www.revealmore.tk/
142.250.74.179301 Moved Permanently 174 B IP 142.250.74.179:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash e5f57319ed130ed98c2df4df8f49838f
325cdece929a2c9aa16d53d377c7c9166776a2fb
95ec6283b1cacceaea57211a309f83a57aa8075725f6b706d86a2fd48797dceb
GET / HTTP/1.1
Host: www.revealmore.tk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Location: https://www.revealmore.tk/
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Tue, 29 Nov 2022 04:57:49 GMT
Expires: Tue, 29 Nov 2022 04:57:49 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 174
Server: GSE
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 2d2e7649ce9e9ba6fc8b68aa89352e3c
0153d1d3d830a457043e16bb40d48a0b9ddef4b8
8eed57c91b42ef7b2d5eff1309e306e23e13c3de21219af24a693cbf3e8977fc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8EED57C91B42EF7B2D5EFF1309E306E23E13C3DE21219AF24A693CBF3E8977FC"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3298
Expires: Tue, 29 Nov 2022 05:52:47 GMT
Date: Tue, 29 Nov 2022 04:57:49 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 9408cc0694fcbea57966c3a3ba906092
fddcee1fdcf3209298e41a4b1b5560357fa165f0
6ef7120d9463f56e3ddfadd5766d02da8523f34061b13bdba54bf9ab72a1e979
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4653
Cache-Control: max-age=111065
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 04:57:49 GMT
Etag: "63848df9-1d7"
Expires: Wed, 30 Nov 2022 11:48:54 GMT
Last-Modified: Mon, 28 Nov 2022 10:31:21 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9fce5679881bf302a8978a0b462f01a9
b699fe030ea13ac73813e655c42ed9b531925e2b
a3ec545a8f9364ac9062eddb41279e1465687a1b60f9c1dec6b3a3df8b033eb3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A3EC545A8F9364AC9062EDDB41279E1465687A1B60F9C1DEC6B3A3DF8B033EB3"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4570
Expires: Tue, 29 Nov 2022 06:13:59 GMT
Date: Tue, 29 Nov 2022 04:57:49 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 29 Nov 2022 04:19:35 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2294
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: qwueCdjrjLzIAV7eOqSRPB716LA+7+egt60Tz+f8zEZzWI3zaxzJc5MYv4D766ef3oecpB8Fsi4=
x-amz-request-id: MQ6GGV479TFNWXXC
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 29 Nov 2022 04:42:22 GMT
age: 927
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 04:57:49 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/8IHoJsemKSg
142.250.74.35200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/8IHoJsemKSg
IP 142.250.74.35:0
Hash c671699808a5146ec772e8826123cc4b
9657b9cf0b2a7094e3fad9f3442edea7ac91a6b7
9d1d46e15d204e10803f19172eaf00a1cd36d88f126d84c291795496d9c9bb00
POST /s/gts1d4/8IHoJsemKSg HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 04:57:49 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 29 Nov 2022 04:08:56 GMT
cache-control: public,max-age=3600
age: 2933
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
www.revealmore.tk/
142.250.74.179200 OK 42 kB IP 142.250.74.179:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2382)
Hash ca4a909f90716d4e78034e1f139ed717
65f2572f80dbc44aa8e2ec01615f8988965b54ae
5083e015e5496dc68048c7b9d0250d93ad9780e0b7751e6ec852ba9abf961193
GET / HTTP/1.1
Host: www.revealmore.tk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
content-security-policy: upgrade-insecure-requests
content-security-policy-report-only: default-src https: blob: data: 'unsafe-inline' 'unsafe-eval'; report-uri https://www.blogger.com/cspreport
x-robots-tag: all,noodp
content-type: text/html; charset=UTF-8
expires: Tue, 29 Nov 2022 04:57:49 GMT
date: Tue, 29 Nov 2022 04:57:49 GMT
cache-control: private, max-age=0
last-modified: Thu, 13 Oct 2022 21:31:12 GMT
etag: W/"b7978940c01a86e983d3082da511863452ba1c7ca4b036c779a1202077095526"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 42063
server: GSE
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 07b8296613be09905e34b09dce4a203f
c97c67e8c4b1247423d089c028c31e05734f124e
c8c7b7cd00d5818bbe4a4ddb1b734a1b766dc6474cce300171bd5a0947adc6b2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 04:57:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4f6316b352e50fde335665c28b8680d9
eda86219efbf5ee8ae412411574af4776607b9f0
f7061f37d83058e6f3fa2d2376fe0862037141caa4de2864c56167628de9a797
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F7061F37D83058E6F3FA2D2376FE0862037141CAA4DE2864C56167628DE9A797"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6952
Expires: Tue, 29 Nov 2022 06:53:42 GMT
Date: Tue, 29 Nov 2022 04:57:50 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash f50fd635895870df33a17fe377a6a038
dd65dfbbc810b095432cfd59f971af04a9e31ab7
ebd9b6c3f67865c297d08802839c940994424000df3bf8a3f1316b8e13666e94
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 04:57:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
216.58.207.202200 OK 30 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
IP 216.58.207.202:0
File type ASCII text, with very long lines (32058)
Hash fc3fc31e5e7c0933dc18e562c1c071bf
a44c31323f6bd29e583cc585036e6eb39f7014a6
ddad766fb94b23efeb5574cdedc5e8446d496fb91bd0b08cd80be212e001055d
GET /ajax/libs/jquery/3.2.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.revealmore.tk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30306
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 18:54:48 GMT
expires: Thu, 23 Nov 2023 18:54:48 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 468182
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 49eee25f3ccd585a29e34e80cf5bb160
73eca8be91deedd049304862759a3d8084c0b07e
531e5685527861b3ed7e8e3865c5a6a40d3f92f5c9d89df3f385dab72406fb56
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 04:57:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7ab2ef968cb6a3078f4b9cb2dda813d4
e669116047ca058a2c1b2999ff0ea8682719162c
6ddecf0b21c44f3851da8efeb6ecdc6c8e9b83d7681153c31952b4ec8c23c940
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4363
Cache-Control: max-age=105708
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 04:57:50 GMT
Etag: "63847a2f-1d7"
Expires: Wed, 30 Nov 2022 10:19:38 GMT
Last-Modified: Mon, 28 Nov 2022 09:06:55 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
216.58.207.195200 OK 17 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 16740, version 1.0\012- data
Hash e43b535855a4ae53bd5b07a6eeb3bf67
6507312d9491156036316484bf8dc41e8b52ddd9
b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681
GET /s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.revealmore.tk
Connection: keep-alive
Referer: https://www.revealmore.tk/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 28 Nov 2022 18:53:39 GMT
expires: Tue, 28 Nov 2023 18:53:39 GMT
cache-control: public, max-age=31536000
age: 36251
last-modified: Mon, 15 Aug 2022 18:14:44 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 07b8296613be09905e34b09dce4a203f
c97c67e8c4b1247423d089c028c31e05734f124e
c8c7b7cd00d5818bbe4a4ddb1b734a1b766dc6474cce300171bd5a0947adc6b2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 04:57:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=G-EFFGB99QZ3
142.250.74.168200 OK 76 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-EFFGB99QZ3
IP 142.250.74.168:0
File type ASCII text, with very long lines (19102)
Hash ac674e49003361f51d82195f6d4e7314
f0134f55c77ccb7c2731eb51df2afa27ba59dc46
19518304153c6f4625b1c7c263656b04e90f858728f9d4919946eb3e187c6291
GET /gtag/js?id=G-EFFGB99QZ3 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.revealmore.tk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 29 Nov 2022 04:57:50 GMT
expires: Tue, 29 Nov 2022 04:57:50 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 75992
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
k.top4top.io/p_2182xagry1.png
65.21.235.194200 OK 122 kB URL HTTP/2 k.top4top.io/p_2182xagry1.png
IP 65.21.235.194:0
ASN #24940 Hetzner Online GmbH
File type PNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced\012- data
Size 122 kB (122376 bytes)
Hash 49d35ebfcd2f55e3860f5a58df3cbcbb
28938970e72cc647d27ef058d4103544c19e693f
9aafc1504c597d65875695dba235ea3c961e59415c3272f69b043fb9db58f714
GET /p_2182xagry1.png HTTP/1.1
Host: k.top4top.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.revealmore.tk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 04:57:50 GMT
content-type: image/png
content-length: 122376
set-cookie: klj_40d147_downloads=pq9cy; Max-Age=85000; Domain=.top4top.io; Path=/; Expires=Wed, 30 Nov 2022 04:34:30 GMT
last-modified: Wed, 22 Dec 2021 22:56:34 GMT
content-disposition: inline; filename="Get%20Paid%20To%20Do%20Simple%20Writing%20Jobs%20Online.png"
etag: "61c3ad22-1de08"
expires: Tue, 29 Nov 2022 06:57:50 GMT
cache-control: max-age=7200
x-file-id: x43215586x
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash f50fd635895870df33a17fe377a6a038
dd65dfbbc810b095432cfd59f971af04a9e31ab7
ebd9b6c3f67865c297d08802839c940994424000df3bf8a3f1316b8e13666e94
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 04:57:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 49eee25f3ccd585a29e34e80cf5bb160
73eca8be91deedd049304862759a3d8084c0b07e
531e5685527861b3ed7e8e3865c5a6a40d3f92f5c9d89df3f385dab72406fb56
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 04:57:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
52.39.62.124101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.39.62.124:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: sjQi25SpTJfsmBKNHzfJew==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 3kXnOjK2K1mCWHkUbKEBNgzb9Ak=
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a05dd1237362bed99f14cca587bf324f
24e2d72e9932dd7339d0254a83bc42c5e87f3cd6
587f7c3593c8200005e4d513484d1e943b58139c8d3d91e86e5c34b77bf598bf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "587F7C3593C8200005E4D513484D1E943B58139C8D3D91E86E5C34B77BF598BF"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4210
Expires: Tue, 29 Nov 2022 06:08:00 GMT
Date: Tue, 29 Nov 2022 04:57:50 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash adf1b2263a32d395174a34702168526d
df60f61b5f309a14f8c71da397ab265d02177dd7
bb24f67ec08726285dce1ee99edb2e4d0ebcd1f592a7aa66835169f1b305a6dc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BB24F67EC08726285DCE1EE99EDB2E4D0EBCD1F592A7AA66835169F1B305A6DC"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1462
Expires: Tue, 29 Nov 2022 05:22:12 GMT
Date: Tue, 29 Nov 2022 04:57:50 GMT
Connection: keep-alive
pl17666892.profitablegatetocontent.com/29/9e/e5/299ee51dadfa609123ce449ff1f410b2.js
173.233.139.164200 OK 13 kB URL HTTP/1.1 pl17666892.profitablegatetocontent.com/29/9e/e5/299ee51dadfa609123ce449ff1f410b2.js
IP 173.233.139.164:0
File type ASCII text, with very long lines (37155), with no line terminators
Hash 6cd92543247c8da9a83765eb2bf6c610
5ccbe50c71c4ebfec812066fd1074e224cafdea5
86f92c402f3d5337dd3f48de73a7970f63343896e255ffa88cd8e1d682fe0f75
Analyzer Verdict Alert quad9 Sinkholed
GET /29/9e/e5/299ee51dadfa609123ce449ff1f410b2.js HTTP/1.1
Host: pl17666892.profitablegatetocontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.revealmore.tk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 29 Nov 2022 04:57:50 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 690e64fdec17fbd397d4fa810bdb5169
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
www.topdisplayformat.com/44064005896630bb4419c700c7ecaacb/invoke.js
192.243.61.227200 OK 9.8 kB URL HTTP/1.1 www.topdisplayformat.com/44064005896630bb4419c700c7ecaacb/invoke.js
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (26949), with no line terminators
Hash a0ee7d8e00387af2b23a90b7c64436af
3518fb461b49f013f8f99d6c80d0c933a4460845
0b9dda1702bf00464c890ada2ffea988dad6266b07d93ccc5b831e64532884a1
Analyzer Verdict Alert quad9 Sinkholed
GET /44064005896630bb4419c700c7ecaacb/invoke.js HTTP/1.1
Host: www.topdisplayformat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.revealmore.tk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Tue, 29 Nov 2022 04:57:50 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: e4789636ac50e5dd4da7ab9a260d5b92
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
region1.google-analytics.com/g/collect?v=2&tid=G-EFFGB99QZ3>m=2oeb90&_p=288705857&cid=1314343867.1669697870&ul=en-us&sr=1280x1024&_s=1&sid=1669697869&sct=1&seg=0&dl=https%3A%2F%2Fwww.revealmore.tk%2F&dt=Reveal%20More&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
216.239.32.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-EFFGB99QZ3>m=2oeb90&_p=288705857&cid=1314343867.1669697870&ul=en-us&sr=1280x1024&_s=1&sid=1669697869&sct=1&seg=0&dl=https%3A%2F%2Fwww.revealmore.tk%2F&dt=Reveal%20More&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-EFFGB99QZ3>m=2oeb90&_p=288705857&cid=1314343867.1669697870&ul=en-us&sr=1280x1024&_s=1&sid=1669697869&sct=1&seg=0&dl=https%3A%2F%2Fwww.revealmore.tk%2F&dt=Reveal%20More&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.revealmore.tk
Connection: keep-alive
Referer: https://www.revealmore.tk/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://www.revealmore.tk
date: Tue, 29 Nov 2022 04:57:50 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash 94d394d6beaad25971b7f1e02d93b841
07359fac8e3e5c10dee86bdb0d2a468ab90d8f9a
06c4f25efd09668ee6bc8cc7b4d278841c5abb5d31c0e029cda8b43c4ee4a489
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=120626
Date: Tue, 29 Nov 2022 04:57:50 GMT
Etag: "6384b816-1d7"
Expires: Wed, 30 Nov 2022 14:28:16 GMT
Last-Modified: Mon, 28 Nov 2022 13:31:02 GMT
Server: ECS (bsa/EB22)
X-Cache: Miss from cloudfront
Via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ZNYwfiC-kcwPkH9t4E0M9bdHb7Twp0_7ORNm6OVqk1b46nZO5XfgfA==
Age: 3434
simplewebanalysis.com/stats
52.28.211.11200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 52.28.211.11:0
File type ASCII text, with no line terminators
Hash c3dfbf695b8075e9dcee44de03f66448
136af4c64ace97c85e1bcf6cba4bc62e3a41435c
6d863d5a2d3bed407267850781fcc55a3dc800fcd8e6446e0679007e356fc1dd
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.revealmore.tk
Connection: keep-alive
Referer: https://www.revealmore.tk/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:57:51 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.revealmore.tk
access-control-allow-credentials: true
set-cookie: uid_id2=5c5fe48d-1678-4788-a76a-64f98188e809:3:1; expires=Fri, 26 Nov 2032 04:57:51 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d3dbdc9d95c5f21411a014370ed652b2
b4ba564fd3f40cdc5e4b950b51abdc6f653e4881
27b2043c2fce4871993192aa607d676f69abeaefe4105917669d631e224298b2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "27B2043C2FCE4871993192AA607D676F69ABEAEFE4105917669D631E224298B2"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3559
Expires: Tue, 29 Nov 2022 05:57:10 GMT
Date: Tue, 29 Nov 2022 04:57:51 GMT
Connection: keep-alive
www.effectivedisplayformats.com/269fae23b64456068794f705a35afbdb/invoke.js
192.243.59.12200 OK 9.8 kB URL HTTP/1.1 www.effectivedisplayformats.com/269fae23b64456068794f705a35afbdb/invoke.js
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (26951), with no line terminators
Hash 6973821f2ae6d400843eb152a21951df
16b59408d1b2803dbd5922eb91a129054d67e57d
322ea4095c48fb13a4aa48b0e32294e8bc4bce49c7288f2771d6bd2631747ba1
Analyzer Verdict Alert quad9 Sinkholed
GET /269fae23b64456068794f705a35afbdb/invoke.js HTTP/1.1
Host: www.effectivedisplayformats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.revealmore.tk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Tue, 29 Nov 2022 04:57:51 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 27a754f08b658b74acd8cf9f8b69f2c7
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e070a2e472bf49ff35a7ac2946f41432
9631586d77f0490e24b120c15f242ba3d3605e83
c36e0fbc295a7addbaebcf0a1063dace45c4298077b48628f7ec38a3dd6f73e9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C36E0FBC295A7ADDBAEBCF0A1063DACE45C4298077B48628F7EC38A3DD6F73E9"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11356
Expires: Tue, 29 Nov 2022 08:07:07 GMT
Date: Tue, 29 Nov 2022 04:57:51 GMT
Connection: keep-alive
www.effectivedisplayformats.com/269fae23b64456068794f705a35afbdb/invoke.js
192.243.59.12200 OK 9.8 kB URL HTTP/1.1 www.effectivedisplayformats.com/269fae23b64456068794f705a35afbdb/invoke.js
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (26959), with no line terminators
Hash e109677f24dd894b0cc78c8c5a34d0e5
44b354d4e619e407bf4ef6927482f7cdb482f149
b158e0a4a4c56465c214d0376b06ad3d66f179ecb7a57aaacb1b853bccbd2e90
Analyzer Verdict Alert quad9 Sinkholed
GET /269fae23b64456068794f705a35afbdb/invoke.js HTTP/1.1
Host: www.effectivedisplayformats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.revealmore.tk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Tue, 29 Nov 2022 04:57:51 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: abecc00c6e325ee869efc8231b5c08fa
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
veilsuccessfully.com/watch.516145253082.js?key=44064005896630bb4419c700c7ecaacb&kw=%5B%22reveal%22%2C%22more%22%5D&refer=https%3A%2F%2Fwww.revealmore.tk%2F&tz=0&dev=e&res=12.1055&uuid=5c5fe48d-1678-4788-a76a-64f98188e809%3A3%3A1
192.243.59.12307 Temporary Redirect 0 B URL HTTP/1.1 veilsuccessfully.com/watch.516145253082.js?key=44064005896630bb4419c700c7ecaacb&kw=%5B%22reveal%22%2C%22more%22%5D&refer=https%3A%2F%2Fwww.revealmore.tk%2F&tz=0&dev=e&res=12.1055&uuid=5c5fe48d-1678-4788-a76a-64f98188e809%3A3%3A1
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.516145253082.js?key=44064005896630bb4419c700c7ecaacb&kw=%5B%22reveal%22%2C%22more%22%5D&refer=https%3A%2F%2Fwww.revealmore.tk%2F&tz=0&dev=e&res=12.1055&uuid=5c5fe48d-1678-4788-a76a-64f98188e809%3A3%3A1 HTTP/1.1
Host: veilsuccessfully.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.revealmore.tk
Connection: keep-alive
Referer: https://www.revealmore.tk/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.17.6
Date: Tue, 29 Nov 2022 04:57:51 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.revealmore.tk
Access-Control-Allow-Origin: https://www.revealmore.tk
Access-Control-Allow-Credentials: true
Location: https://veilsuccessfully.com/watch.516145253082.js?key=44064005896630bb4419c700c7ecaacb&kw=%5B%22reveal%22%2C%22more%22%5D&refer=https%3A%2F%2Fwww.revealmore.tk%2F&tz=0&dev=e&res=12.1055&uuid=5c5fe48d-1678-4788-a76a-64f98188e809%3A3%3A1&shu=358eba4374c49df5ad206c3980f9d0097fb6116dd62fd1f8b567c7466c0ead3ed5ebe1725b6e7d4bd0c77628ce545b14b95222881dc7523e7bc1de4fb2b35644229ffa794e1a78211def387bd9900753097d8f72&pst=1669697931&rmtc=t
Set-Cookie: u_pl=17322255; expires=Wed, 30 Nov 2022 04:57:51 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzMyMjI1NSwiayI6IjQ0MDY0MDA1ODk2NjMwYmI0NDE5YzcwMGM3ZWNhYWNiIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxODE2Nzg2LCJwaWQiOjM3NDk4MiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjIzLCJwdCI6NCwicGsiOiJwY3BobXhqZTQiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly93d3cucmV2ZWFsbW9yZS50ay8ifX0.umM1exQ5kBv4Q1occ3AEF_0IWjEiFUHmXYoAkxMZYgE; expires=Tue, 29 Nov 2022 04:58:51 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ee709e1176487b2b5481c505081965c0
Strict-Transport-Security: max-age=0; includeSubdomains
www.topdisplayformat.com/269fae23b64456068794f705a35afbdb/invoke.js
192.243.61.227200 OK 9.8 kB URL HTTP/1.1 www.topdisplayformat.com/269fae23b64456068794f705a35afbdb/invoke.js
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (26965), with no line terminators
Hash 079ca219dd055ddc46ececa703e65e3c
1e78388e5603da011cc702b84b7699b9ee448772
ce2ac4b2aaa9c192efe391459ab37bf635df2a09fcb293162260ceb0a3083247
Analyzer Verdict Alert quad9 Sinkholed
GET /269fae23b64456068794f705a35afbdb/invoke.js HTTP/1.1
Host: www.topdisplayformat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.revealmore.tk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Tue, 29 Nov 2022 04:57:51 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: eadbb3c31770c15d55254ae4b0ff682c
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15281
Expires: Tue, 29 Nov 2022 09:12:32 GMT
Date: Tue, 29 Nov 2022 04:57:51 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15281
Expires: Tue, 29 Nov 2022 09:12:32 GMT
Date: Tue, 29 Nov 2022 04:57:51 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15281
Expires: Tue, 29 Nov 2022 09:12:32 GMT
Date: Tue, 29 Nov 2022 04:57:51 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9082acd6-44fd-454b-b215-451cf6d822a1.jpeg
34.120.237.76200 OK 8.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9082acd6-44fd-454b-b215-451cf6d822a1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5ab97acd46d3380fa12711c96b3c2d35
b703ea2cc2fcd68e60135ff77d5a5f1b93fac128
aeeaa56714fbd157e788cd24da03d43ede527959e2563e6d7d99489753dee85f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9082acd6-44fd-454b-b215-451cf6d822a1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8106
x-amzn-requestid: 73d1b662-99a8-4ad7-95f9-c0b1ebf7c45a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cVNnQEhQoAMFbLA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63852961-64954bc92997c9302e291381;Sampled=0
x-amzn-remapped-date: Mon, 28 Nov 2022 21:34:25 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: UO4hCMgPgR4-ld-QCKgNPrq4p1gduUSA5R4ffZmnFodBj-1_NcFLmg==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 21:37:21 GMT
age: 26430
etag: "b703ea2cc2fcd68e60135ff77d5a5f1b93fac128"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1f728a04-45b0-4726-b646-628601e2ebbc.jpeg
34.120.237.76200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1f728a04-45b0-4726-b646-628601e2ebbc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4b7d3821d0bd11c196724846a7b9fe22
5b1700fa9cd4f1aaafda28ac28a0e2086fa8499c
b4f820555c4daf6e112c1a395bc57e22f0ef8e2e4299a0ffbb54e0bf18c87f47
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1f728a04-45b0-4726-b646-628601e2ebbc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8578
x-amzn-requestid: 4f948bb9-74db-4a5d-927d-a6b893735531
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cFxnWHq-IAMF4LQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637efc95-2f9e98ca2dad65a80e2195c2;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 05:09:41 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: vSvGc0JIh4JOWTlagt4uDD_CDPiWOSfYYEI4lUBPsQb4qJMOEbBcmw==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 23:18:30 GMT
age: 20361
etag: "5b1700fa9cd4f1aaafda28ac28a0e2086fa8499c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc326607e-c0fa-4e9d-b8d4-1c9173793bed.jpeg
34.120.237.76200 OK 9.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc326607e-c0fa-4e9d-b8d4-1c9173793bed.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cce27a1fe8c0222811a5ce0e7f89e1cb
28c165bac8cf68cd1b0763c311aece00672cb3a5
4530e34a47ef78c2c2b0d34a0511253a61f1927b192ab42f82361002ff10819e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc326607e-c0fa-4e9d-b8d4-1c9173793bed.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9376
x-amzn-requestid: 265257bd-0177-4e63-879b-e9f99d0d16c7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cTZANFW2oAMFlyw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63846ecd-6767ccde3361eb593108603d;Sampled=0
x-amzn-remapped-date: Mon, 28 Nov 2022 08:18:21 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ntQPVFK12XqhVCMlaq0oIDx7k6e2xQdp1Y67W1nG6ayhG1XFekz5CQ==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 09:53:30 GMT
etag: "28c165bac8cf68cd1b0763c311aece00672cb3a5"
content-type: image/jpeg
age: 68661
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe5e6403-f1a3-4b44-a62d-0e47d56bb08e.webp
34.120.237.76200 OK 4.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe5e6403-f1a3-4b44-a62d-0e47d56bb08e.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 83c1fedec73299637cc7dc47c48af758
2e3f7326aeea6be8a34bf2c39b34862c07bfdc41
1fea143e23bb0156062f4c06569824900a67ed83cb99fd635d4c4ab968dc65e9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe5e6403-f1a3-4b44-a62d-0e47d56bb08e.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4916
x-amzn-requestid: b8c80a6c-e3f1-4f20-beb8-27b0af760692
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cPYcrELFoAMFaeQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6382d450-155cfb365525173c0ede8adb;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 03:06:56 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Twtw6dO3pjTB9OLi0HliKKCDgCuHRqgtx4PFTczrZQ9f8JztgXZoSg==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 03:18:11 GMT
age: 5980
etag: "2e3f7326aeea6be8a34bf2c39b34862c07bfdc41"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe7479fbd-640b-4a65-ac00-893210a725b0.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe7479fbd-640b-4a65-ac00-893210a725b0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c76e3c4cc159bda9b9e887fcd449ba51
12d90c36bd455b3b859fdb761b6ed49ea9f98f80
fc2aad6b1ec65938249970e01a23d35a19cb9c9acbc3524586dd23f7bdaf9690
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe7479fbd-640b-4a65-ac00-893210a725b0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10445
x-amzn-requestid: fb9fc0d4-9f2e-4fab-a259-30300aacdc67
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCvuDGHaIAMFn_w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637dc659-56786e9b754a48b30b5f79c7;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 07:06:01 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: fkjT2irjF_lGK2IDx2nzFK13MgMQFXrtUIWv9lR9y-f6VT1bthJfyQ==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 14:31:14 GMT
age: 51997
etag: "12d90c36bd455b3b859fdb761b6ed49ea9f98f80"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb1ee10f9-36dd-4ca4-986e-a80758149640.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb1ee10f9-36dd-4ca4-986e-a80758149640.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 516776052e5e906ea9f42d25bae5cc85
be4c4d01fc67218e26a3e9d27a2f708e639c9d4b
28e70e38cfad65ad8a7a68ab1dc78747c7013a87b854fc35b163cc5765cd0570
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb1ee10f9-36dd-4ca4-986e-a80758149640.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8460
x-amzn-requestid: 51416479-3854-4f1a-9d86-35e104c57f6a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cVNnkHuZIAMF-_A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63852963-180b323d4a45fa2f29f9b1fc;Sampled=0
x-amzn-remapped-date: Mon, 28 Nov 2022 21:34:27 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ieDA8l_Up51cFaB9IExlSs8A5m-H77va1rCVF_WRMg_FN53Xakipuw==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 21:46:55 GMT
age: 25856
etag: "be4c4d01fc67218e26a3e9d27a2f708e639c9d4b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.topdisplayformat.com/269fae23b64456068794f705a35afbdb/invoke.js
192.243.61.227200 OK 9.8 kB URL HTTP/1.1 www.topdisplayformat.com/269fae23b64456068794f705a35afbdb/invoke.js
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (26951), with no line terminators
Hash 064ecd0f8b09812054fb6e6468ae81d1
bef0947280a0f2fb278903e4a67da4aada434d63
e849984280e71fa15f25ef210551cdf0eae1a528aab4c0eb21429bbb90e61d7e
Analyzer Verdict Alert quad9 Sinkholed
GET /269fae23b64456068794f705a35afbdb/invoke.js HTTP/1.1
Host: www.topdisplayformat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.revealmore.tk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Tue, 29 Nov 2022 04:57:51 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 429ff85597a8200024ca6dfa86329a93
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5040b9ba1c67b63c631ed1e4077c2909
c15a79c188cde357e464a554cb5403844c575858
15b6574f52878132519ab29965009c36acc8a7f0a50bd9423c199e326e5541ce
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "15B6574F52878132519AB29965009C36ACC8A7F0A50BD9423C199E326E5541CE"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7190
Expires: Tue, 29 Nov 2022 06:57:42 GMT
Date: Tue, 29 Nov 2022 04:57:52 GMT
Connection: keep-alive
www.topdisplayformat.com/269fae23b64456068794f705a35afbdb/invoke.js
192.243.61.227200 OK 9.8 kB URL HTTP/1.1 www.topdisplayformat.com/269fae23b64456068794f705a35afbdb/invoke.js
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (26951), with no line terminators
Hash 6973821f2ae6d400843eb152a21951df
16b59408d1b2803dbd5922eb91a129054d67e57d
322ea4095c48fb13a4aa48b0e32294e8bc4bce49c7288f2771d6bd2631747ba1
Analyzer Verdict Alert quad9 Sinkholed
GET /269fae23b64456068794f705a35afbdb/invoke.js HTTP/1.1
Host: www.topdisplayformat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.revealmore.tk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Tue, 29 Nov 2022 04:57:52 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: c18f28d4b8b998d55b39d45c64f5ce1b
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash cb2a22599d585be93ea1d1e449800061
b57e93b303cd37260717332e610ac014cdb453bc
ab32fa8b35515e3a0e75ed4d43faedc88b450ef2d07581b2aa7f26dd5985c828
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AB32FA8B35515E3A0E75ED4D43FAEDC88B450EF2D07581B2AA7F26DD5985C828"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2004
Expires: Tue, 29 Nov 2022 05:31:16 GMT
Date: Tue, 29 Nov 2022 04:57:52 GMT
Connection: keep-alive
lightssyrupdecree.com/watch.92840339191.js?key=269fae23b64456068794f705a35afbdb&kw=%5B%22reveal%22%2C%22more%22%5D&refer=https%3A%2F%2Fwww.revealmore.tk%2F&tz=0&dev=e&res=12.1055&uuid=5c5fe48d-1678-4788-a76a-64f98188e809%3A3%3A1
173.233.137.36307 Temporary Redirect 0 B URL HTTP/1.1 lightssyrupdecree.com/watch.92840339191.js?key=269fae23b64456068794f705a35afbdb&kw=%5B%22reveal%22%2C%22more%22%5D&refer=https%3A%2F%2Fwww.revealmore.tk%2F&tz=0&dev=e&res=12.1055&uuid=5c5fe48d-1678-4788-a76a-64f98188e809%3A3%3A1
IP 173.233.137.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.92840339191.js?key=269fae23b64456068794f705a35afbdb&kw=%5B%22reveal%22%2C%22more%22%5D&refer=https%3A%2F%2Fwww.revealmore.tk%2F&tz=0&dev=e&res=12.1055&uuid=5c5fe48d-1678-4788-a76a-64f98188e809%3A3%3A1 HTTP/1.1
Host: lightssyrupdecree.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.revealmore.tk
Connection: keep-alive
Referer: https://www.revealmore.tk/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Tue, 29 Nov 2022 04:57:52 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.revealmore.tk
Access-Control-Allow-Origin: https://www.revealmore.tk
Access-Control-Allow-Credentials: true
Location: https://lightssyrupdecree.com/watch.92840339191.js?key=269fae23b64456068794f705a35afbdb&kw=%5B%22reveal%22%2C%22more%22%5D&refer=https%3A%2F%2Fwww.revealmore.tk%2F&tz=0&dev=e&res=12.1055&uuid=5c5fe48d-1678-4788-a76a-64f98188e809%3A3%3A1&shu=1f4c1769b57883585c840633e8521246b3f38daa3a806a6cc65a1616fd073df04eec1f78563ddd22076cce661e70d634a4692cd53b6900f800d6445437195843e2070c7a3bac04d8915f307f04c957cf48b7111f578777033dc22ce92cfd4f80&pst=1669697932&rmtc=t
Set-Cookie: u_pl=17099894; expires=Wed, 30 Nov 2022 04:57:52 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzA5OTg5NCwiayI6IjI2OWZhZTIzYjY0NDU2MDY4Nzk0ZjcwNWEzNWFmYmRiIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxODE2Nzg2LCJwaWQiOjM3NDk4MiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjUsInB0Ijo0LCJwayI6InVpNnZoYmc2anMiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly93d3cucmV2ZWFsbW9yZS50ay8ifX0.a5m8r8a-0Zu_bM-G5Kjs0yk-MMmmIZbJ1xNxZaElJy4; expires=Tue, 29 Nov 2022 04:58:52 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 635b83032c4b74dc5f6d4cdd1ce45c00
Strict-Transport-Security: max-age=0; includeSubdomains
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 99c2bc3813eb029fc1fd33a329f3f1bd
43e3f4c3a663121f7d338e5f557626131d49ce86
12514e36878dfe4742b88efcfd056987ddb785de7af45daeaa4377ddd5662a07
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 04:57:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
veilsuccessfully.com/watch.516145253082.js?key=44064005896630bb4419c700c7ecaacb&kw=%5B%22reveal%22%2C%22more%22%5D&refer=https%3A%2F%2Fwww.revealmore.tk%2F&tz=0&dev=e&res=12.1055&uuid=5c5fe48d-1678-4788-a76a-64f98188e809%3A3%3A1&shu=358eba4374c49df5ad206c3980f9d0097fb6116dd62fd1f8b567c7466c0ead3ed5ebe1725b6e7d4bd0c77628ce545b14b95222881dc7523e7bc1de4fb2b35644229ffa794e1a78211def387bd9900753097d8f72&pst=1669697931&rmtc=t
192.243.59.12200 OK 641 B URL HTTP/1.1 veilsuccessfully.com/watch.516145253082.js?key=44064005896630bb4419c700c7ecaacb&kw=%5B%22reveal%22%2C%22more%22%5D&refer=https%3A%2F%2Fwww.revealmore.tk%2F&tz=0&dev=e&res=12.1055&uuid=5c5fe48d-1678-4788-a76a-64f98188e809%3A3%3A1&shu=358eba4374c49df5ad206c3980f9d0097fb6116dd62fd1f8b567c7466c0ead3ed5ebe1725b6e7d4bd0c77628ce545b14b95222881dc7523e7bc1de4fb2b35644229ffa794e1a78211def387bd9900753097d8f72&pst=1669697931&rmtc=t
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document, ASCII text, with very long lines (601)
Hash 18bc060cccced579197d8b1834a4c6ac
83620da67a0e2bc553a3a50daa8ab002cecb4ea1
f33c9d3ff602daf1a78092858398b551cfea9dc9adfffe9d5890f26110313461
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.516145253082.js?key=44064005896630bb4419c700c7ecaacb&kw=%5B%22reveal%22%2C%22more%22%5D&refer=https%3A%2F%2Fwww.revealmore.tk%2F&tz=0&dev=e&res=12.1055&uuid=5c5fe48d-1678-4788-a76a-64f98188e809%3A3%3A1&shu=358eba4374c49df5ad206c3980f9d0097fb6116dd62fd1f8b567c7466c0ead3ed5ebe1725b6e7d4bd0c77628ce545b14b95222881dc7523e7bc1de4fb2b35644229ffa794e1a78211def387bd9900753097d8f72&pst=1669697931&rmtc=t HTTP/1.1
Host: veilsuccessfully.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.revealmore.tk
Referer: https://www.revealmore.tk/
Connection: keep-alive
Cookie: u_pl=17322255; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzMyMjI1NSwiayI6IjQ0MDY0MDA1ODk2NjMwYmI0NDE5YzcwMGM3ZWNhYWNiIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxODE2Nzg2LCJwaWQiOjM3NDk4MiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjIzLCJwdCI6NCwicGsiOiJwY3BobXhqZTQiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly93d3cucmV2ZWFsbW9yZS50ay8ifX0.umM1exQ5kBv4Q1occ3AEF_0IWjEiFUHmXYoAkxMZYgE
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Tue, 29 Nov 2022 04:57:52 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.revealmore.tk
Access-Control-Allow-Origin: https://www.revealmore.tk
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=5c5fe48d-1678-4788-a76a-64f98188e809:3:1; expires=Tue, 06 Dec 2022 04:57:51 GMT; secure; SameSite=None
iprce14cbd125133c71e5996b9816f296c24=2717343; expires=Wed, 30 Nov 2022 06:57:52 GMT; secure; SameSite=None
pdhtkv=true; expires=Wed, 30 Nov 2022 04:57:52 GMT; secure; SameSite=None
uncs=1; expires=Wed, 30 Nov 2022 04:57:52 GMT; secure; SameSite=None
pdhtkv23=true; expires=Wed, 30 Nov 2022 04:57:52 GMT; secure; SameSite=None
uncs23=1; expires=Wed, 30 Nov 2022 04:57:52 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 959b4ee3066c6a9a14e1ed38b29e74d4
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
3.bp.blogspot.com/-T-V-PJOU4v0/XZYzHfq1dYI/AAAAAAAABOw/obz8rMcwKgEvPkHP1ahM2tyAqm8fRYZYwCK4BGAYYCw/w27-h27-p-k-nu/256-256.png
142.250.74.161200 OK 1.3 kB URL HTTP/2 3.bp.blogspot.com/-T-V-PJOU4v0/XZYzHfq1dYI/AAAAAAAABOw/obz8rMcwKgEvPkHP1ahM2tyAqm8fRYZYwCK4BGAYYCw/w27-h27-p-k-nu/256-256.png
IP 142.250.74.161:0
File type PNG image data, 27 x 27, 8-bit/color RGBA, non-interlaced\012- data
Hash d9dd93d058560e1e254b59abcc595606
2c3176b325d4b7a44b1f813149da2f1e1cb8291d
fdc94d53d1796c028c474c2f2fa236f730b1f0869a42108d706c307422329e21
GET /-T-V-PJOU4v0/XZYzHfq1dYI/AAAAAAAABOw/obz8rMcwKgEvPkHP1ahM2tyAqm8fRYZYwCK4BGAYYCw/w27-h27-p-k-nu/256-256.png HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.revealmore.tk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="256-256.png"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 1286
x-xss-protection: 0
date: Tue, 29 Nov 2022 01:41:18 GMT
expires: Tue, 29 Nov 2022 17:40:28 GMT
cache-control: public, max-age=86400, no-transform
age: 11794
etag: "v4ed"
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 346 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 635eba2ec841f80118a858a94bb84ff5
591895548f1f166a16c790740656cb194d0f7760
d2e62fd34b70872cb8f68cd1fdae7f1476019968f63accab24e4d822933c07ff
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "D2E62FD34B70872CB8F68CD1FDAE7F1476019968F63ACCAB24E4D822933C07FF"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12778
Expires: Tue, 29 Nov 2022 08:30:50 GMT
Date: Tue, 29 Nov 2022 04:57:52 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 99c2bc3813eb029fc1fd33a329f3f1bd
43e3f4c3a663121f7d338e5f557626131d49ce86
12514e36878dfe4742b88efcfd056987ddb785de7af45daeaa4377ddd5662a07
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 04:57:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9202729f02c6338d7a24388f8bd6e736
20900b5f2d70ceadf656a7a83048a52f84f3133e
15920417d134ee8f348a15a9f2a344f84e9066c2040f903bce053b6ea7b2bb45
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "15920417D134EE8F348A15A9F2A344F84E9066C2040F903BCE053B6EA7B2BB45"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14619
Expires: Tue, 29 Nov 2022 09:01:31 GMT
Date: Tue, 29 Nov 2022 04:57:52 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 443a03f01a54135005d852424445bc97
f0789df9d231889773a09962e9d93f4153529ac8
07fc624d6ead4553d247852baf85d3d308386bbdd58948e3dcbcc5835a9274f7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "07FC624D6EAD4553D247852BAF85D3D308386BBDD58948E3DCBCC5835A9274F7"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=869
Expires: Tue, 29 Nov 2022 05:12:21 GMT
Date: Tue, 29 Nov 2022 04:57:52 GMT
Connection: keep-alive
lightssyrupdecree.com/watch.60137363003?key=269fae23b64456068794f705a35afbdb&kw=%5B%22reveal%22%2C%22more%22%5D&refer=https%3A%2F%2Fwww.revealmore.tk%2F&tz=0&dev=e&res=12.1055&uuid=5c5fe48d-1678-4788-a76a-64f98188e809%3A3%3A1
173.233.137.36200 OK 1.2 kB URL HTTP/1.1 lightssyrupdecree.com/watch.60137363003?key=269fae23b64456068794f705a35afbdb&kw=%5B%22reveal%22%2C%22more%22%5D&refer=https%3A%2F%2Fwww.revealmore.tk%2F&tz=0&dev=e&res=12.1055&uuid=5c5fe48d-1678-4788-a76a-64f98188e809%3A3%3A1
IP 173.233.137.36:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (416)
Hash bc3ee3d15ec5653018d4870d2531d4bb
02e6bd8796f15c8f33ed9a4daa262584c36fa53d
71f8bb7bbdcc20529cacf1ac7ca0df4ffbd54a00d8badf87f77c4b1958712484
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.60137363003?key=269fae23b64456068794f705a35afbdb&kw=%5B%22reveal%22%2C%22more%22%5D&refer=https%3A%2F%2Fwww.revealmore.tk%2F&tz=0&dev=e&res=12.1055&uuid=5c5fe48d-1678-4788-a76a-64f98188e809%3A3%3A1 HTTP/1.1
Host: lightssyrupdecree.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.revealmore.tk/
Cookie: u_pl=17099894; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzA5OTg5NCwiayI6IjI2OWZhZTIzYjY0NDU2MDY4Nzk0ZjcwNWEzNWFmYmRiIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxODE2Nzg2LCJwaWQiOjM3NDk4MiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjUsInB0Ijo0LCJwayI6InVpNnZoYmc2anMiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly93d3cucmV2ZWFsbW9yZS50ay8ifX0.a5m8r8a-0Zu_bM-G5Kjs0yk-MMmmIZbJ1xNxZaElJy4
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 29 Nov 2022 04:57:52 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzA5OTg5NCwiayI6IjI2OWZhZTIzYjY0NDU2MDY4Nzk0ZjcwNWEzNWFmYmRiIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxODE2Nzg2LCJwaWQiOjM3NDk4MiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjUsInB0Ijo0LCJwayI6InVpNnZoYmc2anMiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjpmYWxzZSwiciI6Imh0dHBzOi8vd3d3LnJldmVhbG1vcmUudGsvIn19.ryJX-5iz9Ozi_4F3m9yPmbsqTnNKez0YBwOJxyQ0jVo; expires=Tue, 29 Nov 2022 04:58:52 GMT; secure; SameSite=None
uid_id2=5c5fe48d-1678-4788-a76a-64f98188e809:3:1; expires=Tue, 06 Dec 2022 04:57:52 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 768612f2e596079f03e0cfb3e2de15bd
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
lightssyrupdecree.com/watch.92840339191?key=269fae23b64456068794f705a35afbdb&kw=%5B%22reveal%22%2C%22more%22%5D&refer=https%3A%2F%2Fwww.revealmore.tk%2F&tz=0&dev=e&res=12.1055&uuid=5c5fe48d-1678-4788-a76a-64f98188e809%3A3%3A1
173.233.137.36200 OK 1.2 kB URL HTTP/1.1 lightssyrupdecree.com/watch.92840339191?key=269fae23b64456068794f705a35afbdb&kw=%5B%22reveal%22%2C%22more%22%5D&refer=https%3A%2F%2Fwww.revealmore.tk%2F&tz=0&dev=e&res=12.1055&uuid=5c5fe48d-1678-4788-a76a-64f98188e809%3A3%3A1
IP 173.233.137.36:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (416)
Hash a6c3492ed0db8d50f28c114a9cde069a
fae68deea2259d638a84267622a014acca8b6d3a
2e593acfcadf027f0e407e152de23015595531d2fad22de915546e87dda8f85b
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.92840339191?key=269fae23b64456068794f705a35afbdb&kw=%5B%22reveal%22%2C%22more%22%5D&refer=https%3A%2F%2Fwww.revealmore.tk%2F&tz=0&dev=e&res=12.1055&uuid=5c5fe48d-1678-4788-a76a-64f98188e809%3A3%3A1 HTTP/1.1
Host: lightssyrupdecree.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.revealmore.tk/
Cookie: u_pl=17099894; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzA5OTg5NCwiayI6IjI2OWZhZTIzYjY0NDU2MDY4Nzk0ZjcwNWEzNWFmYmRiIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxODE2Nzg2LCJwaWQiOjM3NDk4MiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjUsInB0Ijo0LCJwayI6InVpNnZoYmc2anMiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly93d3cucmV2ZWFsbW9yZS50ay8ifX0.a5m8r8a-0Zu_bM-G5Kjs0yk-MMmmIZbJ1xNxZaElJy4
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 29 Nov 2022 04:57:52 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzA5OTg5NCwiayI6IjI2OWZhZTIzYjY0NDU2MDY4Nzk0ZjcwNWEzNWFmYmRiIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxODE2Nzg2LCJwaWQiOjM3NDk4MiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjUsInB0Ijo0LCJwayI6InVpNnZoYmc2anMiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjpmYWxzZSwiciI6Imh0dHBzOi8vd3d3LnJldmVhbG1vcmUudGsvIn19.ryJX-5iz9Ozi_4F3m9yPmbsqTnNKez0YBwOJxyQ0jVo; expires=Tue, 29 Nov 2022 04:58:52 GMT; secure; SameSite=None
uid_id2=5c5fe48d-1678-4788-a76a-64f98188e809:3:1; expires=Tue, 06 Dec 2022 04:57:52 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 44c3e001122e8b21700d5bff37fc0e98
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
specialistinsensitive.com/watch.826257569345?key=269fae23b64456068794f705a35afbdb&kw=%5B%22reveal%22%2C%22more%22%5D&refer=https%3A%2F%2Fwww.revealmore.tk%2F&tz=0&dev=e&res=12.1055&uuid=5c5fe48d-1678-4788-a76a-64f98188e809%3A3%3A1
173.233.137.60200 OK 1.2 kB URL HTTP/1.1 specialistinsensitive.com/watch.826257569345?key=269fae23b64456068794f705a35afbdb&kw=%5B%22reveal%22%2C%22more%22%5D&refer=https%3A%2F%2Fwww.revealmore.tk%2F&tz=0&dev=e&res=12.1055&uuid=5c5fe48d-1678-4788-a76a-64f98188e809%3A3%3A1
IP 173.233.137.60:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (416)
Hash e30b9e5038a5455caeea5c8a45ebf747
1c9b043792cdc75e7514d2da7f2eb7e366116920
c7aa9d6dc2c282d4aa3fb244702c7d93aa39f2a16c98d13718c6a27e31b42711
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.826257569345?key=269fae23b64456068794f705a35afbdb&kw=%5B%22reveal%22%2C%22more%22%5D&refer=https%3A%2F%2Fwww.revealmore.tk%2F&tz=0&dev=e&res=12.1055&uuid=5c5fe48d-1678-4788-a76a-64f98188e809%3A3%3A1 HTTP/1.1
Host: specialistinsensitive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.revealmore.tk/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 29 Nov 2022 04:57:52 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=17099894; expires=Wed, 30 Nov 2022 04:57:52 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzA5OTg5NCwiayI6IjI2OWZhZTIzYjY0NDU2MDY4Nzk0ZjcwNWEzNWFmYmRiIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxODE2Nzg2LCJwaWQiOjM3NDk4MiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjUsInB0Ijo0LCJwayI6InVpNnZoYmc2anMiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly93d3cucmV2ZWFsbW9yZS50ay8ifX0.a5m8r8a-0Zu_bM-G5Kjs0yk-MMmmIZbJ1xNxZaElJy4; expires=Tue, 29 Nov 2022 04:58:52 GMT; secure; SameSite=None
uid_id2=5c5fe48d-1678-4788-a76a-64f98188e809:3:1; expires=Tue, 06 Dec 2022 04:57:52 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: fc200b0843710a04011b9f9b713b0035
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
tractorfoolproofstandard.com/watch.20035756879?key=269fae23b64456068794f705a35afbdb&kw=%5B%22reveal%22%2C%22more%22%5D&refer=https%3A%2F%2Fwww.revealmore.tk%2F&tz=0&dev=e&res=12.1055&uuid=5c5fe48d-1678-4788-a76a-64f98188e809%3A3%3A1
173.233.139.164200 OK 1.2 kB URL HTTP/1.1 tractorfoolproofstandard.com/watch.20035756879?key=269fae23b64456068794f705a35afbdb&kw=%5B%22reveal%22%2C%22more%22%5D&refer=https%3A%2F%2Fwww.revealmore.tk%2F&tz=0&dev=e&res=12.1055&uuid=5c5fe48d-1678-4788-a76a-64f98188e809%3A3%3A1
IP 173.233.139.164:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (416)
Hash dc498aa607d39a40b49e5ce898056fc7
4aff20fa23c09e56f15b5afdd9d9177bbe6065b8
f3588b14bc24acdcfda1527752e390fbf9300335393faa8091fab0f3a5550247
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.20035756879?key=269fae23b64456068794f705a35afbdb&kw=%5B%22reveal%22%2C%22more%22%5D&refer=https%3A%2F%2Fwww.revealmore.tk%2F&tz=0&dev=e&res=12.1055&uuid=5c5fe48d-1678-4788-a76a-64f98188e809%3A3%3A1 HTTP/1.1
Host: tractorfoolproofstandard.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.revealmore.tk/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 29 Nov 2022 04:57:52 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=17099894; expires=Wed, 30 Nov 2022 04:57:52 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzA5OTg5NCwiayI6IjI2OWZhZTIzYjY0NDU2MDY4Nzk0ZjcwNWEzNWFmYmRiIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxODE2Nzg2LCJwaWQiOjM3NDk4MiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjUsInB0Ijo0LCJwayI6InVpNnZoYmc2anMiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly93d3cucmV2ZWFsbW9yZS50ay8ifX0.a5m8r8a-0Zu_bM-G5Kjs0yk-MMmmIZbJ1xNxZaElJy4; expires=Tue, 29 Nov 2022 04:58:52 GMT; secure; SameSite=None
uid_id2=5c5fe48d-1678-4788-a76a-64f98188e809:3:1; expires=Tue, 06 Dec 2022 04:57:52 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 1aef85fab9381b9eade422de9cf862af
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
lightssyrupdecree.com/watch.60137363003?shu=b141494d78b602c3c15bcde0026f03d51f2855a95ceaef55aa3bc135826e9e0a73756415567dd6b0bb9e7c89ba75cb357ae68c3c366fbdea3d898960ebc3311345c92d13073df131be8d99a9fe1f283ff8c68d3da0e114953b2da393d84a5839a1&pst=1669697932&rmtc=t&uuid=5c5fe48d-1678-4788-a76a-64f98188e809%3A3%3A1&pii=&in=false&key=269fae23b64456068794f705a35afbdb&refer=https%3A%2F%2Fwww.revealmore.tk%2F&kw=%5B%22reveal%22%2C%22more%22%5D&tz=0&dev=e&res=12.1055
173.233.137.36200 OK 0 B URL HTTP/1.1 lightssyrupdecree.com/watch.60137363003?shu=b141494d78b602c3c15bcde0026f03d51f2855a95ceaef55aa3bc135826e9e0a73756415567dd6b0bb9e7c89ba75cb357ae68c3c366fbdea3d898960ebc3311345c92d13073df131be8d99a9fe1f283ff8c68d3da0e114953b2da393d84a5839a1&pst=1669697932&rmtc=t&uuid=5c5fe48d-1678-4788-a76a-64f98188e809%3A3%3A1&pii=&in=false&key=269fae23b64456068794f705a35afbdb&refer=https%3A%2F%2Fwww.revealmore.tk%2F&kw=%5B%22reveal%22%2C%22more%22%5D&tz=0&dev=e&res=12.1055
IP 173.233.137.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.60137363003?shu=b141494d78b602c3c15bcde0026f03d51f2855a95ceaef55aa3bc135826e9e0a73756415567dd6b0bb9e7c89ba75cb357ae68c3c366fbdea3d898960ebc3311345c92d13073df131be8d99a9fe1f283ff8c68d3da0e114953b2da393d84a5839a1&pst=1669697932&rmtc=t&uuid=5c5fe48d-1678-4788-a76a-64f98188e809%3A3%3A1&pii=&in=false&key=269fae23b64456068794f705a35afbdb&refer=https%3A%2F%2Fwww.revealmore.tk%2F&kw=%5B%22reveal%22%2C%22more%22%5D&tz=0&dev=e&res=12.1055 HTTP/1.1
Host: lightssyrupdecree.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lightssyrupdecree.com/watch.60137363003?key=269fae23b64456068794f705a35afbdb&kw=%5B%22reveal%22%2C%22more%22%5D&refer=https%3A%2F%2Fwww.revealmore.tk%2F&tz=0&dev=e&res=12.1055&uuid=5c5fe48d-1678-4788-a76a-64f98188e809%3A3%3A1
Cookie: u_pl=17099894; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzA5OTg5NCwiayI6IjI2OWZhZTIzYjY0NDU2MDY4Nzk0ZjcwNWEzNWFmYmRiIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxODE2Nzg2LCJwaWQiOjM3NDk4MiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjUsInB0Ijo0LCJwayI6InVpNnZoYmc2anMiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjpmYWxzZSwiciI6Imh0dHBzOi8vd3d3LnJldmVhbG1vcmUudGsvIn19.ryJX-5iz9Ozi_4F3m9yPmbsqTnNKez0YBwOJxyQ0jVo; uid_id2=5c5fe48d-1678-4788-a76a-64f98188e809:3:1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 29 Nov 2022 04:57:52 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.revealmore.tk/
Access-Control-Allow-Origin: https://www.revealmore.tk/
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=5c5fe48d-1678-4788-a76a-64f98188e809:3:1; expires=Tue, 06 Dec 2022 04:57:52 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 79a7aa983007b835ae996880df632ae6
Strict-Transport-Security: max-age=0; includeSubdomains
lightssyrupdecree.com/watch.92840339191?shu=d15e9e0fb491aab5e025860172a587a45f1865e1eaf8b799b1c81f604058572c7fb748d251123837edfbb7afdc45cea3ad10e13027f0933de224bc036ee6d4bb87db1e54fd03c8121244298daaf05761af9915009d950e6da5df19c817a6a5a9ca&pst=1669697932&rmtc=t&uuid=5c5fe48d-1678-4788-a76a-64f98188e809%3A3%3A1&pii=&in=false&key=269fae23b64456068794f705a35afbdb&refer=https%3A%2F%2Fwww.revealmore.tk%2F&kw=%5B%22reveal%22%2C%22more%22%5D&tz=0&dev=e&res=12.1055
173.233.137.36200 OK 0 B URL HTTP/1.1 lightssyrupdecree.com/watch.92840339191?shu=d15e9e0fb491aab5e025860172a587a45f1865e1eaf8b799b1c81f604058572c7fb748d251123837edfbb7afdc45cea3ad10e13027f0933de224bc036ee6d4bb87db1e54fd03c8121244298daaf05761af9915009d950e6da5df19c817a6a5a9ca&pst=1669697932&rmtc=t&uuid=5c5fe48d-1678-4788-a76a-64f98188e809%3A3%3A1&pii=&in=false&key=269fae23b64456068794f705a35afbdb&refer=https%3A%2F%2Fwww.revealmore.tk%2F&kw=%5B%22reveal%22%2C%22more%22%5D&tz=0&dev=e&res=12.1055
IP 173.233.137.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.92840339191?shu=d15e9e0fb491aab5e025860172a587a45f1865e1eaf8b799b1c81f604058572c7fb748d251123837edfbb7afdc45cea3ad10e13027f0933de224bc036ee6d4bb87db1e54fd03c8121244298daaf05761af9915009d950e6da5df19c817a6a5a9ca&pst=1669697932&rmtc=t&uuid=5c5fe48d-1678-4788-a76a-64f98188e809%3A3%3A1&pii=&in=false&key=269fae23b64456068794f705a35afbdb&refer=https%3A%2F%2Fwww.revealmore.tk%2F&kw=%5B%22reveal%22%2C%22more%22%5D&tz=0&dev=e&res=12.1055 HTTP/1.1
Host: lightssyrupdecree.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lightssyrupdecree.com/watch.92840339191?key=269fae23b64456068794f705a35afbdb&kw=%5B%22reveal%22%2C%22more%22%5D&refer=https%3A%2F%2Fwww.revealmore.tk%2F&tz=0&dev=e&res=12.1055&uuid=5c5fe48d-1678-4788-a76a-64f98188e809%3A3%3A1
Cookie: u_pl=17099894; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzA5OTg5NCwiayI6IjI2OWZhZTIzYjY0NDU2MDY4Nzk0ZjcwNWEzNWFmYmRiIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxODE2Nzg2LCJwaWQiOjM3NDk4MiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjUsInB0Ijo0LCJwayI6InVpNnZoYmc2anMiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjpmYWxzZSwiciI6Imh0dHBzOi8vd3d3LnJldmVhbG1vcmUudGsvIn19.ryJX-5iz9Ozi_4F3m9yPmbsqTnNKez0YBwOJxyQ0jVo; uid_id2=5c5fe48d-1678-4788-a76a-64f98188e809:3:1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 29 Nov 2022 04:57:52 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.revealmore.tk/
Access-Control-Allow-Origin: https://www.revealmore.tk/
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=5c5fe48d-1678-4788-a76a-64f98188e809:3:1; expires=Tue, 06 Dec 2022 04:57:52 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 09e374dd5e2b7b7d032bd4642b73bb81
Strict-Transport-Security: max-age=0; includeSubdomains
specialistinsensitive.com/watch.826257569345?shu=85ada15c03a01c3422cb7010af50925adf195092da277e27c974d8d5a83e3ed07a4bd8481bcd4f473944286d942eac3419f6369c608451dda18dac5da5acb67d6ac6b05847abb12af4b18e90c6d61adb879b52b42cc64c5eb29d4556b888e73026648a&pst=1669697932&rmtc=t&uuid=5c5fe48d-1678-4788-a76a-64f98188e809%3A3%3A1&pii=&in=false&key=269fae23b64456068794f705a35afbdb&refer=https%3A%2F%2Fwww.revealmore.tk%2F&kw=%5B%22reveal%22%2C%22more%22%5D&tz=0&dev=e&res=12.1055
173.233.137.60200 OK 0 B URL HTTP/1.1 specialistinsensitive.com/watch.826257569345?shu=85ada15c03a01c3422cb7010af50925adf195092da277e27c974d8d5a83e3ed07a4bd8481bcd4f473944286d942eac3419f6369c608451dda18dac5da5acb67d6ac6b05847abb12af4b18e90c6d61adb879b52b42cc64c5eb29d4556b888e73026648a&pst=1669697932&rmtc=t&uuid=5c5fe48d-1678-4788-a76a-64f98188e809%3A3%3A1&pii=&in=false&key=269fae23b64456068794f705a35afbdb&refer=https%3A%2F%2Fwww.revealmore.tk%2F&kw=%5B%22reveal%22%2C%22more%22%5D&tz=0&dev=e&res=12.1055
IP 173.233.137.60:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.826257569345?shu=85ada15c03a01c3422cb7010af50925adf195092da277e27c974d8d5a83e3ed07a4bd8481bcd4f473944286d942eac3419f6369c608451dda18dac5da5acb67d6ac6b05847abb12af4b18e90c6d61adb879b52b42cc64c5eb29d4556b888e73026648a&pst=1669697932&rmtc=t&uuid=5c5fe48d-1678-4788-a76a-64f98188e809%3A3%3A1&pii=&in=false&key=269fae23b64456068794f705a35afbdb&refer=https%3A%2F%2Fwww.revealmore.tk%2F&kw=%5B%22reveal%22%2C%22more%22%5D&tz=0&dev=e&res=12.1055 HTTP/1.1
Host: specialistinsensitive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://specialistinsensitive.com/watch.826257569345?key=269fae23b64456068794f705a35afbdb&kw=%5B%22reveal%22%2C%22more%22%5D&refer=https%3A%2F%2Fwww.revealmore.tk%2F&tz=0&dev=e&res=12.1055&uuid=5c5fe48d-1678-4788-a76a-64f98188e809%3A3%3A1
Cookie: u_pl=17099894; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzA5OTg5NCwiayI6IjI2OWZhZTIzYjY0NDU2MDY4Nzk0ZjcwNWEzNWFmYmRiIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxODE2Nzg2LCJwaWQiOjM3NDk4MiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjUsInB0Ijo0LCJwayI6InVpNnZoYmc2anMiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly93d3cucmV2ZWFsbW9yZS50ay8ifX0.a5m8r8a-0Zu_bM-G5Kjs0yk-MMmmIZbJ1xNxZaElJy4; uid_id2=5c5fe48d-1678-4788-a76a-64f98188e809:3:1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 29 Nov 2022 04:57:52 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.revealmore.tk/
Access-Control-Allow-Origin: https://www.revealmore.tk/
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=5c5fe48d-1678-4788-a76a-64f98188e809:3:1; expires=Tue, 06 Dec 2022 04:57:52 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 2e55259101f71540102b9aee190b56d8
Strict-Transport-Security: max-age=0; includeSubdomains
parkingridiculous.com/watch.1234965334154?key=269fae23b64456068794f705a35afbdb&kw=%5B%22reveal%22%2C%22more%22%5D&refer=https%3A%2F%2Fwww.revealmore.tk%2F&tz=0&dev=e&res=12.1055&uuid=5c5fe48d-1678-4788-a76a-64f98188e809%3A3%3A1
192.243.59.13200 OK 1.2 kB URL HTTP/1.1 parkingridiculous.com/watch.1234965334154?key=269fae23b64456068794f705a35afbdb&kw=%5B%22reveal%22%2C%22more%22%5D&refer=https%3A%2F%2Fwww.revealmore.tk%2F&tz=0&dev=e&res=12.1055&uuid=5c5fe48d-1678-4788-a76a-64f98188e809%3A3%3A1
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (416)
Hash 57981aadc3eff90380d128d9899ad36d
c709bb25af34c5947b6e9680776e9be162eededc
cc41bd862cc2ea3fe93b1c35efa9399689a11886eb158fbda67c68b87c9e8de8
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1234965334154?key=269fae23b64456068794f705a35afbdb&kw=%5B%22reveal%22%2C%22more%22%5D&refer=https%3A%2F%2Fwww.revealmore.tk%2F&tz=0&dev=e&res=12.1055&uuid=5c5fe48d-1678-4788-a76a-64f98188e809%3A3%3A1 HTTP/1.1
Host: parkingridiculous.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.revealmore.tk/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Tue, 29 Nov 2022 04:57:52 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=17099894; expires=Wed, 30 Nov 2022 04:57:52 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzA5OTg5NCwiayI6IjI2OWZhZTIzYjY0NDU2MDY4Nzk0ZjcwNWEzNWFmYmRiIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxODE2Nzg2LCJwaWQiOjM3NDk4MiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjUsInB0Ijo0LCJwayI6InVpNnZoYmc2anMiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly93d3cucmV2ZWFsbW9yZS50ay8ifX0.a5m8r8a-0Zu_bM-G5Kjs0yk-MMmmIZbJ1xNxZaElJy4; expires=Tue, 29 Nov 2022 04:58:52 GMT; secure; SameSite=None
uid_id2=5c5fe48d-1678-4788-a76a-64f98188e809:3:1; expires=Tue, 06 Dec 2022 04:57:52 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: abbcd4c9e67c758c936bbea53a3ba7bb
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 678571f2e2de3dda01e76477d89a9dfa
030a472dcc0f8e327d17dbf27404e167cac02905
c5b6a67971676827a1cc5dde3877672754805a40b9fb84d62d83318ecad6fc99
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5B6A67971676827A1CC5DDE3877672754805A40B9FB84D62D83318ECAD6FC99"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2538
Expires: Tue, 29 Nov 2022 05:40:10 GMT
Date: Tue, 29 Nov 2022 04:57:52 GMT
Connection: keep-alive
tractorfoolproofstandard.com/sbar.json?key=299ee51dadfa609123ce449ff1f410b2&uuid=5c5fe48d-1678-4788-a76a-64f98188e809%3A3%3A1
173.233.139.164200 OK 0 B URL HTTP/1.1 tractorfoolproofstandard.com/sbar.json?key=299ee51dadfa609123ce449ff1f410b2&uuid=5c5fe48d-1678-4788-a76a-64f98188e809%3A3%3A1
IP 173.233.139.164:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /sbar.json?key=299ee51dadfa609123ce449ff1f410b2&uuid=5c5fe48d-1678-4788-a76a-64f98188e809%3A3%3A1 HTTP/1.1
Host: tractorfoolproofstandard.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.revealmore.tk
Connection: keep-alive
Referer: https://www.revealmore.tk/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 29 Nov 2022 04:57:52 GMT
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.revealmore.tk
Access-Control-Allow-Origin: https://www.revealmore.tk
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=17566393; expires=Wed, 30 Nov 2022 04:57:52 GMT; secure; SameSite=None
uid_id2=5c5fe48d-1678-4788-a76a-64f98188e809:3:1; expires=Tue, 06 Dec 2022 04:57:52 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: b3e5fa797be5d9a7c55cf523ad8a04c7
Strict-Transport-Security: max-age=0; includeSubdomains
tractorfoolproofstandard.com/watch.20035756879?shu=729985334429ed0a22b47bada24b8b7a31a339bb9c6d2e0e2197190be681aff093642ce56cbaa1a798ec2a8d1db45b371d5ada66ad99283286d19cab66c248b53d4f018e5ff4f32cea4324ef090d4a34dbe65ce28ca1b98e52600fb0818fff&pst=1669697932&rmtc=t&uuid=5c5fe48d-1678-4788-a76a-64f98188e809%3A3%3A1&pii=&in=false&key=269fae23b64456068794f705a35afbdb&refer=https%3A%2F%2Fwww.revealmore.tk%2F&res=12.1055&kw=%5B%22reveal%22%2C%22more%22%5D&tz=0&dev=e
173.233.139.164200 OK 0 B URL HTTP/1.1 tractorfoolproofstandard.com/watch.20035756879?shu=729985334429ed0a22b47bada24b8b7a31a339bb9c6d2e0e2197190be681aff093642ce56cbaa1a798ec2a8d1db45b371d5ada66ad99283286d19cab66c248b53d4f018e5ff4f32cea4324ef090d4a34dbe65ce28ca1b98e52600fb0818fff&pst=1669697932&rmtc=t&uuid=5c5fe48d-1678-4788-a76a-64f98188e809%3A3%3A1&pii=&in=false&key=269fae23b64456068794f705a35afbdb&refer=https%3A%2F%2Fwww.revealmore.tk%2F&res=12.1055&kw=%5B%22reveal%22%2C%22more%22%5D&tz=0&dev=e
IP 173.233.139.164:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.20035756879?shu=729985334429ed0a22b47bada24b8b7a31a339bb9c6d2e0e2197190be681aff093642ce56cbaa1a798ec2a8d1db45b371d5ada66ad99283286d19cab66c248b53d4f018e5ff4f32cea4324ef090d4a34dbe65ce28ca1b98e52600fb0818fff&pst=1669697932&rmtc=t&uuid=5c5fe48d-1678-4788-a76a-64f98188e809%3A3%3A1&pii=&in=false&key=269fae23b64456068794f705a35afbdb&refer=https%3A%2F%2Fwww.revealmore.tk%2F&res=12.1055&kw=%5B%22reveal%22%2C%22more%22%5D&tz=0&dev=e HTTP/1.1
Host: tractorfoolproofstandard.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tractorfoolproofstandard.com/watch.20035756879?key=269fae23b64456068794f705a35afbdb&kw=%5B%22reveal%22%2C%22more%22%5D&refer=https%3A%2F%2Fwww.revealmore.tk%2F&tz=0&dev=e&res=12.1055&uuid=5c5fe48d-1678-4788-a76a-64f98188e809%3A3%3A1
Cookie: u_pl=17099894; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzA5OTg5NCwiayI6IjI2OWZhZTIzYjY0NDU2MDY4Nzk0ZjcwNWEzNWFmYmRiIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxODE2Nzg2LCJwaWQiOjM3NDk4MiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjUsInB0Ijo0LCJwayI6InVpNnZoYmc2anMiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly93d3cucmV2ZWFsbW9yZS50ay8ifX0.a5m8r8a-0Zu_bM-G5Kjs0yk-MMmmIZbJ1xNxZaElJy4; uid_id2=5c5fe48d-1678-4788-a76a-64f98188e809:3:1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 29 Nov 2022 04:57:53 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.revealmore.tk/
Access-Control-Allow-Origin: https://www.revealmore.tk/
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=5c5fe48d-1678-4788-a76a-64f98188e809:3:1; expires=Tue, 06 Dec 2022 04:57:53 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ee9a3f108d751ffddd2aa985803ef12a
Strict-Transport-Security: max-age=0; includeSubdomains
parkingridiculous.com/watch.1234965334154?shu=c52ec904d59e2fa93c578f66ed5d6c48a16f0aa0db801cd7ba9a5559f45968ce6f27e3eb63db21fd72461a81574b93802b851edda2f7a3d75dc50b9d361d04011d3cd8f7fc05264c9c5f78e28a15b99cb20bf44c&pst=1669697932&rmtc=t&uuid=5c5fe48d-1678-4788-a76a-64f98188e809%3A3%3A1&pii=&in=false&key=269fae23b64456068794f705a35afbdb&refer=https%3A%2F%2Fwww.revealmore.tk%2F&res=12.1055&kw=%5B%22reveal%22%2C%22more%22%5D&tz=0&dev=e
192.243.59.13200 OK 0 B URL HTTP/1.1 parkingridiculous.com/watch.1234965334154?shu=c52ec904d59e2fa93c578f66ed5d6c48a16f0aa0db801cd7ba9a5559f45968ce6f27e3eb63db21fd72461a81574b93802b851edda2f7a3d75dc50b9d361d04011d3cd8f7fc05264c9c5f78e28a15b99cb20bf44c&pst=1669697932&rmtc=t&uuid=5c5fe48d-1678-4788-a76a-64f98188e809%3A3%3A1&pii=&in=false&key=269fae23b64456068794f705a35afbdb&refer=https%3A%2F%2Fwww.revealmore.tk%2F&res=12.1055&kw=%5B%22reveal%22%2C%22more%22%5D&tz=0&dev=e
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1234965334154?shu=c52ec904d59e2fa93c578f66ed5d6c48a16f0aa0db801cd7ba9a5559f45968ce6f27e3eb63db21fd72461a81574b93802b851edda2f7a3d75dc50b9d361d04011d3cd8f7fc05264c9c5f78e28a15b99cb20bf44c&pst=1669697932&rmtc=t&uuid=5c5fe48d-1678-4788-a76a-64f98188e809%3A3%3A1&pii=&in=false&key=269fae23b64456068794f705a35afbdb&refer=https%3A%2F%2Fwww.revealmore.tk%2F&res=12.1055&kw=%5B%22reveal%22%2C%22more%22%5D&tz=0&dev=e HTTP/1.1
Host: parkingridiculous.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://parkingridiculous.com/watch.1234965334154?key=269fae23b64456068794f705a35afbdb&kw=%5B%22reveal%22%2C%22more%22%5D&refer=https%3A%2F%2Fwww.revealmore.tk%2F&tz=0&dev=e&res=12.1055&uuid=5c5fe48d-1678-4788-a76a-64f98188e809%3A3%3A1
Cookie: u_pl=17099894; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzA5OTg5NCwiayI6IjI2OWZhZTIzYjY0NDU2MDY4Nzk0ZjcwNWEzNWFmYmRiIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxODE2Nzg2LCJwaWQiOjM3NDk4MiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjUsInB0Ijo0LCJwayI6InVpNnZoYmc2anMiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly93d3cucmV2ZWFsbW9yZS50ay8ifX0.a5m8r8a-0Zu_bM-G5Kjs0yk-MMmmIZbJ1xNxZaElJy4; uid_id2=5c5fe48d-1678-4788-a76a-64f98188e809:3:1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Tue, 29 Nov 2022 04:57:53 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.revealmore.tk/
Access-Control-Allow-Origin: https://www.revealmore.tk/
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=5c5fe48d-1678-4788-a76a-64f98188e809:3:1; expires=Tue, 06 Dec 2022 04:57:52 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 049fcd23b9e00f9c70b0beae131d1c48
Strict-Transport-Security: max-age=0; includeSubdomains
www.spikereekvelocity.com/dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=17322255
192.243.59.12200 OK 1.2 kB URL HTTP/1.1 www.spikereekvelocity.com/dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=17322255
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash b8fff33dde81e5e1f3f376f196c39379
8b6c155c85d6a073558fd7f627ee5ffa99e6f4ef
994d6a5156a63cc6a3a5bbdb6de9774930d1823318bca5cbaca9a31eafb70c85
Analyzer Verdict Alert quad9 Sinkholed
GET /dyfc1k09?key=863705bcbb4b6a554ddb359665395a6f&psid=17322255 HTTP/1.1
Host: www.spikereekvelocity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.revealmore.tk/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Tue, 29 Nov 2022 04:57:53 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=16122660; expires=Wed, 30 Nov 2022 04:57:53 GMT
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjEyMjY2MCwiayI6Ijg2MzcwNWJjYmI0YjZhNTU0ZGRiMzU5NjY1Mzk1YTZmIiwic2lkIjoiMTczMjIyNTUiLCJpc2lkIjoyLCJhc2lkIjoxLCJ6aWQiOjE0NjQxNSwicGlkIjo5NzI5OSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI4LCJwdCI6NCwicGsiOiJkeWZjMWswOSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly93d3cucmV2ZWFsbW9yZS50ay8ifX0.09FYCk4jKHM-TgZm1mILMCgdjf57asqla9OHpDdlGqA; expires=Tue, 29 Nov 2022 04:58:53 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 1ecfd34552aefe29acf155d507be1008
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
www.spikereekvelocity.com/dyfc1k09?shu=2d1fdb28c66d7992c2d5ee659fb808002de35cc5e21d766a2d470d1dee53e968686cd942b8d1647298be69ede56aab3356bfb0cb39d7aba5a3eaa1d88c591b9dcf9ee30e412a183ca07df06dc5e48d2090c84fe6&pst=1669697933&rmtc=t&uuid=&pii=&in=false&key=863705bcbb4b6a554ddb359665395a6f&refer=https%3A%2F%2Fwww.revealmore.tk%2F&psid=17322255
192.243.59.12302 Found 0 B URL HTTP/1.1 www.spikereekvelocity.com/dyfc1k09?shu=2d1fdb28c66d7992c2d5ee659fb808002de35cc5e21d766a2d470d1dee53e968686cd942b8d1647298be69ede56aab3356bfb0cb39d7aba5a3eaa1d88c591b9dcf9ee30e412a183ca07df06dc5e48d2090c84fe6&pst=1669697933&rmtc=t&uuid=&pii=&in=false&key=863705bcbb4b6a554ddb359665395a6f&refer=https%3A%2F%2Fwww.revealmore.tk%2F&psid=17322255
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /dyfc1k09?shu=2d1fdb28c66d7992c2d5ee659fb808002de35cc5e21d766a2d470d1dee53e968686cd942b8d1647298be69ede56aab3356bfb0cb39d7aba5a3eaa1d88c591b9dcf9ee30e412a183ca07df06dc5e48d2090c84fe6&pst=1669697933&rmtc=t&uuid=&pii=&in=false&key=863705bcbb4b6a554ddb359665395a6f&refer=https%3A%2F%2Fwww.revealmore.tk%2F&psid=17322255 HTTP/1.1
Host: www.spikereekvelocity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.spikereekvelocity.com/dyfc1k09?key=0f22c1fd609f13cb7947c8cabfe1a90d&submetric=16122660
Cookie: u_pl=16122660; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjEyMjY2MCwiayI6Ijg2MzcwNWJjYmI0YjZhNTU0ZGRiMzU5NjY1Mzk1YTZmIiwic2lkIjoiMTczMjIyNTUiLCJpc2lkIjoyLCJhc2lkIjoxLCJ6aWQiOjE0NjQxNSwicGlkIjo5NzI5OSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozLCJhaWQiOjI4LCJwdCI6NCwicGsiOiJkeWZjMWswOSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly93d3cucmV2ZWFsbW9yZS50ay8ifX0.09FYCk4jKHM-TgZm1mILMCgdjf57asqla9OHpDdlGqA; cjs=t
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 302 Found
Server: nginx/1.17.6
Date: Tue, 29 Nov 2022 04:57:53 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Location: https://spo76rt28r.com/news.php?key=ra60tm42lesurp8cpy3o&SUB_ID_SHORT(action)=18ff95ea8267e398b00e0f235e721ffb&COST_CPA=0.700000&PLACEMENT_ID=16122660&BANNER_ID=2033306&COUNTRY_CODE=NO&IAB_CATEGORY=IAB24&BROWSER_NAME=Firefox&USER_OS=Windows&PUBLISHER_ID=97299&ZONE_ID=146415&USER_CARRIER=Blix%20Solutions&CATEGORY_ALIAS=Other
Set-Cookie: iprc2df6df233e779f51f985c21fc710c0a6=3806410; expires=Wed, 30 Nov 2022 04:57:53 GMT
pdhtkv=true; expires=Wed, 30 Nov 2022 04:57:53 GMT
uncs=1; expires=Wed, 30 Nov 2022 04:57:53 GMT
pdhtkv28=true; expires=Wed, 30 Nov 2022 04:57:53 GMT
uncs28=1; expires=Wed, 30 Nov 2022 04:57:53 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: e8b2137770668f606531ef87f389e958
Strict-Transport-Security: max-age=0; includeSubdomains
spo76rt28r.com/news.php?key=ra60tm42lesurp8cpy3o&SUB_ID_SHORT(action)=18ff95ea8267e398b00e0f235e721ffb&COST_CPA=0.700000&PLACEMENT_ID=16122660&BANNER_ID=2033306&COUNTRY_CODE=NO&IAB_CATEGORY=IAB24&BROWSER_NAME=Firefox&USER_OS=Windows&PUBLISHER_ID=97299&ZONE_ID=146415&USER_CARRIER=Blix%20Solutions&CATEGORY_ALIAS=Other
78.46.92.254302 Found 0 B URL HTTP/1.1 spo76rt28r.com/news.php?key=ra60tm42lesurp8cpy3o&SUB_ID_SHORT(action)=18ff95ea8267e398b00e0f235e721ffb&COST_CPA=0.700000&PLACEMENT_ID=16122660&BANNER_ID=2033306&COUNTRY_CODE=NO&IAB_CATEGORY=IAB24&BROWSER_NAME=Firefox&USER_OS=Windows&PUBLISHER_ID=97299&ZONE_ID=146415&USER_CARRIER=Blix%20Solutions&CATEGORY_ALIAS=Other
IP 78.46.92.254:0
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /news.php?key=ra60tm42lesurp8cpy3o&SUB_ID_SHORT(action)=18ff95ea8267e398b00e0f235e721ffb&COST_CPA=0.700000&PLACEMENT_ID=16122660&BANNER_ID=2033306&COUNTRY_CODE=NO&IAB_CATEGORY=IAB24&BROWSER_NAME=Firefox&USER_OS=Windows&PUBLISHER_ID=97299&ZONE_ID=146415&USER_CARRIER=Blix%20Solutions&CATEGORY_ALIAS=Other HTTP/1.1
Host: spo76rt28r.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.spikereekvelocity.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.22.0
Date: Tue, 29 Nov 2022 04:57:54 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: uclick=h9wf3z3z0; expires=Wed, 30-Nov-2022 04:57:54 GMT; Max-Age=86400; path=/; secure; SameSite=none
uclickhash=h9wf3z3z0-h9wf3z3z0-17dz-166o-ir8n-bza7-oje8-c42702; expires=Wed, 30-Nov-2022 04:57:54 GMT; Max-Age=86400; path=/; secure; SameSite=none
Location: https://bo2217ok3tro9.com/1/?lpkey=162a69c069dc81a874&uclick=h9wf3z3z0&uclickhash=h9wf3z3z0-h9wf3z3z0-17dz-166o-ir8n-bza7-oje8-c42702
Strict-Transport-Security: max-age=31536000
bo2217ok3tro9.com/1/?lpkey=162a69c069dc81a874&uclick=h9wf3z3z0&uclickhash=h9wf3z3z0-h9wf3z3z0-17dz-166o-ir8n-bza7-oje8-c42702
78.46.92.254200 OK 1.4 kB URL HTTP/1.1 bo2217ok3tro9.com/1/?lpkey=162a69c069dc81a874&uclick=h9wf3z3z0&uclickhash=h9wf3z3z0-h9wf3z3z0-17dz-166o-ir8n-bza7-oje8-c42702
IP 78.46.92.254:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 0bbb113ff85b78b6485a9783946e6948
8663005f0ad88c2a768937edb56177387103594d
70c7e9fa94eb5b8fb5b61e0ee25167ace062bea13773331f7d02814822fbf004
GET /1/?lpkey=162a69c069dc81a874&uclick=h9wf3z3z0&uclickhash=h9wf3z3z0-h9wf3z3z0-17dz-166o-ir8n-bza7-oje8-c42702 HTTP/1.1
Host: bo2217ok3tro9.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.spikereekvelocity.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Tue, 29 Nov 2022 04:57:54 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash ebda5539b32fd20ab6af182e1bc1e20b
4dd11178830150371e491ff52718a5f32b7e6169
7dde43dd3acc5353cc49b96dbced0a6995e47f52b4a055c6d4b35ab44e8f5fca
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3343
Cache-Control: max-age=125570
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 04:57:54 GMT
Etag: "6384cbc5-117"
Expires: Wed, 30 Nov 2022 15:50:44 GMT
Last-Modified: Mon, 28 Nov 2022 14:55:01 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash a0fe20d41a043db700a84924cd9793f3
c0da481fef6cd00558f6e68b074acb34bef8292f
03caeb65ab9e22f6d6fe0d344d327950d20ee9ed144e2da0e5e062943a03fc56
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 04:57:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api.js
142.250.74.164200 OK 553 B URL HTTP/2 www.google.com/recaptcha/api.js
IP 142.250.74.164:0
File type ASCII text, with very long lines (850), with no line terminators
Hash 1309ff133720d219cc98090d66a051ed
b96fc5a893e42be16d687d7abdecdb13d348a019
358683c66634ea5ee3021c93111d8621d583880bcbbfadf3ec2ff87a15ea1038
GET /recaptcha/api.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bo2217ok3tro9.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Tue, 29 Nov 2022 04:57:54 GMT
date: Tue, 29 Nov 2022 04:57:54 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 553
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash abd55ecd24d357a9f02612558f723a90
6a1e6963864f0b53ddc6205d35225e6cf0bcbeec
195fa531e0462be58d5c62ebbe6060e147c94bdb1d38ff46c341c74e0ab2671a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 04:57:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash f50fd635895870df33a17fe377a6a038
dd65dfbbc810b095432cfd59f971af04a9e31ab7
ebd9b6c3f67865c297d08802839c940994424000df3bf8a3f1316b8e13666e94
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 04:57:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtm.js?id=GTM-547JG5H
142.250.74.168200 OK 39 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-547JG5H
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash 7c9e6a3d79fb92f6aafd9b9d21815a37
fbd733e1a5a431a47fc8f36309f8445e742f78c4
bcef4905a70c2ec3e716fc49ca9392a7e465cb69d439eff29fe2af77ba83b275
GET /gtm.js?id=GTM-547JG5H HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bo2217ok3tro9.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 29 Nov 2022 04:57:54 GMT
expires: Tue, 29 Nov 2022 04:57:54 GMT
cache-control: private, max-age=900
last-modified: Tue, 29 Nov 2022 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 38601
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
unpkg.com/axios@1.2.0/dist/axios.min.js
104.16.123.175200 OK 72 kB URL HTTP/2 unpkg.com/axios@1.2.0/dist/axios.min.js
IP 104.16.123.175:0
File type ASCII text, with very long lines (29551)
Hash 8d69717375336938f6d29a359dc6e321
9ca53f5509deff61f39d3917294739dc5894fbc5
f51b05fb8a91b7b4f709fffc0b9a59f92163baf237852e78c6dc5b5f702974c8
GET /axios@1.2.0/dist/axios.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://bo2217ok3tro9.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 04:57:54 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"7396-Wc6sdIzlj1RsovoMRKQah8UZFhA"
via: 1.1 fly.io
fly-request-id: 01GJGC0D1SRCGJTEVMAF435H8Z-ams
cf-cache-status: HIT
age: 553612
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7718c3e2ac7ab4f1-OSL
content-encoding: br
X-Firefox-Spdy: h2
bo2217ok3tro9.com/favicon.png
78.46.92.254404 Not Found 114 B URL HTTP/1.1 bo2217ok3tro9.com/favicon.png
IP 78.46.92.254:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash b9841984dca9ab290d79563f36ae6d8d
35a6cc4edf0c92bd155144871968659dafb4d1c3
546c212f587bf539f97ed64bbc3ae6c09bd7ee64976e71f091df859c217a0c14
GET /favicon.png HTTP/1.1
Host: bo2217ok3tro9.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bo2217ok3tro9.com/1/?lpkey=162a69c069dc81a874&uclick=h9wf3z3z0&uclickhash=h9wf3z3z0-h9wf3z3z0-17dz-166o-ir8n-bza7-oje8-c42702
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Server: nginx/1.22.0
Date: Tue, 29 Nov 2022 04:57:54 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 49eee25f3ccd585a29e34e80cf5bb160
73eca8be91deedd049304862759a3d8084c0b07e
531e5685527861b3ed7e8e3865c5a6a40d3f92f5c9d89df3f385dab72406fb56
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 04:57:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js
142.250.74.163200 OK 163 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js
IP 142.250.74.163:0
File type ASCII text, with very long lines (730)
Size 163 kB (162976 bytes)
Hash 79d18cf4265108d7cecca1bf4ada6109
e51d0285a545381d4c39e9e0292a650ffeeecbb9
59ce7253f371df0833c3f72d4748ef812002b90a49413c56d0ca7c40bb5a0ab6
GET /recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bo2217ok3tro9.com
Connection: keep-alive
Referer: https://bo2217ok3tro9.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 162976
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 26 Nov 2022 21:26:04 GMT
expires: Sun, 26 Nov 2023 21:26:04 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 14 Nov 2022 03:01:59 GMT
content-type: text/javascript
age: 199910
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.195200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 26 Nov 2022 12:31:58 GMT
expires: Sun, 26 Nov 2023 12:31:58 GMT
cache-control: public, max-age=31536000
age: 231957
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
unpkg.com/axios/dist/axios.min.js
104.16.123.175302 Found 0 B URL HTTP/2 unpkg.com/axios/dist/axios.min.js
IP 104.16.123.175:0
GET /axios/dist/axios.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bo2217ok3tro9.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Tue, 29 Nov 2022 04:57:54 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=600, max-age=60
location: /axios@1.2.0/dist/axios.min.js
vary: Accept, Accept-Encoding
via: 1.1 fly.io
fly-request-id: 01GK0VWR2P9AJHF1FNEDBD5K5V-fra
cf-cache-status: HIT
age: 84
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7718c3e29c6ab4f1-OSL
X-Firefox-Spdy: h2