0d4f6825ced
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D8DC33BA3573073CAD16ABFC9CD3BB3D12A81A20D6CD00891F33D0D4F6825CED"
Last-Modified: Wed, 28 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21559
Expires: Thu, 29 Sep 2022 05:17:38 GMT
Date: Wed, 28 Sep 2022 23:18:19 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.36200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Wed, 28 Sep 2022 22:29:33 GMT
Expires: Wed, 28 Sep 2022 22:32:54 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: T5-ztbw91N1dbbihJnUrS8wQm1D1PSsfUWoeyPq9PQx3qNDdJxh9yg==
Age: 2926
90degreenorth.com/uu/scledmidtoeu
162.251.80.27200 OK 392 B URL HTTP/2 90degreenorth.com/uu/scledmidtoeu
IP 162.251.80.27:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type HTML document, ASCII text, with very long lines (884), with no line terminators
Hash c4d8e430806eeae36240313c2f29b8e0
4718a7c5d7428a264dd699d95effd675e45abdf3
48301470ba1633c19497f1ef4ad82e13db4ed8f1292de4d54896d4958e39eb54
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /uu/scledmidtoeu HTTP/1.1
Host: 90degreenorth.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Wed, 28 Sep 2022 23:18:19 GMT
server: Apache
content-type: text/html; charset=UTF-8
content-length: 392
vary: Accept-Encoding
content-encoding: gzip
x-server-cache: true
x-proxy-cache: MISS
X-Firefox-Spdy: h2
90degreenorth.com/favicon.ico
162.251.80.27200 OK 396 B URL HTTP/2 90degreenorth.com/favicon.ico
IP 162.251.80.27:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type HTML document, ASCII text, with very long lines (897), with no line terminators
Hash 95a1840ba9e7f80e0dd9b42aff71b7a1
6805ba8f36b1ff09963f33fcd6174bc1d8101685
119df90388a3115e13404658272523e06b85aeeebe0b2d9e4e22ebc3f6fd4761
Analyzer Verdict Alert quad9 Sinkholed
GET /favicon.ico HTTP/1.1
Host: 90degreenorth.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://90degreenorth.com/uu/scledmidtoeu
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Sep 2022 23:18:19 GMT
server: Apache
content-type: text/html; charset=UTF-8
content-length: 396
vary: Accept-Encoding
content-encoding: gzip
x-server-cache: true
x-proxy-cache: MISS
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 3526d5ce1381ba26cbc553db057e1915
fe01c920696448e8bf12e6fff877bce8281d34a2
09604aed7cbca7971bfcb5afcb53591600b944f28eff21aa65dc601e78cdda53
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5658
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 23:18:19 GMT
Last-Modified: Wed, 28 Sep 2022 21:44:01 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
34.223.168.227101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.223.168.227:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: zbj6+whusGg6n0DqoAME2A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: bCPIY+vZg2jDLC9OJ/pTEDCblvU=
away.bettershitecolumn.com/speak.php?q=1311&w=334-1166-567334-46
91.211.91.104302 Found 0 B URL HTTP/2 away.bettershitecolumn.com/speak.php?q=1311&w=334-1166-567334-46
IP 91.211.91.104:0
ASN #206638 PE Brezhnev Daniil
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /speak.php?q=1311&w=334-1166-567334-46 HTTP/1.1
Host: away.bettershitecolumn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://90degreenorth.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Wed, 28 Sep 2022 23:18:20 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://away.bettershitecolumn.com/speak.php?nid=54889&yid=9554-66-457679-29
x-powered-by: PHP/7.3.33
strict-transport-security: max-age=15768000;
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4364fa358f76c1635458dab5d598f857
d15fc7359711b1651235fa1be66accc03fe26c1c
6449bf062dbb79683071f367ca142c175ef304485cb4d3711feb4763146e4fa7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6449BF062DBB79683071F367CA142C175EF304485CB4D3711FEB4763146E4FA7"
Last-Modified: Wed, 28 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3808
Expires: Thu, 29 Sep 2022 00:21:49 GMT
Date: Wed, 28 Sep 2022 23:18:21 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4364fa358f76c1635458dab5d598f857
d15fc7359711b1651235fa1be66accc03fe26c1c
6449bf062dbb79683071f367ca142c175ef304485cb4d3711feb4763146e4fa7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6449BF062DBB79683071F367CA142C175EF304485CB4D3711FEB4763146E4FA7"
Last-Modified: Wed, 28 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3808
Expires: Thu, 29 Sep 2022 00:21:49 GMT
Date: Wed, 28 Sep 2022 23:18:21 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4364fa358f76c1635458dab5d598f857
d15fc7359711b1651235fa1be66accc03fe26c1c
6449bf062dbb79683071f367ca142c175ef304485cb4d3711feb4763146e4fa7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6449BF062DBB79683071F367CA142C175EF304485CB4D3711FEB4763146E4FA7"
Last-Modified: Wed, 28 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3808
Expires: Thu, 29 Sep 2022 00:21:49 GMT
Date: Wed, 28 Sep 2022 23:18:21 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4364fa358f76c1635458dab5d598f857
d15fc7359711b1651235fa1be66accc03fe26c1c
6449bf062dbb79683071f367ca142c175ef304485cb4d3711feb4763146e4fa7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6449BF062DBB79683071F367CA142C175EF304485CB4D3711FEB4763146E4FA7"
Last-Modified: Wed, 28 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3808
Expires: Thu, 29 Sep 2022 00:21:49 GMT
Date: Wed, 28 Sep 2022 23:18:21 GMT
Connection: keep-alive
cdn.weatherplllatform.com/base.js?v=33.4
91.211.91.114200 OK 8.9 kB URL HTTP/2 cdn.weatherplllatform.com/base.js?v=33.4
IP 91.211.91.114:0
ASN #206638 PE Brezhnev Daniil
Hash 7a28d9221a743e9b5be6cbec15ca7dbe
203ebcb42a0c5767bae6d469bd0ef000583d8a26
8b45248ce97b48b52442c949ebaf762565efa87509abbdc10e04d1430eb6d231
GET /base.js?v=33.4 HTTP/1.1
Host: cdn.weatherplllatform.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://90degreenorth.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 23:18:20 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 28 Sep 2022 20:14:42 GMT
vary: Accept-Encoding
etag: W/"6334ab32-1835"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=15768000;
content-encoding: gzip
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9d0e9057-f203-4080-95b8-652ecd15effa.jpeg
34.120.237.76200 OK 7.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9d0e9057-f203-4080-95b8-652ecd15effa.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c62a6368c456e9614ca4c8e360a2ef12
35ec6e80d324bb215796c590a7ffafbaea55d88e
90a37acc6beda1aa98a98cb84e00a7e469d6d919a14f4709c5f67a83ae95278d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9d0e9057-f203-4080-95b8-652ecd15effa.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7859
x-amzn-requestid: 34d0718f-46d4-446f-bb06-8449bd8f4287
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZIlO4FcBoAMFy0w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63334f2b-58ae81c9077e4f1575750f15;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 19:29:47 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: XwUZAphoqael30FgWCRQlHqBpjBOSG7rnlbPNKyojhONZ625gCUI5g==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 91356d2137f5a7345e93da4516c49ec4.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Sep 2022 08:28:02 GMT
age: 53419
etag: "35ec6e80d324bb215796c590a7ffafbaea55d88e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff61695e2-14b2-44b1-b2d0-93aed95788f3.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff61695e2-14b2-44b1-b2d0-93aed95788f3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 33d8a1c1782f57095619cfba8c58a4a5
9f21cefa8882ea63961ae2eb51b7cd406b2358d6
47c04dd3680f76a5bc54157c64d64dcb7dea517c8dace4fdcf8e46df43fa9cae
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff61695e2-14b2-44b1-b2d0-93aed95788f3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10272
x-amzn-requestid: 443e641f-25dc-456c-bb7f-ae23153dc52d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZGVSwECzoAMFpeA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633268de-20524e433a72428653175a94;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 03:07:10 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: k1I8tevinkxbPVl-cUWVt8vOEqQK5rxo5B17xyQGMSkCUbrbNj4AmA==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Sep 2022 03:48:25 GMT
age: 70196
etag: "9f21cefa8882ea63961ae2eb51b7cd406b2358d6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75de31dd-bbf0-4a21-bfac-94f0062f4da4.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75de31dd-bbf0-4a21-bfac-94f0062f4da4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f4505f57697072468da82e0b536d0d5b
e1067a2dfbc22e7eb196046d57bd1e17604dba75
b5e79054f165f38b99f93a8128284f82076523988aeb102b85dd8ff1a2870d00
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75de31dd-bbf0-4a21-bfac-94f0062f4da4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10023
x-amzn-requestid: 0cb6b9a1-0707-4094-b197-5a0add2df717
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZMK4dHJLIAMFWmg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6334be9c-2d8bbb17157900f126c5bb3c;Sampled=0
x-amzn-remapped-date: Wed, 28 Sep 2022 21:37:32 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: wZ2hBqHAdwimAVV3p-CJFrb9zQ-CTN5ar9CB-cu0mZoENYUFTKKPWQ==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 ddaf46a95abcfc80e8eae76235e2127c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Sep 2022 21:40:43 GMT
age: 5858
etag: "e1067a2dfbc22e7eb196046d57bd1e17604dba75"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22873375-e381-41ee-a4b6-18ad56172e59.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22873375-e381-41ee-a4b6-18ad56172e59.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 515e23ff5ef0fc336ac5ec7fd31dfacd
a98da6b6ce993bd8f3b58ba42915cd9c4b45946c
77c186eb00def4a978d1bfd9eac755f70bf465f622991aaf6681227aec3e118a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22873375-e381-41ee-a4b6-18ad56172e59.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8508
x-amzn-requestid: 5568f81c-2f99-44bf-9bd8-f015c604c513
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZMJlzFywoAMFamw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6334bc8b-1d335c5c536e895a19b5965f;Sampled=0
x-amzn-remapped-date: Wed, 28 Sep 2022 21:28:43 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 2RLqacSoBXtv1i-6fRV9nejJ5tulXVJ-VsKVDvsMqAgPqXKWe_2cJw==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Sep 2022 21:49:15 GMT
age: 5346
etag: "a98da6b6ce993bd8f3b58ba42915cd9c4b45946c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd156c6a4-51d8-498f-ac66-df71d14dc199.jpeg
34.120.237.76200 OK 7.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd156c6a4-51d8-498f-ac66-df71d14dc199.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f5d602deb76fb578e19f56ab7ded2070
8c73e318a79c74a980108bb3d79c89d00c35af57
d212b5cfea23e349471702c7a79f464ef012bc644ab7ab60caed6a7f7395a049
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd156c6a4-51d8-498f-ac66-df71d14dc199.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7229
x-amzn-requestid: 1e98e32e-b1da-4f28-b0fb-6ad482cc3b12
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y2KrgGhDIAMFjPQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632bf17c-197f996d46d51b72085923b2;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 05:24:12 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: BxFR1ChcGuHjkvOhB5PVZwVpiGQM9RWPV7rKgKgekaTSbSKnVQ_t5Q==
via: 1.1 de8fc80b494d3d381f7e006918dcc588.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Sep 2022 17:51:26 GMT
age: 19615
etag: "8c73e318a79c74a980108bb3d79c89d00c35af57"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
away.bettershitecolumn.com/speak.php?nid=54889&yid=9554-66-457679-29
91.211.91.104200 OK 744 B URL HTTP/2 away.bettershitecolumn.com/speak.php?nid=54889&yid=9554-66-457679-29
IP 91.211.91.104:0
ASN #206638 PE Brezhnev Daniil
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 7206ea62941f0767992b75a150a6381a
885b9ba70395a9dbb810c9ca1c035d2f4bac997b
95b83551e4e41068fe638a9a66f745a36fd4ba28749fda0957fab15b22ba1a7b
Analyzer Verdict Alert quad9 Sinkholed
GET /speak.php?nid=54889&yid=9554-66-457679-29 HTTP/1.1
Host: away.bettershitecolumn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://90degreenorth.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 23:18:21 GMT
content-type: text/html; charset=UTF-8
content-length: 744
vary: Accept-Encoding
x-powered-by: PHP/7.3.33
strict-transport-security: max-age=15768000;
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 8e6a4da1f86d2d97ff39dbe51bfc05bb
6fcc1da2ac82aa5d334704b334e63a8f04cf78f8
0abd81b8154b0c7e3365b879ff9c11a3f81360b22a5ba7fe9951a5181bd30f5f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 497
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 23:18:21 GMT
Last-Modified: Wed, 28 Sep 2022 23:10:04 GMT
Server: ECS (amb/6B7A)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 8e6a4da1f86d2d97ff39dbe51bfc05bb
6fcc1da2ac82aa5d334704b334e63a8f04cf78f8
0abd81b8154b0c7e3365b879ff9c11a3f81360b22a5ba7fe9951a5181bd30f5f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 497
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 23:18:21 GMT
Last-Modified: Wed, 28 Sep 2022 23:10:04 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 280
lukoil-promotion.online//?u=bt1k60t&o=xqt63qn&t=cid:7065&cid=7065-9817-2022092902182180f286
92.119.160.54200 OK 40 kB URL HTTP/1.1 lukoil-promotion.online//?u=bt1k60t&o=xqt63qn&t=cid:7065&cid=7065-9817-2022092902182180f286
IP 92.119.160.54:0
ASN #49505 OOO Network of data-centers Selectel
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (62477), with CRLF line terminators
Hash c1b5af37c4a483c2ed4473d1a4232cd1
b5fb0a5b5c7687d929ad76813ebe8641296a0b6f
1e2abaf6be972edeeb31c88117871fc05d9a32c818bb05ea5a786199d91cb47f
GET //?u=bt1k60t&o=xqt63qn&t=cid:7065&cid=7065-9817-2022092902182180f286 HTTP/1.1
Host: lukoil-promotion.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 28 Sep 2022 23:18:21 GMT
Content-Type: text/html
Content-Length: 40411
Connection: keep-alive
content-encoding: gzip
vary: Accept-Encoding
set-cookie: sid=t1~2ahjyhws0bmj1elp53kfpi5w; path=/
sid=t1~2ahjyhws0bmj1elp53kfpi5w; path=/
p1=https://listmanydate.live/wwjasdjd/; path=/
s1=8fvl8w4b7xh70e21; path=/
cache-control: private, no-transform
lukoil-promotion.online/media/mainstream/frame.html
92.119.160.54200 OK 39 B URL HTTP/1.1 lukoil-promotion.online/media/mainstream/frame.html
IP 92.119.160.54:0
ASN #49505 OOO Network of data-centers Selectel
File type HTML document text\012- HTML document, ASCII text, with no line terminators
Hash 086707e4369f60afedcafb16050a7618
8216b0cc6876cbd44f01c158e7dff3833ceccd41
a7fe83ec64bb23eb28090598db3d166ed98e52e39d1afbbfd74c579553f93e4e
Analyzer Verdict Alert fortinet Phishing
GET /media/mainstream/frame.html HTTP/1.1
Host: lukoil-promotion.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://lukoil-promotion.online//?u=bt1k60t&o=xqt63qn&t=cid:7065&cid=7065-9817-2022092902182180f286
Cookie: sid=t1~2ahjyhws0bmj1elp53kfpi5w; p1=https://listmanydate.live/wwjasdjd/; s1=8fvl8w4b7xh70e21
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 28 Sep 2022 23:18:22 GMT
Content-Type: text/html
Content-Length: 39
Connection: keep-alive
Last-Modified: Thu, 20 May 2021 06:08:14 GMT
Vary: Accept-Encoding
ETag: "60a5fcce-27"
Cache-Control: no-transform
Accept-Ranges: bytes
lukoil-promotion.online/favicon.ico
92.119.160.54200 OK 0 B URL HTTP/1.1 lukoil-promotion.online/favicon.ico
IP 92.119.160.54:0
ASN #49505 OOO Network of data-centers Selectel
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: lukoil-promotion.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://lukoil-promotion.online//?u=bt1k60t&o=xqt63qn&t=cid:7065&cid=7065-9817-2022092902182180f286
Cookie: sid=t1~2ahjyhws0bmj1elp53kfpi5w; p1=https://listmanydate.live/wwjasdjd/; s1=8fvl8w4b7xh70e21
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 28 Sep 2022 23:18:22 GMT
Content-Type: image/x-icon
Content-Length: 0
Connection: keep-alive
last-modified: Mon, 09 Aug 2021 05:32:32 GMT
accept-ranges: bytes
etag: "636c1f3df8cd71:0"
Cache-Control: no-transform
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash cd6ea647bbde16d1ad06edd31318c682
eac00211b511281212e8828cbb854560d18416db
6717006f004a483f1f4ba08a00d624dd50887a7f8df8550cfb3e586fd4b420c2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6717006F004A483F1F4BA08A00D624DD50887A7F8DF8550CFB3E586FD4B420C2"
Last-Modified: Wed, 28 Sep 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4586
Expires: Thu, 29 Sep 2022 00:34:48 GMT
Date: Wed, 28 Sep 2022 23:18:22 GMT
Connection: keep-alive
2823.listmanydate.live/wwjasdjd/?u=bt1k60t&o=xqt63qn&t=cid%3A7065&cid=7065-9817-2022092902182180f286&f=1&sid=t1~2ahjyhws0bmj1elp53kfpi5w&fp=1kCObbBo%2BIM661b3evrW6EDErwrpf6n%2Bp1mhD7fsYvKwBXx2EJP3d69P%2BOp54iRBxIvab%2B2FxULT5iTePA2cdEOVWQBeZHMRbCTDGHfBMTKKmv2alR%2B117mF6e9kzjceydqsdTu7f2Lg1UqMwuFmFgmYydBU28hkADN%2Fnt6oYgwBhZJMWq%2BKMPCzu78HRbY%2BCNkDwB%2BrNQCWubU%2BMH6BnX4qomwUXptk0KkZ8p6ObdE6bltjv9YfdBZytBvx9DaCgcpr4fqhoTCjzYRAUz6a7ipYuJdzSYPdhRhtQffLyGuq37fxn8ElpZDTsM%2B%2FGKJkXhPOE%2B%2BVQHEyfwH9GvCPozdVJcCdxxPuJfvksCxeeVcK6PPViNFgj7%2B2tmQ6bsER6KU6HcP8izAgZUi5n1A%2FudzD79r%2FgygGZi6eklZv714%2F2hanXK%2BwfzkoV%2BS4xxfQQpBWOwzel5JZezIVOTH0xrIkuaFfMjggqembsh5XQxPxqHQlreBowDa9Ur4XWNAdOMCN7cWfe3CcI9MOZrNGMBr%2FgmlR1%2FxlGh1pHGZbdFHnukao1ANRzf7OJIdXa4%2FXCah8l5B8nEhKVfCfy9rsvLrXRYgxHizVjLd2MO6CXLRXSE9wpIfTo%2BoorclDv6ryVmr3wcCx44w9EFrGlwK8IPYypEU0LidzEKzci7GPWdvRyMTNoG2ofShUDJLiwUd5wT8HUcEWA3va40mfBcgVF3eycGrfxfza4zwYryXh6BFDIECUwpgPP%2Fsf4L7O37FSs8acNpqkFcLLQsFy3EzBXvsV%2BQ1dzDCxlfUCcz6Q8ZtXUZUeNQh16WTELfrCClAh77rjImsdis1Mj4OF0%2BmjP0yEyD0JlKyC6mMXrqMtpv3ynRaYDUTa%2F4k77Tj5tl2lA%2B4rDWYfaEzkyqA6CPqRQ3ujFHifkwaOhu3%2FMjf5E09TFnfrwbn%2Blx4YqqM67mW5wfS5RFn2aqBZUwAWTVVtg9lOp%2FSRqUo90AUFjbJYQHhiqYCTV3ld5pBAizgcsJuyJmkt6DPZieZ4FOvyVsI9Kk78SJol%2BwI0L5tM5qGVyGQx496skVvf50BY9shS5ytwdDX%2BznfD0Ep9KCM4MpuaP5HvEvtoc5WTJRWjuBi73SkYJ9ucwy40lCHQK%2FM9PXLtNznds5MlCxDSNof4QbFeId166ZoR%2Bhj727MzQ6%2Bhl00SOY1OGZI7mJpfQ5ulgDfeEEUpKhCG1TYJ3SIw1h0TgQ7fn%2FLhJs82aDdVjs0nd30Ypy14KKQlRnn3NNVjTLsMilNH%2F5pHGvcUzCDMuZOButd%2FWLW2JV3cspBco16GYvcVrtn8w%2BHZTCUBg3ulqwVSTiALOi%2BsUzaAvcX0RjQBZhWyl13p3T3%2FzAteQCsbz6Ajf6aILAO5F1wHFV5YFWCdp%2F3iGjhQJ2e7cb1JoTIO8ZxWQ8rb%2BRe5txoC19L5rwZBXgbfTgy7DHZlXfi3WfmcJc8FilGF%2FGNOqU%2F%2FZlM0f6uei3BVxUC5TLA2LgIJBdq%2F3aWXvwP3lWsfE6l%2BDZBAUHNISLbVLbmKBSzJCeZO7G647mNEv%2BW9UJetpxXHRSn2Syn2boJorTRGjuTso%2FNEK4GmC2bc68XRG9J5F%2FLtiVdUYvxZ%2BED1eqzuyKl3o70R8tgQ%2Fnfn8y3QguwBNzsuibiK3xvCWsT88ePmPGm0EKE5Yc60dS2k41ozS3APY7QVji6gDPNOPhx8X5zCarjh%2FbrueKaPvqfY1%2Fc3CzRi8fgcUYz2g9p1%2Fcf31uWi8RF5k1kkY4LzEm8QlH3prrinFm8HkoyGjnw1lyA6SeyqlxHblKoJ%2FGouJhN0tH7xH6itG%2FxbBvaC6OVfZxv4ie5TKFencp1SBzO4PQX5OqPUBEECu765%2F0cM0JbphIGY%2BkkFPwLtq5qih67hKrNO1LTXI3%2FzgdutxH3IdkOswITllQ%3D%3D
141.95.108.187200 OK 4.1 kB URL HTTP/1.1 2823.listmanydate.live/wwjasdjd/?u=bt1k60t&o=xqt63qn&t=cid%3A7065&cid=7065-9817-2022092902182180f286&f=1&sid=t1~2ahjyhws0bmj1elp53kfpi5w&fp=1kCObbBo%2BIM661b3evrW6EDErwrpf6n%2Bp1mhD7fsYvKwBXx2EJP3d69P%2BOp54iRBxIvab%2B2FxULT5iTePA2cdEOVWQBeZHMRbCTDGHfBMTKKmv2alR%2B117mF6e9kzjceydqsdTu7f2Lg1UqMwuFmFgmYydBU28hkADN%2Fnt6oYgwBhZJMWq%2BKMPCzu78HRbY%2BCNkDwB%2BrNQCWubU%2BMH6BnX4qomwUXptk0KkZ8p6ObdE6bltjv9YfdBZytBvx9DaCgcpr4fqhoTCjzYRAUz6a7ipYuJdzSYPdhRhtQffLyGuq37fxn8ElpZDTsM%2B%2FGKJkXhPOE%2B%2BVQHEyfwH9GvCPozdVJcCdxxPuJfvksCxeeVcK6PPViNFgj7%2B2tmQ6bsER6KU6HcP8izAgZUi5n1A%2FudzD79r%2FgygGZi6eklZv714%2F2hanXK%2BwfzkoV%2BS4xxfQQpBWOwzel5JZezIVOTH0xrIkuaFfMjggqembsh5XQxPxqHQlreBowDa9Ur4XWNAdOMCN7cWfe3CcI9MOZrNGMBr%2FgmlR1%2FxlGh1pHGZbdFHnukao1ANRzf7OJIdXa4%2FXCah8l5B8nEhKVfCfy9rsvLrXRYgxHizVjLd2MO6CXLRXSE9wpIfTo%2BoorclDv6ryVmr3wcCx44w9EFrGlwK8IPYypEU0LidzEKzci7GPWdvRyMTNoG2ofShUDJLiwUd5wT8HUcEWA3va40mfBcgVF3eycGrfxfza4zwYryXh6BFDIECUwpgPP%2Fsf4L7O37FSs8acNpqkFcLLQsFy3EzBXvsV%2BQ1dzDCxlfUCcz6Q8ZtXUZUeNQh16WTELfrCClAh77rjImsdis1Mj4OF0%2BmjP0yEyD0JlKyC6mMXrqMtpv3ynRaYDUTa%2F4k77Tj5tl2lA%2B4rDWYfaEzkyqA6CPqRQ3ujFHifkwaOhu3%2FMjf5E09TFnfrwbn%2Blx4YqqM67mW5wfS5RFn2aqBZUwAWTVVtg9lOp%2FSRqUo90AUFjbJYQHhiqYCTV3ld5pBAizgcsJuyJmkt6DPZieZ4FOvyVsI9Kk78SJol%2BwI0L5tM5qGVyGQx496skVvf50BY9shS5ytwdDX%2BznfD0Ep9KCM4MpuaP5HvEvtoc5WTJRWjuBi73SkYJ9ucwy40lCHQK%2FM9PXLtNznds5MlCxDSNof4QbFeId166ZoR%2Bhj727MzQ6%2Bhl00SOY1OGZI7mJpfQ5ulgDfeEEUpKhCG1TYJ3SIw1h0TgQ7fn%2FLhJs82aDdVjs0nd30Ypy14KKQlRnn3NNVjTLsMilNH%2F5pHGvcUzCDMuZOButd%2FWLW2JV3cspBco16GYvcVrtn8w%2BHZTCUBg3ulqwVSTiALOi%2BsUzaAvcX0RjQBZhWyl13p3T3%2FzAteQCsbz6Ajf6aILAO5F1wHFV5YFWCdp%2F3iGjhQJ2e7cb1JoTIO8ZxWQ8rb%2BRe5txoC19L5rwZBXgbfTgy7DHZlXfi3WfmcJc8FilGF%2FGNOqU%2F%2FZlM0f6uei3BVxUC5TLA2LgIJBdq%2F3aWXvwP3lWsfE6l%2BDZBAUHNISLbVLbmKBSzJCeZO7G647mNEv%2BW9UJetpxXHRSn2Syn2boJorTRGjuTso%2FNEK4GmC2bc68XRG9J5F%2FLtiVdUYvxZ%2BED1eqzuyKl3o70R8tgQ%2Fnfn8y3QguwBNzsuibiK3xvCWsT88ePmPGm0EKE5Yc60dS2k41ozS3APY7QVji6gDPNOPhx8X5zCarjh%2FbrueKaPvqfY1%2Fc3CzRi8fgcUYz2g9p1%2Fcf31uWi8RF5k1kkY4LzEm8QlH3prrinFm8HkoyGjnw1lyA6SeyqlxHblKoJ%2FGouJhN0tH7xH6itG%2FxbBvaC6OVfZxv4ie5TKFencp1SBzO4PQX5OqPUBEECu765%2F0cM0JbphIGY%2BkkFPwLtq5qih67hKrNO1LTXI3%2FzgdutxH3IdkOswITllQ%3D%3D
IP 141.95.108.187:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with very long lines (560)
Hash d3a5bcdd5739bb162baaa49b67b3754f
e8715a7afc6ddfe48661402f2823782040d97f9a
eec1b32681e182d3dba6465d70a1ee81dcd350bc0e2169bcea769c0d6fb13b7c
GET /wwjasdjd/?u=bt1k60t&o=xqt63qn&t=cid%3A7065&cid=7065-9817-2022092902182180f286&f=1&sid=t1~2ahjyhws0bmj1elp53kfpi5w&fp=1kCObbBo%2BIM661b3evrW6EDErwrpf6n%2Bp1mhD7fsYvKwBXx2EJP3d69P%2BOp54iRBxIvab%2B2FxULT5iTePA2cdEOVWQBeZHMRbCTDGHfBMTKKmv2alR%2B117mF6e9kzjceydqsdTu7f2Lg1UqMwuFmFgmYydBU28hkADN%2Fnt6oYgwBhZJMWq%2BKMPCzu78HRbY%2BCNkDwB%2BrNQCWubU%2BMH6BnX4qomwUXptk0KkZ8p6ObdE6bltjv9YfdBZytBvx9DaCgcpr4fqhoTCjzYRAUz6a7ipYuJdzSYPdhRhtQffLyGuq37fxn8ElpZDTsM%2B%2FGKJkXhPOE%2B%2BVQHEyfwH9GvCPozdVJcCdxxPuJfvksCxeeVcK6PPViNFgj7%2B2tmQ6bsER6KU6HcP8izAgZUi5n1A%2FudzD79r%2FgygGZi6eklZv714%2F2hanXK%2BwfzkoV%2BS4xxfQQpBWOwzel5JZezIVOTH0xrIkuaFfMjggqembsh5XQxPxqHQlreBowDa9Ur4XWNAdOMCN7cWfe3CcI9MOZrNGMBr%2FgmlR1%2FxlGh1pHGZbdFHnukao1ANRzf7OJIdXa4%2FXCah8l5B8nEhKVfCfy9rsvLrXRYgxHizVjLd2MO6CXLRXSE9wpIfTo%2BoorclDv6ryVmr3wcCx44w9EFrGlwK8IPYypEU0LidzEKzci7GPWdvRyMTNoG2ofShUDJLiwUd5wT8HUcEWA3va40mfBcgVF3eycGrfxfza4zwYryXh6BFDIECUwpgPP%2Fsf4L7O37FSs8acNpqkFcLLQsFy3EzBXvsV%2BQ1dzDCxlfUCcz6Q8ZtXUZUeNQh16WTELfrCClAh77rjImsdis1Mj4OF0%2BmjP0yEyD0JlKyC6mMXrqMtpv3ynRaYDUTa%2F4k77Tj5tl2lA%2B4rDWYfaEzkyqA6CPqRQ3ujFHifkwaOhu3%2FMjf5E09TFnfrwbn%2Blx4YqqM67mW5wfS5RFn2aqBZUwAWTVVtg9lOp%2FSRqUo90AUFjbJYQHhiqYCTV3ld5pBAizgcsJuyJmkt6DPZieZ4FOvyVsI9Kk78SJol%2BwI0L5tM5qGVyGQx496skVvf50BY9shS5ytwdDX%2BznfD0Ep9KCM4MpuaP5HvEvtoc5WTJRWjuBi73SkYJ9ucwy40lCHQK%2FM9PXLtNznds5MlCxDSNof4QbFeId166ZoR%2Bhj727MzQ6%2Bhl00SOY1OGZI7mJpfQ5ulgDfeEEUpKhCG1TYJ3SIw1h0TgQ7fn%2FLhJs82aDdVjs0nd30Ypy14KKQlRnn3NNVjTLsMilNH%2F5pHGvcUzCDMuZOButd%2FWLW2JV3cspBco16GYvcVrtn8w%2BHZTCUBg3ulqwVSTiALOi%2BsUzaAvcX0RjQBZhWyl13p3T3%2FzAteQCsbz6Ajf6aILAO5F1wHFV5YFWCdp%2F3iGjhQJ2e7cb1JoTIO8ZxWQ8rb%2BRe5txoC19L5rwZBXgbfTgy7DHZlXfi3WfmcJc8FilGF%2FGNOqU%2F%2FZlM0f6uei3BVxUC5TLA2LgIJBdq%2F3aWXvwP3lWsfE6l%2BDZBAUHNISLbVLbmKBSzJCeZO7G647mNEv%2BW9UJetpxXHRSn2Syn2boJorTRGjuTso%2FNEK4GmC2bc68XRG9J5F%2FLtiVdUYvxZ%2BED1eqzuyKl3o70R8tgQ%2Fnfn8y3QguwBNzsuibiK3xvCWsT88ePmPGm0EKE5Yc60dS2k41ozS3APY7QVji6gDPNOPhx8X5zCarjh%2FbrueKaPvqfY1%2Fc3CzRi8fgcUYz2g9p1%2Fcf31uWi8RF5k1kkY4LzEm8QlH3prrinFm8HkoyGjnw1lyA6SeyqlxHblKoJ%2FGouJhN0tH7xH6itG%2FxbBvaC6OVfZxv4ie5TKFencp1SBzO4PQX5OqPUBEECu765%2F0cM0JbphIGY%2BkkFPwLtq5qih67hKrNO1LTXI3%2FzgdutxH3IdkOswITllQ%3D%3D HTTP/1.1
Host: 2823.listmanydate.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://lukoil-promotion.online/
Cookie: cookie1=true
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 28 Sep 2022 23:18:23 GMT
Content-Type: text/html
Content-Length: 4131
Connection: keep-alive
content-encoding: gzip
vary: Accept-Encoding
cache-control: private, no-transform
2823.listmanydate.live/media/mainstream/all/pb/style1.css
141.95.108.187200 OK 0 B URL HTTP/1.1 2823.listmanydate.live/media/mainstream/all/pb/style1.css
IP 141.95.108.187:0
GET /media/mainstream/all/pb/style1.css HTTP/1.1
Host: 2823.listmanydate.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2823.listmanydate.live/wwjasdjd/?u=bt1k60t&o=xqt63qn&t=cid%3A7065&cid=7065-9817-2022092902182180f286&f=1&sid=t1~2ahjyhws0bmj1elp53kfpi5w&fp=1kCObbBo%2BIM661b3evrW6EDErwrpf6n%2Bp1mhD7fsYvKwBXx2EJP3d69P%2BOp54iRBxIvab%2B2FxULT5iTePA2cdEOVWQBeZHMRbCTDGHfBMTKKmv2alR%2B117mF6e9kzjceydqsdTu7f2Lg1UqMwuFmFgmYydBU28hkADN%2Fnt6oYgwBhZJMWq%2BKMPCzu78HRbY%2BCNkDwB%2BrNQCWubU%2BMH6BnX4qomwUXptk0KkZ8p6ObdE6bltjv9YfdBZytBvx9DaCgcpr4fqhoTCjzYRAUz6a7ipYuJdzSYPdhRhtQffLyGuq37fxn8ElpZDTsM%2B%2FGKJkXhPOE%2B%2BVQHEyfwH9GvCPozdVJcCdxxPuJfvksCxeeVcK6PPViNFgj7%2B2tmQ6bsER6KU6HcP8izAgZUi5n1A%2FudzD79r%2FgygGZi6eklZv714%2F2hanXK%2BwfzkoV%2BS4xxfQQpBWOwzel5JZezIVOTH0xrIkuaFfMjggqembsh5XQxPxqHQlreBowDa9Ur4XWNAdOMCN7cWfe3CcI9MOZrNGMBr%2FgmlR1%2FxlGh1pHGZbdFHnukao1ANRzf7OJIdXa4%2FXCah8l5B8nEhKVfCfy9rsvLrXRYgxHizVjLd2MO6CXLRXSE9wpIfTo%2BoorclDv6ryVmr3wcCx44w9EFrGlwK8IPYypEU0LidzEKzci7GPWdvRyMTNoG2ofShUDJLiwUd5wT8HUcEWA3va40mfBcgVF3eycGrfxfza4zwYryXh6BFDIECUwpgPP%2Fsf4L7O37FSs8acNpqkFcLLQsFy3EzBXvsV%2BQ1dzDCxlfUCcz6Q8ZtXUZUeNQh16WTELfrCClAh77rjImsdis1Mj4OF0%2BmjP0yEyD0JlKyC6mMXrqMtpv3ynRaYDUTa%2F4k77Tj5tl2lA%2B4rDWYfaEzkyqA6CPqRQ3ujFHifkwaOhu3%2FMjf5E09TFnfrwbn%2Blx4YqqM67mW5wfS5RFn2aqBZUwAWTVVtg9lOp%2FSRqUo90AUFjbJYQHhiqYCTV3ld5pBAizgcsJuyJmkt6DPZieZ4FOvyVsI9Kk78SJol%2BwI0L5tM5qGVyGQx496skVvf50BY9shS5ytwdDX%2BznfD0Ep9KCM4MpuaP5HvEvtoc5WTJRWjuBi73SkYJ9ucwy40lCHQK%2FM9PXLtNznds5MlCxDSNof4QbFeId166ZoR%2Bhj727MzQ6%2Bhl00SOY1OGZI7mJpfQ5ulgDfeEEUpKhCG1TYJ3SIw1h0TgQ7fn%2FLhJs82aDdVjs0nd30Ypy14KKQlRnn3NNVjTLsMilNH%2F5pHGvcUzCDMuZOButd%2FWLW2JV3cspBco16GYvcVrtn8w%2BHZTCUBg3ulqwVSTiALOi%2BsUzaAvcX0RjQBZhWyl13p3T3%2FzAteQCsbz6Ajf6aILAO5F1wHFV5YFWCdp%2F3iGjhQJ2e7cb1JoTIO8ZxWQ8rb%2BRe5txoC19L5rwZBXgbfTgy7DHZlXfi3WfmcJc8FilGF%2FGNOqU%2F%2FZlM0f6uei3BVxUC5TLA2LgIJBdq%2F3aWXvwP3lWsfE6l%2BDZBAUHNISLbVLbmKBSzJCeZO7G647mNEv%2BW9UJetpxXHRSn2Syn2boJorTRGjuTso%2FNEK4GmC2bc68XRG9J5F%2FLtiVdUYvxZ%2BED1eqzuyKl3o70R8tgQ%2Fnfn8y3QguwBNzsuibiK3xvCWsT88ePmPGm0EKE5Yc60dS2k41ozS3APY7QVji6gDPNOPhx8X5zCarjh%2FbrueKaPvqfY1%2Fc3CzRi8fgcUYz2g9p1%2Fcf31uWi8RF5k1kkY4LzEm8QlH3prrinFm8HkoyGjnw1lyA6SeyqlxHblKoJ%2FGouJhN0tH7xH6itG%2FxbBvaC6OVfZxv4ie5TKFencp1SBzO4PQX5OqPUBEECu765%2F0cM0JbphIGY%2BkkFPwLtq5qih67hKrNO1LTXI3%2FzgdutxH3IdkOswITllQ%3D%3D
Cookie: cookie1=true
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 28 Sep 2022 23:18:23 GMT
Content-Type: text/css
Connection: close
Last-Modified: Sun, 13 Jun 2021 14:50:40 GMT
Vary: Accept-Encoding
ETag: W/"60c61b40-e37"
Content-Encoding: br
Cache-Control: no-transform
2823.listmanydate.live/media/mainstream/all/pb/box_c.png
141.95.108.187200 OK 0 B URL HTTP/1.1 2823.listmanydate.live/media/mainstream/all/pb/box_c.png
IP 141.95.108.187:0
GET /media/mainstream/all/pb/box_c.png HTTP/1.1
Host: 2823.listmanydate.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2823.listmanydate.live/wwjasdjd/?u=bt1k60t&o=xqt63qn&t=cid%3A7065&cid=7065-9817-2022092902182180f286&f=1&sid=t1~2ahjyhws0bmj1elp53kfpi5w&fp=1kCObbBo%2BIM661b3evrW6EDErwrpf6n%2Bp1mhD7fsYvKwBXx2EJP3d69P%2BOp54iRBxIvab%2B2FxULT5iTePA2cdEOVWQBeZHMRbCTDGHfBMTKKmv2alR%2B117mF6e9kzjceydqsdTu7f2Lg1UqMwuFmFgmYydBU28hkADN%2Fnt6oYgwBhZJMWq%2BKMPCzu78HRbY%2BCNkDwB%2BrNQCWubU%2BMH6BnX4qomwUXptk0KkZ8p6ObdE6bltjv9YfdBZytBvx9DaCgcpr4fqhoTCjzYRAUz6a7ipYuJdzSYPdhRhtQffLyGuq37fxn8ElpZDTsM%2B%2FGKJkXhPOE%2B%2BVQHEyfwH9GvCPozdVJcCdxxPuJfvksCxeeVcK6PPViNFgj7%2B2tmQ6bsER6KU6HcP8izAgZUi5n1A%2FudzD79r%2FgygGZi6eklZv714%2F2hanXK%2BwfzkoV%2BS4xxfQQpBWOwzel5JZezIVOTH0xrIkuaFfMjggqembsh5XQxPxqHQlreBowDa9Ur4XWNAdOMCN7cWfe3CcI9MOZrNGMBr%2FgmlR1%2FxlGh1pHGZbdFHnukao1ANRzf7OJIdXa4%2FXCah8l5B8nEhKVfCfy9rsvLrXRYgxHizVjLd2MO6CXLRXSE9wpIfTo%2BoorclDv6ryVmr3wcCx44w9EFrGlwK8IPYypEU0LidzEKzci7GPWdvRyMTNoG2ofShUDJLiwUd5wT8HUcEWA3va40mfBcgVF3eycGrfxfza4zwYryXh6BFDIECUwpgPP%2Fsf4L7O37FSs8acNpqkFcLLQsFy3EzBXvsV%2BQ1dzDCxlfUCcz6Q8ZtXUZUeNQh16WTELfrCClAh77rjImsdis1Mj4OF0%2BmjP0yEyD0JlKyC6mMXrqMtpv3ynRaYDUTa%2F4k77Tj5tl2lA%2B4rDWYfaEzkyqA6CPqRQ3ujFHifkwaOhu3%2FMjf5E09TFnfrwbn%2Blx4YqqM67mW5wfS5RFn2aqBZUwAWTVVtg9lOp%2FSRqUo90AUFjbJYQHhiqYCTV3ld5pBAizgcsJuyJmkt6DPZieZ4FOvyVsI9Kk78SJol%2BwI0L5tM5qGVyGQx496skVvf50BY9shS5ytwdDX%2BznfD0Ep9KCM4MpuaP5HvEvtoc5WTJRWjuBi73SkYJ9ucwy40lCHQK%2FM9PXLtNznds5MlCxDSNof4QbFeId166ZoR%2Bhj727MzQ6%2Bhl00SOY1OGZI7mJpfQ5ulgDfeEEUpKhCG1TYJ3SIw1h0TgQ7fn%2FLhJs82aDdVjs0nd30Ypy14KKQlRnn3NNVjTLsMilNH%2F5pHGvcUzCDMuZOButd%2FWLW2JV3cspBco16GYvcVrtn8w%2BHZTCUBg3ulqwVSTiALOi%2BsUzaAvcX0RjQBZhWyl13p3T3%2FzAteQCsbz6Ajf6aILAO5F1wHFV5YFWCdp%2F3iGjhQJ2e7cb1JoTIO8ZxWQ8rb%2BRe5txoC19L5rwZBXgbfTgy7DHZlXfi3WfmcJc8FilGF%2FGNOqU%2F%2FZlM0f6uei3BVxUC5TLA2LgIJBdq%2F3aWXvwP3lWsfE6l%2BDZBAUHNISLbVLbmKBSzJCeZO7G647mNEv%2BW9UJetpxXHRSn2Syn2boJorTRGjuTso%2FNEK4GmC2bc68XRG9J5F%2FLtiVdUYvxZ%2BED1eqzuyKl3o70R8tgQ%2Fnfn8y3QguwBNzsuibiK3xvCWsT88ePmPGm0EKE5Yc60dS2k41ozS3APY7QVji6gDPNOPhx8X5zCarjh%2FbrueKaPvqfY1%2Fc3CzRi8fgcUYz2g9p1%2Fcf31uWi8RF5k1kkY4LzEm8QlH3prrinFm8HkoyGjnw1lyA6SeyqlxHblKoJ%2FGouJhN0tH7xH6itG%2FxbBvaC6OVfZxv4ie5TKFencp1SBzO4PQX5OqPUBEECu765%2F0cM0JbphIGY%2BkkFPwLtq5qih67hKrNO1LTXI3%2FzgdutxH3IdkOswITllQ%3D%3D
Cookie: cookie1=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 28 Sep 2022 23:18:23 GMT
Content-Type: image/png
Connection: close
Last-Modified: Sun, 13 Jun 2021 14:49:47 GMT
Vary: Accept-Encoding
ETag: W/"60c61b0b-ef0"
Content-Encoding: br
Cache-Control: no-transform
2823.listmanydate.live/media/mainstream/all/pb/i12pro-unbox.jpg
141.95.108.187200 OK 0 B URL HTTP/1.1 2823.listmanydate.live/media/mainstream/all/pb/i12pro-unbox.jpg
IP 141.95.108.187:0
GET /media/mainstream/all/pb/i12pro-unbox.jpg HTTP/1.1
Host: 2823.listmanydate.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2823.listmanydate.live/wwjasdjd/?u=bt1k60t&o=xqt63qn&t=cid%3A7065&cid=7065-9817-2022092902182180f286&f=1&sid=t1~2ahjyhws0bmj1elp53kfpi5w&fp=1kCObbBo%2BIM661b3evrW6EDErwrpf6n%2Bp1mhD7fsYvKwBXx2EJP3d69P%2BOp54iRBxIvab%2B2FxULT5iTePA2cdEOVWQBeZHMRbCTDGHfBMTKKmv2alR%2B117mF6e9kzjceydqsdTu7f2Lg1UqMwuFmFgmYydBU28hkADN%2Fnt6oYgwBhZJMWq%2BKMPCzu78HRbY%2BCNkDwB%2BrNQCWubU%2BMH6BnX4qomwUXptk0KkZ8p6ObdE6bltjv9YfdBZytBvx9DaCgcpr4fqhoTCjzYRAUz6a7ipYuJdzSYPdhRhtQffLyGuq37fxn8ElpZDTsM%2B%2FGKJkXhPOE%2B%2BVQHEyfwH9GvCPozdVJcCdxxPuJfvksCxeeVcK6PPViNFgj7%2B2tmQ6bsER6KU6HcP8izAgZUi5n1A%2FudzD79r%2FgygGZi6eklZv714%2F2hanXK%2BwfzkoV%2BS4xxfQQpBWOwzel5JZezIVOTH0xrIkuaFfMjggqembsh5XQxPxqHQlreBowDa9Ur4XWNAdOMCN7cWfe3CcI9MOZrNGMBr%2FgmlR1%2FxlGh1pHGZbdFHnukao1ANRzf7OJIdXa4%2FXCah8l5B8nEhKVfCfy9rsvLrXRYgxHizVjLd2MO6CXLRXSE9wpIfTo%2BoorclDv6ryVmr3wcCx44w9EFrGlwK8IPYypEU0LidzEKzci7GPWdvRyMTNoG2ofShUDJLiwUd5wT8HUcEWA3va40mfBcgVF3eycGrfxfza4zwYryXh6BFDIECUwpgPP%2Fsf4L7O37FSs8acNpqkFcLLQsFy3EzBXvsV%2BQ1dzDCxlfUCcz6Q8ZtXUZUeNQh16WTELfrCClAh77rjImsdis1Mj4OF0%2BmjP0yEyD0JlKyC6mMXrqMtpv3ynRaYDUTa%2F4k77Tj5tl2lA%2B4rDWYfaEzkyqA6CPqRQ3ujFHifkwaOhu3%2FMjf5E09TFnfrwbn%2Blx4YqqM67mW5wfS5RFn2aqBZUwAWTVVtg9lOp%2FSRqUo90AUFjbJYQHhiqYCTV3ld5pBAizgcsJuyJmkt6DPZieZ4FOvyVsI9Kk78SJol%2BwI0L5tM5qGVyGQx496skVvf50BY9shS5ytwdDX%2BznfD0Ep9KCM4MpuaP5HvEvtoc5WTJRWjuBi73SkYJ9ucwy40lCHQK%2FM9PXLtNznds5MlCxDSNof4QbFeId166ZoR%2Bhj727MzQ6%2Bhl00SOY1OGZI7mJpfQ5ulgDfeEEUpKhCG1TYJ3SIw1h0TgQ7fn%2FLhJs82aDdVjs0nd30Ypy14KKQlRnn3NNVjTLsMilNH%2F5pHGvcUzCDMuZOButd%2FWLW2JV3cspBco16GYvcVrtn8w%2BHZTCUBg3ulqwVSTiALOi%2BsUzaAvcX0RjQBZhWyl13p3T3%2FzAteQCsbz6Ajf6aILAO5F1wHFV5YFWCdp%2F3iGjhQJ2e7cb1JoTIO8ZxWQ8rb%2BRe5txoC19L5rwZBXgbfTgy7DHZlXfi3WfmcJc8FilGF%2FGNOqU%2F%2FZlM0f6uei3BVxUC5TLA2LgIJBdq%2F3aWXvwP3lWsfE6l%2BDZBAUHNISLbVLbmKBSzJCeZO7G647mNEv%2BW9UJetpxXHRSn2Syn2boJorTRGjuTso%2FNEK4GmC2bc68XRG9J5F%2FLtiVdUYvxZ%2BED1eqzuyKl3o70R8tgQ%2Fnfn8y3QguwBNzsuibiK3xvCWsT88ePmPGm0EKE5Yc60dS2k41ozS3APY7QVji6gDPNOPhx8X5zCarjh%2FbrueKaPvqfY1%2Fc3CzRi8fgcUYz2g9p1%2Fcf31uWi8RF5k1kkY4LzEm8QlH3prrinFm8HkoyGjnw1lyA6SeyqlxHblKoJ%2FGouJhN0tH7xH6itG%2FxbBvaC6OVfZxv4ie5TKFencp1SBzO4PQX5OqPUBEECu765%2F0cM0JbphIGY%2BkkFPwLtq5qih67hKrNO1LTXI3%2FzgdutxH3IdkOswITllQ%3D%3D
Cookie: cookie1=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 28 Sep 2022 23:18:23 GMT
Content-Type: image/jpeg
Connection: close
Last-Modified: Sun, 13 Jun 2021 14:49:49 GMT
Vary: Accept-Encoding
ETag: W/"60c61b0d-9a98"
Content-Encoding: br
Cache-Control: no-transform
jhajlopokalmnane.tk/help/?23071650902120
104.21.15.58302 Found 0 B URL HTTP/2 jhajlopokalmnane.tk/help/?23071650902120
IP 104.21.15.58:0
GET /help/?23071650902120 HTTP/1.1
Host: jhajlopokalmnane.tk
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://away.bettershitecolumn.com/
Cookie: 00831=%7B%22streams%22%3A%7B%229817%22%3A1664401220%7D%2C%22campaigns%22%3A%7B%227065%22%3A1664401220%7D%2C%22time%22%3A1664406605%7D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Wed, 28 Sep 2022 23:18:21 GMT
content-type: text/html; charset=utf-8
location: http://lukoil-promotion.online//?u=bt1k60t&o=xqt63qn&t=cid:7065&cid=7065-9817-2022092902182180f286
x-powered-by: PHP/7.0.33
expires: Thu, 21 Jul 1977 07:30:00 GMT
last-modified: Wed, 28 Sep 2022 23:18:21 GMT
cache-control: max-age=0
pragma: no-cache
set-cookie: 00831=%7B%22streams%22%3A%7B%229817%22%3A1664401220%7D%2C%22campaigns%22%3A%7B%227065%22%3A1664401220%7D%2C%22time%22%3A1664407101%7D; expires=Sat, 29-Oct-2022 23:18:21 GMT; Max-Age=2678400; path=/; domain=.jhajlopokalmnane.tk
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Asionryynil%2BhJnEZ92NxZS%2FKfRkBGQlmnbcDdWsJo1xpEYxD4nxb8Py%2BhWw1fiPbcDCqHaN0qC23rFpn4ajitiGpane1JymJXMar7NRZXPvf4D75GL1gjYq3tcSLKUMNNPI0cEx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7520329ea8ec0b3d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
2823.listmanydate.live/media/mainstream/icon.js
141.95.108.187200 OK 0 B URL HTTP/1.1 2823.listmanydate.live/media/mainstream/icon.js
IP 141.95.108.187:0
GET /media/mainstream/icon.js HTTP/1.1
Host: 2823.listmanydate.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2823.listmanydate.live/wwjasdjd/?u=bt1k60t&o=xqt63qn&t=cid%3A7065&cid=7065-9817-2022092902182180f286&f=1&sid=t1~2ahjyhws0bmj1elp53kfpi5w&fp=1kCObbBo%2BIM661b3evrW6EDErwrpf6n%2Bp1mhD7fsYvKwBXx2EJP3d69P%2BOp54iRBxIvab%2B2FxULT5iTePA2cdEOVWQBeZHMRbCTDGHfBMTKKmv2alR%2B117mF6e9kzjceydqsdTu7f2Lg1UqMwuFmFgmYydBU28hkADN%2Fnt6oYgwBhZJMWq%2BKMPCzu78HRbY%2BCNkDwB%2BrNQCWubU%2BMH6BnX4qomwUXptk0KkZ8p6ObdE6bltjv9YfdBZytBvx9DaCgcpr4fqhoTCjzYRAUz6a7ipYuJdzSYPdhRhtQffLyGuq37fxn8ElpZDTsM%2B%2FGKJkXhPOE%2B%2BVQHEyfwH9GvCPozdVJcCdxxPuJfvksCxeeVcK6PPViNFgj7%2B2tmQ6bsER6KU6HcP8izAgZUi5n1A%2FudzD79r%2FgygGZi6eklZv714%2F2hanXK%2BwfzkoV%2BS4xxfQQpBWOwzel5JZezIVOTH0xrIkuaFfMjggqembsh5XQxPxqHQlreBowDa9Ur4XWNAdOMCN7cWfe3CcI9MOZrNGMBr%2FgmlR1%2FxlGh1pHGZbdFHnukao1ANRzf7OJIdXa4%2FXCah8l5B8nEhKVfCfy9rsvLrXRYgxHizVjLd2MO6CXLRXSE9wpIfTo%2BoorclDv6ryVmr3wcCx44w9EFrGlwK8IPYypEU0LidzEKzci7GPWdvRyMTNoG2ofShUDJLiwUd5wT8HUcEWA3va40mfBcgVF3eycGrfxfza4zwYryXh6BFDIECUwpgPP%2Fsf4L7O37FSs8acNpqkFcLLQsFy3EzBXvsV%2BQ1dzDCxlfUCcz6Q8ZtXUZUeNQh16WTELfrCClAh77rjImsdis1Mj4OF0%2BmjP0yEyD0JlKyC6mMXrqMtpv3ynRaYDUTa%2F4k77Tj5tl2lA%2B4rDWYfaEzkyqA6CPqRQ3ujFHifkwaOhu3%2FMjf5E09TFnfrwbn%2Blx4YqqM67mW5wfS5RFn2aqBZUwAWTVVtg9lOp%2FSRqUo90AUFjbJYQHhiqYCTV3ld5pBAizgcsJuyJmkt6DPZieZ4FOvyVsI9Kk78SJol%2BwI0L5tM5qGVyGQx496skVvf50BY9shS5ytwdDX%2BznfD0Ep9KCM4MpuaP5HvEvtoc5WTJRWjuBi73SkYJ9ucwy40lCHQK%2FM9PXLtNznds5MlCxDSNof4QbFeId166ZoR%2Bhj727MzQ6%2Bhl00SOY1OGZI7mJpfQ5ulgDfeEEUpKhCG1TYJ3SIw1h0TgQ7fn%2FLhJs82aDdVjs0nd30Ypy14KKQlRnn3NNVjTLsMilNH%2F5pHGvcUzCDMuZOButd%2FWLW2JV3cspBco16GYvcVrtn8w%2BHZTCUBg3ulqwVSTiALOi%2BsUzaAvcX0RjQBZhWyl13p3T3%2FzAteQCsbz6Ajf6aILAO5F1wHFV5YFWCdp%2F3iGjhQJ2e7cb1JoTIO8ZxWQ8rb%2BRe5txoC19L5rwZBXgbfTgy7DHZlXfi3WfmcJc8FilGF%2FGNOqU%2F%2FZlM0f6uei3BVxUC5TLA2LgIJBdq%2F3aWXvwP3lWsfE6l%2BDZBAUHNISLbVLbmKBSzJCeZO7G647mNEv%2BW9UJetpxXHRSn2Syn2boJorTRGjuTso%2FNEK4GmC2bc68XRG9J5F%2FLtiVdUYvxZ%2BED1eqzuyKl3o70R8tgQ%2Fnfn8y3QguwBNzsuibiK3xvCWsT88ePmPGm0EKE5Yc60dS2k41ozS3APY7QVji6gDPNOPhx8X5zCarjh%2FbrueKaPvqfY1%2Fc3CzRi8fgcUYz2g9p1%2Fcf31uWi8RF5k1kkY4LzEm8QlH3prrinFm8HkoyGjnw1lyA6SeyqlxHblKoJ%2FGouJhN0tH7xH6itG%2FxbBvaC6OVfZxv4ie5TKFencp1SBzO4PQX5OqPUBEECu765%2F0cM0JbphIGY%2BkkFPwLtq5qih67hKrNO1LTXI3%2FzgdutxH3IdkOswITllQ%3D%3D
Cookie: cookie1=true
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 28 Sep 2022 23:18:23 GMT
Content-Type: application/javascript
Connection: close
Last-Modified: Fri, 02 Jul 2021 23:04:10 GMT
Vary: Accept-Encoding
ETag: W/"60df9b6a-19aa"
Content-Encoding: br
Cache-Control: no-transform
2823.listmanydate.live/media/mainstream/u.js
141.95.108.187200 OK 0 B URL HTTP/1.1 2823.listmanydate.live/media/mainstream/u.js
IP 141.95.108.187:0
GET /media/mainstream/u.js HTTP/1.1
Host: 2823.listmanydate.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2823.listmanydate.live/wwjasdjd/?u=bt1k60t&o=xqt63qn&t=cid%3A7065&cid=7065-9817-2022092902182180f286&f=1&sid=t1~2ahjyhws0bmj1elp53kfpi5w&fp=1kCObbBo%2BIM661b3evrW6EDErwrpf6n%2Bp1mhD7fsYvKwBXx2EJP3d69P%2BOp54iRBxIvab%2B2FxULT5iTePA2cdEOVWQBeZHMRbCTDGHfBMTKKmv2alR%2B117mF6e9kzjceydqsdTu7f2Lg1UqMwuFmFgmYydBU28hkADN%2Fnt6oYgwBhZJMWq%2BKMPCzu78HRbY%2BCNkDwB%2BrNQCWubU%2BMH6BnX4qomwUXptk0KkZ8p6ObdE6bltjv9YfdBZytBvx9DaCgcpr4fqhoTCjzYRAUz6a7ipYuJdzSYPdhRhtQffLyGuq37fxn8ElpZDTsM%2B%2FGKJkXhPOE%2B%2BVQHEyfwH9GvCPozdVJcCdxxPuJfvksCxeeVcK6PPViNFgj7%2B2tmQ6bsER6KU6HcP8izAgZUi5n1A%2FudzD79r%2FgygGZi6eklZv714%2F2hanXK%2BwfzkoV%2BS4xxfQQpBWOwzel5JZezIVOTH0xrIkuaFfMjggqembsh5XQxPxqHQlreBowDa9Ur4XWNAdOMCN7cWfe3CcI9MOZrNGMBr%2FgmlR1%2FxlGh1pHGZbdFHnukao1ANRzf7OJIdXa4%2FXCah8l5B8nEhKVfCfy9rsvLrXRYgxHizVjLd2MO6CXLRXSE9wpIfTo%2BoorclDv6ryVmr3wcCx44w9EFrGlwK8IPYypEU0LidzEKzci7GPWdvRyMTNoG2ofShUDJLiwUd5wT8HUcEWA3va40mfBcgVF3eycGrfxfza4zwYryXh6BFDIECUwpgPP%2Fsf4L7O37FSs8acNpqkFcLLQsFy3EzBXvsV%2BQ1dzDCxlfUCcz6Q8ZtXUZUeNQh16WTELfrCClAh77rjImsdis1Mj4OF0%2BmjP0yEyD0JlKyC6mMXrqMtpv3ynRaYDUTa%2F4k77Tj5tl2lA%2B4rDWYfaEzkyqA6CPqRQ3ujFHifkwaOhu3%2FMjf5E09TFnfrwbn%2Blx4YqqM67mW5wfS5RFn2aqBZUwAWTVVtg9lOp%2FSRqUo90AUFjbJYQHhiqYCTV3ld5pBAizgcsJuyJmkt6DPZieZ4FOvyVsI9Kk78SJol%2BwI0L5tM5qGVyGQx496skVvf50BY9shS5ytwdDX%2BznfD0Ep9KCM4MpuaP5HvEvtoc5WTJRWjuBi73SkYJ9ucwy40lCHQK%2FM9PXLtNznds5MlCxDSNof4QbFeId166ZoR%2Bhj727MzQ6%2Bhl00SOY1OGZI7mJpfQ5ulgDfeEEUpKhCG1TYJ3SIw1h0TgQ7fn%2FLhJs82aDdVjs0nd30Ypy14KKQlRnn3NNVjTLsMilNH%2F5pHGvcUzCDMuZOButd%2FWLW2JV3cspBco16GYvcVrtn8w%2BHZTCUBg3ulqwVSTiALOi%2BsUzaAvcX0RjQBZhWyl13p3T3%2FzAteQCsbz6Ajf6aILAO5F1wHFV5YFWCdp%2F3iGjhQJ2e7cb1JoTIO8ZxWQ8rb%2BRe5txoC19L5rwZBXgbfTgy7DHZlXfi3WfmcJc8FilGF%2FGNOqU%2F%2FZlM0f6uei3BVxUC5TLA2LgIJBdq%2F3aWXvwP3lWsfE6l%2BDZBAUHNISLbVLbmKBSzJCeZO7G647mNEv%2BW9UJetpxXHRSn2Syn2boJorTRGjuTso%2FNEK4GmC2bc68XRG9J5F%2FLtiVdUYvxZ%2BED1eqzuyKl3o70R8tgQ%2Fnfn8y3QguwBNzsuibiK3xvCWsT88ePmPGm0EKE5Yc60dS2k41ozS3APY7QVji6gDPNOPhx8X5zCarjh%2FbrueKaPvqfY1%2Fc3CzRi8fgcUYz2g9p1%2Fcf31uWi8RF5k1kkY4LzEm8QlH3prrinFm8HkoyGjnw1lyA6SeyqlxHblKoJ%2FGouJhN0tH7xH6itG%2FxbBvaC6OVfZxv4ie5TKFencp1SBzO4PQX5OqPUBEECu765%2F0cM0JbphIGY%2BkkFPwLtq5qih67hKrNO1LTXI3%2FzgdutxH3IdkOswITllQ%3D%3D
Cookie: cookie1=true
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 28 Sep 2022 23:18:23 GMT
Content-Type: application/javascript
Connection: close
Last-Modified: Fri, 15 Jul 2022 22:33:08 GMT
Vary: Accept-Encoding
ETag: W/"62d1eb24-6259"
Content-Encoding: br
Cache-Control: no-transform
2823.listmanydate.live/media/mainstream/all/pb/no/1.js
141.95.108.187200 OK 0 B URL HTTP/1.1 2823.listmanydate.live/media/mainstream/all/pb/no/1.js
IP 141.95.108.187:0
GET /media/mainstream/all/pb/no/1.js HTTP/1.1
Host: 2823.listmanydate.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2823.listmanydate.live/wwjasdjd/?u=bt1k60t&o=xqt63qn&t=cid%3A7065&cid=7065-9817-2022092902182180f286&f=1&sid=t1~2ahjyhws0bmj1elp53kfpi5w&fp=1kCObbBo%2BIM661b3evrW6EDErwrpf6n%2Bp1mhD7fsYvKwBXx2EJP3d69P%2BOp54iRBxIvab%2B2FxULT5iTePA2cdEOVWQBeZHMRbCTDGHfBMTKKmv2alR%2B117mF6e9kzjceydqsdTu7f2Lg1UqMwuFmFgmYydBU28hkADN%2Fnt6oYgwBhZJMWq%2BKMPCzu78HRbY%2BCNkDwB%2BrNQCWubU%2BMH6BnX4qomwUXptk0KkZ8p6ObdE6bltjv9YfdBZytBvx9DaCgcpr4fqhoTCjzYRAUz6a7ipYuJdzSYPdhRhtQffLyGuq37fxn8ElpZDTsM%2B%2FGKJkXhPOE%2B%2BVQHEyfwH9GvCPozdVJcCdxxPuJfvksCxeeVcK6PPViNFgj7%2B2tmQ6bsER6KU6HcP8izAgZUi5n1A%2FudzD79r%2FgygGZi6eklZv714%2F2hanXK%2BwfzkoV%2BS4xxfQQpBWOwzel5JZezIVOTH0xrIkuaFfMjggqembsh5XQxPxqHQlreBowDa9Ur4XWNAdOMCN7cWfe3CcI9MOZrNGMBr%2FgmlR1%2FxlGh1pHGZbdFHnukao1ANRzf7OJIdXa4%2FXCah8l5B8nEhKVfCfy9rsvLrXRYgxHizVjLd2MO6CXLRXSE9wpIfTo%2BoorclDv6ryVmr3wcCx44w9EFrGlwK8IPYypEU0LidzEKzci7GPWdvRyMTNoG2ofShUDJLiwUd5wT8HUcEWA3va40mfBcgVF3eycGrfxfza4zwYryXh6BFDIECUwpgPP%2Fsf4L7O37FSs8acNpqkFcLLQsFy3EzBXvsV%2BQ1dzDCxlfUCcz6Q8ZtXUZUeNQh16WTELfrCClAh77rjImsdis1Mj4OF0%2BmjP0yEyD0JlKyC6mMXrqMtpv3ynRaYDUTa%2F4k77Tj5tl2lA%2B4rDWYfaEzkyqA6CPqRQ3ujFHifkwaOhu3%2FMjf5E09TFnfrwbn%2Blx4YqqM67mW5wfS5RFn2aqBZUwAWTVVtg9lOp%2FSRqUo90AUFjbJYQHhiqYCTV3ld5pBAizgcsJuyJmkt6DPZieZ4FOvyVsI9Kk78SJol%2BwI0L5tM5qGVyGQx496skVvf50BY9shS5ytwdDX%2BznfD0Ep9KCM4MpuaP5HvEvtoc5WTJRWjuBi73SkYJ9ucwy40lCHQK%2FM9PXLtNznds5MlCxDSNof4QbFeId166ZoR%2Bhj727MzQ6%2Bhl00SOY1OGZI7mJpfQ5ulgDfeEEUpKhCG1TYJ3SIw1h0TgQ7fn%2FLhJs82aDdVjs0nd30Ypy14KKQlRnn3NNVjTLsMilNH%2F5pHGvcUzCDMuZOButd%2FWLW2JV3cspBco16GYvcVrtn8w%2BHZTCUBg3ulqwVSTiALOi%2BsUzaAvcX0RjQBZhWyl13p3T3%2FzAteQCsbz6Ajf6aILAO5F1wHFV5YFWCdp%2F3iGjhQJ2e7cb1JoTIO8ZxWQ8rb%2BRe5txoC19L5rwZBXgbfTgy7DHZlXfi3WfmcJc8FilGF%2FGNOqU%2F%2FZlM0f6uei3BVxUC5TLA2LgIJBdq%2F3aWXvwP3lWsfE6l%2BDZBAUHNISLbVLbmKBSzJCeZO7G647mNEv%2BW9UJetpxXHRSn2Syn2boJorTRGjuTso%2FNEK4GmC2bc68XRG9J5F%2FLtiVdUYvxZ%2BED1eqzuyKl3o70R8tgQ%2Fnfn8y3QguwBNzsuibiK3xvCWsT88ePmPGm0EKE5Yc60dS2k41ozS3APY7QVji6gDPNOPhx8X5zCarjh%2FbrueKaPvqfY1%2Fc3CzRi8fgcUYz2g9p1%2Fcf31uWi8RF5k1kkY4LzEm8QlH3prrinFm8HkoyGjnw1lyA6SeyqlxHblKoJ%2FGouJhN0tH7xH6itG%2FxbBvaC6OVfZxv4ie5TKFencp1SBzO4PQX5OqPUBEECu765%2F0cM0JbphIGY%2BkkFPwLtq5qih67hKrNO1LTXI3%2FzgdutxH3IdkOswITllQ%3D%3D
Cookie: cookie1=true
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 28 Sep 2022 23:18:23 GMT
Content-Type: application/javascript
Connection: close
Last-Modified: Tue, 17 May 2022 13:18:06 GMT
Vary: Accept-Encoding
ETag: W/"6283a08e-594"
Content-Encoding: br
Cache-Control: no-transform
2823.listmanydate.live/media/mainstream/sound.js
141.95.108.187200 OK 0 B URL HTTP/1.1 2823.listmanydate.live/media/mainstream/sound.js
IP 141.95.108.187:0
GET /media/mainstream/sound.js HTTP/1.1
Host: 2823.listmanydate.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2823.listmanydate.live/wwjasdjd/?u=bt1k60t&o=xqt63qn&t=cid%3A7065&cid=7065-9817-2022092902182180f286&f=1&sid=t1~2ahjyhws0bmj1elp53kfpi5w&fp=1kCObbBo%2BIM661b3evrW6EDErwrpf6n%2Bp1mhD7fsYvKwBXx2EJP3d69P%2BOp54iRBxIvab%2B2FxULT5iTePA2cdEOVWQBeZHMRbCTDGHfBMTKKmv2alR%2B117mF6e9kzjceydqsdTu7f2Lg1UqMwuFmFgmYydBU28hkADN%2Fnt6oYgwBhZJMWq%2BKMPCzu78HRbY%2BCNkDwB%2BrNQCWubU%2BMH6BnX4qomwUXptk0KkZ8p6ObdE6bltjv9YfdBZytBvx9DaCgcpr4fqhoTCjzYRAUz6a7ipYuJdzSYPdhRhtQffLyGuq37fxn8ElpZDTsM%2B%2FGKJkXhPOE%2B%2BVQHEyfwH9GvCPozdVJcCdxxPuJfvksCxeeVcK6PPViNFgj7%2B2tmQ6bsER6KU6HcP8izAgZUi5n1A%2FudzD79r%2FgygGZi6eklZv714%2F2hanXK%2BwfzkoV%2BS4xxfQQpBWOwzel5JZezIVOTH0xrIkuaFfMjggqembsh5XQxPxqHQlreBowDa9Ur4XWNAdOMCN7cWfe3CcI9MOZrNGMBr%2FgmlR1%2FxlGh1pHGZbdFHnukao1ANRzf7OJIdXa4%2FXCah8l5B8nEhKVfCfy9rsvLrXRYgxHizVjLd2MO6CXLRXSE9wpIfTo%2BoorclDv6ryVmr3wcCx44w9EFrGlwK8IPYypEU0LidzEKzci7GPWdvRyMTNoG2ofShUDJLiwUd5wT8HUcEWA3va40mfBcgVF3eycGrfxfza4zwYryXh6BFDIECUwpgPP%2Fsf4L7O37FSs8acNpqkFcLLQsFy3EzBXvsV%2BQ1dzDCxlfUCcz6Q8ZtXUZUeNQh16WTELfrCClAh77rjImsdis1Mj4OF0%2BmjP0yEyD0JlKyC6mMXrqMtpv3ynRaYDUTa%2F4k77Tj5tl2lA%2B4rDWYfaEzkyqA6CPqRQ3ujFHifkwaOhu3%2FMjf5E09TFnfrwbn%2Blx4YqqM67mW5wfS5RFn2aqBZUwAWTVVtg9lOp%2FSRqUo90AUFjbJYQHhiqYCTV3ld5pBAizgcsJuyJmkt6DPZieZ4FOvyVsI9Kk78SJol%2BwI0L5tM5qGVyGQx496skVvf50BY9shS5ytwdDX%2BznfD0Ep9KCM4MpuaP5HvEvtoc5WTJRWjuBi73SkYJ9ucwy40lCHQK%2FM9PXLtNznds5MlCxDSNof4QbFeId166ZoR%2Bhj727MzQ6%2Bhl00SOY1OGZI7mJpfQ5ulgDfeEEUpKhCG1TYJ3SIw1h0TgQ7fn%2FLhJs82aDdVjs0nd30Ypy14KKQlRnn3NNVjTLsMilNH%2F5pHGvcUzCDMuZOButd%2FWLW2JV3cspBco16GYvcVrtn8w%2BHZTCUBg3ulqwVSTiALOi%2BsUzaAvcX0RjQBZhWyl13p3T3%2FzAteQCsbz6Ajf6aILAO5F1wHFV5YFWCdp%2F3iGjhQJ2e7cb1JoTIO8ZxWQ8rb%2BRe5txoC19L5rwZBXgbfTgy7DHZlXfi3WfmcJc8FilGF%2FGNOqU%2F%2FZlM0f6uei3BVxUC5TLA2LgIJBdq%2F3aWXvwP3lWsfE6l%2BDZBAUHNISLbVLbmKBSzJCeZO7G647mNEv%2BW9UJetpxXHRSn2Syn2boJorTRGjuTso%2FNEK4GmC2bc68XRG9J5F%2FLtiVdUYvxZ%2BED1eqzuyKl3o70R8tgQ%2Fnfn8y3QguwBNzsuibiK3xvCWsT88ePmPGm0EKE5Yc60dS2k41ozS3APY7QVji6gDPNOPhx8X5zCarjh%2FbrueKaPvqfY1%2Fc3CzRi8fgcUYz2g9p1%2Fcf31uWi8RF5k1kkY4LzEm8QlH3prrinFm8HkoyGjnw1lyA6SeyqlxHblKoJ%2FGouJhN0tH7xH6itG%2FxbBvaC6OVfZxv4ie5TKFencp1SBzO4PQX5OqPUBEECu765%2F0cM0JbphIGY%2BkkFPwLtq5qih67hKrNO1LTXI3%2FzgdutxH3IdkOswITllQ%3D%3D
Cookie: cookie1=true
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 28 Sep 2022 23:18:23 GMT
Content-Type: application/javascript
Connection: close
Last-Modified: Fri, 02 Jul 2021 23:05:00 GMT
Vary: Accept-Encoding
ETag: W/"60df9b9c-1396"
Content-Encoding: br
Cache-Control: no-transform