r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 93f633ce30c038eb581544323c5a971e
2f60526cb750c6babccc207f75fb5a8ae6f7598b
0ff6df80a892199848fb943af78541b66efc09a7ab70d4b169906fdbac1eabf8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FF6DF80A892199848FB943AF78541B66EFC09A7AB70D4B169906FDBAC1EABF8"
Last-Modified: Mon, 27 Mar 2023 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18728
Expires: Mon, 27 Mar 2023 22:24:55 GMT
Date: Mon, 27 Mar 2023 17:12:47 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c83d39f350161ed2f5d20dcd68e47c92
2695a888e652cb314f8094cc6073c3364336d272
62e5cc6aea61c3c32acd964d4bbe143806416008181eebc4451a8f035b69a0bc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62E5CC6AEA61C3C32ACD964D4BBE143806416008181EEBC4451A8F035B69A0BC"
Last-Modified: Mon, 27 Mar 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11707
Expires: Mon, 27 Mar 2023 20:27:54 GMT
Date: Mon, 27 Mar 2023 17:12:47 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bc86ef2a0cee04915bc360f5821adc8f
3658f9028cce204d38f7f48fcfaa2a8e4f54383a
aeecd718d03811322457de4f20828bdba86b277e7e0e328cae9c0a8075638454
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Backoff, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 27 Mar 2023 16:27:58 GMT
content-type: application/json
age: 2689
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5ad3eec59bebbf969f175627757507c1
b176af3a70db378c9e1f219bab24d9d446070d6f
704fa284035b4c9aa487331b516f5f11c324e204756ae2503bad2606ed34f25e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "704FA284035B4C9AA487331B516F5F11C324E204756AE2503BAD2606ED34F25E"
Last-Modified: Mon, 27 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6350
Expires: Mon, 27 Mar 2023 18:58:37 GMT
Date: Mon, 27 Mar 2023 17:12:47 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: N4T22z836JGTRwxaP3dQNw7KvcXLtzaOx0KdvthAIb+O2CTgxvFRyAY78k38ybsfY8aCNjwnBu8=
x-amz-request-id: BR5W1GXYMV24H218
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 27 Mar 2023 17:01:43 GMT
age: 664
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 27 Mar 2023 17:12:47 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ilcorsaronero.theproxy2.cc/
104.21.95.157200 OK 361 kB URL HTTP/1.1 ilcorsaronero.theproxy2.cc/
IP 104.21.95.157:0
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (60411), with CRLF, LF line terminators
Size 361 kB (361022 bytes)
Hash 7ced302ee55adb3d5a507f1ddd4f68c8
f7eaaf9948ce0bb3a61f73d6d824eef06ca0f618
9882406cf1750b42c6c21f0132b1517a3183f690081a4c4d8c7dd8dcbde36d89
GET / HTTP/1.1
Host: ilcorsaronero.theproxy2.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: view=1; PHPSESSID=tvrvfrsmd1lmjsi7fhjui2ja7l
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Mon, 27 Mar 2023 17:12:47 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: view=1; expires=Tue, 28-Mar-2023 17:12:47 GMT; Max-Age=86400
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Access-Control-Allow-Origin: *
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JCme1XB12uAJTjm%2F8VlRgmuixB4ReWjcufVA%2FtaYCdYnTq4YCDL1pko1w%2Fh32vUTTtNd%2F3jaWoN02cYWujHTwz8Sv3GSsj7DugOh%2BM55%2BmX%2BBL%2BWtjKSkXUAH5HxrGcrKT%2FkiBsFIbjU0vpyPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7ae942a0fa4ab503-OSL
alt-svc: h2=":443"; ma=60
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Last-Modified, Retry-After, Content-Length, Alert, Cache-Control, Expires, Content-Type, Backoff, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 27 Mar 2023 16:14:35 GMT
age: 3492
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash d2d4415f4eeb34e663d209eeddd8d25d
5d239718d7235d1f62e10d7d381c5a063e94c73a
cc35be0a21b7442cc2628ea8cd42023f81eb2deea66e5149a22776228b105213
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 27 Mar 2023 17:12:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
glimtors.net/ntfc.php?p=2651991
139.45.197.251200 OK 5.9 kB URL HTTP/1.1 glimtors.net/ntfc.php?p=2651991
IP 139.45.197.251:0
File type C source, ASCII text, with very long lines (14391), with no line terminators
Hash ebd24c57e7c48956b7ba8ffcb4e45991
185644214f8d5f6dca4c203af2a1bd96274afbcb
ce1a5dc8201ecc8e77250f101e3f9c0d471bd865ec9a74487bced10e58e0a732
GET /ntfc.php?p=2651991 HTTP/1.1
Host: glimtors.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ilcorsaronero.theproxy2.cc/
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 27 Mar 2023 17:12:47 GMT
Content-Type: application/javascript
Last-Modified: Thu, 16 Mar 2023 15:32:57 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"641336a9-3837"
Access-Control-Allow-Credentials: true
Cache-Control: no-cache
Pragma: no-cache
Content-Encoding: gzip
inpagepush.com/400/3064505
139.45.197.237200 OK 32 kB URL HTTP/1.1 inpagepush.com/400/3064505
IP 139.45.197.237:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 80380534a36bd5e0bf95474c2ec27a72
3e263b14940e51dbccaef0dddc0a1dde6f886923
cb067e75a6a0460399e504e8a90e0a4a5b3d7de62744d71021135a35162693ca
GET /400/3064505 HTTP/1.1
Host: inpagepush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ilcorsaronero.theproxy2.cc/
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 27 Mar 2023 17:12:47 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: 479e391e1b705be3f2cef75e647170f6
Expires: Tue, 11 Jan 1994 10:00:00 GMT
Cache-Control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Pragma: no-cache
Vary: Origin
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Link
Access-Control-Allow-Credentials: true
Set-Cookie: OAID=bd60b7e0bd96447d8c3e64694b5aee42; expires=Tue, 26 Mar 2024 17:12:47 GMT; path=/; secure; SameSite=None
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Timing-Allow-Origin: *, *
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 338c42e4ccd475333da107485955b1cf
89223f304f86cb8c292a3acb7c640b5002b39690
333964f3284089e231f7cade16ba160392dd24eab8516c55588be6f513c7306d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 27 Mar 2023 17:12:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
benumelan.com/5/2632704
139.45.197.239200 OK 23 kB IP 139.45.197.239:0
File type ASCII text, with very long lines (60900), with no line terminators
Hash c00a8ee056bfed51c3f55ec7a10e97da
02d9870de756766ee04b47414769af0c1a4354b7
142a5e9046e6a0586c4183787c9e87d5a0dad0af63276bd2cc2babe994e9986d
GET /5/2632704 HTTP/1.1
Host: benumelan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ilcorsaronero.theproxy2.cc/
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 27 Mar 2023 17:12:47 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: 8be47b4ab18619b0328ce03992e79849
Link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Access-Control-Max-Age: 86400
Timing-Allow-Origin: *
Set-Cookie: OAID=36060c7ad91c42e198a7fa2fadf38544; expires=Tue, 26 Mar 2024 17:12:47 GMT; path=/
oaidts=1679937167; expires=Tue, 26 Mar 2024 17:12:47 GMT; path=/
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
Pragma: no-cache, no-cache
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
Content-Encoding: gzip
ilcorsaronero.theproxy2.cc/app/apx19.js
104.21.95.157200 OK 2.6 kB URL HTTP/1.1 ilcorsaronero.theproxy2.cc/app/apx19.js
IP 104.21.95.157:0
File type ASCII text, with very long lines (9183), with no line terminators
Hash 9ea8acd8d74e4f328d558b64219e02c5
156ce99860c738bee0a97dbe9c543a83f4fd5457
cc0dc5bf2c19d0830dd3962179d22ed40f200ecf8dc905a4e64bba0c1ccf9dff
GET /app/apx19.js HTTP/1.1
Host: ilcorsaronero.theproxy2.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ilcorsaronero.theproxy2.cc/
Cookie: view=1; PHPSESSID=tvrvfrsmd1lmjsi7fhjui2ja7l
HTTP/1.1 200 OK
Date: Mon, 27 Mar 2023 17:12:48 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 15 Sep 2020 18:46:59 GMT
ETag: W/"5f610c23-23df"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=25BII2oJHandBUhANo3WYSIOmOA7rZwBWHYPgTb7NKNcksJPOj2otZRlGic5wULKCT%2Fs47Ubb7N%2B3mxR5jqwxOyoCzwCiSI%2FOEYVboTlrbPdYYsmHb05kmCKaAIb1m%2Fn%2BvvF4AiXiG6Iu23VVw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7ae942a33df2b503-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
i.ibb.co/rmxjjht/1008928.png
162.19.58.157200 OK 11 kB URL HTTP/2 i.ibb.co/rmxjjht/1008928.png
IP 162.19.58.157:0
File type PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced\012- data
Hash 28cbecb9bf9bbf7726fcaa25fab221bb
fc4f28d6f2a17457fadb94738e72a4df4aab4c53
44075fe0b86eff3ffb90248ac3091c3e9e758a0660162f7c43df0330645552fe
GET /rmxjjht/1008928.png HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ilcorsaronero.theproxy2.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 27 Mar 2023 17:12:48 GMT
content-type: image/png
content-length: 10912
last-modified: Tue, 14 Mar 2023 06:12:46 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 76a0aba3ddb470751c690f5a725159f2
8cb789e8e0dfa336270700ef1e607173f2aee6cd
e76de476654125a06994065d66e30c6fb6c354d0f67fd4e31a3f78679e2bfdcb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E76DE476654125A06994065D66E30C6FB6C354D0F67FD4E31A3F78679E2BFDCB"
Last-Modified: Mon, 27 Mar 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2479
Expires: Mon, 27 Mar 2023 17:54:07 GMT
Date: Mon, 27 Mar 2023 17:12:48 GMT
Connection: keep-alive
ilcorsaronero.theproxy2.cc/app/apx14.js
104.21.95.157200 OK 2.2 kB URL HTTP/1.1 ilcorsaronero.theproxy2.cc/app/apx14.js
IP 104.21.95.157:0
File type ASCII text, with very long lines (7663), with no line terminators
Hash 5fd0d992c153321728eef72725f9e2f1
11af100c190b0c91d3126ca0c792aa6cd3954897
f39352e9834fda1868dab410b72a2850f516686f140843e9f0eef835be503330
GET /app/apx14.js HTTP/1.1
Host: ilcorsaronero.theproxy2.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ilcorsaronero.theproxy2.cc/
Cookie: view=1; PHPSESSID=tvrvfrsmd1lmjsi7fhjui2ja7l
HTTP/1.1 200 OK
Date: Mon, 27 Mar 2023 17:12:48 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 15 Sep 2020 18:26:19 GMT
ETag: W/"5f61074b-1def"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a3pMOElYgOpTdXtQU2xyczCz9IoyXmjTPMjE9ngUZQ9VBR4zfRziibjcekC3A4tso7%2FXzCCKZIZOJx7AWMCa6r0jBcNNdhU4UAHnST7Mf5%2B4jROg%2BCHG2e60FUx7T6rVIpYpx6BfYh2sIXJ2gw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7ae942a34e7f0b45-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ilcorsaronero.theproxy2.cc/app/x12.js
104.21.95.157200 OK 3.0 kB URL HTTP/1.1 ilcorsaronero.theproxy2.cc/app/x12.js
IP 104.21.95.157:0
File type ASCII text, with very long lines (11180), with no line terminators
Hash 7f0c811d15a31a93662cfa30df4ef5ea
3f5b8f499bc7f50d2315eadc7cf043d317b60b95
af3050874dc2886642989014b75a7b4734239520ee7d36ea06d4527e41d92beb
GET /app/x12.js HTTP/1.1
Host: ilcorsaronero.theproxy2.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ilcorsaronero.theproxy2.cc/
Cookie: view=1; PHPSESSID=tvrvfrsmd1lmjsi7fhjui2ja7l
HTTP/1.1 200 OK
Date: Mon, 27 Mar 2023 17:12:48 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 15 Sep 2020 18:26:18 GMT
ETag: W/"5f61074a-2bac"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qn94Pm%2BwqEN%2FJENprpsDm6wLen26sw6QkJG546Bn%2FSFTMWrEZyFOsVM%2FKnUZGODMwyBSXqqwRXvDnwgpSX%2FaNPqqQuftqVKHvtO%2FMxrSssfwTDiDHLhH9rVsRF8wPiPCEJYzt5DB0OAvGZAWpA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7ae942a34b9bb509-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 701c0edb156d997b58150bf12c220562
ce8f0c8b8977b78523a1b56bf2886bfa6ee7fbc6
789ecfc44211a13e834d35a9e13c2b1e40f46f523ac0f4cd4f097bf5267e0506
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "789ECFC44211A13E834D35A9E13C2B1E40F46F523AC0F4CD4F097BF5267E0506"
Last-Modified: Sun, 26 Mar 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6967
Expires: Mon, 27 Mar 2023 19:08:55 GMT
Date: Mon, 27 Mar 2023 17:12:48 GMT
Connection: keep-alive
ilcorsaronero.theproxy2.cc/hy.js?q22q2q2
104.21.95.157200 OK 18 kB URL HTTP/1.1 ilcorsaronero.theproxy2.cc/hy.js?q22q2q2
IP 104.21.95.157:0
File type ASCII text, with very long lines (56131), with no line terminators
Hash f12634066d38736854588dc61b5ba109
623e90c430f1609e59e16407553e2d2ff8882d8e
7ca898a6218b8e61a9a999ffb0c76a9c60f86dfd4353b2496225e6473c72c0de
GET /hy.js?q22q2q2 HTTP/1.1
Host: ilcorsaronero.theproxy2.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ilcorsaronero.theproxy2.cc/
Cookie: view=1; PHPSESSID=tvrvfrsmd1lmjsi7fhjui2ja7l
HTTP/1.1 200 OK
Date: Mon, 27 Mar 2023 17:12:48 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 02 Mar 2021 05:53:48 GMT
ETag: W/"603dd2ec-db43"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2HawI7fMh8bibjN0POmf1du7tnqrkxTA4f5%2Fg2eeEvd%2FOGeQpQRSMNIVqqBYA%2B1LROOvRDzZjrEB6y44SbQwU3LntHytjonbfSvBR5mj2i55Yzd1zPnHCClokWzpxmqDFiHSJPNAfb5JBwiBtA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7ae942a34edd0afa-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 701c0edb156d997b58150bf12c220562
ce8f0c8b8977b78523a1b56bf2886bfa6ee7fbc6
789ecfc44211a13e834d35a9e13c2b1e40f46f523ac0f4cd4f097bf5267e0506
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "789ECFC44211A13E834D35A9E13C2B1E40F46F523AC0F4CD4F097BF5267E0506"
Last-Modified: Sun, 26 Mar 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6967
Expires: Mon, 27 Mar 2023 19:08:55 GMT
Date: Mon, 27 Mar 2023 17:12:48 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ed8da97b64e45bc21624810676468549
501be2cec8e50d3f7038c9ab942c33aa7ace38b0
3caf95809cd83f99b04bd8312f8519464b97f7ee65629b1b656891b90969650d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3CAF95809CD83F99B04BD8312F8519464B97F7EE65629B1B656891B90969650D"
Last-Modified: Sun, 26 Mar 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9105
Expires: Mon, 27 Mar 2023 19:44:33 GMT
Date: Mon, 27 Mar 2023 17:12:48 GMT
Connection: keep-alive
s-ilcorsaronero.theproxy2.cc/css/main.css
104.21.95.157200 OK 3.9 kB URL HTTP/1.1 s-ilcorsaronero.theproxy2.cc/css/main.css
IP 104.21.95.157:0
File type ASCII text, with CRLF line terminators
Hash 00d9536e48f31c04dc5ce2c878a04896
4ab0f87012d1b85cc0a7d98172b7c82297c852a6
58a71e14bfa48b1c52585dd071461760c1fdc20e734d7c86a3ca1dcbe81f3a3b
GET /css/main.css HTTP/1.1
Host: s-ilcorsaronero.theproxy2.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ilcorsaronero.theproxy2.cc/
HTTP/1.1 200 OK
Date: Mon, 27 Mar 2023 17:12:48 GMT
Content-Type: text/css;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Access-Control-Allow-Origin: *
CF-Cache-Status: BYPASS
Set-Cookie: view=1; expires=Tue, 28-Mar-2023 17:12:48 GMT; Max-Age=86400
PHPSESSID=4o3c6qqodishb75dr54gtqgfnc; path=/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zxOPbYGKGcEqz9YR6XO2MA3pgjIAZ51O1fy%2F5Mt693Oc0sh7hxqGKKCs%2FgjzR88JP0TO6k5B%2BzgQpvLGyaq3k4D6ybhXIWvXttb2xFindH6%2Bwwa5h6sfkInAmMYWwXPupaTZoXzmYHf%2Ba1TPOCQl"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7ae942a36bd6b509-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ilcorsaronero.theproxy2.cc/zpp/zpp4.js?q22q2q2
104.21.95.157200 OK 14 kB URL HTTP/1.1 ilcorsaronero.theproxy2.cc/zpp/zpp4.js?q22q2q2
IP 104.21.95.157:0
File type ASCII text, with very long lines (38995), with no line terminators
Hash 3c741ddc90399bc2910b2cdc0a826716
163182c6b04f146fbf6de424ead05c91e59e3c51
e6753c7588e28e17f44aa00cbe8c314de3f2bbcb8e892a439eed11dd989b1d84
GET /zpp/zpp4.js?q22q2q2 HTTP/1.1
Host: ilcorsaronero.theproxy2.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ilcorsaronero.theproxy2.cc/
Cookie: view=1; PHPSESSID=tvrvfrsmd1lmjsi7fhjui2ja7l
HTTP/1.1 200 OK
Date: Mon, 27 Mar 2023 17:12:48 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 02 Mar 2021 05:53:53 GMT
ETag: W/"603dd2f1-9853"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cyWiEAKanGe0%2FDpJMVf5jvsGTBkbaXMcAv8pIvWCeC9jzBxZd6cIwS11Qm08omSsYM9Lw%2BmWdi0Lp85AuTZ%2FERT2NxotabAOMifl3jxINHjRe2kTjeiIAvfK1awubJo6Vb%2F4O3PJsVC0VHj2EQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7ae942a34a03b4eb-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
glimtors.net/zone?pub=0&zone_id=2651991&is_mobile=false&domain=ilcorsaronero.theproxy2.cc&var=&ymid=&var_3=
139.45.197.251200 OK 880 B URL HTTP/2 glimtors.net/zone?pub=0&zone_id=2651991&is_mobile=false&domain=ilcorsaronero.theproxy2.cc&var=&ymid=&var_3=
IP 139.45.197.251:0
File type JSON data\012- , ASCII text, with very long lines (879)
Hash 6049c0d843bc5fd5b99f894a5be097d3
991716ac382195113bb6b6254ee69ce02df4b851
f503653a8d4cdbeab7ecdee4ee5a236b6a9351cc54bc8fc6b191dc39b64d6346
GET /zone?pub=0&zone_id=2651991&is_mobile=false&domain=ilcorsaronero.theproxy2.cc&var=&ymid=&var_3= HTTP/1.1
Host: glimtors.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ilcorsaronero.theproxy2.cc/
Origin: http://ilcorsaronero.theproxy2.cc
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 27 Mar 2023 17:12:48 GMT
content-type: application/json; charset=utf-8
content-length: 880
x-trace-id: a168d5731aecac32e60fc955f0c6cbc1
access-control-allow-origin: http://ilcorsaronero.theproxy2.cc
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
matomo.hellohi.me/matomo.js
188.114.97.1301 Moved Permanently 169 B URL HTTP/1.1 matomo.hellohi.me/matomo.js
IP 188.114.97.1:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash f3099a531821c476589c3d2d00d53772
8e539d05a8355d6835a56f94b75f405c6e55f6f3
a5287e1cf9fe9dc106bd2172a5b175c7833427866b7819872b1b6fa34b66daef
GET /matomo.js HTTP/1.1
Host: matomo.hellohi.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ilcorsaronero.theproxy2.cc/
HTTP/1.1 301 Moved Permanently
Date: Mon, 27 Mar 2023 17:12:48 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://matomo.hellohi.me/matomo.js
Referrer-Policy: origin
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 1040
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W4%2FMC5WJjY088BfIT7nIbp83P18T4UU4PVFYd4AwlbHp71G4mIwmiraSY3G%2FE8MC7kQOIPeMfGpvyGUVjld9M5DHs7t%2BWFJ68NwgRBtHzng%2BjGcDcAxbcok1%2B2wX7jjkhIXUFA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7ae942a58cb1b51e-OSL
alt-svc: h2=":443"; ma=60
s-ilcorsaronero.theproxy2.cc/images/g.gif
104.21.95.157200 OK 2.3 kB URL HTTP/1.1 s-ilcorsaronero.theproxy2.cc/images/g.gif
IP 104.21.95.157:0
File type GIF image data, version 89a, 124 x 27\012- data
Hash b9bc4a9316f060765e5d3bc9a91530ad
faac2e5b94c5ab17960e0575d574cc1b310e6e4d
cde7d2afb33200439d5453857f122d78ad5f0a998274a3e27643079fc61405f3
GET /images/g.gif HTTP/1.1
Host: s-ilcorsaronero.theproxy2.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ilcorsaronero.theproxy2.cc/
HTTP/1.1 200 OK
Date: Mon, 27 Mar 2023 17:12:48 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Access-Control-Allow-Origin: *
CF-Cache-Status: BYPASS
Set-Cookie: view=1; expires=Tue, 28-Mar-2023 17:12:48 GMT; Max-Age=86400
PHPSESSID=8llb102a8cn4mdf6accqn598v7; path=/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F2ViVB4G8gs49xc1IJ2PWH0kyPlgDrT6zmPxqQBJtVC1%2B3Hhg2n240IA%2FsSI31YSc3tOYUhUpoD7bPYet0le3Br38tdSpLj6tkQ0c3mJ6SgYkAiNaeWF3EU8QO5u7tX3JZ5RmnEYB1zQeo5y4h3A"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7ae942a4edcfb509-OSL
alt-svc: h2=":443"; ma=60
s-ilcorsaronero.theproxy2.cc/images/nfo.gif
104.21.95.157200 OK 367 B URL HTTP/1.1 s-ilcorsaronero.theproxy2.cc/images/nfo.gif
IP 104.21.95.157:0
File type GIF image data, version 89a, 14 x 13\012- data
Hash 700f54ccccc4461966adad8bfd65a783
bc91b80f4ed871e80840cab29da68ceb9f2d65c2
e10e796e8ce23dff1dc5112e87a360cf57dd84d59d59ed8d5f4f5ed3847273fa
GET /images/nfo.gif HTTP/1.1
Host: s-ilcorsaronero.theproxy2.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ilcorsaronero.theproxy2.cc/
HTTP/1.1 200 OK
Date: Mon, 27 Mar 2023 17:12:48 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Access-Control-Allow-Origin: *
CF-Cache-Status: BYPASS
Set-Cookie: view=1; expires=Tue, 28-Mar-2023 17:12:48 GMT; Max-Age=86400
PHPSESSID=jgeu57ul415dllets394ab2d1o; path=/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dG0NI0qFxDi0Icap6Kpri755oyZofOU4T4Sq47a10b2sQFer8egIxNZlOReyA21luBXBUQ5Gdfnx8vJH5HOZDDdoqOgs9QeiEAstEhLdwAx07g05LEQZqeUNNzIr3IR%2BSameOSQ51oEtQLSNDqpL"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7ae942a4e895b51b-OSL
alt-svc: h2=":443"; ma=60
s-ilcorsaronero.theproxy2.cc/images/tv.gif
104.21.95.157200 OK 2.3 kB URL HTTP/1.1 s-ilcorsaronero.theproxy2.cc/images/tv.gif
IP 104.21.95.157:0
File type GIF image data, version 89a, 124 x 27\012- data
Hash 9976fe6680d1cb6b496cd038384665f4
c9b0a9bb66be4ed604e61b2115530cbda90b5f50
914f4ae15f76320dd96a4ffc9f79d1f4c2f6cf6daee39c3c314f8ae2de6dae72
GET /images/tv.gif HTTP/1.1
Host: s-ilcorsaronero.theproxy2.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ilcorsaronero.theproxy2.cc/
HTTP/1.1 200 OK
Date: Mon, 27 Mar 2023 17:12:48 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Access-Control-Allow-Origin: *
CF-Cache-Status: BYPASS
Set-Cookie: view=1; expires=Tue, 28-Mar-2023 17:12:48 GMT; Max-Age=86400
PHPSESSID=8spsmuo03b97jadl9749fbrvsf; path=/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7REV19fZPNdWdnzRVAwFDkoLR2XQeMFKn2lwb5HYFAejGONRjhjfY75vyMpEWs89618cMVbdmlsQk%2BuygjfGcupsjD%2BqR0KV8MGnGVw%2FicHUXXLBUg6h6mQqtUmVuN1EOPonBEr97jOwb9%2BkeQ2%2B"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7ae942a4ea75069b-OSL
alt-svc: h2=":443"; ma=60
fonts.googleapis.com/css2?family=Roboto:wght@400&display=swap
142.250.74.138200 OK 995 B URL HTTP/2 fonts.googleapis.com/css2?family=Roboto:wght@400&display=swap
IP 142.250.74.138:0
Hash 1ad8577f465b400e89f6d77d9aeeaa32
d552e39b0bece2166b1229313e210113a9abd790
659b22b34401ddabfc98ce034a314897876eef0da43c415c02f2999d9f888c36
GET /css2?family=Roboto:wght@400&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ilcorsaronero.theproxy2.cc/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 27 Mar 2023 17:12:47 GMT
date: Mon, 27 Mar 2023 17:12:47 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.35200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://ilcorsaronero.theproxy2.cc
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 24 Mar 2023 10:26:41 GMT
expires: Sat, 23 Mar 2024 10:26:41 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
age: 283567
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
s-ilcorsaronero.theproxy2.cc/images/m.gif
104.21.95.157200 OK 2.4 kB URL HTTP/1.1 s-ilcorsaronero.theproxy2.cc/images/m.gif
IP 104.21.95.157:0
File type GIF image data, version 89a, 124 x 27\012- data
Hash b1a3c5a8c5d6a7bfe3f533d0b30d1470
fa106aa6b0787f603598d268fa1cd63f90e5b011
89f366181460acc33bfa4c25de9585de13ea2b0a35cd3a4ac9f5609040241f60
GET /images/m.gif HTTP/1.1
Host: s-ilcorsaronero.theproxy2.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ilcorsaronero.theproxy2.cc/
HTTP/1.1 200 OK
Date: Mon, 27 Mar 2023 17:12:48 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Access-Control-Allow-Origin: *
CF-Cache-Status: BYPASS
Set-Cookie: view=1; expires=Tue, 28-Mar-2023 17:12:48 GMT; Max-Age=86400
PHPSESSID=9djpb69a00ckb749gll1iui77u; path=/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n9wTLcNvSMq3Fa6hqyVv10sgtP8ht3c2mS6ZhNd1MZCafm8kg%2F9paxAZ0xLyS0DVheQ3Vop1F3d9NIa3yDwMpFpFB%2Fr7RAahKY3j99YpfVX8VHjKwUtWX1Ah5CDL7ONCuGtvv2LCW2Rv4jSkkL1S"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7ae942a4edafb505-OSL
alt-svc: h2=":443"; ma=60
s-ilcorsaronero.theproxy2.cc/images/arrow-asc.png
104.21.95.157200 OK 133 B URL HTTP/1.1 s-ilcorsaronero.theproxy2.cc/images/arrow-asc.png
IP 104.21.95.157:0
File type PNG image data, 11 x 6, 8-bit/color RGBA, non-interlaced\012- data
Hash d812f38147cd4af6e0b3b695217de6b1
b5db0a64ed3b75240cc913585255fa4daccb9c0f
3596f60295194a5e0acd8865308b612624f952ea9e3a82734667c3e4a5a2427c
GET /images/arrow-asc.png HTTP/1.1
Host: s-ilcorsaronero.theproxy2.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ilcorsaronero.theproxy2.cc/
HTTP/1.1 200 OK
Date: Mon, 27 Mar 2023 17:12:48 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Access-Control-Allow-Origin: *
CF-Cache-Status: BYPASS
Set-Cookie: view=1; expires=Tue, 28-Mar-2023 17:12:48 GMT; Max-Age=86400
PHPSESSID=dfcadmh57v0g1euj6rsv0e12ot; path=/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g9GcVB9yF6UQdeubkgHDnVaPqjZJvRYNAb6%2FgJJ8KRh5RYb5k9ROOFm7gR%2BWiwqRMPnpotLt5M7EaCnTd9WeM9NfmXz6qY5922mhAMXO%2BGGR%2FXA8hTCNmSmCvyTJHLVQ6AHmP5S%2Fgt24A2lULVXg"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7ae942a4edb3b505-OSL
alt-svc: h2=":443"; ma=60
s-ilcorsaronero.theproxy2.cc/images/h_logo2.gif
104.21.95.157200 OK 1.9 kB URL HTTP/1.1 s-ilcorsaronero.theproxy2.cc/images/h_logo2.gif
IP 104.21.95.157:0
File type GIF image data, version 89a, 202 x 16\012- data
Hash 8d3763b5574fa0aaa4968dcbc66fdcf6
1911a863b7d8222665851e8233dffb56445aed90
e003b76850167a5d3a9753cde08c4531c732c011325e8f12470f7d89f1c20ec3
GET /images/h_logo2.gif HTTP/1.1
Host: s-ilcorsaronero.theproxy2.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ilcorsaronero.theproxy2.cc/
HTTP/1.1 200 OK
Date: Mon, 27 Mar 2023 17:12:48 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Access-Control-Allow-Origin: *
CF-Cache-Status: BYPASS
Set-Cookie: view=1; expires=Tue, 28-Mar-2023 17:12:48 GMT; Max-Age=86400
PHPSESSID=ohocr6mpihv6vd00qmsvhg6h69; path=/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0zY2kwzfSOK6wg6ItC3GJPrzKCtm8T4taKGGbJXW0VH2oDhNSKfIugvrjfkkPc18xVDsnCrnGd0FiWDitlfs9wW2OjeP6rRdFqmud0KI5omkgdz0IvyipxsYibnNMwp52KrO%2FovyegCn0ESsVarj"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7ae942a4eedb1c16-OSL
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 9f118fb224d6a3feb68bb7296958d8fe
7ccaa3d7e3b47dec93f7ddb398615bd71227b26e
2f70628100003ab47f5fb5622f8951ec8f4bad4b88cc3c083983a5c31356b429
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 27 Mar 2023 17:12:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
54.200.169.229101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.200.169.229:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: f8Xb73Giy7SFAHnP3zc3cg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: YrPqe9rRVP3y1Mi6WW/ZAxciFHY=
glimtors.net/ntfc.php?p=2651991
139.45.197.251304 Not Modified 0 B URL HTTP/1.1 glimtors.net/ntfc.php?p=2651991
IP 139.45.197.251:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ntfc.php?p=2651991 HTTP/1.1
Host: glimtors.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ilcorsaronero.theproxy2.cc/
If-Modified-Since: Thu, 16 Mar 2023 15:32:57 GMT
If-None-Match: W/"641336a9-3837"
HTTP/1.1 304 Not Modified
Server: nginx
Date: Mon, 27 Mar 2023 17:12:48 GMT
Last-Modified: Thu, 16 Mar 2023 15:32:57 GMT
Connection: keep-alive
ETag: "641336a9-3837"
Access-Control-Allow-Credentials: true
Cache-Control: no-cache
Pragma: no-cache
ilcorsaronero.theproxy2.cc/user.php
104.21.95.157200 OK 25 B URL HTTP/1.1 ilcorsaronero.theproxy2.cc/user.php
IP 104.21.95.157:0
Hash 363f411ba212d4d1ccf7856f856145e9
08331057577f273187dd15e7c6f57937835e0aff
c50b40612adfdbf2e228758746fc7927cf440cb9bb5a8280c00d7946632a1943
POST /user.php HTTP/1.1
Host: ilcorsaronero.theproxy2.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
X-Requested-With: XMLHttpRequest
Content-Length: 39
Origin: http://ilcorsaronero.theproxy2.cc
Connection: keep-alive
Referer: http://ilcorsaronero.theproxy2.cc/
Cookie: view=1; PHPSESSID=tvrvfrsmd1lmjsi7fhjui2ja7l
HTTP/1.1 200 OK
Date: Mon, 27 Mar 2023 17:12:48 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1e8kiQvXmBp3QpEN6gN%2BA%2BTjLlOb%2B1CHkbB5CGqEWSCF08XgzqHsJfwNczAhMTiys7iysodqTzwcHaiv5G5CMZgw5KeGHIoBlucfKammW%2FozAEdbkd23dxbwBuToDLK69lI1TQmhGn7M74d%2B7A%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7ae942a548e90afa-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ilcorsaronero.theproxy2.cc/helper-js/
104.21.95.157200 OK 1.0 kB URL HTTP/1.1 ilcorsaronero.theproxy2.cc/helper-js/
IP 104.21.95.157:0
File type ASCII text, with very long lines (2612), with CRLF line terminators
Hash b464f227ffac472b8a34122578d7e84a
1bf21dc13cfaf63a00375545594711867c6b26b7
b6d937592e2184d7d4b3c0071341c1548f88ae3c44d400422843645e78d5fc95
GET /helper-js/ HTTP/1.1
Host: ilcorsaronero.theproxy2.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ilcorsaronero.theproxy2.cc/
Cookie: view=1; PHPSESSID=tvrvfrsmd1lmjsi7fhjui2ja7l
HTTP/1.1 200 OK
Date: Mon, 27 Mar 2023 17:12:48 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: s-maxage=0, max-age=0 no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZDM9dJbemwp1OxZShj9m2PVp%2BXSdGb40PHJyBpN1jJgQiBa1z9tmrfHuIUNgfg4atjmyN6qtA2U8a8QuamMmMnlqRyT7yU4UXIxVZeHvtkiZArzS3G29pBbHGYLSYgpUMs2kv8lpMzDLK6dqYg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7ae942a65fe8b4eb-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
s-ilcorsaronero.theproxy2.cc/images/top_bg.png
104.21.95.157200 OK 151 B URL HTTP/1.1 s-ilcorsaronero.theproxy2.cc/images/top_bg.png
IP 104.21.95.157:0
File type PNG image data, 3 x 20, 8-bit/color RGBA, non-interlaced\012- data
Hash 9f69fc827d2beaf059b07491dc4ee669
33614b7f70dc656e50bca9e3a7a81402b526a660
7bf5e69a9b2b372a0a5c4f347c19fcc9578a47f20a190f356ce896e27ff1c340
GET /images/top_bg.png HTTP/1.1
Host: s-ilcorsaronero.theproxy2.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://s-ilcorsaronero.theproxy2.cc/css/main.css
Cookie: PHPSESSID=4o3c6qqodishb75dr54gtqgfnc
HTTP/1.1 200 OK
Date: Mon, 27 Mar 2023 17:12:48 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Access-Control-Allow-Origin: *
CF-Cache-Status: BYPASS
Set-Cookie: view=1; expires=Tue, 28-Mar-2023 17:12:48 GMT; Max-Age=86400
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c5UW%2BL3SE3TZXGJGFeP2WD38kE%2BUL2NffyUa3BJccZrB2%2F21vzQ8utjG90emaUeqiBaIB1xs0zfoW9tv%2BoDNBQZthmXCyq13aG%2B%2FGZtk3%2BRE8fOfUc0tA%2F2XZY%2FPtPem1CsGO8VJqdybtM%2BPaAzQ"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7ae942a5aeb9b509-OSL
alt-svc: h2=":443"; ma=60
s-ilcorsaronero.theproxy2.cc/images/global/menu/on_stills.gif
104.21.95.157200 OK 92 B URL HTTP/1.1 s-ilcorsaronero.theproxy2.cc/images/global/menu/on_stills.gif
IP 104.21.95.157:0
File type GIF image data, version 89a, 1 x 16\012- data
Hash 32c2d1d315dabf0803de32621daec43e
74f6488dd4b9dd18a90f9a8313da2d0c59ee7eaf
9b7fe85880cb0b65214258341f40bfcb8775670c3247dacf3a34fa78ac2c4927
GET /images/global/menu/on_stills.gif HTTP/1.1
Host: s-ilcorsaronero.theproxy2.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://s-ilcorsaronero.theproxy2.cc/css/main.css
Cookie: PHPSESSID=4o3c6qqodishb75dr54gtqgfnc
HTTP/1.1 200 OK
Date: Mon, 27 Mar 2023 17:12:48 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Access-Control-Allow-Origin: *
CF-Cache-Status: BYPASS
Set-Cookie: view=1; expires=Tue, 28-Mar-2023 17:12:48 GMT; Max-Age=86400
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O0vojFE%2BZYtJEIqBAn8mdKiBnGsl%2F8mI7MGYHUmsub0fEP10Q6pYQ48MlquLNKMDD83SjtQMC1VB1KITtcOTDxQdCBY2cyGc8wxAPDfKSLVng4RwvhM2QtOPm9Fw4HGw2XutniZoSAcj2EFYgrwh"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7ae942a5ab38069b-OSL
alt-svc: h2=":443"; ma=60
s-ilcorsaronero.theproxy2.cc/images/global/bg/top_grade.gif
104.21.95.157200 OK 462 B URL HTTP/1.1 s-ilcorsaronero.theproxy2.cc/images/global/bg/top_grade.gif
IP 104.21.95.157:0
File type GIF image data, version 89a, 15 x 275\012- data
Hash 1bbdc88aa140893e15aa988be3413f90
47b96a7973a237459deb04d9a9da53129d499b6b
dbab9249867d49a37db90214e88f48dc43e5ad661c11163cd7bfeefec79325bc
GET /images/global/bg/top_grade.gif HTTP/1.1
Host: s-ilcorsaronero.theproxy2.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://s-ilcorsaronero.theproxy2.cc/css/main.css
Cookie: PHPSESSID=4o3c6qqodishb75dr54gtqgfnc
HTTP/1.1 200 OK
Date: Mon, 27 Mar 2023 17:12:48 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Access-Control-Allow-Origin: *
CF-Cache-Status: BYPASS
Set-Cookie: view=1; expires=Tue, 28-Mar-2023 17:12:48 GMT; Max-Age=86400
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EpyCPuhXj8opjehJccBN0GcPkXgzkWr1EvgTjMLyjBXy%2BqRMS4hZOe0RXcsPsNpk7rQsjptnc%2BwvmOvQj5FckbbZTS%2B%2Bczn8OKi7dQlm74HFPiqIdlFe3dOLH84A3rdnS%2BFNe9Zf8rd8Waug%2F6as"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7ae942a5a9e0b51b-OSL
alt-svc: h2=":443"; ma=60
s-ilcorsaronero.theproxy2.cc/images/global/menu/on_audio.gif
104.21.95.157200 OK 92 B URL HTTP/1.1 s-ilcorsaronero.theproxy2.cc/images/global/menu/on_audio.gif
IP 104.21.95.157:0
File type GIF image data, version 89a, 1 x 16\012- data
Hash 60e8b6007b06a89b948fbfee60ffd40b
39894b06463c3a99300f5db7282c9604b1ba6585
ad3e24cac018065ce5c94a16238c3bec6075f8be520f859861bc5c03d70f8d34
GET /images/global/menu/on_audio.gif HTTP/1.1
Host: s-ilcorsaronero.theproxy2.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://s-ilcorsaronero.theproxy2.cc/css/main.css
Cookie: PHPSESSID=4o3c6qqodishb75dr54gtqgfnc
HTTP/1.1 200 OK
Date: Mon, 27 Mar 2023 17:12:48 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Access-Control-Allow-Origin: *
CF-Cache-Status: BYPASS
Set-Cookie: view=1; expires=Tue, 28-Mar-2023 17:12:48 GMT; Max-Age=86400
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6%2BQsy8w2%2FlqiQdoFAIhVaY62f8JnlHLklRnwN0lcNZSR3SUpv%2BnObPYsFTrNNYi1HbatAK0eLrlAw2%2Bn7ubzPSB9sWnHYYh%2F8Tn84wQVb9l%2BQokerYAap%2Bhj37bQ5HPPWws6BtZfFaJEOFsOEj4z"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7ae942a63fc8b505-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 56d72c7381344b08be112103e1b5c782
a4c58387755def675fbee69c29e661582faf2ade
8608aa7074c50ed5356aeb60c8445e5c0bdc3de4f701b8f8f5520f516ddc4c42
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8608AA7074C50ED5356AEB60C8445E5C0BDC3DE4F701B8F8F5520F516DDC4C42"
Last-Modified: Mon, 27 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14521
Expires: Mon, 27 Mar 2023 21:14:49 GMT
Date: Mon, 27 Mar 2023 17:12:48 GMT
Connection: keep-alive
s-ilcorsaronero.theproxy2.cc/images/global/menu/on_video.gif
104.21.95.157200 OK 92 B URL HTTP/1.1 s-ilcorsaronero.theproxy2.cc/images/global/menu/on_video.gif
IP 104.21.95.157:0
File type GIF image data, version 89a, 1 x 16\012- data
Hash e58783bb801d08d4f2e3bbc229dc6377
add62e1ba3e0cec936581bed3875ab13ea48f212
6b39fbd0c9b825173787fc2ee202e19775b8b0ccf4fe912d03600620eed91626
GET /images/global/menu/on_video.gif HTTP/1.1
Host: s-ilcorsaronero.theproxy2.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://s-ilcorsaronero.theproxy2.cc/css/main.css
Cookie: PHPSESSID=4o3c6qqodishb75dr54gtqgfnc
HTTP/1.1 200 OK
Date: Mon, 27 Mar 2023 17:12:48 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Access-Control-Allow-Origin: *
CF-Cache-Status: BYPASS
Set-Cookie: view=1; expires=Tue, 28-Mar-2023 17:12:48 GMT; Max-Age=86400
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mwm29rmbAp1US7hc54sryvoqAWPwyM33dLV4FCYOaeKh2qDywCgcKzecFY8YoEh13GTF%2FO11ska7hp4HgsHkqUftXqSZhEkh2QEpCCrT%2F0d3JrZg7LGnVT2mEfHdN2Ev20xI4M%2FqoD0RHbXWVXjT"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7ae942a61faab505-OSL
alt-svc: h2=":443"; ma=60
s-ilcorsaronero.theproxy2.cc/images/global/menu/on_brand.gif
104.21.95.157200 OK 92 B URL HTTP/1.1 s-ilcorsaronero.theproxy2.cc/images/global/menu/on_brand.gif
IP 104.21.95.157:0
File type GIF image data, version 89a, 1 x 16\012- data
Hash 5b90ac3653a29fe263d6279909d73cb6
bf71c5f5214449ca7ecd2d7fd9a00d1a580ea939
00e49c35782be76d3dfc2fe9975553862d98b1b7b9518c383ba3f2baab750ecb
GET /images/global/menu/on_brand.gif HTTP/1.1
Host: s-ilcorsaronero.theproxy2.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://s-ilcorsaronero.theproxy2.cc/css/main.css
Cookie: PHPSESSID=4o3c6qqodishb75dr54gtqgfnc
HTTP/1.1 200 OK
Date: Mon, 27 Mar 2023 17:12:48 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Access-Control-Allow-Origin: *
CF-Cache-Status: BYPASS
Set-Cookie: view=1; expires=Tue, 28-Mar-2023 17:12:48 GMT; Max-Age=86400
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YA34hBU8wGZ5Ipim0169ETrSQBA9v8QFpjB8pyvOqtKtANNJ8sJR%2BHPd66B5MrrhWFpM2yg%2BN095IccC6qcA8FQ3YG2cJwxgtyjkJJdgzcAx5GQ9k2CGS3hzpzt4iZj74IuSQ5p%2BM7hZaxZu324i"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7ae942a638591c16-OSL
alt-svc: h2=":443"; ma=60
heartilyscales.com/a2/86/90/a286902791a7f4c98bcb1e812322cd78.js
192.243.59.12200 OK 13 kB URL HTTP/1.1 heartilyscales.com/a2/86/90/a286902791a7f4c98bcb1e812322cd78.js
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with very long lines (37159), with no line terminators
Hash ebd10cf94c0013a7d2f70fe1e2feadac
3532e153875d5940dbcd95a7e1d4a9b15e9e6745
555b8f1901951b852ae59e23957dba055c25701e63a6108b04f07c6cf603a986
GET /a2/86/90/a286902791a7f4c98bcb1e812322cd78.js HTTP/1.1
Host: heartilyscales.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ilcorsaronero.theproxy2.cc/
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Mon, 27 Mar 2023 17:12:48 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 619f1fd17e49b5b1bbf0b8f1dde515d6
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
my.rtmark.net/gid.js
139.45.195.8200 OK 65 B IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash cd84ea52ce1bbfcc511ac4ceaa9174cc
bb258b438fc55fc150528e5b64ca3bf927ab204c
e3c5197bea4fda2b22fe7861a6415a0adb8ddbde3473e7280162dfb3d391064a
GET /gid.js HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ilcorsaronero.theproxy2.cc
Connection: keep-alive
Referer: http://ilcorsaronero.theproxy2.cc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 27 Mar 2023 17:12:48 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: http://ilcorsaronero.theproxy2.cc
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=103436852ca44d65ba1a3b5b501e1201; expires=Tue, 26 Mar 2024 17:12:48 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
s-ilcorsaronero.theproxy2.cc/images/global/menu/on_about.gif
104.21.95.157200 OK 92 B URL HTTP/1.1 s-ilcorsaronero.theproxy2.cc/images/global/menu/on_about.gif
IP 104.21.95.157:0
File type GIF image data, version 89a, 1 x 16\012- data
Hash 731c78314b2ff744ce047639082684c3
ab6034474f3406ee1434ab6528565b2b760edfcc
22c9ba4ee539f0dde299d2231ed672988975d8984bb550f223492db5409c7c38
GET /images/global/menu/on_about.gif HTTP/1.1
Host: s-ilcorsaronero.theproxy2.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://s-ilcorsaronero.theproxy2.cc/css/main.css
Cookie: PHPSESSID=4o3c6qqodishb75dr54gtqgfnc
HTTP/1.1 200 OK
Date: Mon, 27 Mar 2023 17:12:48 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Access-Control-Allow-Origin: *
CF-Cache-Status: BYPASS
Set-Cookie: view=1; expires=Tue, 28-Mar-2023 17:12:48 GMT; Max-Age=86400
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EPXxDKAycQAbRJiZPVhS7B00MtJwEY3d%2Fe0tuVH45DSfornXFWpxzn2LSfIwMQDiNWlmAKjAiwjcvNWzNcFCGyA7JmYTy6EB%2BP5wzXAaulW2JykHKjTFXHG2jtrFB9MNnhkp2lYytXZFflIrIOl6"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7ae942a72c0db51b-OSL
alt-svc: h2=":443"; ma=60
s-ilcorsaronero.theproxy2.cc/images/download.gif
104.21.95.157200 OK 120 B URL HTTP/1.1 s-ilcorsaronero.theproxy2.cc/images/download.gif
IP 104.21.95.157:0
File type GIF image data, version 89a, 9 x 11\012- data
Hash 62316e22711f0caaa7da2e529e9df0c6
2b50ae8ea9b90c31ed605508b9153aad57429d6d
6d0142599d912016a18edf7e4280b33ce0d04b3f8c6b62c5ab3dc23ebc2aad36
GET /images/download.gif HTTP/1.1
Host: s-ilcorsaronero.theproxy2.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://s-ilcorsaronero.theproxy2.cc/css/main.css
Cookie: PHPSESSID=4o3c6qqodishb75dr54gtqgfnc
HTTP/1.1 200 OK
Date: Mon, 27 Mar 2023 17:12:48 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Access-Control-Allow-Origin: *
CF-Cache-Status: BYPASS
Set-Cookie: view=1; expires=Tue, 28-Mar-2023 17:12:48 GMT; Max-Age=86400
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bq2WafIunYOPHXkFzxS%2BY2TXqyAuqD4zIUIKJYQFT%2BU4IHxZ%2Bf0XbwBaYI4N3ec8X6oAmFWl12jxqwwsDlmlYbpNdQDvgMnS1xzv1w8qanlmzuoVWn4fqFvZdLmkQ97%2B0I3cm3uXDctBajTFDt5W"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7ae942a779e9b505-OSL
alt-svc: h2=":443"; ma=60
s-ilcorsaronero.theproxy2.cc/images/global/menu/on_web.gif
104.21.95.157200 OK 92 B URL HTTP/1.1 s-ilcorsaronero.theproxy2.cc/images/global/menu/on_web.gif
IP 104.21.95.157:0
File type GIF image data, version 89a, 1 x 16\012- data
Hash 370ddf79f9b2e74ba7c294ba9066bfe5
de781d16f76b1645beec651830c074e1dce71bad
940326118895610ca4cbcbd65e3ed4d93b6d3d0548b5cfda0aca6275b4999f78
GET /images/global/menu/on_web.gif HTTP/1.1
Host: s-ilcorsaronero.theproxy2.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://s-ilcorsaronero.theproxy2.cc/css/main.css
Cookie: PHPSESSID=4o3c6qqodishb75dr54gtqgfnc
HTTP/1.1 200 OK
Date: Mon, 27 Mar 2023 17:12:48 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Access-Control-Allow-Origin: *
CF-Cache-Status: BYPASS
Set-Cookie: view=1; expires=Tue, 28-Mar-2023 17:12:48 GMT; Max-Age=86400
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1jXaMKtF2pWobHZGL%2Bso0uFfetSHjudqfDXa8Bc6eTtlALRAMY%2Flfz77p3d2alR7dT5wBoiTdxeO0fUKcOOIF2VLkS1u5IwwLEnF5MYZHHhmkHOkXec%2FE1r4K2Q4i6xaZgOS2rbkho5wg2KvIe5g"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7ae942a6e88cb509-OSL
alt-svc: h2=":443"; ma=60
s-ilcorsaronero.theproxy2.cc/images/global/menu/on.gif
104.21.95.157200 OK 92 B URL HTTP/1.1 s-ilcorsaronero.theproxy2.cc/images/global/menu/on.gif
IP 104.21.95.157:0
File type GIF image data, version 89a, 1 x 16\012- data
Hash d9f2f2309f0c7a06687bfa7302f290de
f36260e2bfe8e13e10a595db2c8b90a6638a5997
0317b74bf30d2513a3881578afb283c01458b0f5cc39554f159771b502d9137c
GET /images/global/menu/on.gif HTTP/1.1
Host: s-ilcorsaronero.theproxy2.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://s-ilcorsaronero.theproxy2.cc/css/main.css
Cookie: PHPSESSID=4o3c6qqodishb75dr54gtqgfnc
HTTP/1.1 200 OK
Date: Mon, 27 Mar 2023 17:12:48 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Access-Control-Allow-Origin: *
CF-Cache-Status: BYPASS
Set-Cookie: view=1; expires=Tue, 28-Mar-2023 17:12:48 GMT; Max-Age=86400
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FPmFYMCT5wN0gDLgAicbTpf0OAORkNRtrELTrAiy1z79INdbq6anY6jj2O9UBEV7ZtrjIVn6TJotcHv%2BELzJbnG9Eazwih1tqpE7Gyy8FcKH6CRhLx9MQ9vY6pQ%2F8JVzTmfNgARsCVXSQNR3929K"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7ae942a6fc96069b-OSL
alt-svc: h2=":443"; ma=60
glimtors.net/pfe/current/universal.min.js?v=3.1.424
139.45.197.251304 Not Modified 0 B URL HTTP/2 glimtors.net/pfe/current/universal.min.js?v=3.1.424
IP 139.45.197.251:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pfe/current/universal.min.js?v=3.1.424 HTTP/1.1
Host: glimtors.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ilcorsaronero.theproxy2.cc/
Origin: http://ilcorsaronero.theproxy2.cc
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Thu, 16 Mar 2023 15:32:57 GMT
If-None-Match: W/"641336a9-190ac"
TE: trailers
HTTP/2 304 Not Modified
server: nginx
date: Mon, 27 Mar 2023 17:12:48 GMT
last-modified: Thu, 16 Mar 2023 15:32:57 GMT
etag: "641336a9-190ac"
access-control-allow-origin: http://ilcorsaronero.theproxy2.cc
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
X-Firefox-Spdy: h2
glimtors.net/zone?pub=0&zone_id=2651991&is_mobile=false&domain=ilcorsaronero.theproxy2.cc&var=&ymid=&var_3=
139.45.197.251200 OK 880 B URL HTTP/2 glimtors.net/zone?pub=0&zone_id=2651991&is_mobile=false&domain=ilcorsaronero.theproxy2.cc&var=&ymid=&var_3=
IP 139.45.197.251:0
File type JSON data\012- , ASCII text, with very long lines (879)
Hash 6049c0d843bc5fd5b99f894a5be097d3
991716ac382195113bb6b6254ee69ce02df4b851
f503653a8d4cdbeab7ecdee4ee5a236b6a9351cc54bc8fc6b191dc39b64d6346
GET /zone?pub=0&zone_id=2651991&is_mobile=false&domain=ilcorsaronero.theproxy2.cc&var=&ymid=&var_3= HTTP/1.1
Host: glimtors.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ilcorsaronero.theproxy2.cc/
Origin: http://ilcorsaronero.theproxy2.cc
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 27 Mar 2023 17:12:48 GMT
content-type: application/json; charset=utf-8
content-length: 880
x-trace-id: 5b25f660278a8e6f15432afd022e0904
access-control-allow-origin: http://ilcorsaronero.theproxy2.cc
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
glimtors.net/pfe/current/universal.min.js?v=3.1.424
139.45.197.251200 OK 34 kB URL HTTP/2 glimtors.net/pfe/current/universal.min.js?v=3.1.424
IP 139.45.197.251:0
Hash 62526a74b03f7f6ef2a9200caa89707a
ffb1e081b5cd902b34dd3db636e932cdcbef26f8
ff5eb2b3727e1f2a27e4e1bf9415f8ce7af693deb0dfb403ed280a2a44911f84
GET /pfe/current/universal.min.js?v=3.1.424 HTTP/1.1
Host: glimtors.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ilcorsaronero.theproxy2.cc/
Origin: http://ilcorsaronero.theproxy2.cc
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 27 Mar 2023 17:12:48 GMT
content-type: application/javascript
last-modified: Thu, 16 Mar 2023 15:32:57 GMT
etag: W/"641336a9-190ac"
access-control-allow-origin: http://ilcorsaronero.theproxy2.cc
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
s-ilcorsaronero.theproxy2.cc/images/global/menu/on_contact.gif
104.21.95.157200 OK 92 B URL HTTP/1.1 s-ilcorsaronero.theproxy2.cc/images/global/menu/on_contact.gif
IP 104.21.95.157:0
File type GIF image data, version 89a, 1 x 16\012- data
Hash 52fea8be5cce9a916f57761e7da8d4a8
e1298b1d00abcba7867a112e7bfaaa3347b5a0da
2b9d8d50e58ca2a6b64b96d5cba28a19766c762ae17f8d4c049a2a315305dd88
GET /images/global/menu/on_contact.gif HTTP/1.1
Host: s-ilcorsaronero.theproxy2.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://s-ilcorsaronero.theproxy2.cc/css/main.css
Cookie: PHPSESSID=4o3c6qqodishb75dr54gtqgfnc
HTTP/1.1 200 OK
Date: Mon, 27 Mar 2023 17:12:48 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Access-Control-Allow-Origin: *
CF-Cache-Status: BYPASS
Set-Cookie: view=1; expires=Tue, 28-Mar-2023 17:12:48 GMT; Max-Age=86400
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dODUymnAZYANyQodh5hdR44yOgMHip7ksQ3zeNmE%2B%2BH%2BmUPHH6NzGUGgA1x8ePH7iR57%2Bh7e0ig8ST9XrHyI6isnRh%2FaEvt8T4OdgKNm1ip8hsxcyJIPgdjEYokLYhA8d89SqZK2qKiCVUr2yfB7"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7ae942a769c4b505-OSL
alt-svc: h2=":443"; ma=60
s-ilcorsaronero.theproxy2.cc/images/mu.gif
104.21.95.157200 OK 2.3 kB URL HTTP/1.1 s-ilcorsaronero.theproxy2.cc/images/mu.gif
IP 104.21.95.157:0
File type GIF image data, version 89a, 124 x 27\012- data
Hash e5b00a667467b4a869462b9ccbf72404
dedfe6e6fea8bea6bca5f7d4311ffdbba861ac10
d2fc0a32dc4cf0c819565960caf95dc1db64474ab468a9494160a3290c88ad70
GET /images/mu.gif HTTP/1.1
Host: s-ilcorsaronero.theproxy2.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ilcorsaronero.theproxy2.cc/
HTTP/1.1 200 OK
Date: Mon, 27 Mar 2023 17:12:48 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Access-Control-Allow-Origin: *
CF-Cache-Status: BYPASS
Set-Cookie: view=1; expires=Tue, 28-Mar-2023 17:12:48 GMT; Max-Age=86400
PHPSESSID=jdr2tb6b1up3fgbgh854oruvar; path=/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9naadH5adEblwTGmWvtRnKHqHilKVVq3DBTkFUSSh%2F6cm3hJpUfAoB0tD7hPkYpyo9HY4Z7HcfdA7C99sdOS%2B6OU4kmHRRPjyEB5z4cXIdJma2splRUWwUsiCoVpqoMTkSQXpxUVIqmTMCVBbcZR"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7ae942a83dc3069b-OSL
alt-svc: h2=":443"; ma=60
benumelan.com/5/2632704
139.45.197.239200 OK 23 kB IP 139.45.197.239:0
File type ASCII text, with very long lines (60900), with no line terminators
Hash c00a8ee056bfed51c3f55ec7a10e97da
02d9870de756766ee04b47414769af0c1a4354b7
142a5e9046e6a0586c4183787c9e87d5a0dad0af63276bd2cc2babe994e9986d
GET /5/2632704 HTTP/1.1
Host: benumelan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ilcorsaronero.theproxy2.cc/
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 27 Mar 2023 17:12:48 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: f53a94db7d97831442c30180a2f9dd1b
Link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Access-Control-Max-Age: 86400
Timing-Allow-Origin: *
Set-Cookie: OAID=03c2233bcfd14a77b8707dfa8bafb68b; expires=Tue, 26 Mar 2024 17:12:48 GMT; path=/
oaidts=1679937168; expires=Tue, 26 Mar 2024 17:12:48 GMT; path=/
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
Pragma: no-cache, no-cache
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
Content-Encoding: gzip
s-ilcorsaronero.theproxy2.cc/images/h_logo4.svg
104.21.95.157200 OK 3.3 kB URL HTTP/1.1 s-ilcorsaronero.theproxy2.cc/images/h_logo4.svg
IP 104.21.95.157:0
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 18ae0c25f4885c778d13a899ec7449b8
040aec9d0511889dfe95ec9825bcc958e80857db
8506004ce037c969a2edde3f897f76364a5d03e5d31c8764de12b9cf5966133c
GET /images/h_logo4.svg HTTP/1.1
Host: s-ilcorsaronero.theproxy2.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ilcorsaronero.theproxy2.cc/
HTTP/1.1 200 OK
Date: Mon, 27 Mar 2023 17:12:48 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Access-Control-Allow-Origin: *
CF-Cache-Status: BYPASS
Set-Cookie: view=1; expires=Tue, 28-Mar-2023 17:12:48 GMT; Max-Age=86400
PHPSESSID=d5i4g3gk496r1jdggl0dl8rbmf; path=/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4NVfKPyEA7YEhdsTG4yQ0%2BC%2F%2FNLpuNGsilZuEOxfLOwVuAMrm8zsrdIhpZvp8zlY13YZGoWPggGWfgFACChBh8uybAJJWI3PN4e0GsB2WqtZz43%2BS5h37iZhEKaPv%2FSkLBZkJ4%2BKwgb1RFskD%2FXR"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7ae942a7fd41b51b-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
s-ilcorsaronero.theproxy2.cc/images/arrow-desc.png
104.21.95.157200 OK 131 B URL HTTP/1.1 s-ilcorsaronero.theproxy2.cc/images/arrow-desc.png
IP 104.21.95.157:0
File type PNG image data, 11 x 6, 8-bit/color RGBA, non-interlaced\012- data
Hash f253b93e8cedcd285138ec1ba61da6d4
6dc4f538a3b10949ec986ce1acdbe0d72c6fc12b
0de73bbc7d0a43ddaa04da3d805de602821f7dde3f174015c9a69222f92b8571
GET /images/arrow-desc.png HTTP/1.1
Host: s-ilcorsaronero.theproxy2.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ilcorsaronero.theproxy2.cc/
HTTP/1.1 200 OK
Date: Mon, 27 Mar 2023 17:12:48 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Access-Control-Allow-Origin: *
CF-Cache-Status: BYPASS
Set-Cookie: view=1; expires=Tue, 28-Mar-2023 17:12:48 GMT; Max-Age=86400
PHPSESSID=ijf0671v2tnm1hi16jdg44jkll; path=/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yfmoBR%2B8E4VEziUNMd5UwLtbzfMgNhkM2%2Bx7Nv%2BC2QRsy%2BzTIbj0AOzoz8b6A%2Fy0S0LZyMgdw9gyIfzbwuOlQvzVt%2FadsHYTatCIxE76YHPOTiMvORFzFHpvvWkBvJlsSaK8Co15WAJDyLy6dZiR"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7ae942a81ad1b505-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1446273cc8ad583c66033dd6a331adb2
2275f99d197933f313f88e20b32783d0d52731ac
080389d1d3f136204e01c19bd2b602d3ebfbf0169f16decc4d32dfaa898e6ee6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "080389D1D3F136204E01C19BD2B602D3EBFBF0169F16DECC4D32DFAA898E6EE6"
Last-Modified: Mon, 27 Mar 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11257
Expires: Mon, 27 Mar 2023 20:20:25 GMT
Date: Mon, 27 Mar 2023 17:12:48 GMT
Connection: keep-alive
s-ilcorsaronero.theproxy2.cc/images/details.gif
104.21.95.157200 OK 82 B URL HTTP/1.1 s-ilcorsaronero.theproxy2.cc/images/details.gif
IP 104.21.95.157:0
File type GIF image data, version 89a, 12 x 13\012- data
Hash 2a22c9c6b3b21659a7923b05bdcab066
f1c9253b0444867fb9ae427e6ca061c513b8b70d
4b85658183a2016b229c09c48a96e5b8f4ebea6b3ccfb08dc8d1ccf8f71a67f4
GET /images/details.gif HTTP/1.1
Host: s-ilcorsaronero.theproxy2.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ilcorsaronero.theproxy2.cc/
HTTP/1.1 200 OK
Date: Mon, 27 Mar 2023 17:12:48 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Access-Control-Allow-Origin: *
CF-Cache-Status: BYPASS
Set-Cookie: view=1; expires=Tue, 28-Mar-2023 17:12:48 GMT; Max-Age=86400
PHPSESSID=k4f2a2k88qto11o5ks0i2vo70h; path=/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B%2B40PNh22Uklw7wz7wUMkBc8R68u%2F%2Fnod3LIi%2Fex4GFEcYqKdUQPXIdBp6voTpeGa6OwFB6VOd2ozRjXW1s0GjbsNeNrwnrC5ELk%2FyGlztBQ3cf2Ce%2F4uISBQ3WWIxnFclcNwld%2FUHoSPdSagWfx"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7ae942a82a85b509-OSL
alt-svc: h2=":443"; ma=60
thaudray.com/5/2632704/?oo=1&aab=1
139.45.197.237200 OK 97 B URL HTTP/1.1 thaudray.com/5/2632704/?oo=1&aab=1
IP 139.45.197.237:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 1e8c62dd42017761668b2a81aeb5e2cd
fbe4e4b5f62d7c666f67a62ab3eeaa7834fb2911
978bde27b11c7bc75c0b4e4f65326c9eb3c2801a0908115ee3bc249ddac932da
GET /5/2632704/?oo=1&aab=1 HTTP/1.1
Host: thaudray.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://ilcorsaronero.theproxy2.cc
Connection: keep-alive
Referer: http://ilcorsaronero.theproxy2.cc/
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 27 Mar 2023 17:12:48 GMT
Content-Type: application/json
Content-Length: 97
Connection: keep-alive
X-Trace-Id: 44fe8427f070e5efa37d59ca0b518f25
Link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
Access-Control-Allow-Origin: http://ilcorsaronero.theproxy2.cc
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Access-Control-Max-Age: 86400
Timing-Allow-Origin: *
Set-Cookie: OAID=4ea573f8185143029fe54c76b329ecd2; expires=Tue, 26 Mar 2024 17:12:48 GMT; path=/
oaidts=1679937168; expires=Tue, 26 Mar 2024 17:12:48 GMT; path=/
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
Pragma: no-cache, no-cache
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
thaudray.com/tag.min.js
139.45.197.237200 OK 25 kB IP 139.45.197.237:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 65e2a1717d5f91468c30357da9df4716
71ce672d2d0be1cff51d257d8c2f4dd18ea366da
afd80dde11f49ffffd7b7b2e2e214e6b71bd40db266360684dc73c955bae453f
GET /tag.min.js HTTP/1.1
Host: thaudray.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ilcorsaronero.theproxy2.cc/
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 27 Mar 2023 17:12:48 GMT
Content-Type: text/javascript; charset=utf-8
Content-Length: 24941
Connection: keep-alive
Content-Encoding: gzip
X-Trace-Id: f157b8868c84996c335c75035ecb56f5
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0
Accept-Ranges: bytes
Last-Modified: Thu, 23 Mar 2023 11:57:06 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Access-Control-Max-Age: 86400
Pragma: no-cache
Expires: Tue, 11 Jan 1994 10:00:00 GMT
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Timing-Allow-Origin: *, *
ilcorsaronero.theproxy2.cc/
104.21.95.157200 OK 0 B URL HTTP/1.1 ilcorsaronero.theproxy2.cc/
IP 104.21.95.157:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
HEAD / HTTP/1.1
Host: ilcorsaronero.theproxy2.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ilcorsaronero.theproxy2.cc/
Cookie: view=1; PHPSESSID=tvrvfrsmd1lmjsi7fhjui2ja7l
HTTP/1.1 200 OK
Date: Mon, 27 Mar 2023 17:12:48 GMT
Connection: keep-alive
Set-Cookie: view=1; expires=Tue, 28-Mar-2023 17:12:48 GMT; Max-Age=86400
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Access-Control-Allow-Origin: *
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aH4bgsCSJTwsmqGSPG53cNF47xkNFbE9ZaBK0YdhMWEnwwU3IjFVhEVBIuEFg%2BPUqm1lc8NSXHZcaCGct31dcr6ReRAZk9dgelkb0Z6nIBsAot6OX0gjSqlT3ZYsQx6JEcHlalwen8vi49%2F0Tw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7ae942a91cfa0afa-OSL
alt-svc: h2=":443"; ma=60
rndskittytor.com/400/4837723
139.45.197.238200 OK 31 kB URL HTTP/1.1 rndskittytor.com/400/4837723
IP 139.45.197.238:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash abf99e0093d1b6ab3320c11030e1bb37
563b90677aa4ae800a16abef7571eb83edd78e95
41e48868d46673ef60c9b91562660e5d3682843d3f4b53adfa8977748318e8a9
GET /400/4837723 HTTP/1.1
Host: rndskittytor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ilcorsaronero.theproxy2.cc/
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 27 Mar 2023 17:12:48 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: ddde6805d235f8329dd1e9c3c9ab4486
Expires: Tue, 11 Jan 1994 10:00:00 GMT
Cache-Control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Pragma: no-cache
Vary: Origin
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Link
Access-Control-Allow-Credentials: true
Set-Cookie: OAID=ab0282ced1ea4facb6e1e2283d9f438b; expires=Tue, 26 Mar 2024 17:12:48 GMT; path=/; secure; SameSite=None
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Timing-Allow-Origin: *, *
Content-Encoding: gzip
ocsp.r2m01.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m01.amazontrust.com/
IP 54.230.80.227:0
Hash acdc236791c946a8550cdba0ec22d106
905d07e5a8976958c441f8e6a6b0d1d8b43c9af7
d1bbb271ecfe6c582aab9e5277af486b797e63614986c55e42b009bfd15ce03b
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=89632
Date: Mon, 27 Mar 2023 17:12:48 GMT
Etag: "64207357-1d7"
Expires: Tue, 28 Mar 2023 18:06:40 GMT
Last-Modified: Sun, 26 Mar 2023 16:31:19 GMT
Server: ECAcc (bsa/EA8F)
X-Cache: Miss from cloudfront
Via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 67E-J-xAdhEsoM4IMILDrXeTjNE5U_8Eio1Xxd74FwWV4QuA7mGUdA==
Age: 5721
matomo.hellohi.me/matomo.js
188.114.97.1200 OK 50 kB URL HTTP/2 matomo.hellohi.me/matomo.js
IP 188.114.97.1:0
File type ASCII text, with very long lines (1601)
Hash 6d5b01148b99c9065da31535edf398a1
3f135d8362595420f1b12543883885768c459cb3
8e779b942ca36a67648b8fd96c1890b42375e987d70e97775b6878cab44f9bc7
GET /matomo.js HTTP/1.1
Host: matomo.hellohi.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ilcorsaronero.theproxy2.cc/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 27 Mar 2023 17:12:48 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Tue, 07 Feb 2023 06:02:31 GMT
etag: W/"63e1e977-10132"
expires: Mon, 27 Mar 2023 18:11:37 GMT
cache-control: public, max-age=14400
pragma: public
cf-cache-status: HIT
age: 71
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OQUU%2F3fALDMwDUBJPd8%2B%2FztWWoIN7%2BU%2FX16kOi7WHJGLjwF%2B59vi1OUghFUppA%2FjKQ4e3THbJfZ7MzscxSVaFeIBzLOb7X6fgAiw7%2BDwp0nEkn9CPzvswvaHQCXzlOs3TsUa6w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ae942a8a81f1c06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
18.194.180.164200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 18.194.180.164:0
File type ASCII text, with no line terminators
Hash f6dde65507ea0c24eb8980ffce376cf4
31cdbc647a9d380ddf590fb8e6bd6bca47cd0f4f
9801b3a3e2db1cfbd34865285e40c3ca148f8c8dc28637a9679b1b24e25e3ccd
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ilcorsaronero.theproxy2.cc
Connection: keep-alive
Referer: http://ilcorsaronero.theproxy2.cc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 27 Mar 2023 17:12:48 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: http://ilcorsaronero.theproxy2.cc
access-control-allow-credentials: true
set-cookie: uid_id2=a38f4d5e-aa97-40fd-b43b-06b02d09f435:1:1; expires=Thu, 24 Mar 2033 17:12:48 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
overzubatan.com/5/2632704
139.45.197.239200 OK 23 kB URL HTTP/1.1 overzubatan.com/5/2632704
IP 139.45.197.239:0
File type ASCII text, with very long lines (60902), with no line terminators
Hash 3baa6f19d82075b9c597450d33085e9a
4df58419f4be88fb32544d258b93271627bee576
35cbcedad39bbae1f9c028ac0b7b4eae546c0550554f7cb5dfca4731a59f5222
GET /5/2632704 HTTP/1.1
Host: overzubatan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ilcorsaronero.theproxy2.cc/
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 27 Mar 2023 17:12:49 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: 9cdc40338cf135dfc9af51690f6bc32f
Link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Access-Control-Max-Age: 86400
Timing-Allow-Origin: *
Set-Cookie: OAID=cda64cd843934477be666d1342f4a313; expires=Tue, 26 Mar 2024 17:12:49 GMT; path=/
oaidts=1679937169; expires=Tue, 26 Mar 2024 17:12:49 GMT; path=/
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
Pragma: no-cache, no-cache
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
Content-Encoding: gzip
matomo.hellohi.me/matomo.php?action_name=ilcorsaronero.theproxy2.cc%20-%20iTALiAN%20Torrent%20Search%20Engine&idsite=1&rec=1&r=632288&h=17&m=13&s=7&url=http%3A%2F%2Filcorsaronero.theproxy2.cc%2F&_id=1bc19817429fc369&_idn=1&send_image=0&_refts=0&cookie=1&res=1280x1024&pv_id=5lljLY&pf_net=15&pf_srv=191&pf_tfr=154&pf_dm1=1257&uadata=%7B%7D
188.114.97.1301 Moved Permanently 169 B URL HTTP/1.1 matomo.hellohi.me/matomo.php?action_name=ilcorsaronero.theproxy2.cc%20-%20iTALiAN%20Torrent%20Search%20Engine&idsite=1&rec=1&r=632288&h=17&m=13&s=7&url=http%3A%2F%2Filcorsaronero.theproxy2.cc%2F&_id=1bc19817429fc369&_idn=1&send_image=0&_refts=0&cookie=1&res=1280x1024&pv_id=5lljLY&pf_net=15&pf_srv=191&pf_tfr=154&pf_dm1=1257&uadata=%7B%7D
IP 188.114.97.1:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash f3099a531821c476589c3d2d00d53772
8e539d05a8355d6835a56f94b75f405c6e55f6f3
a5287e1cf9fe9dc106bd2172a5b175c7833427866b7819872b1b6fa34b66daef
POST /matomo.php?action_name=ilcorsaronero.theproxy2.cc%20-%20iTALiAN%20Torrent%20Search%20Engine&idsite=1&rec=1&r=632288&h=17&m=13&s=7&url=http%3A%2F%2Filcorsaronero.theproxy2.cc%2F&_id=1bc19817429fc369&_idn=1&send_image=0&_refts=0&cookie=1&res=1280x1024&pv_id=5lljLY&pf_net=15&pf_srv=191&pf_tfr=154&pf_dm1=1257&uadata=%7B%7D HTTP/1.1
Host: matomo.hellohi.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=utf-8
Content-Length: 0
Origin: http://ilcorsaronero.theproxy2.cc
Connection: keep-alive
Referer: http://ilcorsaronero.theproxy2.cc/
HTTP/1.1 301 Moved Permanently
Date: Mon, 27 Mar 2023 17:12:49 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://matomo.hellohi.me/matomo.php?action_name=ilcorsaronero.theproxy2.cc%20-%20iTALiAN%20Torrent%20Search%20Engine&idsite=1&rec=1&r=632288&h=17&m=13&s=7&url=http%3A%2F%2Filcorsaronero.theproxy2.cc%2F&_id=1bc19817429fc369&_idn=1&send_image=0&_refts=0&cookie=1&res=1280x1024&pv_id=5lljLY&pf_net=15&pf_srv=191&pf_tfr=154&pf_dm1=1257&uadata=%7B%7D
Referrer-Policy: origin
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h%2FNu4ikm5ob6Pavjyyq%2F7f0XxARCNOSFCi83N%2Fcijwr5Ccaq8Ilec3dSWjxUEO1pRmYspttAR2QC5XfXhZUeTXMZqS%2FvW779lqOl9Kv%2FT5ImMCLFz%2FvyzWzkVulYCm9mfZooBg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7ae942aa5dbfb51e-OSL
alt-svc: h2=":443"; ma=60
tzegilo.com/stattag.js
104.21.89.122200 OK 7.3 kB IP 104.21.89.122:0
File type ASCII text, with very long lines (17431), with no line terminators
Hash 16a98c95d7b9fa8628eef2fad71d2f60
bf372da2062174792f9bedc0c83f6caf960e6172
c923f76e0b969b5e36ec488fa7ee5b072de8e433d94f126ca7f83687d41570a3
GET /stattag.js HTTP/1.1
Host: tzegilo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ilcorsaronero.theproxy2.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 27 Mar 2023 17:12:48 GMT
content-type: application/javascript
last-modified: Mon, 06 Mar 2023 09:50:04 GMT
etag: W/"6405b74c-4417"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 6310
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OE%2B0BHEIH%2BHV532XZgOXzJMWU6a7UY%2FhuHI8R7%2B02XzRI1edGBOLI0QF%2FmtpkXS15AwsQPI16%2F%2Bv40Kt9Vp1c4mZtzHOfSUoq2hr6Dlgyj1vA3d0ibernfZ0r0iDgg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ae942a8ce83b4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.globalsign.com/gseccovsslca2018
104.18.21.226200 OK 939 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.21.226:0
Hash e792170a6161bec9eb61f2b4f3ef56d6
067d08e08ac9b5bafda2bc6a6086b1a207fbecea
817fdd6f275d83acfab0934a4c811d31ec7a78910b6cd4a82c405ac50545eac4
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 27 Mar 2023 17:12:49 GMT
Content-Type: application/ocsp-response
Content-Length: 939
Connection: keep-alive
Expires: Fri, 31 Mar 2023 14:50:41 GMT
ETag: "067d08e08ac9b5bafda2bc6a6086b1a207fbecea"
Last-Modified: Mon, 27 Mar 2023 14:50:42 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1822
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7ae942ab8bc8b4f7-OSL
s-ilcorsaronero.theproxy2.cc/favicon.ico
104.21.95.157200 OK 721 B URL HTTP/1.1 s-ilcorsaronero.theproxy2.cc/favicon.ico
IP 104.21.95.157:0
File type MS Windows icon resource - 1 icon, 16x16\012- data
Hash c74351ed349898842df7dbf66f7df226
2290736cd7e62148d56ae66bbfc1e6e9f56f1e17
c31ba887755bea74b2fcd671f907243f6ad44a25ecfe069a25bc1f88be99d662
GET /favicon.ico HTTP/1.1
Host: s-ilcorsaronero.theproxy2.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ilcorsaronero.theproxy2.cc/
Cookie: PHPSESSID=k4f2a2k88qto11o5ks0i2vo70h
HTTP/1.1 200 OK
Date: Mon, 27 Mar 2023 17:12:49 GMT
Content-Type: image/vnd.microsoft.icon
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Access-Control-Allow-Origin: *
CF-Cache-Status: BYPASS
Set-Cookie: view=1; expires=Tue, 28-Mar-2023 17:12:49 GMT; Max-Age=86400
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uWmlFBtRpJ0l8i%2FRYyKdbUoTZv4oz%2FzBEM6G6m60Lp53sXM9HP%2Bq4v4YiWoaiK6ZfCDdm6nIvE3ZfJeQvYhLRme28dZxT4lDMU%2FjHGF%2Fn%2BjUc1Ib8brBlmaY9jzmsgcm41Lmd1OeoYz8kaLxbgmG"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7ae942aafe97b509-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 4815628c55d322a7557a4e04b69645bc
c0ec9303f52cead265b7fc4159e1ded942124761
6bc4acec394c9b308dc6faa9a4500486df1fa7b6983eabb97b9fdefd5ebcc37a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 27 Mar 2023 17:12:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
benumelan.com/1?z=3372123&oo=1&oaid=y3pp747610yh710878587j8b1twit475
139.45.197.239200 OK 903 B URL HTTP/2 benumelan.com/1?z=3372123&oo=1&oaid=y3pp747610yh710878587j8b1twit475
IP 139.45.197.239:0
File type JSON data\012- , ASCII text, with very long lines (903), with no line terminators
Hash f045e30c75280524fcbd748466f713f8
4b325818502303c3bc1fbc17b5849ca7aaab0719
31c90be306100fb80f542a1cd9428486227afb221f4ac42d8281b49abb55881e
GET /1?z=3372123&oo=1&oaid=y3pp747610yh710878587j8b1twit475 HTTP/1.1
Host: benumelan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ilcorsaronero.theproxy2.cc
Connection: keep-alive
Referer: http://ilcorsaronero.theproxy2.cc/
Cookie: scm=1; OAID=4193ebcf04134528be59d33f794f09fd; oaidts=1679937168
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 27 Mar 2023 17:12:49 GMT
content-type: application/json
content-length: 903
access-control-allow-credentials: true
access-control-allow-origin: http://ilcorsaronero.theproxy2.cc
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID
x-trace-id: a8e2c10609e92b5f592dead62a9377c0
access-control-expose-headers: X-Sc
set-cookie: OAID=y3pp747610yh710878587j8b1twit475; expires=Tue, 26 Mar 2024 17:12:49 GMT; secure; SameSite=None
oaidts=1679937168; expires=Tue, 26 Mar 2024 17:12:49 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
my.rtmark.net/gid.js?userId=y3pp747610yh710878587j8b1twit475
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?userId=y3pp747610yh710878587j8b1twit475
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash cd84ea52ce1bbfcc511ac4ceaa9174cc
bb258b438fc55fc150528e5b64ca3bf927ab204c
e3c5197bea4fda2b22fe7861a6415a0adb8ddbde3473e7280162dfb3d391064a
GET /gid.js?userId=y3pp747610yh710878587j8b1twit475 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ilcorsaronero.theproxy2.cc
Connection: keep-alive
Referer: http://ilcorsaronero.theproxy2.cc/
Cookie: ID=103436852ca44d65ba1a3b5b501e1201
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 27 Mar 2023 17:12:49 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: http://ilcorsaronero.theproxy2.cc
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=103436852ca44d65ba1a3b5b501e1201; expires=Tue, 26 Mar 2024 17:12:49 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
mc.yandex.ru/metrika/tag.js
77.88.21.119200 OK 74 kB URL HTTP/2 mc.yandex.ru/metrika/tag.js
IP 77.88.21.119:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (659)
Hash a9326ffae8343d00c2908794734a004a
234737cf0fabcd62477257fde669fabbe343b2c1
7559265023cf9727da205b2d7f850814a5e7d7b98ed9eb50e279c6eddcdda1dd
GET /metrika/tag.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ilcorsaronero.theproxy2.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 74025
date: Mon, 27 Mar 2023 17:12:49 GMT
access-control-allow-origin: *
etag: "64216024-12129"
expires: Mon, 27 Mar 2023 18:12:49 GMT
last-modified: Mon, 27 Mar 2023 12:21:40 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: max-age=3600
content-type: application/javascript
content-encoding: br
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1eabfede667c12ccb4251b0ae449eb53
cd3ba2e2c3488eac9d6948946b0a640e51933fbf
a0312976fe9d18c5b805b78a6bbab40a539792f643d5669e3fb6e23d12449267
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A0312976FE9D18C5B805B78A6BBAB40A539792F643D5669E3FB6E23D12449267"
Last-Modified: Mon, 27 Mar 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11763
Expires: Mon, 27 Mar 2023 20:28:52 GMT
Date: Mon, 27 Mar 2023 17:12:49 GMT
Connection: keep-alive
inpagepush.com/500/3064505?excludes=&oaid=y3pp747610yh710878587j8b1twit475&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&pl=http%3A%2F%2Filcorsaronero.theproxy2.cc%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.237200 OK 1.0 kB URL HTTP/1.1 inpagepush.com/500/3064505?excludes=&oaid=y3pp747610yh710878587j8b1twit475&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&pl=http%3A%2F%2Filcorsaronero.theproxy2.cc%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.237:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (1258), with no line terminators
Hash 48793ebcf3cdd39a0ea9ad715b2a0a8d
f0de0516731b389d5f6be3f01c74ecab94f3b999
b07fa8bacebe055cd099d6e96b535f17aa34d0b65fd128516cb318c09f87be27
GET /500/3064505?excludes=&oaid=y3pp747610yh710878587j8b1twit475&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&pl=http%3A%2F%2Filcorsaronero.theproxy2.cc%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: inpagepush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/json
Origin: http://ilcorsaronero.theproxy2.cc
Connection: keep-alive
Referer: http://ilcorsaronero.theproxy2.cc/
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 27 Mar 2023 17:12:49 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: eadfdc74da332aeb0f432468c13d2708
Expires: Tue, 11 Jan 1994 10:00:00 GMT
Cache-Control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Pragma: no-cache
Vary: Origin
Access-Control-Allow-Origin: http://ilcorsaronero.theproxy2.cc
Access-Control-Expose-Headers: Link
Access-Control-Allow-Credentials: true
Set-Cookie: OAID=y3pp747610yh710878587j8b1twit475; expires=Tue, 26 Mar 2024 17:12:49 GMT; path=/; secure; SameSite=None
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Timing-Allow-Origin: *, *
Content-Encoding: gzip
cdn.itskiddien.club/?rb=5c3-Y86wDkx8E8rN3ZyAIMofMGiwwTBZqHLG8JHZevzmlDuzB3Fq-ThpfyOTElG4i4qT-2c_M7UU9dYHqgTl3kX5CUIHohv4i_JgUwPBeRlad3ndT-tTEPXhg1B-p-TUqmSqF7N7uBPzi4rvOv_0gwEGm9nJ5lQqsKQhYarifYUk6DPsOZtfINcpWgwBGJG3YW4JU-Ntg-7Xy9mlbcSPS5mn7BuRdcKgty1vNkpkZaxzMhnP4oybEv2A4VM%3D&request_ab2=0&zoneid=3388548&js_build=iclick-v1.511.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=1&pl=http%3A%2F%2Filcorsaronero.theproxy2.cc%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.511.0&bs=e8231a73-f755-4331-9afb-2f6bcace113f&userId=y3pp747610yh710878587j8b1twit475&m=link
139.45.197.236200 OK 1.4 kB URL HTTP/1.1 cdn.itskiddien.club/?rb=5c3-Y86wDkx8E8rN3ZyAIMofMGiwwTBZqHLG8JHZevzmlDuzB3Fq-ThpfyOTElG4i4qT-2c_M7UU9dYHqgTl3kX5CUIHohv4i_JgUwPBeRlad3ndT-tTEPXhg1B-p-TUqmSqF7N7uBPzi4rvOv_0gwEGm9nJ5lQqsKQhYarifYUk6DPsOZtfINcpWgwBGJG3YW4JU-Ntg-7Xy9mlbcSPS5mn7BuRdcKgty1vNkpkZaxzMhnP4oybEv2A4VM%3D&request_ab2=0&zoneid=3388548&js_build=iclick-v1.511.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=1&pl=http%3A%2F%2Filcorsaronero.theproxy2.cc%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.511.0&bs=e8231a73-f755-4331-9afb-2f6bcace113f&userId=y3pp747610yh710878587j8b1twit475&m=link
IP 139.45.197.236:0
File type JSON data\012- , ASCII text, with very long lines (1713), with no line terminators
Hash 6f6a096109922472fdeee37f7a4fd4ea
9caaef32ef1c0860fb1b2675efdc364b96bf8bf9
08b27830889275ad773b0e26364fe912e2c285319386e040aeca0b73f494af33
GET /?rb=5c3-Y86wDkx8E8rN3ZyAIMofMGiwwTBZqHLG8JHZevzmlDuzB3Fq-ThpfyOTElG4i4qT-2c_M7UU9dYHqgTl3kX5CUIHohv4i_JgUwPBeRlad3ndT-tTEPXhg1B-p-TUqmSqF7N7uBPzi4rvOv_0gwEGm9nJ5lQqsKQhYarifYUk6DPsOZtfINcpWgwBGJG3YW4JU-Ntg-7Xy9mlbcSPS5mn7BuRdcKgty1vNkpkZaxzMhnP4oybEv2A4VM%3D&request_ab2=0&zoneid=3388548&js_build=iclick-v1.511.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=1&pl=http%3A%2F%2Filcorsaronero.theproxy2.cc%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.511.0&bs=e8231a73-f755-4331-9afb-2f6bcace113f&userId=y3pp747610yh710878587j8b1twit475&m=link HTTP/1.1
Host: cdn.itskiddien.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ilcorsaronero.theproxy2.cc/
Origin: http://ilcorsaronero.theproxy2.cc
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 27 Mar 2023 17:12:49 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: 266ac9aaed2ad9adc49c67675b22201b
Access-Control-Allow-Origin: http://ilcorsaronero.theproxy2.cc
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Access-Control-Max-Age: 86400
Pragma: no-cache
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 11 Jan 1994 10:00:00 GMT
Set-Cookie: OAID=y3pp747610yh710878587j8b1twit475; expires=Tue, 26 Mar 2024 17:12:49 GMT; path=/
oaidts=1679937169; expires=Tue, 26 Mar 2024 17:12:49 GMT; path=/
syncedCookie=true; expires=Mon, 03 Apr 2023 17:12:49 GMT; path=/
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Timing-Allow-Origin: *, *
Content-Encoding: gzip
benumelan.com/5/2632704/?abt_opts=1&js_build=iclick-v1.511.0&userId=y3pp747610yh710878587j8b1twit475
139.45.197.239200 OK 1.9 kB URL HTTP/2 benumelan.com/5/2632704/?abt_opts=1&js_build=iclick-v1.511.0&userId=y3pp747610yh710878587j8b1twit475
IP 139.45.197.239:0
Hash 822972c68313c081d195a133ced89e0c
85261301892b790f6386be650bf600c8658a93b7
196a22d99f307664b0f4a8d01da8ca4ec1ae19afdbed241a83c7d7860c0e24a9
GET /5/2632704/?abt_opts=1&js_build=iclick-v1.511.0&userId=y3pp747610yh710878587j8b1twit475 HTTP/1.1
Host: benumelan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ilcorsaronero.theproxy2.cc
Connection: keep-alive
Referer: http://ilcorsaronero.theproxy2.cc/
Cookie: scm=1; OAID=y3pp747610yh710878587j8b1twit475; oaidts=1679937168
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 27 Mar 2023 17:12:49 GMT
content-type: application/json
x-trace-id: c2bf0b37deaf77a23e7326cd57c900c9
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: http://ilcorsaronero.theproxy2.cc
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=y3pp747610yh710878587j8b1twit475; expires=Tue, 26 Mar 2024 17:12:49 GMT; path=/; secure; SameSite=None
oaidts=1679937169; expires=Tue, 26 Mar 2024 17:12:49 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Mon, 03 Apr 2023 17:12:49 GMT; path=/; secure; SameSite=None
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 5b991cff63a438e0526bf79a1922cacc
fa1c921f96f8004ea002081cbac20ba60096b4da
197855d2e74925ce93549731ddece40e76ce8ed3a6fd841983e54b2a42a6fc87
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 27 Mar 2023 17:12:49 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 26 Mar 2023 03:49:35 GMT
Expires: Sun, 02 Apr 2023 03:49:34 GMT
Etag: "fa1c921f96f8004ea002081cbac20ba60096b4da"
Cache-Control: max-age=469604,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7ae942ac9e01b51d-OSL
simplewebanalysis.com/stats
18.194.180.164200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 18.194.180.164:0
File type ASCII text, with no line terminators
Hash f6dde65507ea0c24eb8980ffce376cf4
31cdbc647a9d380ddf590fb8e6bd6bca47cd0f4f
9801b3a3e2db1cfbd34865285e40c3ca148f8c8dc28637a9679b1b24e25e3ccd
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ilcorsaronero.theproxy2.cc
Connection: keep-alive
Referer: http://ilcorsaronero.theproxy2.cc/
Cookie: uid_id2=a38f4d5e-aa97-40fd-b43b-06b02d09f435:1:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 27 Mar 2023 17:12:49 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: http://ilcorsaronero.theproxy2.cc
access-control-allow-credentials: true
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 953b0329f989aec60c1e1ee17851c81f
f4e2ede476ece746463230544b11b240750a0aca
4cc02329d6759cefe7908e59ea91403384ff77165434bb75dce0a93ac6368f73
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4CC02329D6759CEFE7908E59EA91403384FF77165434BB75DCE0A93AC6368F73"
Last-Modified: Sat, 25 Mar 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10433
Expires: Mon, 27 Mar 2023 20:06:42 GMT
Date: Mon, 27 Mar 2023 17:12:49 GMT
Connection: keep-alive
fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
139.45.195.254200 OK 12 B URL HTTP/1.1 fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
IP 139.45.195.254:0
File type JSON data\012- , ASCII text, with no line terminators
Hash adb4650bfc9d2a73d4dd69583b0ceb14
1ce399d6e936232aaf2192cd7903a279c5015f22
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed
POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f HTTP/1.1
Host: fleraprt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1169
Origin: http://ilcorsaronero.theproxy2.cc
Connection: keep-alive
Referer: http://ilcorsaronero.theproxy2.cc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Mon, 27 Mar 2023 17:12:49 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: http://ilcorsaronero.theproxy2.cc
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
my.rtmark.net/gid.js?userId=y3pp747610yh710878587j8b1twit475
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?userId=y3pp747610yh710878587j8b1twit475
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash cd84ea52ce1bbfcc511ac4ceaa9174cc
bb258b438fc55fc150528e5b64ca3bf927ab204c
e3c5197bea4fda2b22fe7861a6415a0adb8ddbde3473e7280162dfb3d391064a
GET /gid.js?userId=y3pp747610yh710878587j8b1twit475 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ilcorsaronero.theproxy2.cc
Connection: keep-alive
Referer: http://ilcorsaronero.theproxy2.cc/
Cookie: ID=103436852ca44d65ba1a3b5b501e1201
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 27 Mar 2023 17:12:49 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: http://ilcorsaronero.theproxy2.cc
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=103436852ca44d65ba1a3b5b501e1201; expires=Tue, 26 Mar 2024 17:12:49 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
my.rtmark.net/gid.js?userId=y3pp747610yh710878587j8b1twit475
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?userId=y3pp747610yh710878587j8b1twit475
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash cd84ea52ce1bbfcc511ac4ceaa9174cc
bb258b438fc55fc150528e5b64ca3bf927ab204c
e3c5197bea4fda2b22fe7861a6415a0adb8ddbde3473e7280162dfb3d391064a
GET /gid.js?userId=y3pp747610yh710878587j8b1twit475 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ilcorsaronero.theproxy2.cc
Connection: keep-alive
Referer: http://ilcorsaronero.theproxy2.cc/
Cookie: ID=103436852ca44d65ba1a3b5b501e1201
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 27 Mar 2023 17:12:49 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: http://ilcorsaronero.theproxy2.cc
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=103436852ca44d65ba1a3b5b501e1201; expires=Tue, 26 Mar 2024 17:12:49 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash be1cd1cf8e462ca6f6acb2f132e614d5
037f3bc7ab850fa2c69f2584bb24340b25bb6f3c
e212abd38fd1ccc428a4c480913938f8ea6e9da873ebe73df55cdbee7fff2efa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E212ABD38FD1CCC428A4C480913938F8EA6E9DA873EBE73DF55CDBEE7FFF2EFA"
Last-Modified: Sun, 26 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3715
Expires: Mon, 27 Mar 2023 18:14:44 GMT
Date: Mon, 27 Mar 2023 17:12:49 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash be1cd1cf8e462ca6f6acb2f132e614d5
037f3bc7ab850fa2c69f2584bb24340b25bb6f3c
e212abd38fd1ccc428a4c480913938f8ea6e9da873ebe73df55cdbee7fff2efa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E212ABD38FD1CCC428A4C480913938F8EA6E9DA873EBE73DF55CDBEE7FFF2EFA"
Last-Modified: Sun, 26 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3715
Expires: Mon, 27 Mar 2023 18:14:44 GMT
Date: Mon, 27 Mar 2023 17:12:49 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash be1cd1cf8e462ca6f6acb2f132e614d5
037f3bc7ab850fa2c69f2584bb24340b25bb6f3c
e212abd38fd1ccc428a4c480913938f8ea6e9da873ebe73df55cdbee7fff2efa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E212ABD38FD1CCC428A4C480913938F8EA6E9DA873EBE73DF55CDBEE7FFF2EFA"
Last-Modified: Sun, 26 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3715
Expires: Mon, 27 Mar 2023 18:14:44 GMT
Date: Mon, 27 Mar 2023 17:12:49 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash be1cd1cf8e462ca6f6acb2f132e614d5
037f3bc7ab850fa2c69f2584bb24340b25bb6f3c
e212abd38fd1ccc428a4c480913938f8ea6e9da873ebe73df55cdbee7fff2efa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E212ABD38FD1CCC428A4C480913938F8EA6E9DA873EBE73DF55CDBEE7FFF2EFA"
Last-Modified: Sun, 26 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3715
Expires: Mon, 27 Mar 2023 18:14:44 GMT
Date: Mon, 27 Mar 2023 17:12:49 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4429ed9b-a655-45dc-a59b-78db53c9c2f6.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4429ed9b-a655-45dc-a59b-78db53c9c2f6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e999a9d79efe60a30b2942c5f2940294
c3891c43b16521f66eb3a52d83694de2ddd39871
290ed1232883a4ec63ef42c30f40b819983c5544e35261d2d1e0d1e55d0c8b07
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4429ed9b-a655-45dc-a59b-78db53c9c2f6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12017
x-amzn-requestid: 4f61a0c7-4b18-4289-b47c-eeeff93d873f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Ca6yQGNtoAMFsxw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64210b41-350e4e2425d9606e478872b5;Sampled=0
x-amzn-remapped-date: Mon, 27 Mar 2023 03:19:29 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: TCzHm5qTtnAUDSmayc-LLFmDfV7o6PaaYYfVtN_w7cC3o66HCa3DEg==
via: 1.1 b3cdce1c2fc39b89f45c98c417351f26.cloudfront.net (CloudFront), 1.1 0a2ce08fa1ec3c33302a7547d3305978.cloudfront.net (CloudFront), 1.1 google
date: Mon, 27 Mar 2023 03:34:08 GMT
age: 49121
etag: "c3891c43b16521f66eb3a52d83694de2ddd39871"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d7ce900-ce9b-481b-9205-9748eeded2e8.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d7ce900-ce9b-481b-9205-9748eeded2e8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 22905e8a7c8b1741dd51842c114a6517
c5900fe2396e0ca371c4847af4e96149850c3577
1525f9f39c09370fcb1f58f079f2d741a4c6d13fba26e6dd5b79466153d7685e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d7ce900-ce9b-481b-9205-9748eeded2e8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10405
x-amzn-requestid: 0b8dad7a-2ec1-4eed-9a2c-06079ed46662
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CRi69E9xoAMFiJg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641d4b79-2f606ac041c5db24583c8d51;Sampled=0
x-amzn-remapped-date: Fri, 24 Mar 2023 07:04:25 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: qbbEi0tXZLKo6qjrbJMtTHdhWziYrLrgzY1hzt_LrQJoeDDBbJnZBA==
via: 1.1 4b800f7fa2c3fbb9f4f3c505b0df315e.cloudfront.net (CloudFront), 1.1 b48dedcc55e63f14261aa92cf2d61522.cloudfront.net (CloudFront), 1.1 google
date: Mon, 27 Mar 2023 05:54:17 GMT
age: 40712
etag: "c5900fe2396e0ca371c4847af4e96149850c3577"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash be1cd1cf8e462ca6f6acb2f132e614d5
037f3bc7ab850fa2c69f2584bb24340b25bb6f3c
e212abd38fd1ccc428a4c480913938f8ea6e9da873ebe73df55cdbee7fff2efa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E212ABD38FD1CCC428A4C480913938F8EA6E9DA873EBE73DF55CDBEE7FFF2EFA"
Last-Modified: Sun, 26 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3715
Expires: Mon, 27 Mar 2023 18:14:44 GMT
Date: Mon, 27 Mar 2023 17:12:49 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00ac1765-db6c-42e3-99bf-d857d27a34b9.jpeg
34.120.237.76200 OK 5.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00ac1765-db6c-42e3-99bf-d857d27a34b9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c831201ad81f55c63c1b101ce854a810
0e9b952f6489f0a5f4862d3bea2fbe0ecdd379e5
c854489720d2ca4a95eef00addda0fcdaf481402d044df7725282654a97eb54a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00ac1765-db6c-42e3-99bf-d857d27a34b9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5556
x-amzn-requestid: 6b050645-14aa-47f7-b4a5-2e27abbe5115
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CM69eHE3IAMF0Yw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641b71ef-6ab2948e2bf2578f29798372;Sampled=0
x-amzn-remapped-date: Wed, 22 Mar 2023 21:23:59 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: CgU9j02Bnw0UdIwQ3sRCDvJoPitHIAUTRDhLH_PMXYlAPoAwSbv6Iw==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 4d8620b80ebe37d366388e117039aa8e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 27 Mar 2023 05:36:52 GMT
age: 41757
etag: "0e9b952f6489f0a5f4862d3bea2fbe0ecdd379e5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
glimtors.net/custom
139.45.197.251200 OK 0 B IP 139.45.197.251:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /custom HTTP/1.1
Host: glimtors.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: http://ilcorsaronero.theproxy2.cc/
Origin: http://ilcorsaronero.theproxy2.cc
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 27 Mar 2023 17:12:49 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: http://ilcorsaronero.theproxy2.cc
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
my.rtmark.net/gid.js?pub=0&userId=fbbd511d73b5403eacaec712245893d2&zoneId=2651991&checkDuplicate=true&ymid=&var=
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?pub=0&userId=fbbd511d73b5403eacaec712245893d2&zoneId=2651991&checkDuplicate=true&ymid=&var=
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash cd84ea52ce1bbfcc511ac4ceaa9174cc
bb258b438fc55fc150528e5b64ca3bf927ab204c
e3c5197bea4fda2b22fe7861a6415a0adb8ddbde3473e7280162dfb3d391064a
GET /gid.js?pub=0&userId=fbbd511d73b5403eacaec712245893d2&zoneId=2651991&checkDuplicate=true&ymid=&var= HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ilcorsaronero.theproxy2.cc/
Origin: http://ilcorsaronero.theproxy2.cc
Connection: keep-alive
Cookie: ID=103436852ca44d65ba1a3b5b501e1201
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 27 Mar 2023 17:12:49 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: http://ilcorsaronero.theproxy2.cc
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=103436852ca44d65ba1a3b5b501e1201; expires=Tue, 26 Mar 2024 17:12:49 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccb0254d-5c75-4e14-a0c6-04283194ce5b.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccb0254d-5c75-4e14-a0c6-04283194ce5b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 668a8a17a1bb77ea7db7fa23c9df9690
242108539ff8694a3c557d07b2b000e764a77f24
100952573dc9eeba889a77f4d148b646accb99f277035f0607b1c6918f93a358
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccb0254d-5c75-4e14-a0c6-04283194ce5b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10591
x-amzn-requestid: 8359ddc1-a6c6-4caf-9de3-f2eb4dcb0c78
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CaIO-F0QIAMF5_A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6420ba5f-72ee066911fdddb62c4a201d;Sampled=0
x-amzn-remapped-date: Sun, 26 Mar 2023 21:34:23 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: hfm1xuKZ-Olu263DvYfbYlEnANaiIL9e7jEDUqDAf3ihT5N2HAdyIA==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 60b744e5b364d04abea9fa6686121242.cloudfront.net (CloudFront), 1.1 google
date: Sun, 26 Mar 2023 21:49:30 GMT
age: 69799
etag: "242108539ff8694a3c557d07b2b000e764a77f24"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
offerimage.com/www/images/c203639f459b6e675afc744dd5393fc6.jpeg
104.22.33.172200 OK 11 kB URL HTTP/2 offerimage.com/www/images/c203639f459b6e675afc744dd5393fc6.jpeg
IP 104.22.33.172:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3\012- data
Hash c203639f459b6e675afc744dd5393fc6
c83a0142c1a7f6a07c2dd360243197a27f560932
64b4e386658d3f5764261f576a4673eb506fcad5e38e69ef085723f8dab72263
GET /www/images/c203639f459b6e675afc744dd5393fc6.jpeg HTTP/1.1
Host: offerimage.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ilcorsaronero.theproxy2.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 27 Mar 2023 17:12:49 GMT
content-type: image/jpeg
content-length: 10857
cache-control: max-age=86400
cf-bgj: h2pri
etag: "6388849a-2a69"
expires: Tue, 28 Mar 2023 05:59:57 GMT
last-modified: Thu, 01 Dec 2022 10:40:26 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 40372
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ae942af08662e13-ARN
X-Firefox-Spdy: h2
glimtors.net/custom
139.45.197.251200 OK 0 B IP 139.45.197.251:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /custom HTTP/1.1
Host: glimtors.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: http://ilcorsaronero.theproxy2.cc/
Origin: http://ilcorsaronero.theproxy2.cc
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 27 Mar 2023 17:12:49 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: http://ilcorsaronero.theproxy2.cc
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f70190ee368db6d36f69d66e5f0f45c6
cfb55ca3bedeb6742ac9a3448ab7903b17602981
afef143d3d783caac50ef57ca1de8aa4c3d6e064e0070eb0b3fab0c321035b03
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AFEF143D3D783CAAC50EF57CA1DE8AA4C3D6E064E0070EB0B3FAB0C321035B03"
Last-Modified: Mon, 27 Mar 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15260
Expires: Mon, 27 Mar 2023 21:27:09 GMT
Date: Mon, 27 Mar 2023 17:12:49 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f70190ee368db6d36f69d66e5f0f45c6
cfb55ca3bedeb6742ac9a3448ab7903b17602981
afef143d3d783caac50ef57ca1de8aa4c3d6e064e0070eb0b3fab0c321035b03
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AFEF143D3D783CAAC50EF57CA1DE8AA4C3D6E064E0070EB0B3FAB0C321035B03"
Last-Modified: Mon, 27 Mar 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15260
Expires: Mon, 27 Mar 2023 21:27:09 GMT
Date: Mon, 27 Mar 2023 17:12:49 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3fb4d16c-eef2-49cc-ac24-b125a7d6d9e0.jpeg
34.120.237.76200 OK 3.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3fb4d16c-eef2-49cc-ac24-b125a7d6d9e0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1ec08d4bd079a92161fc80f41281b5a9
bf61369962342cce85de8f48942b4b150fd2721e
8a8ed12c31d89d71c3cb88f0813ded83939529206461e917dcb0b8bc11abdda4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3fb4d16c-eef2-49cc-ac24-b125a7d6d9e0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3589
x-amzn-requestid: 9c09af43-79e8-4734-b28b-4194e0bb1e4e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CW1uyE2joAMF50g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641f6991-7607d33f6301182b591c56e8;Sampled=0
x-amzn-remapped-date: Sat, 25 Mar 2023 21:37:21 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: pjRA439kqSg5daR_Zuvsf2l45R4oqv3AMWNiMCGQ_C5o2KA8kEd3TQ==
via: 1.1 46673955829b59a6da0ab071e0b7fbea.cloudfront.net (CloudFront), 1.1 27a84054de24e45f952ea4056a821764.cloudfront.net (CloudFront), 1.1 google
date: Sun, 26 Mar 2023 21:37:24 GMT
age: 70525
etag: "bf61369962342cce85de8f48942b4b150fd2721e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f70190ee368db6d36f69d66e5f0f45c6
cfb55ca3bedeb6742ac9a3448ab7903b17602981
afef143d3d783caac50ef57ca1de8aa4c3d6e064e0070eb0b3fab0c321035b03
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AFEF143D3D783CAAC50EF57CA1DE8AA4C3D6E064E0070EB0B3FAB0C321035B03"
Last-Modified: Mon, 27 Mar 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15260
Expires: Mon, 27 Mar 2023 21:27:09 GMT
Date: Mon, 27 Mar 2023 17:12:49 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6b85455b294b4767cea7796f48dd6858
4af06a07de7639a30a37605e61e82a3fff1e9b8d
22e96d008a1d1430d90d2b1405907881a9af48427074ffb0905640f1326cd7cc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22E96D008A1D1430D90D2B1405907881A9AF48427074FFB0905640F1326CD7CC"
Last-Modified: Mon, 27 Mar 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12539
Expires: Mon, 27 Mar 2023 20:41:48 GMT
Date: Mon, 27 Mar 2023 17:12:49 GMT
Connection: keep-alive
glimtors.net/custom
139.45.197.251200 OK 39 B IP 139.45.197.251:0
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: glimtors.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ilcorsaronero.theproxy2.cc/
Content-Type: application/json
Origin: http://ilcorsaronero.theproxy2.cc
Content-Length: 388
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 27 Mar 2023 17:12:49 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 684c99e0a16320fa302f2a7499032b43
access-control-allow-origin: http://ilcorsaronero.theproxy2.cc
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
glimtors.net/custom
139.45.197.251200 OK 39 B IP 139.45.197.251:0
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: glimtors.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ilcorsaronero.theproxy2.cc/
Content-Type: application/json
Origin: http://ilcorsaronero.theproxy2.cc
Content-Length: 781
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 27 Mar 2023 17:12:49 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 5f697122295e64ba59b578df3792e8d7
access-control-allow-origin: http://ilcorsaronero.theproxy2.cc
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
matomo.hellohi.me/matomo.php?action_name=ilcorsaronero.theproxy2.cc%20-%20iTALiAN%20Torrent%20Search%20Engine&idsite=1&rec=1&r=729438&h=17&m=13&s=7&url=http%3A%2F%2Filcorsaronero.theproxy2.cc%2F&_id=1bc19817429fc369&_idn=0&send_image=0&_refts=0&cookie=1&res=1280x1024&pv_id=9P4iEO&pf_net=15&pf_srv=191&pf_tfr=154&pf_dm1=1257&uadata=%7B%7D
188.114.97.1301 Moved Permanently 169 B URL HTTP/1.1 matomo.hellohi.me/matomo.php?action_name=ilcorsaronero.theproxy2.cc%20-%20iTALiAN%20Torrent%20Search%20Engine&idsite=1&rec=1&r=729438&h=17&m=13&s=7&url=http%3A%2F%2Filcorsaronero.theproxy2.cc%2F&_id=1bc19817429fc369&_idn=0&send_image=0&_refts=0&cookie=1&res=1280x1024&pv_id=9P4iEO&pf_net=15&pf_srv=191&pf_tfr=154&pf_dm1=1257&uadata=%7B%7D
IP 188.114.97.1:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash f3099a531821c476589c3d2d00d53772
8e539d05a8355d6835a56f94b75f405c6e55f6f3
a5287e1cf9fe9dc106bd2172a5b175c7833427866b7819872b1b6fa34b66daef
POST /matomo.php?action_name=ilcorsaronero.theproxy2.cc%20-%20iTALiAN%20Torrent%20Search%20Engine&idsite=1&rec=1&r=729438&h=17&m=13&s=7&url=http%3A%2F%2Filcorsaronero.theproxy2.cc%2F&_id=1bc19817429fc369&_idn=0&send_image=0&_refts=0&cookie=1&res=1280x1024&pv_id=9P4iEO&pf_net=15&pf_srv=191&pf_tfr=154&pf_dm1=1257&uadata=%7B%7D HTTP/1.1
Host: matomo.hellohi.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=utf-8
Content-Length: 0
Origin: http://ilcorsaronero.theproxy2.cc
Connection: keep-alive
Referer: http://ilcorsaronero.theproxy2.cc/
HTTP/1.1 301 Moved Permanently
Date: Mon, 27 Mar 2023 17:12:49 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://matomo.hellohi.me/matomo.php?action_name=ilcorsaronero.theproxy2.cc%20-%20iTALiAN%20Torrent%20Search%20Engine&idsite=1&rec=1&r=729438&h=17&m=13&s=7&url=http%3A%2F%2Filcorsaronero.theproxy2.cc%2F&_id=1bc19817429fc369&_idn=0&send_image=0&_refts=0&cookie=1&res=1280x1024&pv_id=9P4iEO&pf_net=15&pf_srv=191&pf_tfr=154&pf_dm1=1257&uadata=%7B%7D
Referrer-Policy: origin
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cuEAb%2Fcn5%2BJ8BmXyBSsKQ61lrT6ahQk91HuaslCwpjClbOtStl0nTyyj4x%2FDs5oqhtH2hNBfqVqMLeGYkEUejl7pVo65smq3gD%2FYwWMKdv4b3yjFm9CDIR0o7aJf7D15g0egPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7ae942afb832b51e-OSL
alt-svc: h2=":443"; ma=60
rndskittytor.com/500/4837723?excludes=&oaid=103436852ca44d65ba1a3b5b501e1201&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=2&pl=http%3A%2F%2Filcorsaronero.theproxy2.cc%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.238200 OK 0 B URL HTTP/2 rndskittytor.com/500/4837723?excludes=&oaid=103436852ca44d65ba1a3b5b501e1201&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=2&pl=http%3A%2F%2Filcorsaronero.theproxy2.cc%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.238:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /500/4837723?excludes=&oaid=103436852ca44d65ba1a3b5b501e1201&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=2&pl=http%3A%2F%2Filcorsaronero.theproxy2.cc%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: rndskittytor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: http://ilcorsaronero.theproxy2.cc/
Origin: http://ilcorsaronero.theproxy2.cc
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 27 Mar 2023 17:12:50 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: http://ilcorsaronero.theproxy2.cc
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-credentials: true
access-control-max-age: 600
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2
benumelan.com/9?z=3372123&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=http%3A%2F%2Filcorsaronero.theproxy2.cc%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&sah=1002&drf=&hil=1&ist=0&oaid=103436852ca44d65ba1a3b5b501e1201
139.45.197.239204 No Content 0 B URL HTTP/2 benumelan.com/9?z=3372123&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=http%3A%2F%2Filcorsaronero.theproxy2.cc%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&sah=1002&drf=&hil=1&ist=0&oaid=103436852ca44d65ba1a3b5b501e1201
IP 139.45.197.239:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /9?z=3372123&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=http%3A%2F%2Filcorsaronero.theproxy2.cc%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&sah=1002&drf=&hil=1&ist=0&oaid=103436852ca44d65ba1a3b5b501e1201 HTTP/1.1
Host: benumelan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: http://ilcorsaronero.theproxy2.cc/
Origin: http://ilcorsaronero.theproxy2.cc
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Mon, 27 Mar 2023 17:12:50 GMT
access-control-allow-credentials: true
access-control-allow-origin: http://ilcorsaronero.theproxy2.cc
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
benumelan.com/11?rnd=4137735017&z=3372123&b=16692474&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=HVcFPlrnhoeS7cGYPa3zPDf9OQxYCobuIv6FZURlHFBedCj_H5dTJllxHZPgT4LlmRGalymfiUdW2IoxBuiyNUgqLO9n7QQUCGEkHVMh4IbpTdHgjXbxNQRVuXxC6hSJUXvwFE4n43VgUXNWHBE9L-IfuLl-gatS5oGfuzkrcdA0YWMKnPld6ilZoX7sCnpFbKV6dKRX8Fa2RgXNbta0OLsRU6YdhuVP_LydU2us7WqRLzZudaYI86DNEyu_scqCLHE8j23UXm0vITRFpfeIRabK4UUfiIeuWJoPlc9pqRS88WBMdTTroh6isF9cLZhTzoVbOmzo89De-sSYAJHftTqrBHtrAvEhj1ofr8CJ38g4Baf5Df7Oi3HrdtF7ZbIwMDq5Ef2ahtPTeWgETPx7rra1uCoS8A-Qp2wx66GzsIO3p-C8y-IjM2xk8Z2Qbho_PoC6ide1oHNvrHbDzP7357eqwBFpQMmRk0ZuGDiLZ_d_s_19rWkuWNP3rX3-y2I5xkeCY99CCNvTzMo7kJeFq6mAvH0X0Bnnx9jJc4TdvVh75EY1SjgsaXNRshq_PRva9QBq8iBIMq163LzY7jShDZvfi_gpzEnS8Go2EqiXTAt-Qt0hKBw9pofcMeXasIyw4R6h1-Y13qJlKybm5mZWpmMmcoq1LFDlbPnjwRIz4I8IiSnr&ruid=7cbf7b2a-5d4a-4bd2-92ee-959047c1146e&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=http%3A%2F%2Filcorsaronero.theproxy2.cc%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&sah=1002&drf=&hil=1&ist=0&ot=117
139.45.197.239200 OK 0 B URL HTTP/2 benumelan.com/11?rnd=4137735017&z=3372123&b=16692474&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=HVcFPlrnhoeS7cGYPa3zPDf9OQxYCobuIv6FZURlHFBedCj_H5dTJllxHZPgT4LlmRGalymfiUdW2IoxBuiyNUgqLO9n7QQUCGEkHVMh4IbpTdHgjXbxNQRVuXxC6hSJUXvwFE4n43VgUXNWHBE9L-IfuLl-gatS5oGfuzkrcdA0YWMKnPld6ilZoX7sCnpFbKV6dKRX8Fa2RgXNbta0OLsRU6YdhuVP_LydU2us7WqRLzZudaYI86DNEyu_scqCLHE8j23UXm0vITRFpfeIRabK4UUfiIeuWJoPlc9pqRS88WBMdTTroh6isF9cLZhTzoVbOmzo89De-sSYAJHftTqrBHtrAvEhj1ofr8CJ38g4Baf5Df7Oi3HrdtF7ZbIwMDq5Ef2ahtPTeWgETPx7rra1uCoS8A-Qp2wx66GzsIO3p-C8y-IjM2xk8Z2Qbho_PoC6ide1oHNvrHbDzP7357eqwBFpQMmRk0ZuGDiLZ_d_s_19rWkuWNP3rX3-y2I5xkeCY99CCNvTzMo7kJeFq6mAvH0X0Bnnx9jJc4TdvVh75EY1SjgsaXNRshq_PRva9QBq8iBIMq163LzY7jShDZvfi_gpzEnS8Go2EqiXTAt-Qt0hKBw9pofcMeXasIyw4R6h1-Y13qJlKybm5mZWpmMmcoq1LFDlbPnjwRIz4I8IiSnr&ruid=7cbf7b2a-5d4a-4bd2-92ee-959047c1146e&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=http%3A%2F%2Filcorsaronero.theproxy2.cc%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&sah=1002&drf=&hil=1&ist=0&ot=117
IP 139.45.197.239:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /11?rnd=4137735017&z=3372123&b=16692474&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=HVcFPlrnhoeS7cGYPa3zPDf9OQxYCobuIv6FZURlHFBedCj_H5dTJllxHZPgT4LlmRGalymfiUdW2IoxBuiyNUgqLO9n7QQUCGEkHVMh4IbpTdHgjXbxNQRVuXxC6hSJUXvwFE4n43VgUXNWHBE9L-IfuLl-gatS5oGfuzkrcdA0YWMKnPld6ilZoX7sCnpFbKV6dKRX8Fa2RgXNbta0OLsRU6YdhuVP_LydU2us7WqRLzZudaYI86DNEyu_scqCLHE8j23UXm0vITRFpfeIRabK4UUfiIeuWJoPlc9pqRS88WBMdTTroh6isF9cLZhTzoVbOmzo89De-sSYAJHftTqrBHtrAvEhj1ofr8CJ38g4Baf5Df7Oi3HrdtF7ZbIwMDq5Ef2ahtPTeWgETPx7rra1uCoS8A-Qp2wx66GzsIO3p-C8y-IjM2xk8Z2Qbho_PoC6ide1oHNvrHbDzP7357eqwBFpQMmRk0ZuGDiLZ_d_s_19rWkuWNP3rX3-y2I5xkeCY99CCNvTzMo7kJeFq6mAvH0X0Bnnx9jJc4TdvVh75EY1SjgsaXNRshq_PRva9QBq8iBIMq163LzY7jShDZvfi_gpzEnS8Go2EqiXTAt-Qt0hKBw9pofcMeXasIyw4R6h1-Y13qJlKybm5mZWpmMmcoq1LFDlbPnjwRIz4I8IiSnr&ruid=7cbf7b2a-5d4a-4bd2-92ee-959047c1146e&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=http%3A%2F%2Filcorsaronero.theproxy2.cc%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&sah=1002&drf=&hil=1&ist=0&ot=117 HTTP/1.1
Host: benumelan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ilcorsaronero.theproxy2.cc
Connection: keep-alive
Referer: http://ilcorsaronero.theproxy2.cc/
Cookie: scm=1; OAID=103436852ca44d65ba1a3b5b501e1201; oaidts=1679937169; syncedCookie=true
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 27 Mar 2023 17:12:50 GMT
content-type: image/jpeg
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: http://ilcorsaronero.theproxy2.cc
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID
x-trace-id: e789874b2f974da66cc102a04644eece
access-control-expose-headers: X-Sc
set-cookie: OAID=103436852ca44d65ba1a3b5b501e1201; expires=Tue, 26 Mar 2024 17:12:50 GMT; secure; SameSite=None
oaidts=1679937169; expires=Tue, 26 Mar 2024 17:12:50 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
unseenreport.com/pxf.gif?uuid=a38f4d5e-aa97-40fd-b43b-06b02d09f435&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1053&b_frame=0&pk=a286902791a7f4c98bcb1e812322cd78&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=17
192.243.59.13200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=a38f4d5e-aa97-40fd-b43b-06b02d09f435&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1053&b_frame=0&pk=a286902791a7f4c98bcb1e812322cd78&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=17
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=a38f4d5e-aa97-40fd-b43b-06b02d09f435&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1053&b_frame=0&pk=a286902791a7f4c98bcb1e812322cd78&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=17 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ilcorsaronero.theproxy2.cc/
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Mon, 27 Mar 2023 17:12:50 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 78902b7f57722b463489ccabb9d82c2a
Strict-Transport-Security: max-age=0; includeSubdomains
registercherryheadquarter.com/sbar.json?key=a286902791a7f4c98bcb1e812322cd78
192.243.59.20200 OK 4.2 kB URL HTTP/1.1 registercherryheadquarter.com/sbar.json?key=a286902791a7f4c98bcb1e812322cd78
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type JSON data\012- , ASCII text, with very long lines (6002), with no line terminators
Hash c1be6f4e2948d0de2f3037e576be29e5
0b816a0ca275ea5e23cee3fbb63dea6b9958efe8
2978d0ab5de15723f8d9e6e6f4a0dae026c99777b7fa1b281d6711f8f71ef34b
Analyzer Verdict Alert quad9 Sinkholed
GET /sbar.json?key=a286902791a7f4c98bcb1e812322cd78 HTTP/1.1
Host: registercherryheadquarter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ilcorsaronero.theproxy2.cc
Connection: keep-alive
Referer: http://ilcorsaronero.theproxy2.cc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Mon, 27 Mar 2023 17:12:50 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://ilcorsaronero.theproxy2.cc
Access-Control-Allow-Origin: http://ilcorsaronero.theproxy2.cc
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=15816950; expires=Tue, 28 Mar 2023 17:12:49 GMT; secure; SameSite=None
pdhtkv=true; expires=Tue, 28 Mar 2023 17:12:50 GMT; secure; SameSite=None
uncs=1; expires=Tue, 28 Mar 2023 17:12:50 GMT; secure; SameSite=None
pdhtkv29=true; expires=Tue, 28 Mar 2023 17:12:50 GMT; secure; SameSite=None
uncs29=1; expires=Tue, 28 Mar 2023 17:12:50 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: e8785e860fdeb47fad0a3beb1e27e4df
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
betotodilea.com/400/4495524
139.45.197.237200 OK 30 kB URL HTTP/2 betotodilea.com/400/4495524
IP 139.45.197.237:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash fce73d245651b27abead3049ec28e202
2c0c2cbe9b2487c1a0b6590947c6ad3662c5de90
c2d071d302ec9d4949840772d15a3be3e89732279561a4a43152dc8217c25b02
GET /400/4495524 HTTP/1.1
Host: betotodilea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ilcorsaronero.theproxy2.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 27 Mar 2023 17:12:49 GMT
content-type: application/javascript
x-trace-id: 1bbeeaf6ada9ec15c4b0839298a65cc5
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=a49f484e820b4cef95b980f203d4e20d; expires=Tue, 26 Mar 2024 17:12:49 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
mc.yandex.ru/metrika/advert.gif
77.88.21.119200 OK 43 B URL HTTP/2 mc.yandex.ru/metrika/advert.gif
IP 77.88.21.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /metrika/advert.gif HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ilcorsaronero.theproxy2.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Mon, 27 Mar 2023 17:12:50 GMT
access-control-allow-origin: *
etag: "64216024-2b"
expires: Mon, 27 Mar 2023 18:12:50 GMT
accept-ranges: bytes
last-modified: Mon, 27 Mar 2023 12:21:40 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: max-age=3600
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2bca5cb3b44ed2780b961ea7c50f71f3
0209085d2d0580a551813e1bd19695b1f7f52d06
9d2aa81501276170eb58f72567d466eefe9680f780358b1186e0ac79ba9fcc3d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9D2AA81501276170EB58F72567D466EEFE9680F780358B1186E0AC79BA9FCC3D"
Last-Modified: Sun, 26 Mar 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4423
Expires: Mon, 27 Mar 2023 18:26:33 GMT
Date: Mon, 27 Mar 2023 17:12:50 GMT
Connection: keep-alive
betotodilea.com/400/4495524?oo=1&oaid=103436852ca44d65ba1a3b5b501e1201
139.45.197.237200 OK 822 B URL HTTP/2 betotodilea.com/400/4495524?oo=1&oaid=103436852ca44d65ba1a3b5b501e1201
IP 139.45.197.237:0
File type JSON data\012- , ASCII text, with very long lines (2226), with no line terminators
Hash 8dba7258ce7f7f641c6d607ffbe792d3
37942fc88fb161fcf25ea0153601fa7817c30fad
9f59aa2ba706f45d719706c856db3598460cc861b59e1dff1973306534f54790
GET /400/4495524?oo=1&oaid=103436852ca44d65ba1a3b5b501e1201 HTTP/1.1
Host: betotodilea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ilcorsaronero.theproxy2.cc
Connection: keep-alive
Referer: http://ilcorsaronero.theproxy2.cc/
Cookie: OAID=a6dc542b766d40449f3a371c0cce7409
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 27 Mar 2023 17:12:50 GMT
content-type: application/json
x-trace-id: f303622ac916778b79073734ff69b481
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: http://ilcorsaronero.theproxy2.cc
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=103436852ca44d65ba1a3b5b501e1201; expires=Tue, 26 Mar 2024 17:12:50 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a203e2a6a9cb9c292ff14963e876774f
56fa23a1f3b2e50d65e6e35195d6ff48833f3fb4
359c34835441570048a7daa075ebfdc132bfe2cdcdf579315f6ce014624bb8c0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "359C34835441570048A7DAA075EBFDC132BFE2CDCDF579315F6CE014624BB8C0"
Last-Modified: Mon, 27 Mar 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11430
Expires: Mon, 27 Mar 2023 20:23:20 GMT
Date: Mon, 27 Mar 2023 17:12:50 GMT
Connection: keep-alive
registercherryheadquarter.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSv28jRRSezYWGq0A0FCBDBQI5u2s7tklxIhxB0YUk3B0E0c2vdQaPd1Yzu14noog4CV2D8NFAufmcXAREiPsDkJBDgyKdFFNACkKHaBFSamTHkrknzbz3zfeK73tvPtvPLoiPjJ5vvmt2ldZ0oVb2S69sqViY3JXW75YCv%2BwvlbZUvFhdKvXGl%2B2%2BEfi1sv9q6R3J22Yh9APfD%2FygtKKsjExvYcJCJcfNoNz0y9WwHNSq6Nknscs8OOpBdC%2FIs1Bi9NT2L4%2Bg%2BBBx54eb0rVTk7z%2BdifTNDUWXXH0ftyOTR6jMysj6yGKj6bdMG5EyNdzMPHR1AFM92DsAEyNiPdbABYfTWWCdQ%2BvlDINGYOJ68i7Q0g9hKJDcHMPSpwRgAusbyDuPFw3Nqc7VywdsyMyf%2FkvVD4i8388h7jz%2FbJWvdIdo7NUmdihFxVQvSFUa4gkO0G6OweVn4Cnn0KJx2Thcg1x52DDaQMliol7pYZQ0RBa9kGdh2x8lIcs8pAlHjrivERrzcj36xGLKpVGlXNeqXBeayyKmqhUG5GPjI%2Fl9ZEmfXDdB7d7SOwe2urBWfAabPYT3HYBJzy4dES89%2FbQFQVySZA7gpwS5IogTwnybnEotAtd8VBol7FgmsNprhQDk7b26aFJWzIm%2B8kFeWYymn8%2BvERbnpdo2Fhs%2BmG9GdB6VOXNBuMskI0grIQhF%2FUGnCqg3NzE7e54T8UFEjUi5IvfwegJnD4BVy%2BDZi%2BA5oN66INuD6oNH7vxcRYzbXhbirISEKZAks4j3fH29QV5fqKj%2Bdd1SH5646vPN%2F5cEh%2BB2wKJLfCx%2Bpmgpe8PbpucHNw2uSOPNpJUddQuHa%2FvTkpTee3bW3InN1as3nT9b97kY2JcHt%2BVLl2jsVBxy5HvlpUQ0q4YyyX5cdVtSbaZue3lzMZZsrb51spqJ7HSOWXiIag6%2B%2BATcDUiT9v25GO%2B%2BPctKDuEzQp0slMyDSgzBE%2F24JKZemcIrJ71sMRDnhUDG7LZo1YEWs4wZQXc%2FzCb1fvuPlrWA03vIe4U6NoCXV2A6j5cdm2QJvb0xq%2BVSYBpb8C09Q6YtvrB1WidOi%2FJWuRH0g8li5osqlNfNKNqk9FmIOusRgOkbiReevzlfwAAAP%2F%2FAQAA%2F%2F9WslD%2FcAQAAA%3D%3D
192.243.59.20200 OK 7 B URL HTTP/1.1 registercherryheadquarter.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSv28jRRSezYWGq0A0FCBDBQI5u2s7tklxIhxB0YUk3B0E0c2vdQaPd1Yzu14noog4CV2D8NFAufmcXAREiPsDkJBDgyKdFFNACkKHaBFSamTHkrknzbz3zfeK73tvPtvPLoiPjJ5vvmt2ldZ0oVb2S69sqViY3JXW75YCv%2BwvlbZUvFhdKvXGl%2B2%2BEfi1sv9q6R3J22Yh9APfD%2FygtKKsjExvYcJCJcfNoNz0y9WwHNSq6Nknscs8OOpBdC%2FIs1Bi9NT2L4%2Bg%2BBBx54eb0rVTk7z%2BdifTNDUWXXH0ftyOTR6jMysj6yGKj6bdMG5EyNdzMPHR1AFM92DsAEyNiPdbABYfTWWCdQ%2BvlDINGYOJ68i7Q0g9hKJDcHMPSpwRgAusbyDuPFw3Nqc7VywdsyMyf%2FkvVD4i8388h7jz%2FbJWvdIdo7NUmdihFxVQvSFUa4gkO0G6OweVn4Cnn0KJx2Thcg1x52DDaQMliol7pYZQ0RBa9kGdh2x8lIcs8pAlHjrivERrzcj36xGLKpVGlXNeqXBeayyKmqhUG5GPjI%2Fl9ZEmfXDdB7d7SOwe2urBWfAabPYT3HYBJzy4dES89%2FbQFQVySZA7gpwS5IogTwnybnEotAtd8VBol7FgmsNprhQDk7b26aFJWzIm%2B8kFeWYymn8%2BvERbnpdo2Fhs%2BmG9GdB6VOXNBuMskI0grIQhF%2FUGnCqg3NzE7e54T8UFEjUi5IvfwegJnD4BVy%2BDZi%2BA5oN66INuD6oNH7vxcRYzbXhbirISEKZAks4j3fH29QV5fqKj%2Bdd1SH5646vPN%2F5cEh%2BB2wKJLfCx%2Bpmgpe8PbpucHNw2uSOPNpJUddQuHa%2FvTkpTee3bW3InN1as3nT9b97kY2JcHt%2BVLl2jsVBxy5HvlpUQ0q4YyyX5cdVtSbaZue3lzMZZsrb51spqJ7HSOWXiIag6%2B%2BATcDUiT9v25GO%2B%2BPctKDuEzQp0slMyDSgzBE%2F24JKZemcIrJ71sMRDnhUDG7LZo1YEWs4wZQXc%2FzCb1fvuPlrWA03vIe4U6NoCXV2A6j5cdm2QJvb0xq%2BVSYBpb8C09Q6YtvrB1WidOi%2FJWuRH0g8li5osqlNfNKNqk9FmIOusRgOkbiReevzlfwAAAP%2F%2FAQAA%2F%2F9WslD%2FcAQAAA%3D%3D
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSv28jRRSezYWGq0A0FCBDBQI5u2s7tklxIhxB0YUk3B0E0c2vdQaPd1Yzu14noog4CV2D8NFAufmcXAREiPsDkJBDgyKdFFNACkKHaBFSamTHkrknzbz3zfeK73tvPtvPLoiPjJ5vvmt2ldZ0oVb2S69sqViY3JXW75YCv%2BwvlbZUvFhdKvXGl%2B2%2BEfi1sv9q6R3J22Yh9APfD%2FygtKKsjExvYcJCJcfNoNz0y9WwHNSq6Nknscs8OOpBdC%2FIs1Bi9NT2L4%2Bg%2BBBx54eb0rVTk7z%2BdifTNDUWXXH0ftyOTR6jMysj6yGKj6bdMG5EyNdzMPHR1AFM92DsAEyNiPdbABYfTWWCdQ%2BvlDINGYOJ68i7Q0g9hKJDcHMPSpwRgAusbyDuPFw3Nqc7VywdsyMyf%2FkvVD4i8388h7jz%2FbJWvdIdo7NUmdihFxVQvSFUa4gkO0G6OweVn4Cnn0KJx2Thcg1x52DDaQMliol7pYZQ0RBa9kGdh2x8lIcs8pAlHjrivERrzcj36xGLKpVGlXNeqXBeayyKmqhUG5GPjI%2Fl9ZEmfXDdB7d7SOwe2urBWfAabPYT3HYBJzy4dES89%2FbQFQVySZA7gpwS5IogTwnybnEotAtd8VBol7FgmsNprhQDk7b26aFJWzIm%2B8kFeWYymn8%2BvERbnpdo2Fhs%2BmG9GdB6VOXNBuMskI0grIQhF%2FUGnCqg3NzE7e54T8UFEjUi5IvfwegJnD4BVy%2BDZi%2BA5oN66INuD6oNH7vxcRYzbXhbirISEKZAks4j3fH29QV5fqKj%2Bdd1SH5646vPN%2F5cEh%2BB2wKJLfCx%2Bpmgpe8PbpucHNw2uSOPNpJUddQuHa%2FvTkpTee3bW3InN1as3nT9b97kY2JcHt%2BVLl2jsVBxy5HvlpUQ0q4YyyX5cdVtSbaZue3lzMZZsrb51spqJ7HSOWXiIag6%2B%2BATcDUiT9v25GO%2B%2BPctKDuEzQp0slMyDSgzBE%2F24JKZemcIrJ71sMRDnhUDG7LZo1YEWs4wZQXc%2FzCb1fvuPlrWA03vIe4U6NoCXV2A6j5cdm2QJvb0xq%2BVSYBpb8C09Q6YtvrB1WidOi%2FJWuRH0g8li5osqlNfNKNqk9FmIOusRgOkbiReevzlfwAAAP%2F%2FAQAA%2F%2F9WslD%2FcAQAAA%3D%3D HTTP/1.1
Host: registercherryheadquarter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ilcorsaronero.theproxy2.cc/
Cookie: u_pl=15816950; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Mon, 27 Mar 2023 17:12:50 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: c7b2f58f73d15412605a45e8dad0028a
Strict-Transport-Security: max-age=0; includeSubdomains
glimtors.net/custom
139.45.197.251200 OK 39 B IP 139.45.197.251:0
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: glimtors.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ilcorsaronero.theproxy2.cc/
Content-Type: application/json
Origin: http://ilcorsaronero.theproxy2.cc
Content-Length: 385
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 27 Mar 2023 17:12:50 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: d4b450f00798232a253b8938822760b4
access-control-allow-origin: http://ilcorsaronero.theproxy2.cc
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
rndskittytor.com/500/4837723?excludes=&oaid=103436852ca44d65ba1a3b5b501e1201&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=2&pl=http%3A%2F%2Filcorsaronero.theproxy2.cc%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.238200 OK 1.7 kB URL HTTP/2 rndskittytor.com/500/4837723?excludes=&oaid=103436852ca44d65ba1a3b5b501e1201&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=2&pl=http%3A%2F%2Filcorsaronero.theproxy2.cc%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.238:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (1290)
Hash 6ae5bfde51c303261c4335d5a6ae6904
e9ff2c886bd5033b24280cdb74d4ac174dea84ea
3f499f55d702294c4201ab5f6b24da73176dd3bf289db6900120c2e4f1cdabee
GET /500/4837723?excludes=&oaid=103436852ca44d65ba1a3b5b501e1201&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=2&pl=http%3A%2F%2Filcorsaronero.theproxy2.cc%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: rndskittytor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: http://ilcorsaronero.theproxy2.cc
Connection: keep-alive
Referer: http://ilcorsaronero.theproxy2.cc/
Cookie: OAID=y3pp747610yh710878587j8b1twit475
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 27 Mar 2023 17:12:50 GMT
content-type: application/javascript
x-trace-id: 7c39ced39cc9a663ce3569e3bae88643
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
vary: Origin
access-control-allow-origin: http://ilcorsaronero.theproxy2.cc
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=103436852ca44d65ba1a3b5b501e1201; expires=Tue, 26 Mar 2024 17:12:50 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
interstitial-07.com/contents/s/4e/8a/21/2caff2149364792e8d1f92a35e/0616917902377.jpeg
139.45.197.154200 OK 15 kB URL HTTP/2 interstitial-07.com/contents/s/4e/8a/21/2caff2149364792e8d1f92a35e/0616917902377.jpeg
IP 139.45.197.154:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 256x256, components 3\012- data
Hash 4e8a212caff2149364792e8d1f92a35e
93a14012c0d19e1e1122967ebb2e657788bce148
89082053fa4b6f25d174e56d4a1bab882d416f9000cfbc2937339ea53a185384
GET /contents/s/4e/8a/21/2caff2149364792e8d1f92a35e/0616917902377.jpeg HTTP/1.1
Host: interstitial-07.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://interstitial-07.com/?l=OKbvoh8QrmFLUNY&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fbenumelan.com%2F12%3Frnd%3D2218197667%26z%3D3372123%26b%3D16692474%26c%3D6610460%26var%3D%26d%3Dhttps%253A%252F%252Fsingelstodate.com%252Fbase.php%253Fc%253D958%2526key%253Df9d8f4e55eccf0daf227167a81325855%2526zoneid%253D%257Bzoneid%257D%2526cost%253D%257Bcost%257D%2526subid%253D%2524%257BSUBID%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3DHVcFPlrnhoeS7cGYPa3zPDf9OQxYCobuIv6FZURlHFBedCj_H5dTJllxHZPgT4LlmRGalymfiUdW2IoxBuiyNUgqLO9n7QQUCGEkHVMh4IbpTdHgjXbxNQRVuXxC6hSJUXvwFE4n43VgUXNWHBE9L-IfuLl-gatS5oGfuzkrcdA0YWMKnPld6ilZoX7sCnpFbKV6dKRX8Fa2RgXNbta0OLsRU6YdhuVP_LydU2us7WqRLzZudaYI86DNEyu_scqCLHE8j23UXm0vITRFpfeIRabK4UUfiIeuWJoPlc9pqRS88WBMdTTroh6isF9cLZhTzoVbOmzo89De-sSYAJHftTqrBHtrAvEhj1ofr8CJ38g4Baf5Df7Oi3HrdtF7ZbIwMDq5Ef2ahtPTeWgETPx7rra1uCoS8A-Qp2wx66GzsIO3p-C8y-IjM2xk8Z2Qbho_PoC6ide1oHNvrHbDzP7357eqwBFpQMmRk0ZuGDiLZ_d_s_19rWkuWNP3rX3-y2I5xkeCY99CCNvTzMo7kJeFq6mAvH0X0Bnnx9jJc4TdvVh75EY1SjgsaXNRshq_PRva9QBq8iBIMq163LzY7jShDZvfi_gpzEnS8Go2EqiXTAt-Qt0hKBw9pofcMeXasIyw4R6h1-Y13qJlKybm5mZWpmMmcoq1LFDlbPnjwRIz4I8IiSnr%26bag%3D8l8Ms2eGBusIWu-YLYJUQg%3D%3D%26ruid%3D7cbf7b2a-5d4a-4bd2-92ee-959047c1146e%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttp%253A%252F%252Filcorsaronero.theproxy2.cc%252F%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1268%26wiw%3D1280%26wih%3D939%26wfc%3D1%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 27 Mar 2023 17:12:50 GMT
content-type: image/jpeg
content-length: 15218
last-modified: Wed, 20 Apr 2022 06:50:48 GMT
vary: Accept-Encoding
etag: "625fad48-3b72"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5f82e22a9b97509da8bb9b9fcb97bf09
5c87faacec94538f7156eaf657ad70ea940a21e2
fcb65bc7ac80577e2dff0d955ff2652fc4b765433e0964ee9f46100408e6d252
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FCB65BC7AC80577E2DFF0D955FF2652FC4B765433E0964EE9F46100408E6D252"
Last-Modified: Sun, 26 Mar 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14852
Expires: Mon, 27 Mar 2023 21:20:22 GMT
Date: Mon, 27 Mar 2023 17:12:50 GMT
Connection: keep-alive
thaudray.com/5/2632704/?abt_opts=1&oo=1&aab=1&js_build=iclick-v1.511.0&userId=103436852ca44d65ba1a3b5b501e1201
139.45.197.237200 OK 32 kB URL HTTP/2 thaudray.com/5/2632704/?abt_opts=1&oo=1&aab=1&js_build=iclick-v1.511.0&userId=103436852ca44d65ba1a3b5b501e1201
IP 139.45.197.237:0
Hash 406b143e2c0d7575c7c9fcc4d2c5ab3e
a2c1b559cbe2a41d79812fd4ceb13f2fe32b4002
e32bc853ade8a22d438218d9f5ca1246db61fd975567104826181ade60f15ef3
GET /5/2632704/?abt_opts=1&oo=1&aab=1&js_build=iclick-v1.511.0&userId=103436852ca44d65ba1a3b5b501e1201 HTTP/1.1
Host: thaudray.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ilcorsaronero.theproxy2.cc
Connection: keep-alive
Referer: http://ilcorsaronero.theproxy2.cc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 27 Mar 2023 17:12:49 GMT
content-type: application/json
x-trace-id: 763068eed48e72ca6f386e448fbbbfc9
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: http://ilcorsaronero.theproxy2.cc
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=103436852ca44d65ba1a3b5b501e1201; expires=Tue, 26 Mar 2024 17:12:49 GMT; path=/; secure; SameSite=None
oaidts=1679937169; expires=Tue, 26 Mar 2024 17:12:49 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Mon, 03 Apr 2023 17:12:49 GMT; path=/; secure; SameSite=None
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/ssp/sweep/social-box/white-small/img/close.png
172.64.166.9200 OK 6.0 kB URL HTTP/2 cdn.creative-bars1.com/sb/ssp/sweep/social-box/white-small/img/close.png
IP 172.64.166.9:0
File type PNG image data, 522 x 391, 8-bit/color RGBA, non-interlaced\012- data
Hash c489ce2c491a22ee37a55e26a92dfd73
2fa588ab09e94dd902e5bd24b48f98ad1949c9d6
1eed147c7d5de6291c25fbc5274830c12d5549262fb144271576d4e15966e5bd
GET /sb/ssp/sweep/social-box/white-small/img/close.png HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 27 Mar 2023 17:12:50 GMT
content-type: image/png
content-length: 5982
last-modified: Tue, 21 Sep 2021 12:02:03 GMT
etag: "6149c9bb-175e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 2437255
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4e4v4pefj9YKN3C1pKh7rq7CKQcoYtgdGPXxFxa6UT9nOYOpOVRkkZZw8Jxb40scf4ihlemmSKYtpO4pSawVqhz9chdhPPMvviTSpfhRqBVXU7gF7U2ex77%2FXDJQ73oJV%2Bn4MIJjxZ9F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ae942b52adb48ce-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6208588e2c801b0c7ec557287d80f166
71079a8192940c19ab84d33039fc1fa437066cb3
c169a24f728f1679d861ab53a26a09ece1905057c53a6a316229cf493317e41a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C169A24F728F1679D861AB53A26A09ECE1905057C53A6A316229CF493317E41A"
Last-Modified: Mon, 27 Mar 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2441
Expires: Mon, 27 Mar 2023 17:53:31 GMT
Date: Mon, 27 Mar 2023 17:12:50 GMT
Connection: keep-alive
mc.yandex.ru/watch/57311164/1?wmode=7&page-url=http%3A%2F%2Filcorsaronero.theproxy2.cc%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A3ue65zhww2f2brt35wtqzj%3Afp%3A688%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A991%3Acn%3A1%3Adp%3A0%3Als%3A107772735612%3Ahid%3A492404856%3Az%3A0%3Ai%3A20230327171308%3Aet%3A1679937188%3Ac%3A1%3Arn%3A430692457%3Arqn%3A1%3Au%3A1679937188882240236%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C1%2C192%2C0%2C%2C0%2C%2C1280%2C5%2C%2C%2C%2C1548%3Aco%3A0%3Ans%3A1679937186004%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1679937188%3At%3Ailcorsaronero.theproxy2.cc%20-%20iTALiAN%20Torrent%20Search%20Engine&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
77.88.21.119200 OK 419 B URL HTTP/2 mc.yandex.ru/watch/57311164/1?wmode=7&page-url=http%3A%2F%2Filcorsaronero.theproxy2.cc%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A3ue65zhww2f2brt35wtqzj%3Afp%3A688%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A991%3Acn%3A1%3Adp%3A0%3Als%3A107772735612%3Ahid%3A492404856%3Az%3A0%3Ai%3A20230327171308%3Aet%3A1679937188%3Ac%3A1%3Arn%3A430692457%3Arqn%3A1%3Au%3A1679937188882240236%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C1%2C192%2C0%2C%2C0%2C%2C1280%2C5%2C%2C%2C%2C1548%3Aco%3A0%3Ans%3A1679937186004%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1679937188%3At%3Ailcorsaronero.theproxy2.cc%20-%20iTALiAN%20Torrent%20Search%20Engine&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
IP 77.88.21.119:0
File type JSON data\012- , ASCII text, with very long lines (419), with no line terminators
Hash d13d4fba85fd7f18283226be46979e37
a32f6ce7694518706ae4af8de520d0e99a0d3857
2761c4fb96f07213e06128774994c7fbc0535b2ac699883172777872ae9a67c7
GET /watch/57311164/1?wmode=7&page-url=http%3A%2F%2Filcorsaronero.theproxy2.cc%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A3ue65zhww2f2brt35wtqzj%3Afp%3A688%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A991%3Acn%3A1%3Adp%3A0%3Als%3A107772735612%3Ahid%3A492404856%3Az%3A0%3Ai%3A20230327171308%3Aet%3A1679937188%3Ac%3A1%3Arn%3A430692457%3Arqn%3A1%3Au%3A1679937188882240236%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C1%2C192%2C0%2C%2C0%2C%2C1280%2C5%2C%2C%2C%2C1548%3Aco%3A0%3Ans%3A1679937186004%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1679937188%3At%3Ailcorsaronero.theproxy2.cc%20-%20iTALiAN%20Torrent%20Search%20Engine&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29 HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ilcorsaronero.theproxy2.cc
Referer: http://ilcorsaronero.theproxy2.cc/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 419
date: Mon, 27 Mar 2023 17:12:50 GMT
x-content-type-options: nosniff
access-control-allow-origin: http://ilcorsaronero.theproxy2.cc
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Mon, 27-Mar-2023 17:12:50 GMT
last-modified: Mon, 27-Mar-2023 17:12:50 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: application/json; charset=utf-8
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/90922622/1?wmode=7&page-url=http%3A%2F%2Filcorsaronero.theproxy2.cc%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A3ue65zhww2f2brt35wtqzj%3Afp%3A688%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A991%3Acn%3A2%3Adp%3A0%3Als%3A233423840699%3Ahid%3A492404856%3Az%3A0%3Ai%3A20230327171308%3Aet%3A1679937188%3Ac%3A1%3Arn%3A862068955%3Arqn%3A1%3Au%3A1679937188882240236%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C1%2C192%2C0%2C%2C0%2C%2C1280%2C5%2C%2C%2C%2C1548%3Aco%3A0%3Ans%3A1679937186004%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1679937188%3At%3Ailcorsaronero.theproxy2.cc%20-%20iTALiAN%20Torrent%20Search%20Engine&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
77.88.21.119200 OK 407 B URL HTTP/2 mc.yandex.ru/watch/90922622/1?wmode=7&page-url=http%3A%2F%2Filcorsaronero.theproxy2.cc%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A3ue65zhww2f2brt35wtqzj%3Afp%3A688%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A991%3Acn%3A2%3Adp%3A0%3Als%3A233423840699%3Ahid%3A492404856%3Az%3A0%3Ai%3A20230327171308%3Aet%3A1679937188%3Ac%3A1%3Arn%3A862068955%3Arqn%3A1%3Au%3A1679937188882240236%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C1%2C192%2C0%2C%2C0%2C%2C1280%2C5%2C%2C%2C%2C1548%3Aco%3A0%3Ans%3A1679937186004%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1679937188%3At%3Ailcorsaronero.theproxy2.cc%20-%20iTALiAN%20Torrent%20Search%20Engine&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
IP 77.88.21.119:0
File type JSON data\012- , ASCII text, with very long lines (407), with no line terminators
Hash 9318a0fe85cbaad43647cf1946169044
8bf201143356a7b828edf3b2a3400d4bb805385c
34aba41617aa879cb8c808a5a564a3c88e5c6a86801b4979e464c915aed70742
GET /watch/90922622/1?wmode=7&page-url=http%3A%2F%2Filcorsaronero.theproxy2.cc%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A3ue65zhww2f2brt35wtqzj%3Afp%3A688%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A991%3Acn%3A2%3Adp%3A0%3Als%3A233423840699%3Ahid%3A492404856%3Az%3A0%3Ai%3A20230327171308%3Aet%3A1679937188%3Ac%3A1%3Arn%3A862068955%3Arqn%3A1%3Au%3A1679937188882240236%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C1%2C192%2C0%2C%2C0%2C%2C1280%2C5%2C%2C%2C%2C1548%3Aco%3A0%3Ans%3A1679937186004%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1679937188%3At%3Ailcorsaronero.theproxy2.cc%20-%20iTALiAN%20Torrent%20Search%20Engine&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29 HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ilcorsaronero.theproxy2.cc
Referer: http://ilcorsaronero.theproxy2.cc/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 407
date: Mon, 27 Mar 2023 17:12:50 GMT
x-content-type-options: nosniff
access-control-allow-origin: http://ilcorsaronero.theproxy2.cc
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Mon, 27-Mar-2023 17:12:50 GMT
last-modified: Mon, 27-Mar-2023 17:12:50 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: application/json; charset=utf-8
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
interstitial-07.com/?l=OKbvoh8QrmFLUNY&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fbenumelan.com%2F12%3Frnd%3D2218197667%26z%3D3372123%26b%3D16692474%26c%3D6610460%26var%3D%26d%3Dhttps%253A%252F%252Fsingelstodate.com%252Fbase.php%253Fc%253D958%2526key%253Df9d8f4e55eccf0daf227167a81325855%2526zoneid%253D%257Bzoneid%257D%2526cost%253D%257Bcost%257D%2526subid%253D%2524%257BSUBID%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3DHVcFPlrnhoeS7cGYPa3zPDf9OQxYCobuIv6FZURlHFBedCj_H5dTJllxHZPgT4LlmRGalymfiUdW2IoxBuiyNUgqLO9n7QQUCGEkHVMh4IbpTdHgjXbxNQRVuXxC6hSJUXvwFE4n43VgUXNWHBE9L-IfuLl-gatS5oGfuzkrcdA0YWMKnPld6ilZoX7sCnpFbKV6dKRX8Fa2RgXNbta0OLsRU6YdhuVP_LydU2us7WqRLzZudaYI86DNEyu_scqCLHE8j23UXm0vITRFpfeIRabK4UUfiIeuWJoPlc9pqRS88WBMdTTroh6isF9cLZhTzoVbOmzo89De-sSYAJHftTqrBHtrAvEhj1ofr8CJ38g4Baf5Df7Oi3HrdtF7ZbIwMDq5Ef2ahtPTeWgETPx7rra1uCoS8A-Qp2wx66GzsIO3p-C8y-IjM2xk8Z2Qbho_PoC6ide1oHNvrHbDzP7357eqwBFpQMmRk0ZuGDiLZ_d_s_19rWkuWNP3rX3-y2I5xkeCY99CCNvTzMo7kJeFq6mAvH0X0Bnnx9jJc4TdvVh75EY1SjgsaXNRshq_PRva9QBq8iBIMq163LzY7jShDZvfi_gpzEnS8Go2EqiXTAt-Qt0hKBw9pofcMeXasIyw4R6h1-Y13qJlKybm5mZWpmMmcoq1LFDlbPnjwRIz4I8IiSnr%26bag%3D8l8Ms2eGBusIWu-YLYJUQg%3D%3D%26ruid%3D7cbf7b2a-5d4a-4bd2-92ee-959047c1146e%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttp%253A%252F%252Filcorsaronero.theproxy2.cc%252F%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1268%26wiw%3D1280%26wih%3D939%26wfc%3D1%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
139.45.197.154200 OK 35 kB URL HTTP/2 interstitial-07.com/?l=OKbvoh8QrmFLUNY&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fbenumelan.com%2F12%3Frnd%3D2218197667%26z%3D3372123%26b%3D16692474%26c%3D6610460%26var%3D%26d%3Dhttps%253A%252F%252Fsingelstodate.com%252Fbase.php%253Fc%253D958%2526key%253Df9d8f4e55eccf0daf227167a81325855%2526zoneid%253D%257Bzoneid%257D%2526cost%253D%257Bcost%257D%2526subid%253D%2524%257BSUBID%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3DHVcFPlrnhoeS7cGYPa3zPDf9OQxYCobuIv6FZURlHFBedCj_H5dTJllxHZPgT4LlmRGalymfiUdW2IoxBuiyNUgqLO9n7QQUCGEkHVMh4IbpTdHgjXbxNQRVuXxC6hSJUXvwFE4n43VgUXNWHBE9L-IfuLl-gatS5oGfuzkrcdA0YWMKnPld6ilZoX7sCnpFbKV6dKRX8Fa2RgXNbta0OLsRU6YdhuVP_LydU2us7WqRLzZudaYI86DNEyu_scqCLHE8j23UXm0vITRFpfeIRabK4UUfiIeuWJoPlc9pqRS88WBMdTTroh6isF9cLZhTzoVbOmzo89De-sSYAJHftTqrBHtrAvEhj1ofr8CJ38g4Baf5Df7Oi3HrdtF7ZbIwMDq5Ef2ahtPTeWgETPx7rra1uCoS8A-Qp2wx66GzsIO3p-C8y-IjM2xk8Z2Qbho_PoC6ide1oHNvrHbDzP7357eqwBFpQMmRk0ZuGDiLZ_d_s_19rWkuWNP3rX3-y2I5xkeCY99CCNvTzMo7kJeFq6mAvH0X0Bnnx9jJc4TdvVh75EY1SjgsaXNRshq_PRva9QBq8iBIMq163LzY7jShDZvfi_gpzEnS8Go2EqiXTAt-Qt0hKBw9pofcMeXasIyw4R6h1-Y13qJlKybm5mZWpmMmcoq1LFDlbPnjwRIz4I8IiSnr%26bag%3D8l8Ms2eGBusIWu-YLYJUQg%3D%3D%26ruid%3D7cbf7b2a-5d4a-4bd2-92ee-959047c1146e%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttp%253A%252F%252Filcorsaronero.theproxy2.cc%252F%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1268%26wiw%3D1280%26wih%3D939%26wfc%3D1%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
IP 139.45.197.154:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1516)
Hash cfb30e95f9a8e5b7cef2a7bb3325fd15
bd590a8fc8ffa42f87f40b75deb5d8e9496448ec
4092cb03e9ee5eb8b28c6bb9843470a720a55c5ab571b59b33a0776ac6169031
GET /?l=OKbvoh8QrmFLUNY&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fbenumelan.com%2F12%3Frnd%3D2218197667%26z%3D3372123%26b%3D16692474%26c%3D6610460%26var%3D%26d%3Dhttps%253A%252F%252Fsingelstodate.com%252Fbase.php%253Fc%253D958%2526key%253Df9d8f4e55eccf0daf227167a81325855%2526zoneid%253D%257Bzoneid%257D%2526cost%253D%257Bcost%257D%2526subid%253D%2524%257BSUBID%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3DHVcFPlrnhoeS7cGYPa3zPDf9OQxYCobuIv6FZURlHFBedCj_H5dTJllxHZPgT4LlmRGalymfiUdW2IoxBuiyNUgqLO9n7QQUCGEkHVMh4IbpTdHgjXbxNQRVuXxC6hSJUXvwFE4n43VgUXNWHBE9L-IfuLl-gatS5oGfuzkrcdA0YWMKnPld6ilZoX7sCnpFbKV6dKRX8Fa2RgXNbta0OLsRU6YdhuVP_LydU2us7WqRLzZudaYI86DNEyu_scqCLHE8j23UXm0vITRFpfeIRabK4UUfiIeuWJoPlc9pqRS88WBMdTTroh6isF9cLZhTzoVbOmzo89De-sSYAJHftTqrBHtrAvEhj1ofr8CJ38g4Baf5Df7Oi3HrdtF7ZbIwMDq5Ef2ahtPTeWgETPx7rra1uCoS8A-Qp2wx66GzsIO3p-C8y-IjM2xk8Z2Qbho_PoC6ide1oHNvrHbDzP7357eqwBFpQMmRk0ZuGDiLZ_d_s_19rWkuWNP3rX3-y2I5xkeCY99CCNvTzMo7kJeFq6mAvH0X0Bnnx9jJc4TdvVh75EY1SjgsaXNRshq_PRva9QBq8iBIMq163LzY7jShDZvfi_gpzEnS8Go2EqiXTAt-Qt0hKBw9pofcMeXasIyw4R6h1-Y13qJlKybm5mZWpmMmcoq1LFDlbPnjwRIz4I8IiSnr%26bag%3D8l8Ms2eGBusIWu-YLYJUQg%3D%3D%26ruid%3D7cbf7b2a-5d4a-4bd2-92ee-959047c1146e%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttp%253A%252F%252Filcorsaronero.theproxy2.cc%252F%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1268%26wiw%3D1280%26wih%3D939%26wfc%3D1%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0 HTTP/1.1
Host: interstitial-07.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ilcorsaronero.theproxy2.cc/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 27 Mar 2023 17:12:50 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.4.25
set-cookie: reverse=Ol4M41ibEgxAw13DTDwxc5cWpkdxztXA-1nJEayrhfQ; expires=Mon, 27-Mar-2023 18:12:50 GMT; Max-Age=3600; path=/
OAID=f0d73535f84429310a5727427d2ae539; expires=Mon, 21-Jun-2077 10:25:40 GMT; Max-Age=1711559570; path=/
oaidts=1679937170; expires=Mon, 21-Jun-2077 10:25:40 GMT; Max-Age=1711559570; path=/
syncedCookie=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-encoding: br
X-Firefox-Spdy: h2
cdn.barscreative1.com/sb/au/29/a4/96/29a4965e1015f036b834d9da1d4a5e6c/1632399618.html
45.133.44.3200 OK 5.3 kB URL HTTP/2 cdn.barscreative1.com/sb/au/29/a4/96/29a4965e1015f036b834d9da1d4a5e6c/1632399618.html
IP 45.133.44.3:0
ASN #39572 DataWeb Global Group B.V.
Hash 4cfd7ccc9c9afc051fbdf040d043031a
bb67043a721e7c964f6ef9bd3e74666db5c6b0d0
ec6e5d11214be3c7a99de7c32b6cdf70276500462a58f848c69982a7c9c6bcb4
GET /sb/au/29/a4/96/29a4965e1015f036b834d9da1d4a5e6c/1632399618.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ilcorsaronero.theproxy2.cc
Connection: keep-alive
Referer: http://ilcorsaronero.theproxy2.cc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 27 Mar 2023 17:12:50 GMT
content-type: text/html; charset=utf-8
server: nginx/1.17.6
last-modified: Thu, 23 Sep 2021 12:20:22 GMT
etag: W/"614c7106-563"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Mon, 27 Mar 2023 18:12:50 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2
unphionetor.com/vbl?t=72747&bid=undefined&aid=undefined
139.45.197.236204 No Content 0 B URL HTTP/2 unphionetor.com/vbl?t=72747&bid=undefined&aid=undefined
IP 139.45.197.236:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /vbl?t=72747&bid=undefined&aid=undefined HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://interstitial-07.com
Connection: keep-alive
Referer: https://interstitial-07.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Mon, 27 Mar 2023 17:12:50 GMT
access-control-allow-origin: https://interstitial-07.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 18a385028c2a325f92a21ece7653bb99
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.35200 OK 16 kB URL HTTP/1.1 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://ilcorsaronero.theproxy2.cc
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 15744
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Fri, 24 Mar 2023 10:33:15 GMT
Expires: Sat, 23 Mar 2024 10:33:15 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Wed, 11 May 2022 19:24:48 GMT
Content-Type: font/woff2
Age: 283176
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
142.250.74.35200 OK 16 kB URL HTTP/1.1 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://ilcorsaronero.theproxy2.cc
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 15860
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Fri, 24 Mar 2023 10:28:51 GMT
Expires: Sat, 23 Mar 2024 10:28:51 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Wed, 11 May 2022 19:24:42 GMT
Content-Type: font/woff2
Age: 283440
benumelan.com/15?rnd=3033992656&z=3372123&var=&rb=HVcFPlrnhoeS7cGYPa3zPDf9OQxYCobuIv6FZURlHFBedCj_H5dTJllxHZPgT4LlmRGalymfiUdW2IoxBuiyNUgqLO9n7QQUCGEkHVMh4IbpTdHgjXbxNQRVuXxC6hSJUXvwFE4n43VgUXNWHBE9L-IfuLl-gatS5oGfuzkrcdA0YWMKnPld6ilZoX7sCnpFbKV6dKRX8Fa2RgXNbta0OLsRU6YdhuVP_LydU2us7WqRLzZudaYI86DNEyu_scqCLHE8j23UXm0vITRFpfeIRabK4UUfiIeuWJoPlc9pqRS88WBMdTTroh6isF9cLZhTzoVbOmzo89De-sSYAJHftTqrBHtrAvEhj1ofr8CJ38g4Baf5Df7Oi3HrdtF7ZbIwMDq5Ef2ahtPTeWgETPx7rra1uCoS8A-Qp2wx66GzsIO3p-C8y-IjM2xk8Z2Qbho_PoC6ide1oHNvrHbDzP7357eqwBFpQMmRk0ZuGDiLZ_d_s_19rWkuWNP3rX3-y2I5xkeCY99CCNvTzMo7kJeFq6mAvH0X0Bnnx9jJc4TdvVh75EY1SjgsaXNRshq_PRva9QBq8iBIMq163LzY7jShDZvfi_gpzEnS8Go2EqiXTAt-Qt0hKBw9pofcMeXasIyw4R6h1-Y13qJlKybm5mZWpmMmcoq1LFDlbPnjwRIz4I8IiSnr&ruid=7cbf7b2a-5d4a-4bd2-92ee-959047c1146e&uci=%7B%22path%22%3A%7B%22count%22%3A0%2C%22totalLength%22%3A0%2C%22pathHistogram%22%3A%7B%224%22%3A0%2C%228%22%3A0%2C%2216%22%3A0%2C%2232%22%3A0%2C%2264%22%3A0%2C%22128%22%3A0%2C%22256%22%3A0%2C%22512%22%3A0%2C%221024%22%3A0%7D%7D%2C%22durationOnCreate%22%3A1.128%2C%22location%22%3A%22http%3A%2F%2Filcorsaronero.theproxy2.cc%2F%22%2C%22isSelenium%22%3Afalse%2C%22isPhantom%22%3Afalse%2C%22isTouch%22%3Afalse%2C%22pluginCount%22%3A0%2C%22wdov%22%3A0%2C%22isIONS%22%3Atrue%7D
139.45.197.239204 No Content 0 B URL HTTP/2 benumelan.com/15?rnd=3033992656&z=3372123&var=&rb=HVcFPlrnhoeS7cGYPa3zPDf9OQxYCobuIv6FZURlHFBedCj_H5dTJllxHZPgT4LlmRGalymfiUdW2IoxBuiyNUgqLO9n7QQUCGEkHVMh4IbpTdHgjXbxNQRVuXxC6hSJUXvwFE4n43VgUXNWHBE9L-IfuLl-gatS5oGfuzkrcdA0YWMKnPld6ilZoX7sCnpFbKV6dKRX8Fa2RgXNbta0OLsRU6YdhuVP_LydU2us7WqRLzZudaYI86DNEyu_scqCLHE8j23UXm0vITRFpfeIRabK4UUfiIeuWJoPlc9pqRS88WBMdTTroh6isF9cLZhTzoVbOmzo89De-sSYAJHftTqrBHtrAvEhj1ofr8CJ38g4Baf5Df7Oi3HrdtF7ZbIwMDq5Ef2ahtPTeWgETPx7rra1uCoS8A-Qp2wx66GzsIO3p-C8y-IjM2xk8Z2Qbho_PoC6ide1oHNvrHbDzP7357eqwBFpQMmRk0ZuGDiLZ_d_s_19rWkuWNP3rX3-y2I5xkeCY99CCNvTzMo7kJeFq6mAvH0X0Bnnx9jJc4TdvVh75EY1SjgsaXNRshq_PRva9QBq8iBIMq163LzY7jShDZvfi_gpzEnS8Go2EqiXTAt-Qt0hKBw9pofcMeXasIyw4R6h1-Y13qJlKybm5mZWpmMmcoq1LFDlbPnjwRIz4I8IiSnr&ruid=7cbf7b2a-5d4a-4bd2-92ee-959047c1146e&uci=%7B%22path%22%3A%7B%22count%22%3A0%2C%22totalLength%22%3A0%2C%22pathHistogram%22%3A%7B%224%22%3A0%2C%228%22%3A0%2C%2216%22%3A0%2C%2232%22%3A0%2C%2264%22%3A0%2C%22128%22%3A0%2C%22256%22%3A0%2C%22512%22%3A0%2C%221024%22%3A0%7D%7D%2C%22durationOnCreate%22%3A1.128%2C%22location%22%3A%22http%3A%2F%2Filcorsaronero.theproxy2.cc%2F%22%2C%22isSelenium%22%3Afalse%2C%22isPhantom%22%3Afalse%2C%22isTouch%22%3Afalse%2C%22pluginCount%22%3A0%2C%22wdov%22%3A0%2C%22isIONS%22%3Atrue%7D
IP 139.45.197.239:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /15?rnd=3033992656&z=3372123&var=&rb=HVcFPlrnhoeS7cGYPa3zPDf9OQxYCobuIv6FZURlHFBedCj_H5dTJllxHZPgT4LlmRGalymfiUdW2IoxBuiyNUgqLO9n7QQUCGEkHVMh4IbpTdHgjXbxNQRVuXxC6hSJUXvwFE4n43VgUXNWHBE9L-IfuLl-gatS5oGfuzkrcdA0YWMKnPld6ilZoX7sCnpFbKV6dKRX8Fa2RgXNbta0OLsRU6YdhuVP_LydU2us7WqRLzZudaYI86DNEyu_scqCLHE8j23UXm0vITRFpfeIRabK4UUfiIeuWJoPlc9pqRS88WBMdTTroh6isF9cLZhTzoVbOmzo89De-sSYAJHftTqrBHtrAvEhj1ofr8CJ38g4Baf5Df7Oi3HrdtF7ZbIwMDq5Ef2ahtPTeWgETPx7rra1uCoS8A-Qp2wx66GzsIO3p-C8y-IjM2xk8Z2Qbho_PoC6ide1oHNvrHbDzP7357eqwBFpQMmRk0ZuGDiLZ_d_s_19rWkuWNP3rX3-y2I5xkeCY99CCNvTzMo7kJeFq6mAvH0X0Bnnx9jJc4TdvVh75EY1SjgsaXNRshq_PRva9QBq8iBIMq163LzY7jShDZvfi_gpzEnS8Go2EqiXTAt-Qt0hKBw9pofcMeXasIyw4R6h1-Y13qJlKybm5mZWpmMmcoq1LFDlbPnjwRIz4I8IiSnr&ruid=7cbf7b2a-5d4a-4bd2-92ee-959047c1146e&uci=%7B%22path%22%3A%7B%22count%22%3A0%2C%22totalLength%22%3A0%2C%22pathHistogram%22%3A%7B%224%22%3A0%2C%228%22%3A0%2C%2216%22%3A0%2C%2232%22%3A0%2C%2264%22%3A0%2C%22128%22%3A0%2C%22256%22%3A0%2C%22512%22%3A0%2C%221024%22%3A0%7D%7D%2C%22durationOnCreate%22%3A1.128%2C%22location%22%3A%22http%3A%2F%2Filcorsaronero.theproxy2.cc%2F%22%2C%22isSelenium%22%3Afalse%2C%22isPhantom%22%3Afalse%2C%22isTouch%22%3Afalse%2C%22pluginCount%22%3A0%2C%22wdov%22%3A0%2C%22isIONS%22%3Atrue%7D HTTP/1.1
Host: benumelan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ilcorsaronero.theproxy2.cc
Connection: keep-alive
Referer: http://ilcorsaronero.theproxy2.cc/
Cookie: scm=1; OAID=103436852ca44d65ba1a3b5b501e1201; oaidts=1679937169; syncedCookie=true
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Mon, 27 Mar 2023 17:12:51 GMT
access-control-allow-credentials: true
access-control-allow-origin: http://ilcorsaronero.theproxy2.cc
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID
x-trace-id: 62638f1b169d770c3846ed0c1012c45c
access-control-expose-headers: X-Sc
set-cookie: OAID=103436852ca44d65ba1a3b5b501e1201; expires=Tue, 26 Mar 2024 17:12:51 GMT; secure; SameSite=None
oaidts=1679937169; expires=Tue, 26 Mar 2024 17:12:51 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
registercherryheadquarter.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSMW8jRRSezYWGq0A0FCBDBQI5u2s7tklxIhxB0YUk3B0E0c3OjJ3B45nVzK7XiSgiTkLXIHw0UG4%2BJxcBEeJ%2BABLa0KBIJ8UUkILQIVqElBrZsWTuSTPvffO94vvem8%2F20wviI6Xnm%2B%2BaXakUXaiV%2FdIrW1Jzk7nS%2Bt1S4Jf9pdKW1IvVpVJ%2FfNneG4FfK%2Fuvlt4RrGMWQj%2Fw%2FcAPSivSipbpL0xYyPi4GZSbfrkaloNaFX37JHapB0c98N4FeRaSj57a%2FuURJCuguz%2FcFK6TmPj1t7upoomx6PGj93VHm0yjOytb1kNLH027YdyIkK%2FnYPTR1AFM72DsAJEcEe%2B3AJE%2BmspE1Du8UhopCI2IX0fWKyBUAUkLMHMPkp8RgHGsb0B3H64bm9GdK5aO2RGZv%2FwXMhuR%2BT%2Beg%2B5%2Bv6xkv3THqDSRRjv0Wzlkv4BsF4jTEyS7c5DZCVjyKSR%2FTBYu16C7BxtOGUieT9xLWUC2CigxAHUe0vGRHtKWhzT20OXnJVprtny%2F3opalUqjyhirVBirNRZ5jVeqjZaPlI3lDZDEAzA1ALN7iO0eOvLBWfAabPoT3HYOxz24ZES89%2FbQ4zkyQZA5gowSZJIgSwiyXn7IlQtd%2FpArl0bBNIfTXMmHJmnv00OTtIUm%2B%2FEFeWYymn8%2BvERHnJdo2Fhs%2BmG9GdB6q8qajYhFgWgEYSUMGa834GQO6eYmbnfHe8ovEMsRIV%2F8joiewKkTMPkyaPoCaDashz7o9rDa8LGrj1MdKcM6gpclBzc54mQeyY63ry7I8xMdzb%2BuQ7DTG199vvHnEv8IzOaIbY6P5c8EbXV%2FeNtk5OC2yRx5tBEnsit36Xh9dxKaiGvf3hI7mbF89aYbfPMmGxPj8viucMka1VzqtiPfLUvOhV0xlgny46rbEtFm6raXU6vTeG3zrZXVbmyFc9LoAlSeffAJmByRp21n8jFf%2FPsWpC1g0xzd9JRMA9IUYPEeXDxT7wyBVbOeKPaQpfnQhtHsUUkCJWaYRjnc%2F3A0q%2FfdfbStB5rcg%2B7m6NkcPZWDqgFcem2YxPb0xq%2BVSSBS3jBS1juIlFUPrkbr5HmpFlRFI2rUGeeRYDyoh5VGxfdDzqv1pgiaSNyIv%2FT4y%2F8AAAD%2F%2FwEAAP%2F%2FQrreGXAEAAA%3D
192.243.59.20200 OK 7 B URL HTTP/1.1 registercherryheadquarter.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSMW8jRRSezYWGq0A0FCBDBQI5u2s7tklxIhxB0YUk3B0E0c3OjJ3B45nVzK7XiSgiTkLXIHw0UG4%2BJxcBEeJ%2BABLa0KBIJ8UUkILQIVqElBrZsWTuSTPvffO94vvem8%2F20wviI6Xnm%2B%2BaXakUXaiV%2FdIrW1Jzk7nS%2Bt1S4Jf9pdKW1IvVpVJ%2FfNneG4FfK%2Fuvlt4RrGMWQj%2Fw%2FcAPSivSipbpL0xYyPi4GZSbfrkaloNaFX37JHapB0c98N4FeRaSj57a%2FuURJCuguz%2FcFK6TmPj1t7upoomx6PGj93VHm0yjOytb1kNLH027YdyIkK%2FnYPTR1AFM72DsAJEcEe%2B3AJE%2BmspE1Du8UhopCI2IX0fWKyBUAUkLMHMPkp8RgHGsb0B3H64bm9GdK5aO2RGZv%2FwXMhuR%2BT%2Beg%2B5%2Bv6xkv3THqDSRRjv0Wzlkv4BsF4jTEyS7c5DZCVjyKSR%2FTBYu16C7BxtOGUieT9xLWUC2CigxAHUe0vGRHtKWhzT20OXnJVprtny%2F3opalUqjyhirVBirNRZ5jVeqjZaPlI3lDZDEAzA1ALN7iO0eOvLBWfAabPoT3HYOxz24ZES89%2FbQ4zkyQZA5gowSZJIgSwiyXn7IlQtd%2FpArl0bBNIfTXMmHJmnv00OTtIUm%2B%2FEFeWYymn8%2BvERHnJdo2Fhs%2BmG9GdB6q8qajYhFgWgEYSUMGa834GQO6eYmbnfHe8ovEMsRIV%2F8joiewKkTMPkyaPoCaDashz7o9rDa8LGrj1MdKcM6gpclBzc54mQeyY63ry7I8xMdzb%2BuQ7DTG199vvHnEv8IzOaIbY6P5c8EbXV%2FeNtk5OC2yRx5tBEnsit36Xh9dxKaiGvf3hI7mbF89aYbfPMmGxPj8viucMka1VzqtiPfLUvOhV0xlgny46rbEtFm6raXU6vTeG3zrZXVbmyFc9LoAlSeffAJmByRp21n8jFf%2FPsWpC1g0xzd9JRMA9IUYPEeXDxT7wyBVbOeKPaQpfnQhtHsUUkCJWaYRjnc%2F3A0q%2FfdfbStB5rcg%2B7m6NkcPZWDqgFcem2YxPb0xq%2BVSSBS3jBS1juIlFUPrkbr5HmpFlRFI2rUGeeRYDyoh5VGxfdDzqv1pgiaSNyIv%2FT4y%2F8AAAD%2F%2FwEAAP%2F%2FQrreGXAEAAA%3D
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSMW8jRRSezYWGq0A0FCBDBQI5u2s7tklxIhxB0YUk3B0E0c3OjJ3B45nVzK7XiSgiTkLXIHw0UG4%2BJxcBEeJ%2BABLa0KBIJ8UUkILQIVqElBrZsWTuSTPvffO94vvem8%2F20wviI6Xnm%2B%2BaXakUXaiV%2FdIrW1Jzk7nS%2Bt1S4Jf9pdKW1IvVpVJ%2FfNneG4FfK%2Fuvlt4RrGMWQj%2Fw%2FcAPSivSipbpL0xYyPi4GZSbfrkaloNaFX37JHapB0c98N4FeRaSj57a%2FuURJCuguz%2FcFK6TmPj1t7upoomx6PGj93VHm0yjOytb1kNLH027YdyIkK%2FnYPTR1AFM72DsAJEcEe%2B3AJE%2BmspE1Du8UhopCI2IX0fWKyBUAUkLMHMPkp8RgHGsb0B3H64bm9GdK5aO2RGZv%2FwXMhuR%2BT%2Beg%2B5%2Bv6xkv3THqDSRRjv0Wzlkv4BsF4jTEyS7c5DZCVjyKSR%2FTBYu16C7BxtOGUieT9xLWUC2CigxAHUe0vGRHtKWhzT20OXnJVprtny%2F3opalUqjyhirVBirNRZ5jVeqjZaPlI3lDZDEAzA1ALN7iO0eOvLBWfAabPoT3HYOxz24ZES89%2FbQ4zkyQZA5gowSZJIgSwiyXn7IlQtd%2FpArl0bBNIfTXMmHJmnv00OTtIUm%2B%2FEFeWYymn8%2BvERHnJdo2Fhs%2BmG9GdB6q8qajYhFgWgEYSUMGa834GQO6eYmbnfHe8ovEMsRIV%2F8joiewKkTMPkyaPoCaDashz7o9rDa8LGrj1MdKcM6gpclBzc54mQeyY63ry7I8xMdzb%2BuQ7DTG199vvHnEv8IzOaIbY6P5c8EbXV%2FeNtk5OC2yRx5tBEnsit36Xh9dxKaiGvf3hI7mbF89aYbfPMmGxPj8viucMka1VzqtiPfLUvOhV0xlgny46rbEtFm6raXU6vTeG3zrZXVbmyFc9LoAlSeffAJmByRp21n8jFf%2FPsWpC1g0xzd9JRMA9IUYPEeXDxT7wyBVbOeKPaQpfnQhtHsUUkCJWaYRjnc%2F3A0q%2FfdfbStB5rcg%2B7m6NkcPZWDqgFcem2YxPb0xq%2BVSSBS3jBS1juIlFUPrkbr5HmpFlRFI2rUGeeRYDyoh5VGxfdDzqv1pgiaSNyIv%2FT4y%2F8AAAD%2F%2FwEAAP%2F%2FQrreGXAEAAA%3D HTTP/1.1
Host: registercherryheadquarter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ilcorsaronero.theproxy2.cc/
Cookie: u_pl=15816950; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Mon, 27 Mar 2023 17:12:51 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 7225b2a4daf22e379e5daaef38088e16
Strict-Transport-Security: max-age=0; includeSubdomains
mc.yandex.ru/watch/57311164?wmode=7&page-url=http%3A%2F%2Filcorsaronero.theproxy2.cc%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A3ue65zhww2f2brt35wtqzj%3Afp%3A688%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A991%3Acn%3A1%3Adp%3A0%3Als%3A107772735612%3Ahid%3A492404856%3Az%3A0%3Ai%3A20230327171308%3Aet%3A1679937188%3Ac%3A1%3Arn%3A430692457%3Arqn%3A1%3Au%3A1679937188882240236%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C1%2C192%2C0%2C%2C0%2C%2C1280%2C5%2C%2C%2C%2C1548%3Aco%3A0%3Ans%3A1679937186004%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1679937188%3At%3Ailcorsaronero.theproxy2.cc%20-%20iTALiAN%20Torrent%20Search%20Engine&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)
77.88.21.119302 Found 1.2 kB URL HTTP/2 mc.yandex.ru/watch/57311164?wmode=7&page-url=http%3A%2F%2Filcorsaronero.theproxy2.cc%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A3ue65zhww2f2brt35wtqzj%3Afp%3A688%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A991%3Acn%3A1%3Adp%3A0%3Als%3A107772735612%3Ahid%3A492404856%3Az%3A0%3Ai%3A20230327171308%3Aet%3A1679937188%3Ac%3A1%3Arn%3A430692457%3Arqn%3A1%3Au%3A1679937188882240236%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C1%2C192%2C0%2C%2C0%2C%2C1280%2C5%2C%2C%2C%2C1548%3Aco%3A0%3Ans%3A1679937186004%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1679937188%3At%3Ailcorsaronero.theproxy2.cc%20-%20iTALiAN%20Torrent%20Search%20Engine&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)
IP 77.88.21.119:0
Hash e8c2344398b3bd0f75f57671d4dac2ce
76d40dc555fc8ec819b715004eda3546d73ddddd
93bd4aa7aff935eac97d613f87175743227d49482bbf0cea4596cbf605f5620a
GET /watch/57311164?wmode=7&page-url=http%3A%2F%2Filcorsaronero.theproxy2.cc%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A3ue65zhww2f2brt35wtqzj%3Afp%3A688%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A991%3Acn%3A1%3Adp%3A0%3Als%3A107772735612%3Ahid%3A492404856%3Az%3A0%3Ai%3A20230327171308%3Aet%3A1679937188%3Ac%3A1%3Arn%3A430692457%3Arqn%3A1%3Au%3A1679937188882240236%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C1%2C192%2C0%2C%2C0%2C%2C1280%2C5%2C%2C%2C%2C1548%3Aco%3A0%3Ans%3A1679937186004%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1679937188%3At%3Ailcorsaronero.theproxy2.cc%20-%20iTALiAN%20Torrent%20Search%20Engine&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ilcorsaronero.theproxy2.cc
Connection: keep-alive
Referer: http://ilcorsaronero.theproxy2.cc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /watch/57311164/1?wmode=7&page-url=http%3A%2F%2Filcorsaronero.theproxy2.cc%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A3ue65zhww2f2brt35wtqzj%3Afp%3A688%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A991%3Acn%3A1%3Adp%3A0%3Als%3A107772735612%3Ahid%3A492404856%3Az%3A0%3Ai%3A20230327171308%3Aet%3A1679937188%3Ac%3A1%3Arn%3A430692457%3Arqn%3A1%3Au%3A1679937188882240236%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C1%2C192%2C0%2C%2C0%2C%2C1280%2C5%2C%2C%2C%2C1548%3Aco%3A0%3Ans%3A1679937186004%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1679937188%3At%3Ailcorsaronero.theproxy2.cc%20-%20iTALiAN%20Torrent%20Search%20Engine&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
date: Mon, 27 Mar 2023 17:12:50 GMT
access-control-allow-origin: http://ilcorsaronero.theproxy2.cc
set-cookie: yabs-sid=2136767091679937170; Path=/; SameSite=None; Secure
i=DOjsFslVKR2BVVO244cw8UryVWhY39cYmTn/Zrmv7+RwSpIwRQ/9T3tDARzkIt3rPK4R/5LOqqohhfuYCsPB0dvdX0Y=; Expires=Thu, 24-Mar-2033 17:12:45 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
yandexuid=7583110311679937170; Expires=Thu, 24-Mar-2033 17:12:45 GMT; Domain=.yandex.ru; Path=/; Secure; SameSite=None
yuidss=7583110311679937170; Expires=Tue, 26-Mar-2024 17:12:50 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
ymex=1711473170.yc.1679937170#1711473170.yrts.1679937170#1711473170.yrtsi.1679937170; Expires=Tue, 26-Mar-2024 17:12:50 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Mon, 27-Mar-2023 17:12:50 GMT
last-modified: Mon, 27-Mar-2023 17:12:50 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
benumelan.com/15?rnd=3033992656&z=3372123&var=&rb=HVcFPlrnhoeS7cGYPa3zPDf9OQxYCobuIv6FZURlHFBedCj_H5dTJllxHZPgT4LlmRGalymfiUdW2IoxBuiyNUgqLO9n7QQUCGEkHVMh4IbpTdHgjXbxNQRVuXxC6hSJUXvwFE4n43VgUXNWHBE9L-IfuLl-gatS5oGfuzkrcdA0YWMKnPld6ilZoX7sCnpFbKV6dKRX8Fa2RgXNbta0OLsRU6YdhuVP_LydU2us7WqRLzZudaYI86DNEyu_scqCLHE8j23UXm0vITRFpfeIRabK4UUfiIeuWJoPlc9pqRS88WBMdTTroh6isF9cLZhTzoVbOmzo89De-sSYAJHftTqrBHtrAvEhj1ofr8CJ38g4Baf5Df7Oi3HrdtF7ZbIwMDq5Ef2ahtPTeWgETPx7rra1uCoS8A-Qp2wx66GzsIO3p-C8y-IjM2xk8Z2Qbho_PoC6ide1oHNvrHbDzP7357eqwBFpQMmRk0ZuGDiLZ_d_s_19rWkuWNP3rX3-y2I5xkeCY99CCNvTzMo7kJeFq6mAvH0X0Bnnx9jJc4TdvVh75EY1SjgsaXNRshq_PRva9QBq8iBIMq163LzY7jShDZvfi_gpzEnS8Go2EqiXTAt-Qt0hKBw9pofcMeXasIyw4R6h1-Y13qJlKybm5mZWpmMmcoq1LFDlbPnjwRIz4I8IiSnr&ruid=7cbf7b2a-5d4a-4bd2-92ee-959047c1146e&uci=%7B%22path%22%3A%7B%22count%22%3A0%2C%22totalLength%22%3A0%2C%22pathHistogram%22%3A%7B%224%22%3A0%2C%228%22%3A0%2C%2216%22%3A0%2C%2232%22%3A0%2C%2264%22%3A0%2C%22128%22%3A0%2C%22256%22%3A0%2C%22512%22%3A0%2C%221024%22%3A0%7D%7D%2C%22durationOnCreate%22%3A3.146%2C%22location%22%3A%22http%3A%2F%2Filcorsaronero.theproxy2.cc%2F%22%2C%22isSelenium%22%3Afalse%2C%22isPhantom%22%3Afalse%2C%22isTouch%22%3Afalse%2C%22pluginCount%22%3A0%2C%22wdov%22%3A0%2C%22isIONS%22%3Atrue%7D
139.45.197.239204 No Content 0 B URL HTTP/2 benumelan.com/15?rnd=3033992656&z=3372123&var=&rb=HVcFPlrnhoeS7cGYPa3zPDf9OQxYCobuIv6FZURlHFBedCj_H5dTJllxHZPgT4LlmRGalymfiUdW2IoxBuiyNUgqLO9n7QQUCGEkHVMh4IbpTdHgjXbxNQRVuXxC6hSJUXvwFE4n43VgUXNWHBE9L-IfuLl-gatS5oGfuzkrcdA0YWMKnPld6ilZoX7sCnpFbKV6dKRX8Fa2RgXNbta0OLsRU6YdhuVP_LydU2us7WqRLzZudaYI86DNEyu_scqCLHE8j23UXm0vITRFpfeIRabK4UUfiIeuWJoPlc9pqRS88WBMdTTroh6isF9cLZhTzoVbOmzo89De-sSYAJHftTqrBHtrAvEhj1ofr8CJ38g4Baf5Df7Oi3HrdtF7ZbIwMDq5Ef2ahtPTeWgETPx7rra1uCoS8A-Qp2wx66GzsIO3p-C8y-IjM2xk8Z2Qbho_PoC6ide1oHNvrHbDzP7357eqwBFpQMmRk0ZuGDiLZ_d_s_19rWkuWNP3rX3-y2I5xkeCY99CCNvTzMo7kJeFq6mAvH0X0Bnnx9jJc4TdvVh75EY1SjgsaXNRshq_PRva9QBq8iBIMq163LzY7jShDZvfi_gpzEnS8Go2EqiXTAt-Qt0hKBw9pofcMeXasIyw4R6h1-Y13qJlKybm5mZWpmMmcoq1LFDlbPnjwRIz4I8IiSnr&ruid=7cbf7b2a-5d4a-4bd2-92ee-959047c1146e&uci=%7B%22path%22%3A%7B%22count%22%3A0%2C%22totalLength%22%3A0%2C%22pathHistogram%22%3A%7B%224%22%3A0%2C%228%22%3A0%2C%2216%22%3A0%2C%2232%22%3A0%2C%2264%22%3A0%2C%22128%22%3A0%2C%22256%22%3A0%2C%22512%22%3A0%2C%221024%22%3A0%7D%7D%2C%22durationOnCreate%22%3A3.146%2C%22location%22%3A%22http%3A%2F%2Filcorsaronero.theproxy2.cc%2F%22%2C%22isSelenium%22%3Afalse%2C%22isPhantom%22%3Afalse%2C%22isTouch%22%3Afalse%2C%22pluginCount%22%3A0%2C%22wdov%22%3A0%2C%22isIONS%22%3Atrue%7D
IP 139.45.197.239:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /15?rnd=3033992656&z=3372123&var=&rb=HVcFPlrnhoeS7cGYPa3zPDf9OQxYCobuIv6FZURlHFBedCj_H5dTJllxHZPgT4LlmRGalymfiUdW2IoxBuiyNUgqLO9n7QQUCGEkHVMh4IbpTdHgjXbxNQRVuXxC6hSJUXvwFE4n43VgUXNWHBE9L-IfuLl-gatS5oGfuzkrcdA0YWMKnPld6ilZoX7sCnpFbKV6dKRX8Fa2RgXNbta0OLsRU6YdhuVP_LydU2us7WqRLzZudaYI86DNEyu_scqCLHE8j23UXm0vITRFpfeIRabK4UUfiIeuWJoPlc9pqRS88WBMdTTroh6isF9cLZhTzoVbOmzo89De-sSYAJHftTqrBHtrAvEhj1ofr8CJ38g4Baf5Df7Oi3HrdtF7ZbIwMDq5Ef2ahtPTeWgETPx7rra1uCoS8A-Qp2wx66GzsIO3p-C8y-IjM2xk8Z2Qbho_PoC6ide1oHNvrHbDzP7357eqwBFpQMmRk0ZuGDiLZ_d_s_19rWkuWNP3rX3-y2I5xkeCY99CCNvTzMo7kJeFq6mAvH0X0Bnnx9jJc4TdvVh75EY1SjgsaXNRshq_PRva9QBq8iBIMq163LzY7jShDZvfi_gpzEnS8Go2EqiXTAt-Qt0hKBw9pofcMeXasIyw4R6h1-Y13qJlKybm5mZWpmMmcoq1LFDlbPnjwRIz4I8IiSnr&ruid=7cbf7b2a-5d4a-4bd2-92ee-959047c1146e&uci=%7B%22path%22%3A%7B%22count%22%3A0%2C%22totalLength%22%3A0%2C%22pathHistogram%22%3A%7B%224%22%3A0%2C%228%22%3A0%2C%2216%22%3A0%2C%2232%22%3A0%2C%2264%22%3A0%2C%22128%22%3A0%2C%22256%22%3A0%2C%22512%22%3A0%2C%221024%22%3A0%7D%7D%2C%22durationOnCreate%22%3A3.146%2C%22location%22%3A%22http%3A%2F%2Filcorsaronero.theproxy2.cc%2F%22%2C%22isSelenium%22%3Afalse%2C%22isPhantom%22%3Afalse%2C%22isTouch%22%3Afalse%2C%22pluginCount%22%3A0%2C%22wdov%22%3A0%2C%22isIONS%22%3Atrue%7D HTTP/1.1
Host: benumelan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ilcorsaronero.theproxy2.cc
Connection: keep-alive
Referer: http://ilcorsaronero.theproxy2.cc/
Cookie: scm=1; OAID=103436852ca44d65ba1a3b5b501e1201; oaidts=1679937169; syncedCookie=true
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Mon, 27 Mar 2023 17:12:53 GMT
access-control-allow-credentials: true
access-control-allow-origin: http://ilcorsaronero.theproxy2.cc
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID
x-trace-id: 3fa06c6abf8971c3dda55c7359112ff3
access-control-expose-headers: X-Sc
set-cookie: OAID=103436852ca44d65ba1a3b5b501e1201; expires=Tue, 26 Mar 2024 17:12:53 GMT; secure; SameSite=None
oaidts=1679937169; expires=Tue, 26 Mar 2024 17:12:53 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
rndskittytor.com/impression/GTQnJtNLfGcDstAyQcmY7SMGCZuviHU6qG3XIVTHmeBZSVHWduycdJuSJr6HKPMKRW9ew1lwX-7PKVnQsu9cZxSjsC45DMUIx5OqKaj9u2aoRjFU-C4RfOfg2AKSrJa_SVPAxiLUvUVrQH0el78uW51VCFHYpu3BpY16EHtOAPmEfeOdBgnjpvkRpTXVFOgtRnqdU-DEA9aqSuENLWzpeFHoUcGxFboIQykPqnpXgVTgBlzVEFetgv0iGxQB8MVTMo4ZJc6RSLuArGiQMXbeAhCHNGP0RJvkHOgiEwe0AhsZfHRnl23YeeADgsTme-Tz_H4t48xrstPyOmfIOc4MeLRQji38XKFCqMl2J0cljQMEe8sanSwSy842uG6atBrw44LzxtOwcEtXET8Z9Ir3UYGvpb0hLxNpa3omah4Mw52HKLQ4lImyPda4QvJIx-KKPEA6nGrtw75fcDqVBI4g_dg7_Yqi418lOUa_iPIdg8g6j8vNMYeodycwxZM7uYrbJvozPoyKvAV-zDHW5eDxDw_Hzm6Ybrx-Whzu43dP5GiAT6FZokjC2VPhVupBc0TAsDqc3WTpwfEhPLdblVbItxCvuAiZHe3qcmOlTiZ-wgE=?_z=4837723&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=4&pl=http%3A%2F%2Filcorsaronero.theproxy2.cc%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.238200 OK 43 B URL HTTP/2 rndskittytor.com/impression/GTQnJtNLfGcDstAyQcmY7SMGCZuviHU6qG3XIVTHmeBZSVHWduycdJuSJr6HKPMKRW9ew1lwX-7PKVnQsu9cZxSjsC45DMUIx5OqKaj9u2aoRjFU-C4RfOfg2AKSrJa_SVPAxiLUvUVrQH0el78uW51VCFHYpu3BpY16EHtOAPmEfeOdBgnjpvkRpTXVFOgtRnqdU-DEA9aqSuENLWzpeFHoUcGxFboIQykPqnpXgVTgBlzVEFetgv0iGxQB8MVTMo4ZJc6RSLuArGiQMXbeAhCHNGP0RJvkHOgiEwe0AhsZfHRnl23YeeADgsTme-Tz_H4t48xrstPyOmfIOc4MeLRQji38XKFCqMl2J0cljQMEe8sanSwSy842uG6atBrw44LzxtOwcEtXET8Z9Ir3UYGvpb0hLxNpa3omah4Mw52HKLQ4lImyPda4QvJIx-KKPEA6nGrtw75fcDqVBI4g_dg7_Yqi418lOUa_iPIdg8g6j8vNMYeodycwxZM7uYrbJvozPoyKvAV-zDHW5eDxDw_Hzm6Ybrx-Whzu43dP5GiAT6FZokjC2VPhVupBc0TAsDqc3WTpwfEhPLdblVbItxCvuAiZHe3qcmOlTiZ-wgE=?_z=4837723&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=4&pl=http%3A%2F%2Filcorsaronero.theproxy2.cc%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.238:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /impression/GTQnJtNLfGcDstAyQcmY7SMGCZuviHU6qG3XIVTHmeBZSVHWduycdJuSJr6HKPMKRW9ew1lwX-7PKVnQsu9cZxSjsC45DMUIx5OqKaj9u2aoRjFU-C4RfOfg2AKSrJa_SVPAxiLUvUVrQH0el78uW51VCFHYpu3BpY16EHtOAPmEfeOdBgnjpvkRpTXVFOgtRnqdU-DEA9aqSuENLWzpeFHoUcGxFboIQykPqnpXgVTgBlzVEFetgv0iGxQB8MVTMo4ZJc6RSLuArGiQMXbeAhCHNGP0RJvkHOgiEwe0AhsZfHRnl23YeeADgsTme-Tz_H4t48xrstPyOmfIOc4MeLRQji38XKFCqMl2J0cljQMEe8sanSwSy842uG6atBrw44LzxtOwcEtXET8Z9Ir3UYGvpb0hLxNpa3omah4Mw52HKLQ4lImyPda4QvJIx-KKPEA6nGrtw75fcDqVBI4g_dg7_Yqi418lOUa_iPIdg8g6j8vNMYeodycwxZM7uYrbJvozPoyKvAV-zDHW5eDxDw_Hzm6Ybrx-Whzu43dP5GiAT6FZokjC2VPhVupBc0TAsDqc3WTpwfEhPLdblVbItxCvuAiZHe3qcmOlTiZ-wgE=?_z=4837723&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=4&pl=http%3A%2F%2Filcorsaronero.theproxy2.cc%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: rndskittytor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ilcorsaronero.theproxy2.cc/
Cookie: OAID=103436852ca44d65ba1a3b5b501e1201
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 27 Mar 2023 17:12:53 GMT
content-type: image/gif
content-length: 43
x-trace-id: d619628ce692b7c16ca583503814c040
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
142.250.74.35200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://ilcorsaronero.theproxy2.cc
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 24 Mar 2023 10:26:42 GMT
expires: Sat, 23 Mar 2024 10:26:42 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
age: 283571
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
benumelan.com/11?rnd=4137735017&z=3372123&b=16692474&var=&rqtdbc=0&rcvdbc=0&btp=7&rb=HVcFPlrnhoeS7cGYPa3zPDf9OQxYCobuIv6FZURlHFBedCj_H5dTJllxHZPgT4LlmRGalymfiUdW2IoxBuiyNUgqLO9n7QQUCGEkHVMh4IbpTdHgjXbxNQRVuXxC6hSJUXvwFE4n43VgUXNWHBE9L-IfuLl-gatS5oGfuzkrcdA0YWMKnPld6ilZoX7sCnpFbKV6dKRX8Fa2RgXNbta0OLsRU6YdhuVP_LydU2us7WqRLzZudaYI86DNEyu_scqCLHE8j23UXm0vITRFpfeIRabK4UUfiIeuWJoPlc9pqRS88WBMdTTroh6isF9cLZhTzoVbOmzo89De-sSYAJHftTqrBHtrAvEhj1ofr8CJ38g4Baf5Df7Oi3HrdtF7ZbIwMDq5Ef2ahtPTeWgETPx7rra1uCoS8A-Qp2wx66GzsIO3p-C8y-IjM2xk8Z2Qbho_PoC6ide1oHNvrHbDzP7357eqwBFpQMmRk0ZuGDiLZ_d_s_19rWkuWNP3rX3-y2I5xkeCY99CCNvTzMo7kJeFq6mAvH0X0Bnnx9jJc4TdvVh75EY1SjgsaXNRshq_PRva9QBq8iBIMq163LzY7jShDZvfi_gpzEnS8Go2EqiXTAt-Qt0hKBw9pofcMeXasIyw4R6h1-Y13qJlKybm5mZWpmMmcoq1LFDlbPnjwRIz4I8IiSnr&ruid=7cbf7b2a-5d4a-4bd2-92ee-959047c1146e&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=http%3A%2F%2Filcorsaronero.theproxy2.cc%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&sah=1002&drf=&hil=1&ist=0&ri=1&wvd=0&wvr=1.0000&isions=1
139.45.197.239200 OK 0 B URL HTTP/2 benumelan.com/11?rnd=4137735017&z=3372123&b=16692474&var=&rqtdbc=0&rcvdbc=0&btp=7&rb=HVcFPlrnhoeS7cGYPa3zPDf9OQxYCobuIv6FZURlHFBedCj_H5dTJllxHZPgT4LlmRGalymfiUdW2IoxBuiyNUgqLO9n7QQUCGEkHVMh4IbpTdHgjXbxNQRVuXxC6hSJUXvwFE4n43VgUXNWHBE9L-IfuLl-gatS5oGfuzkrcdA0YWMKnPld6ilZoX7sCnpFbKV6dKRX8Fa2RgXNbta0OLsRU6YdhuVP_LydU2us7WqRLzZudaYI86DNEyu_scqCLHE8j23UXm0vITRFpfeIRabK4UUfiIeuWJoPlc9pqRS88WBMdTTroh6isF9cLZhTzoVbOmzo89De-sSYAJHftTqrBHtrAvEhj1ofr8CJ38g4Baf5Df7Oi3HrdtF7ZbIwMDq5Ef2ahtPTeWgETPx7rra1uCoS8A-Qp2wx66GzsIO3p-C8y-IjM2xk8Z2Qbho_PoC6ide1oHNvrHbDzP7357eqwBFpQMmRk0ZuGDiLZ_d_s_19rWkuWNP3rX3-y2I5xkeCY99CCNvTzMo7kJeFq6mAvH0X0Bnnx9jJc4TdvVh75EY1SjgsaXNRshq_PRva9QBq8iBIMq163LzY7jShDZvfi_gpzEnS8Go2EqiXTAt-Qt0hKBw9pofcMeXasIyw4R6h1-Y13qJlKybm5mZWpmMmcoq1LFDlbPnjwRIz4I8IiSnr&ruid=7cbf7b2a-5d4a-4bd2-92ee-959047c1146e&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=http%3A%2F%2Filcorsaronero.theproxy2.cc%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&sah=1002&drf=&hil=1&ist=0&ri=1&wvd=0&wvr=1.0000&isions=1
IP 139.45.197.239:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /11?rnd=4137735017&z=3372123&b=16692474&var=&rqtdbc=0&rcvdbc=0&btp=7&rb=HVcFPlrnhoeS7cGYPa3zPDf9OQxYCobuIv6FZURlHFBedCj_H5dTJllxHZPgT4LlmRGalymfiUdW2IoxBuiyNUgqLO9n7QQUCGEkHVMh4IbpTdHgjXbxNQRVuXxC6hSJUXvwFE4n43VgUXNWHBE9L-IfuLl-gatS5oGfuzkrcdA0YWMKnPld6ilZoX7sCnpFbKV6dKRX8Fa2RgXNbta0OLsRU6YdhuVP_LydU2us7WqRLzZudaYI86DNEyu_scqCLHE8j23UXm0vITRFpfeIRabK4UUfiIeuWJoPlc9pqRS88WBMdTTroh6isF9cLZhTzoVbOmzo89De-sSYAJHftTqrBHtrAvEhj1ofr8CJ38g4Baf5Df7Oi3HrdtF7ZbIwMDq5Ef2ahtPTeWgETPx7rra1uCoS8A-Qp2wx66GzsIO3p-C8y-IjM2xk8Z2Qbho_PoC6ide1oHNvrHbDzP7357eqwBFpQMmRk0ZuGDiLZ_d_s_19rWkuWNP3rX3-y2I5xkeCY99CCNvTzMo7kJeFq6mAvH0X0Bnnx9jJc4TdvVh75EY1SjgsaXNRshq_PRva9QBq8iBIMq163LzY7jShDZvfi_gpzEnS8Go2EqiXTAt-Qt0hKBw9pofcMeXasIyw4R6h1-Y13qJlKybm5mZWpmMmcoq1LFDlbPnjwRIz4I8IiSnr&ruid=7cbf7b2a-5d4a-4bd2-92ee-959047c1146e&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=http%3A%2F%2Filcorsaronero.theproxy2.cc%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&sah=1002&drf=&hil=1&ist=0&ri=1&wvd=0&wvr=1.0000&isions=1 HTTP/1.1
Host: benumelan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ilcorsaronero.theproxy2.cc
Connection: keep-alive
Referer: http://ilcorsaronero.theproxy2.cc/
Cookie: scm=1; OAID=103436852ca44d65ba1a3b5b501e1201; oaidts=1679937169; syncedCookie=true
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 27 Mar 2023 17:12:55 GMT
content-type: image/jpeg
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: http://ilcorsaronero.theproxy2.cc
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID
x-trace-id: 7f5975cff6dce4f36f73d3c1337d3473
access-control-expose-headers: X-Sc
set-cookie: OAID=103436852ca44d65ba1a3b5b501e1201; expires=Tue, 26 Mar 2024 17:12:55 GMT; secure; SameSite=None
oaidts=1679937169; expires=Tue, 26 Mar 2024 17:12:55 GMT; secure; SameSite=None
oaidvc=1; expires=Tue, 26 Mar 2024 17:12:55 GMT; secure; SameSite=None
CNT=1_v1_-rT-AAEAAADzSwAA; expires=Mon, 27 Mar 2023 18:12:55 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
ilcorsaronero.theproxy2.cc/
104.21.95.157200 OK 0 B URL HTTP/1.1 ilcorsaronero.theproxy2.cc/
IP 104.21.95.157:0
GET / HTTP/1.1
Host: ilcorsaronero.theproxy2.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Mon, 27 Mar 2023 17:12:47 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: view=1; expires=Tue, 28-Mar-2023 17:12:47 GMT; Max-Age=86400
PHPSESSID=tvrvfrsmd1lmjsi7fhjui2ja7l; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Access-Control-Allow-Origin: *
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=osKepvZioMvGp4QacoMIRQ2DHJETBpP7yN%2FJ1Ow3NiyPsWL2XlZxrSGUprowW7cbz%2BEU3Jw%2FWLvJjsOK8UbsFx9pnZXJXCVvXjzdYfI7qLtPT2zf5MLpwUsm1fbZfIgGQuN28VNEGIU0pm0%2BUg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7ae9429da868b505-OSL
alt-svc: h2=":443"; ma=60
rndskittytor.com/401/4837723?oo=1&oaid=y3pp747610yh710878587j8b1twit475
139.45.197.238200 OK 0 B URL HTTP/2 rndskittytor.com/401/4837723?oo=1&oaid=y3pp747610yh710878587j8b1twit475
IP 139.45.197.238:0
GET /401/4837723?oo=1&oaid=y3pp747610yh710878587j8b1twit475 HTTP/1.1
Host: rndskittytor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ilcorsaronero.theproxy2.cc
Connection: keep-alive
Referer: http://ilcorsaronero.theproxy2.cc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 27 Mar 2023 17:12:49 GMT
content-type: application/json
x-trace-id: b57886ce9d4b336eb834817c3407ff8c
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: http://ilcorsaronero.theproxy2.cc
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=y3pp747610yh710878587j8b1twit475; expires=Tue, 26 Mar 2024 17:12:49 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
overzubatan.com/5/2632704/?abt_opts=1&js_build=iclick-v1.511.0&userId=y3pp747610yh710878587j8b1twit475
139.45.197.239200 OK 0 B URL HTTP/2 overzubatan.com/5/2632704/?abt_opts=1&js_build=iclick-v1.511.0&userId=y3pp747610yh710878587j8b1twit475
IP 139.45.197.239:0
GET /5/2632704/?abt_opts=1&js_build=iclick-v1.511.0&userId=y3pp747610yh710878587j8b1twit475 HTTP/1.1
Host: overzubatan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ilcorsaronero.theproxy2.cc
Connection: keep-alive
Referer: http://ilcorsaronero.theproxy2.cc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 27 Mar 2023 17:12:49 GMT
content-type: application/json
x-trace-id: 2d89b533af776442208c4e27bf5e15ad
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: http://ilcorsaronero.theproxy2.cc
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=y3pp747610yh710878587j8b1twit475; expires=Tue, 26 Mar 2024 17:12:49 GMT; path=/; secure; SameSite=None
oaidts=1679937169; expires=Tue, 26 Mar 2024 17:12:49 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Mon, 03 Apr 2023 17:12:49 GMT; path=/; secure; SameSite=None
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
betotodilea.com/400/4495524
139.45.197.237200 OK 0 B URL HTTP/2 betotodilea.com/400/4495524
IP 139.45.197.237:0
GET /400/4495524 HTTP/1.1
Host: betotodilea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ilcorsaronero.theproxy2.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 27 Mar 2023 17:12:49 GMT
content-type: application/javascript
x-trace-id: 62a323fab3eea4a97d1a23eb681d9df9
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=c25394e593b943dd9260545c3f944d8f; expires=Tue, 26 Mar 2024 17:12:49 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
benumelan.com/1?z=3372123
139.45.197.239200 OK 0 B URL HTTP/2 benumelan.com/1?z=3372123
IP 139.45.197.239:0
GET /1?z=3372123 HTTP/1.1
Host: benumelan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ilcorsaronero.theproxy2.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 27 Mar 2023 17:12:48 GMT
content-type: text/javascript
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID
x-trace-id: fd2b8a2c33d2175138a4deeca3a69b03
access-control-expose-headers: X-Sc
x-sc: 42T4xEsour0kNqwi73dLtKabdrxyYEWUhTU4p4-PZtrF1uWdBvPtZWm6Iky4-kV8kKfw0eQzvu6s1K-LWZNTWQbtgzo=
set-cookie: scm=1; expires=Tue, 26 Mar 2024 17:12:48 GMT; secure; SameSite=None
OAID=4193ebcf04134528be59d33f794f09fd; expires=Tue, 26 Mar 2024 17:12:48 GMT; secure; SameSite=None
oaidts=1679937168; expires=Tue, 26 Mar 2024 17:12:48 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.itskiddien.club/apu.php?zoneid=3388548
139.45.197.236200 OK 0 B URL HTTP/2 cdn.itskiddien.club/apu.php?zoneid=3388548
IP 139.45.197.236:0
GET /apu.php?zoneid=3388548 HTTP/1.1
Host: cdn.itskiddien.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ilcorsaronero.theproxy2.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 27 Mar 2023 17:12:48 GMT
content-type: application/javascript
x-trace-id: 1773e065b3de4e3bd5dc32e9f68c41ce
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=caed2f83c12c438c923bec3141e5d047; expires=Tue, 26 Mar 2024 17:12:48 GMT; path=/; secure; SameSite=None
oaidts=1679937168; expires=Tue, 26 Mar 2024 17:12:48 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
benumelan.com/5/2632704/?abt_opts=1&js_build=iclick-v1.511.0&userId=y3pp747610yh710878587j8b1twit475
139.45.197.239200 OK 0 B URL HTTP/2 benumelan.com/5/2632704/?abt_opts=1&js_build=iclick-v1.511.0&userId=y3pp747610yh710878587j8b1twit475
IP 139.45.197.239:0
GET /5/2632704/?abt_opts=1&js_build=iclick-v1.511.0&userId=y3pp747610yh710878587j8b1twit475 HTTP/1.1
Host: benumelan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ilcorsaronero.theproxy2.cc
Connection: keep-alive
Referer: http://ilcorsaronero.theproxy2.cc/
Cookie: scm=1; OAID=y3pp747610yh710878587j8b1twit475; oaidts=1679937168
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 27 Mar 2023 17:12:49 GMT
content-type: application/json
x-trace-id: dc05f5e625b945b187d872dc4a0f1497
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: http://ilcorsaronero.theproxy2.cc
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=y3pp747610yh710878587j8b1twit475; expires=Tue, 26 Mar 2024 17:12:49 GMT; path=/; secure; SameSite=None
oaidts=1679937169; expires=Tue, 26 Mar 2024 17:12:49 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Mon, 03 Apr 2023 17:12:49 GMT; path=/; secure; SameSite=None
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
betotodilea.com/500/4495524?excludes=&oaid=103436852ca44d65ba1a3b5b501e1201&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=2&pl=http%3A%2F%2Filcorsaronero.theproxy2.cc%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.237200 OK 0 B URL HTTP/2 betotodilea.com/500/4495524?excludes=&oaid=103436852ca44d65ba1a3b5b501e1201&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=2&pl=http%3A%2F%2Filcorsaronero.theproxy2.cc%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.237:0
GET /500/4495524?excludes=&oaid=103436852ca44d65ba1a3b5b501e1201&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=2&pl=http%3A%2F%2Filcorsaronero.theproxy2.cc%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: betotodilea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: http://ilcorsaronero.theproxy2.cc
Connection: keep-alive
Referer: http://ilcorsaronero.theproxy2.cc/
Cookie: OAID=103436852ca44d65ba1a3b5b501e1201
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 27 Mar 2023 17:12:50 GMT
content-type: application/javascript
x-trace-id: 122d39a5bca45b354fc8574fcef4000d
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: http://ilcorsaronero.theproxy2.cc
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=103436852ca44d65ba1a3b5b501e1201; expires=Tue, 26 Mar 2024 17:12:50 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/ssp/sweep/social-box/white-small/js/script.js
172.64.166.9200 OK 0 B URL HTTP/2 cdn.creative-bars1.com/sb/ssp/sweep/social-box/white-small/js/script.js
IP 172.64.166.9:0
GET /sb/ssp/sweep/social-box/white-small/js/script.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ilcorsaronero.theproxy2.cc
Connection: keep-alive
Referer: http://ilcorsaronero.theproxy2.cc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 27 Mar 2023 17:12:50 GMT
content-type: application/javascript
last-modified: Tue, 21 Sep 2021 12:02:04 GMT
etag: W/"6149c9bc-306"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y93atO3iIIEu3%2BV%2FIlBFdOfe5S3ztAXh9faxVXINTlDhQBkWdUWGp%2BQBpfLbDtLEaYKUsZUfYmtOBwNbTPQuaH8eBXK4vY9iHezhZRxmUFNpoiH2SsWCPYyVS31qxx8fwXmkbJGdzHIB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ae942b5bd584140-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
theusualsuspectz.biz/j/m/qqqq.js
188.114.97.1200 OK 0 B URL HTTP/2 theusualsuspectz.biz/j/m/qqqq.js
IP 188.114.97.1:0
Analyzer Verdict Alert quad9 Sinkholed
GET /j/m/qqqq.js HTTP/1.1
Host: theusualsuspectz.biz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ilcorsaronero.theproxy2.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 27 Mar 2023 17:12:47 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Tue, 02 Mar 2021 03:16:06 GMT
etag: W/"603dadf6-bcdf"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 5149985
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8hUOpbdf2VxOGqdfdvgHxBgc9ksrsC03lf22SxSjW877dZb9oWAd%2BA23S60lDPulrTwJQip9qfMj%2BqeRFyfgeKJaCkGWvD4QrWTJ3BBopNhdcMye3LH%2Bxmn589QI7vp6Xv2iS6Dqzg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ae942a39bdc0b02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
feeds.feedburner.com/~fc/ilCorSaRoNero?bg=000000&fg=FFFF00&anim=1
142.250.74.46403 Forbidden 0 B URL HTTP/2 feeds.feedburner.com/~fc/ilCorSaRoNero?bg=000000&fg=FFFF00&anim=1
IP 142.250.74.46:0
GET /~fc/ilCorSaRoNero?bg=000000&fg=FFFF00&anim=1 HTTP/1.1
Host: feeds.feedburner.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ilcorsaronero.theproxy2.cc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 27 Mar 2023 17:12:49 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cross-origin-opener-policy: same-origin
content-security-policy: script-src 'nonce-GjnE2lMdmKQUbkUMIIGrig' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/RaichuFeedServer/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/RaichuFeedServer/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/RaichuFeedServer/cspreport
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
benumelan.com/27/260099e03ce94b601488fb1ee2d0c77e
139.45.197.239200 OK 0 B URL HTTP/2 benumelan.com/27/260099e03ce94b601488fb1ee2d0c77e
IP 139.45.197.239:0
GET /27/260099e03ce94b601488fb1ee2d0c77e HTTP/1.1
Host: benumelan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ilcorsaronero.theproxy2.cc/
Cookie: scm=1; OAID=y3pp747610yh710878587j8b1twit475; oaidts=1679937169; syncedCookie=true
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 27 Mar 2023 17:12:49 GMT
content-type: application/javascript
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID
cache-control: max-age:290304000, public
last-modified: Thu, 23 Mar 2023 08:41:31 GMT
expires: Thu, 22 Apr 2083 08:41:31 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
betotodilea.com/400/4495524
139.45.197.237200 OK 0 B URL HTTP/2 betotodilea.com/400/4495524
IP 139.45.197.237:0
GET /400/4495524 HTTP/1.1
Host: betotodilea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ilcorsaronero.theproxy2.cc/
Cookie: OAID=a6dc542b766d40449f3a371c0cce7409
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 27 Mar 2023 17:12:50 GMT
content-type: application/javascript
x-trace-id: a07424a9f9dfbb6e70ef753726e15810
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=a6dc542b766d40449f3a371c0cce7409; expires=Tue, 26 Mar 2024 17:12:50 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
betotodilea.com/400/4495524?oo=1&oaid=103436852ca44d65ba1a3b5b501e1201
139.45.197.237200 OK 0 B URL HTTP/2 betotodilea.com/400/4495524?oo=1&oaid=103436852ca44d65ba1a3b5b501e1201
IP 139.45.197.237:0
GET /400/4495524?oo=1&oaid=103436852ca44d65ba1a3b5b501e1201 HTTP/1.1
Host: betotodilea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ilcorsaronero.theproxy2.cc
Connection: keep-alive
Referer: http://ilcorsaronero.theproxy2.cc/
Cookie: OAID=a6dc542b766d40449f3a371c0cce7409
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 27 Mar 2023 17:12:50 GMT
content-type: application/json
x-trace-id: ffbb2791e4ca762803be0e74a50217ec
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
vary: Origin
access-control-allow-origin: http://ilcorsaronero.theproxy2.cc
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=103436852ca44d65ba1a3b5b501e1201; expires=Tue, 26 Mar 2024 17:12:50 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
metrica-yandex.com/metrika/tag.js?1001
188.114.97.1200 OK 0 B URL HTTP/2 metrica-yandex.com/metrika/tag.js?1001
IP 188.114.97.1:0
GET /metrika/tag.js?1001 HTTP/1.1
Host: metrica-yandex.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ilcorsaronero.theproxy2.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 27 Mar 2023 17:12:47 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Thu, 30 Sep 2021 23:00:22 GMT
etag: W/"61564186-eb6f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 5830134
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qptHmgA%2BFufBYB7Xh%2BJEIWcGhKEDDD38B4Ph6KAVGvzLWIxVWQFRoEXtJxzCbGVcCm0QLcw0vYmte8a4HLCDlR%2Fw5nsa8rjtj473fxfu4Uul0EEscRa%2BctX3m5EEvxQAk%2FkbVVE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ae942a0a8b6b529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
betotodilea.com/400/4495524
139.45.197.237200 OK 0 B URL HTTP/2 betotodilea.com/400/4495524
IP 139.45.197.237:0
GET /400/4495524 HTTP/1.1
Host: betotodilea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ilcorsaronero.theproxy2.cc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 27 Mar 2023 17:12:49 GMT
content-type: application/javascript
x-trace-id: 952e895174a0df830bc90425fb13bead
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=a6dc542b766d40449f3a371c0cce7409; expires=Tue, 26 Mar 2024 17:12:49 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
benumelan.com/9?z=3372123&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=http%3A%2F%2Filcorsaronero.theproxy2.cc%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&sah=1002&drf=&hil=1&ist=0&oaid=103436852ca44d65ba1a3b5b501e1201
139.45.197.239200 OK 0 B URL HTTP/2 benumelan.com/9?z=3372123&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=http%3A%2F%2Filcorsaronero.theproxy2.cc%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&sah=1002&drf=&hil=1&ist=0&oaid=103436852ca44d65ba1a3b5b501e1201
IP 139.45.197.239:0
POST /9?z=3372123&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=http%3A%2F%2Filcorsaronero.theproxy2.cc%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&sah=1002&drf=&hil=1&ist=0&oaid=103436852ca44d65ba1a3b5b501e1201 HTTP/1.1
Host: benumelan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 101
Origin: http://ilcorsaronero.theproxy2.cc
Connection: keep-alive
Referer: http://ilcorsaronero.theproxy2.cc/
Cookie: scm=1; OAID=y3pp747610yh710878587j8b1twit475; oaidts=1679937169; syncedCookie=true
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 27 Mar 2023 17:12:50 GMT
content-type: application/json
access-control-allow-credentials: true
access-control-allow-origin: http://ilcorsaronero.theproxy2.cc
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID
x-trace-id: 7fe22d69bbd39b89db3d01d1c5c1b78d
access-control-expose-headers: X-Sc
set-cookie: OAID=103436852ca44d65ba1a3b5b501e1201; expires=Tue, 26 Mar 2024 17:12:50 GMT; secure; SameSite=None
oaidts=1679937169; expires=Tue, 26 Mar 2024 17:12:50 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/ssp/sweep/social-box/white-small/js/jquery.min.js
172.64.166.9200 OK 0 B URL HTTP/2 cdn.creative-bars1.com/sb/ssp/sweep/social-box/white-small/js/jquery.min.js
IP 172.64.166.9:0
GET /sb/ssp/sweep/social-box/white-small/js/jquery.min.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 27 Mar 2023 17:12:50 GMT
content-type: application/javascript
last-modified: Tue, 21 Sep 2021 12:02:04 GMT
etag: W/"6149c9bc-1499c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 11416908
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3h7hVpBiNJQLqeK9iPpT7Ajo9nhijgJ2si%2FEt%2BXMbeU7emc8USVdYb4bcAg1CkdjJVjyLc8zlhKhJjiU2OLoXcMGiXFAy4Ygwa8kgW%2B8pclgrffOwTMh9w7Se%2BvXoDfn%2FHqfkwwBnIh%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ae942b52ad448ce-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2