internetbitches.com/safiyaax-onlyfans-leaks-20-photos/
104.21.84.193301 Moved Permanently 0 B URL HTTP/1.1 internetbitches.com/safiyaax-onlyfans-leaks-20-photos/
IP 104.21.84.193:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /safiyaax-onlyfans-leaks-20-photos/ HTTP/1.1
Host: internetbitches.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Mon, 19 Sep 2022 20:27:21 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Mon, 19 Sep 2022 21:27:21 GMT
Location: https://internetbitches.com/safiyaax-onlyfans-leaks-20-photos/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7lK0%2FGP8r12up80OAZhqq%2Fjs0gqtntu3hhqNhmKLFti3%2BgxBDP4V6y3jOW%2BTzbcFUiEJd590wrDgWk%2BPh%2FUgUpoA%2BiOvP1OqWmr2kBse18NS%2B2upx9DLiZ4oGg08mZxr9%2FmwX0m8"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74d50fc2495eb527-OSL
alt-svc: h2=":443"; ma=60
firefox.settings.services.mozilla.com/v1/
143.204.55.27200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 99b7d23c1748d0526782b9ff9ea45f09
eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f
48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 19 Sep 2022 20:12:48 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: D_WnxH13ygebl6BcF5gy8BY77HLiJbPstcFgp1ibcO2De81scESD4w==
Age: 873
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 861cfa99de956423d917ed0ddbea4b9c
ad65dbc394b48b04a45c205f56af296c8d008db4
5c706b2718b1698995f4feb91223779aef4bf6dc967c31f9ef9a93873197d5f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5C706B2718B1698995F4FEB91223779AEF4BF6DC967C31F9EF9A93873197D5F9"
Last-Modified: Sun, 18 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8601
Expires: Mon, 19 Sep 2022 22:50:42 GMT
Date: Mon, 19 Sep 2022 20:27:21 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.25200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.25:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Mon, 19 Sep 2022 04:35:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: uJ6UTHqtRrMnPolOd728NMn9LB7WGFV2egT0wNexfT6Mjci5H7J12g==
age: 57128
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a0a496f1d4c67d1f3dbccb2d417957a3
b831add60077e2698836b1f310686059d5b68797
fbc289a6e1d245428ec336c4c0d95e8732731a1f6f32d430249da814334b1379
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "FBC289A6E1D245428EC336C4C0D95E8732731A1F6F32D430249DA814334B1379"
Last-Modified: Mon, 19 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19352
Expires: Tue, 20 Sep 2022 01:49:53 GMT
Date: Mon, 19 Sep 2022 20:27:21 GMT
Connection: keep-alive
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 20:27:21 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a0a496f1d4c67d1f3dbccb2d417957a3
b831add60077e2698836b1f310686059d5b68797
fbc289a6e1d245428ec336c4c0d95e8732731a1f6f32d430249da814334b1379
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "FBC289A6E1D245428EC336C4C0D95E8732731A1F6F32D430249DA814334B1379"
Last-Modified: Mon, 19 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19352
Expires: Tue, 20 Sep 2022 01:49:53 GMT
Date: Mon, 19 Sep 2022 20:27:21 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 45f95aa258ab932ac2f8a33ff7944ffe
8f52b66e897dab7cb160d481886805ea216f407f
de4fd2aaa566b601e82c38806ec8ea84110b1d63f15efe48186f5bcf70847488
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 20:27:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f68b192b91ea86e4a4cd5b063b112c42
7279c8d127aa10a2710b10ed9f18a882892e8586
d4c3b5cae5cc02de04be1d8c55d0fc74c6ba1794798464646cec48c57a5641b6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D4C3B5CAE5CC02DE04BE1D8C55D0FC74C6BA1794798464646CEC48C57A5641B6"
Last-Modified: Sun, 18 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14402
Expires: Tue, 20 Sep 2022 00:27:23 GMT
Date: Mon, 19 Sep 2022 20:27:21 GMT
Connection: keep-alive
www.googletagmanager.com/gtag/js?id=UA-213792027-33
142.250.74.72200 OK 42 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-213792027-33
IP 142.250.74.72:0
File type ASCII text, with very long lines (1720)
Hash 8a42ff787c6e2378e0f5f3210a8eea56
4474a249b86671815edff6653df61365250484f9
7d31a43a4605c58acf9a625030caabe099c8cd627e2a17e30f485fd30a360cfd
GET /gtag/js?id=UA-213792027-33 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://internetbitches.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 19 Sep 2022 20:27:21 GMT
expires: Mon, 19 Sep 2022 20:27:21 GMT
cache-control: private, max-age=900
last-modified: Mon, 19 Sep 2022 20:11:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 42351
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
internetbitches.com/safiyaax-onlyfans-leaks-20-photos/
104.21.84.193200 OK 26 kB URL HTTP/2 internetbitches.com/safiyaax-onlyfans-leaks-20-photos/
IP 104.21.84.193:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (8047)
Hash ef4e94a76cd1e8e4e48ee9e5cf92c6b6
6af557688b3ef848a4dd8274427c351dd40a44cd
0a4c1e08973a63dcc55dffd188b56a9cb53a9778da86805a2394e4ab4bdd6233
GET /safiyaax-onlyfans-leaks-20-photos/ HTTP/1.1
Host: internetbitches.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Mon, 19 Sep 2022 20:27:21 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding, Accept-Encoding
x-powered-by: PHP/7.4.30
last-modified: Mon, 19 Sep 2022 20:27:17 GMT
x-varnish: 952074653 173080594
age: 4
via: 1.1 varnish (Varnish/6.2)
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rHSIKb%2FpjUeDzMwchG3g4aKRNPgdwK7x7zr2mtHkfxY%2FK9mEhFeDO%2FYNGGS5JW3ku%2FkemFWPxcOMJCPcg999RooRC68WLWH01u9KLnR3frNU8A0OGv5CDq3d0fFEQ1GzbIdEno8D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74d50fc439c70b06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.27200 OK 5.2 kB URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.27:0
Hash 5a5d30a0e8ef3c8ce389ce3b16d47732
a36facd9f80c3b2ec375970c7361d0ecaf507713
063995eb41454aeb8cc05394d13e0738983de9dd09cda06ec311803e68f460e5
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Mon, 19 Sep 2022 20:03:22 GMT
Cache-Control: max-age=3600
Expires: Mon, 19 Sep 2022 20:30:03 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: XY7FG-iPfK3T4njvU-8r54oeRpa6V0oTwijvNW2m0pt3UNHRbEGAXw==
Age: 1440
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 5c817aa82ca8ed4a4257fd1e1628b423
7905c62b6bbc582860c07b75eddae371a4b8d02b
dce1783ecfe50c83d30878b48d60e1cf3fe42a3fa4090fb5d318194de73e53d6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4800
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 20:27:22 GMT
Last-Modified: Mon, 19 Sep 2022 19:07:22 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
54.187.71.185101 Switching Protocols 57 kB URL HTTP/1.1 push.services.mozilla.com/
IP 54.187.71.185:0
Hash 843101af5f54e6c46f4920a10934bbc9
af313d3b74354d937b0fbc0c44f5e9299bd1d22c
30ade0bad89c006df0dfaee2dfae7748feeb2de56c27263db9e6a3f081dab2e6
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: V2PxnfMetKdbBbpPfQ1IqQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: fr0p1woYnk2/k4O/epsCo3ixJLU=
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 85aa2dcaf76d25900c78356e5e1c254f
46cd66c9921a162c9e67cfa7d85bc82e5967d531
741815f43b76661b9edde512bc9061cb4bc659b297e7d822bf8e68e5aac9d23d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "741815F43B76661B9EDDE512BC9061CB4BC659B297E7D822BF8E68E5AAC9D23D"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6323
Expires: Mon, 19 Sep 2022 22:12:46 GMT
Date: Mon, 19 Sep 2022 20:27:23 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 85aa2dcaf76d25900c78356e5e1c254f
46cd66c9921a162c9e67cfa7d85bc82e5967d531
741815f43b76661b9edde512bc9061cb4bc659b297e7d822bf8e68e5aac9d23d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "741815F43B76661B9EDDE512BC9061CB4BC659B297E7D822BF8E68E5AAC9D23D"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6323
Expires: Mon, 19 Sep 2022 22:12:46 GMT
Date: Mon, 19 Sep 2022 20:27:23 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 85aa2dcaf76d25900c78356e5e1c254f
46cd66c9921a162c9e67cfa7d85bc82e5967d531
741815f43b76661b9edde512bc9061cb4bc659b297e7d822bf8e68e5aac9d23d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "741815F43B76661B9EDDE512BC9061CB4BC659B297E7D822BF8E68E5AAC9D23D"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6323
Expires: Mon, 19 Sep 2022 22:12:46 GMT
Date: Mon, 19 Sep 2022 20:27:23 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 85aa2dcaf76d25900c78356e5e1c254f
46cd66c9921a162c9e67cfa7d85bc82e5967d531
741815f43b76661b9edde512bc9061cb4bc659b297e7d822bf8e68e5aac9d23d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "741815F43B76661B9EDDE512BC9061CB4BC659B297E7D822BF8E68E5AAC9D23D"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6323
Expires: Mon, 19 Sep 2022 22:12:46 GMT
Date: Mon, 19 Sep 2022 20:27:23 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 85aa2dcaf76d25900c78356e5e1c254f
46cd66c9921a162c9e67cfa7d85bc82e5967d531
741815f43b76661b9edde512bc9061cb4bc659b297e7d822bf8e68e5aac9d23d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "741815F43B76661B9EDDE512BC9061CB4BC659B297E7D822BF8E68E5AAC9D23D"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6323
Expires: Mon, 19 Sep 2022 22:12:46 GMT
Date: Mon, 19 Sep 2022 20:27:23 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e5b5676-18df-4d43-8bbd-b85ffe4f1a94.jpeg
34.120.237.76200 OK 5.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e5b5676-18df-4d43-8bbd-b85ffe4f1a94.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1105b56cf779b6df1cbd081bbd0cda50
58c5d6f8ba1d3236d788ac55ff7cb2ec7863fb5c
10c1f0433baf51e06565ff905688075aaba8fec0a8b3f9cef34168e297f94c2c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e5b5676-18df-4d43-8bbd-b85ffe4f1a94.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5866
x-amzn-requestid: 3a7db39d-cd4f-486f-954b-39fc7464706c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YrNeAE67IAMFSoQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63278f8c-66a419ac7fbd977f5f41061b;Sampled=0
x-amzn-remapped-date: Sun, 18 Sep 2022 21:37:16 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: TdVz72qdwMdsuW1WsOq1qEZk2vmbXJlbppLTTsZ9PlrmN7GEph0dyQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 21:53:39 GMT
etag: "58c5d6f8ba1d3236d788ac55ff7cb2ec7863fb5c"
content-type: image/jpeg
age: 81224
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c670b93-3941-4322-a938-e74eba949ad6.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c670b93-3941-4322-a938-e74eba949ad6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f003d8b6e12692fb16dddd6827deead8
786c333cf08456aea446a55c547520572e1c2df9
d79ea50cfc0f237b3de8f1826cbae1de0b1dbc632a5a06b08d9640abedded935
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c670b93-3941-4322-a938-e74eba949ad6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11919
x-amzn-requestid: 2f547c1f-2f5d-4707-8f6c-fe9dfff51383
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YbfS4FI9oAMFScw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632145ab-3c967f2653d06c1c079f88c1;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 03:08:27 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: xG9XQItrQEJXCW9JRcI6aDELQKCTOlnwq1Xg5_vQcqCPNtHGWkScFw==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 22:00:17 GMT
age: 80826
etag: "786c333cf08456aea446a55c547520572e1c2df9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd460ce9f-ea5c-436e-8b02-8ec8233b9681.jpeg
34.120.237.76200 OK 5.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd460ce9f-ea5c-436e-8b02-8ec8233b9681.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e4098577adb98eae5ba4a8b5e143df71
b0ad467f2837d103f8a96fb732bd34176c4c7110
83aa54020ffc684690dfb58d78608411de38ab02fee50808a8243c6b388e77c0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd460ce9f-ea5c-436e-8b02-8ec8233b9681.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5064
x-amzn-requestid: 985dbd5b-3e8a-4e22-a974-1effa6c99112
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YrOS8FyBoAMFrCQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632790df-201df5494f1513b91eefe9d5;Sampled=0
x-amzn-remapped-date: Sun, 18 Sep 2022 21:42:55 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: GIhj3a2-SwYu2w4mLx7JiIJzFfV82-Et89ORRsx5fsGOx9nttPlCxA==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 21:57:13 GMT
etag: "b0ad467f2837d103f8a96fb732bd34176c4c7110"
content-type: image/jpeg
age: 81010
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a91bc33-86f4-4bda-af70-da083ceb7c72.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a91bc33-86f4-4bda-af70-da083ceb7c72.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d3e70b2859ca89b353682d03f6b46b93
ebd83f29edd95217dfa4f4c7a94eddf34dd58b14
43ad8f8b0a664bbec39e0410c1201498a2d2e36e5bd7d5ece8d65b15230ec50b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a91bc33-86f4-4bda-af70-da083ceb7c72.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10894
x-amzn-requestid: f7aad96e-af80-4db7-8bc1-d1e09a9b37e8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YeJQGHhOIAMFYuw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6322559a-538534e91448af217c59ab3d;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 22:28:42 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: P7aZQzmAvqn2rcHJUQjHo0Dcg8dsrqseey5mNOabfq1b857M4SUMDQ==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 10:33:00 GMT
age: 35663
etag: "ebd83f29edd95217dfa4f4c7a94eddf34dd58b14"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F24f3f8eb-09f7-4c60-864d-3ff96da7c86a.jpeg
34.120.237.76200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F24f3f8eb-09f7-4c60-864d-3ff96da7c86a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 893f3495f1f575e946a57c8e8411b2a5
480182fd29c7edd369339847b85e4e2580cef0f6
097d868881231eae089ac8b97d5dc290583477f63dc35b7458ed4898e0db3e0c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F24f3f8eb-09f7-4c60-864d-3ff96da7c86a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6428
x-amzn-requestid: 7dd3072b-403a-4bb4-b8c4-58a6d7c254f7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YRmgCGJVIAMFk5Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631d5133-0756be8c75da02a857e36a2f;Sampled=0
x-amzn-remapped-date: Sun, 11 Sep 2022 03:08:35 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: nD62kVNMZRvoZaM85m1kNlgU-KOj2X7tqhy9cPxGJFaBHCMVEsvWXQ==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 21:53:45 GMT
age: 81218
etag: "480182fd29c7edd369339847b85e4e2580cef0f6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc97d270b-72af-4a6b-ae64-123f7b52851e.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc97d270b-72af-4a6b-ae64-123f7b52851e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3d9fd171b51b27aa84e06e7d5a40116e
a81660dcace8f232018ce9a6d027b271d1f8a863
2c80ffd2c0c451c61623a677d1b17e8e58a40a0a7bdb5ef1cac2610bb0a7e0a8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc97d270b-72af-4a6b-ae64-123f7b52851e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8735
x-amzn-requestid: bee7087d-6431-457a-8fdc-a9eff7b14afd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YrOAZHcCIAMFTSw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63279068-4a7d282e1860a131491a4f2d;Sampled=0
x-amzn-remapped-date: Sun, 18 Sep 2022 21:40:56 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: EClCCFFn_OCwRqXC7W0g-msDSm1WsTRB5kDJsAQyxIPmIwSQBSbJ9g==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 21:57:01 GMT
etag: "a81660dcace8f232018ce9a6d027b271d1f8a863"
content-type: image/jpeg
age: 81022
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 56f5d7f608e25d64207135f045f988cb
901eb59372ae330ae85e1384da93479b21ae1082
1910daea79e5a9d04829a91e432dfa56f45a80a3e14a8cf667fec73af9fd3d29
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://internetbitches.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20006
date: Mon, 19 Sep 2022 18:41:12 GMT
expires: Mon, 19 Sep 2022 20:41:12 GMT
cache-control: public, max-age=7200
age: 6372
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 753f43280904770acc565720004e6652
124489f486872e30924cc97e191aff02fc7382ce
e4e3cd04056e2e008b186a986b21b92a1b4159c7e9af5680eca87413e29c2532
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E4E3CD04056E2E008B186A986B21B92A1B4159C7E9AF5680ECA87413E29C2532"
Last-Modified: Sun, 18 Sep 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17378
Expires: Tue, 20 Sep 2022 01:17:05 GMT
Date: Mon, 19 Sep 2022 20:27:27 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 753f43280904770acc565720004e6652
124489f486872e30924cc97e191aff02fc7382ce
e4e3cd04056e2e008b186a986b21b92a1b4159c7e9af5680eca87413e29c2532
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E4E3CD04056E2E008B186A986B21B92A1B4159C7E9AF5680ECA87413E29C2532"
Last-Modified: Sun, 18 Sep 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17329
Expires: Tue, 20 Sep 2022 01:16:16 GMT
Date: Mon, 19 Sep 2022 20:27:27 GMT
Connection: keep-alive
pumpmulticultural.com/70/b2/c8/70b2c8abb8cbd31b8aec0647f6833e97.js
192.243.59.20200 OK 20 kB URL HTTP/1.1 pumpmulticultural.com/70/b2/c8/70b2c8abb8cbd31b8aec0647f6833e97.js
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with very long lines (59390), with no line terminators
Hash 5bbeb3f3c854f365c4a8ac556108e874
51a3d902a38dbddabdee16362e9380bfcf2e82c5
2ea8a8342601ebc4211aeda452561b930d74bc53954749a6d16830e581d62939
Analyzer Verdict Alert quad9 Sinkholed
GET /70/b2/c8/70b2c8abb8cbd31b8aec0647f6833e97.js HTTP/1.1
Host: pumpmulticultural.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://internetbitches.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Mon, 19 Sep 2022 20:27:27 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ceb98285131016bff2417eeca60f36a3
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
pumpmulticultural.com/e5/9b/30/e59b308cc45af1573871b4206b888b72.js
192.243.59.20200 OK 13 kB URL HTTP/1.1 pumpmulticultural.com/e5/9b/30/e59b308cc45af1573871b4206b888b72.js
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with very long lines (37127), with no line terminators
Hash 169e0a82fe3d769fca3d9b9bdf7bff73
134936ec34522888a0284df08d4e3fddd958d8da
df7cb3bd87ab8fcb3f11f205bb91c324a9c479f79ed260c652fa334df0b3fc9f
Analyzer Verdict Alert quad9 Sinkholed
GET /e5/9b/30/e59b308cc45af1573871b4206b888b72.js HTTP/1.1
Host: pumpmulticultural.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://internetbitches.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Mon, 19 Sep 2022 20:27:27 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 76f24ecb116e8ba99791c16d8b06e692
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c89bd80c457915abebe4d37d04c72b59
5360927bb2d21d50a8eb229720265bc81ab59d80
b4c09572c14727fc2fce7ff1897a080f29bc9859ff034be5bc73839e457a717a
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "B4C09572C14727FC2FCE7FF1897A080F29BC9859FF034BE5BC73839E457A717A"
Last-Modified: Sat, 17 Sep 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3887
Expires: Mon, 19 Sep 2022 21:32:14 GMT
Date: Mon, 19 Sep 2022 20:27:27 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash de21453350e94caa1eaa938409519de2
b9819d2fe8761aac1b00b7b6a05f7d5c6358d2d9
9455b40dbff8c871da45e8d9ea3c142c77e200b0ee8698dcfdf246bc4b0383a8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1760
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 20:27:27 GMT
Last-Modified: Mon, 19 Sep 2022 19:58:07 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 279
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash 6df30310ab4bd12fd1d6de14fc431cc4
e91defc2ab45d425901a3b800be0870c6a71daf9
6c0fdf8a295320d533a82a1c5019cece54752992aee4fcdfb9957d6f4a736d5c
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 19 Sep 2022 20:27:27 GMT
Last-Modified: Mon, 19 Sep 2022 19:30:20 GMT
Server: ECS (nyb/1D0D)
X-Cache: Miss from cloudfront
Via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Lx8v9irnvoqBvl2fdbV9Uuo6bKm2Agi4M4JPxUYzEDYy7yLNAIn0Ow==
Age: 3427
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash 6df30310ab4bd12fd1d6de14fc431cc4
e91defc2ab45d425901a3b800be0870c6a71daf9
6c0fdf8a295320d533a82a1c5019cece54752992aee4fcdfb9957d6f4a736d5c
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 19 Sep 2022 20:27:27 GMT
Last-Modified: Mon, 19 Sep 2022 19:39:09 GMT
Server: ECS (bsa/EB16)
X-Cache: Miss from cloudfront
Via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: V_X144qWHwK0gqlTcR6e1W6McALHU2eUUFoqREiz6mJxMsj8mdfsiw==
Age: 2898
simplewebanalysis.com/stats
3.64.106.196200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 3.64.106.196:0
File type ASCII text, with no line terminators
Hash 92d2bd92367c682b457bea369334e8ee
3f1b947f2d43e8e945bfa1b74da8affc73789569
56a105eb1f10c6b6b3803ddf8f6523cadcea7904ecc23e34e05ec55636c7b778
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://internetbitches.com
Connection: keep-alive
Referer: https://internetbitches.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 19 Sep 2022 20:27:27 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://internetbitches.com
access-control-allow-credentials: true
set-cookie: uid_id2=9fc52340-fe04-4ea2-8cd2-030a5ae3f90e:1:1; expires=Thu, 16 Sep 2032 20:27:27 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
3.64.106.196200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 3.64.106.196:0
File type ASCII text, with no line terminators
Hash b7b68467a170340fb0d034e29105ec0a
706bfbd08cbb5ddfe7578d1492a6a9ffa395eaf5
5d61a98072cd16513d876a4e1eefad0cbe1406409eba668e8055dde7ff07a469
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://internetbitches.com
Connection: keep-alive
Referer: https://internetbitches.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 19 Sep 2022 20:27:27 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://internetbitches.com
access-control-allow-credentials: true
set-cookie: uid_id2=558527ad-86f2-4fda-bf3a-b06c2e6528e2:1:1; expires=Thu, 16 Sep 2032 20:27:27 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash de21453350e94caa1eaa938409519de2
b9819d2fe8761aac1b00b7b6a05f7d5c6358d2d9
9455b40dbff8c871da45e8d9ea3c142c77e200b0ee8698dcfdf246bc4b0383a8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1760
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 20:27:27 GMT
Last-Modified: Mon, 19 Sep 2022 19:58:07 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 279
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c89bd80c457915abebe4d37d04c72b59
5360927bb2d21d50a8eb229720265bc81ab59d80
b4c09572c14727fc2fce7ff1897a080f29bc9859ff034be5bc73839e457a717a
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "B4C09572C14727FC2FCE7FF1897A080F29BC9859FF034BE5BC73839E457A717A"
Last-Modified: Sat, 17 Sep 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3887
Expires: Mon, 19 Sep 2022 21:32:14 GMT
Date: Mon, 19 Sep 2022 20:27:27 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1dda2f509b35096bdf9b6e1cc1da591d
66b905dc8cb287116baf729c8257e9bc4818a893
e689276fc859ff5caf4c891494eec2dc26e67743edb4ae0518a2f2c39e233e0e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E689276FC859FF5CAF4C891494EEC2DC26E67743EDB4AE0518A2F2C39E233E0E"
Last-Modified: Sun, 18 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11585
Expires: Mon, 19 Sep 2022 23:40:33 GMT
Date: Mon, 19 Sep 2022 20:27:28 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash be92f82a1a861bcc2a134aefe9086e34
3a8b1969dd0e4bd096068b2495e40da593304c45
d114bc19377c68f644a258b499c6f7b6d968c9fed8d7e4506550fe8408607f6b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D114BC19377C68F644A258B499C6F7B6D968C9FED8D7E4506550FE8408607F6B"
Last-Modified: Sun, 18 Sep 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7431
Expires: Mon, 19 Sep 2022 22:31:19 GMT
Date: Mon, 19 Sep 2022 20:27:28 GMT
Connection: keep-alive
secure.gravatar.com/avatar/bdd2d5a5b8058c7c3866c40bf6cb0605?s=74&d=mm&r=g
192.0.73.2200 OK 1.4 kB URL HTTP/2 secure.gravatar.com/avatar/bdd2d5a5b8058c7c3866c40bf6cb0605?s=74&d=mm&r=g
IP 192.0.73.2:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 74x74, components 3\012- data
Hash 849532dd2d265820a2f5d95545605826
6cce6b64c1457fcecf49d8bd7f166f2fd6706faf
7e42624d690e9bad334666d9277be3e95a5adcdb5410291312f3738013f61bd9
GET /avatar/bdd2d5a5b8058c7c3866c40bf6cb0605?s=74&d=mm&r=g HTTP/1.1
Host: secure.gravatar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://internetbitches.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 20:27:28 GMT
content-type: image/jpeg
content-length: 1368
last-modified: Wed, 11 Jan 1984 08:00:00 GMT
link: <https://www.gravatar.com/avatar/bdd2d5a5b8058c7c3866c40bf6cb0605?s=74&d=mm&r=g>; rel="canonical"
access-control-allow-origin: *
content-disposition: inline; filename="bdd2d5a5b8058c7c3866c40bf6cb0605.png"
expires: Mon, 19 Sep 2022 20:32:28 GMT
cache-control: max-age=300
x-nc: HIT arn 3
accept-ranges: bytes
X-Firefox-Spdy: h2
creepingbrings.com/sfp.js
172.64.162.10200 OK 23 kB URL HTTP/2 creepingbrings.com/sfp.js
IP 172.64.162.10:0
File type Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Hash 22d0be38cff37c2a380b8d37351ac495
92d8c874ea32e8a72d42338358e8ee973c4da1f0
e9f42bbe705429c897274d46011313905f41a829c154581a9b2185441662dbd3
GET /sfp.js HTTP/1.1
Host: creepingbrings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://internetbitches.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 19 Sep 2022 20:27:27 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 35aa18f0928617cc9edbc87c79d2245b
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Mon, 19 Sep 2022 20:27:27 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aPXuP8uheoHdF%2FQ3tFD6FhQWeki%2BxfBMv0Z4Qj5PZioenhFuA8HTvWKfhsGLoyZXMWPXULWNnDRfxwS2EBtXvJBwFe9OVbiW7js5psMeV6Zh21Q06AfkSgsPETzhQ61hhk0qV48%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74d50fea58be76f0-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sagedeportflorist.com/sbar.json?key=e59b308cc45af1573871b4206b888b72&uuid=9fc52340-fe04-4ea2-8cd2-030a5ae3f90e%3A1%3A1
173.233.137.52200 OK 4.1 kB URL HTTP/1.1 sagedeportflorist.com/sbar.json?key=e59b308cc45af1573871b4206b888b72&uuid=9fc52340-fe04-4ea2-8cd2-030a5ae3f90e%3A1%3A1
IP 173.233.137.52:0
File type JSON data\012- , ASCII text, with very long lines (5632), with no line terminators
Hash 64a4b4843937bad000805d0a04e17df6
06aea7668711f8ae052abba9f9b29e2a767b58fe
4b9718c34dd007e80f781952801c69fa978068a6e7aa0c135f652d7122345877
Analyzer Verdict Alert quad9 Sinkholed
GET /sbar.json?key=e59b308cc45af1573871b4206b888b72&uuid=9fc52340-fe04-4ea2-8cd2-030a5ae3f90e%3A1%3A1 HTTP/1.1
Host: sagedeportflorist.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://internetbitches.com
Connection: keep-alive
Referer: https://internetbitches.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 19 Sep 2022 20:27:28 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://internetbitches.com
Access-Control-Allow-Origin: https://internetbitches.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=17098400; expires=Tue, 20 Sep 2022 20:27:28 GMT; secure; SameSite=None
uid_id2=9fc52340-fe04-4ea2-8cd2-030a5ae3f90e:1:1; expires=Mon, 26 Sep 2022 20:27:28 GMT; secure; SameSite=None
pdhtkv=true; expires=Tue, 20 Sep 2022 20:27:28 GMT; secure; SameSite=None
uncs=1; expires=Tue, 20 Sep 2022 20:27:28 GMT; secure; SameSite=None
pdhtkv29=true; expires=Tue, 20 Sep 2022 20:27:28 GMT; secure; SameSite=None
uncs29=1; expires=Tue, 20 Sep 2022 20:27:28 GMT; secure; SameSite=None
slece59b308cc45af1573871b4206b888b72=[3240591]; expires=Mon, 19 Sep 2022 20:27:33 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 75f15e370f84cbb496bb75b3205b5718
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash dde134bf7ea8d3af1cccb4abd35cd40e
77f9e1d3133a177e42306c3b9c31f8a7cacc0461
064b90005ffab327d8071d7755c8f130473a3fbdb1a44c81ce6de9680944fbbd
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5613
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 20:27:29 GMT
Last-Modified: Mon, 19 Sep 2022 18:53:56 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 280
sagedeportflorist.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSv28cRRidjS2EREUUCUUIdAVFkPB5f9xPUkQYx8jC%2BaGEXx3MzsyeB8%2FtrGZ2ds%2BuLCKhdBz%2FwfqdHSskQkEUVEToHCmFG3JULnBJj5CoKNBdLI580ur73r5XvHnf9%2FWeOyU%2BHD1ZvaZ3pFJ0uVn3a5c%2BC4LLtQ2ZukFt0Gl93mpcrpni3W6r7r9d%2B0CwLb0c%2BoHvB35QW5NGJHqwPCUhs4fdoN71642wHjQbGJgXsXUeLPXAi1NyHpJPFp94FyDZGGn%2F0aqwW7nO3rnad4rm2qDghx%2BnW6kuU%2FTnY2I8JOnhmRraPlt7DJ0ezOxCF%2F8JYzkh3tPHiNPDM5OIi%2F2Zz1hBpIj5KyiLMYQaQ9IxmL4DyZ8RgHFcv4G0f%2B%2B6NiXdfs7SKTshi3%2F%2FBVlOyOLvF5D2v19RclC7rZXLpU4tBkkFORhD9sbI3BHynXOQ5RFY%2FhUkJ0j7FSQ%2FeaubsGYYNfylRPiNpYag4VKH8XDJj3zapCJKur6YBSPlGDIZQ4khqPXgpp%2F04BIPLvPQ5yc1FgRB2%2BeM%2Bp0uYxFvi7jF%2FYC2k4AGfqsDx6beh8izIZgagpldZGYXW3II436B3axguQebExS8QikISktQUoJSEpQ5QVlUB1zZ0Fb3uLIuDs56eNajaqTz3h490HlPpGQvOyWvTgPzFv%2BosCVOaqLZjSO%2Fw1ijSZOg2Y467SBuhH4r7nQ6cTuElRWkPTd75o6ckNd%2Feg2ZnJCXfryKmB7BqiMweR7UvQFajtqhD7o5anR87KQPmBMFTWlU5wJcV8jyReTb3p46JRdnewvMNxDs%2BMoX8bXJn%2Ff%2FATMVMlPhS%2FmEoKfujm7pkuzf0qUlP9zIctmXO3S609s5zcXCdx%2BK7VIbvr5qh%2FffY1NiOj78SNh8g6Zcpj1LHqxIzoVZ04YJ8vO6%2FVTEN53dXHEmddnGzffX1vuZEdZKnY5B5YSQp8dgckJe5uXsXC9%2BsgZpxjCuQt8dk7OC1Edg2S5sNvdv9QKMmmvizEPpqpEJ4%2FlPJQmUmGMaV7D%2Fw%2FF83rN30TNvguZ3ZldamAqFqkDVENYtjPLMHF%2F5LZoVYuWNYmW8%2FVgZ9e3zcK08qbWjyKetbjNot6lox42wk7QCTmnYaIWtFo2Q2wm79OujfwEAAP%2F%2FAQAA%2F%2F8Tf1neeQQAAA%3D%3D
173.233.137.52200 OK 7 B URL HTTP/1.1 sagedeportflorist.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSv28cRRidjS2EREUUCUUIdAVFkPB5f9xPUkQYx8jC%2BaGEXx3MzsyeB8%2FtrGZ2ds%2BuLCKhdBz%2FwfqdHSskQkEUVEToHCmFG3JULnBJj5CoKNBdLI580ur73r5XvHnf9%2FWeOyU%2BHD1ZvaZ3pFJ0uVn3a5c%2BC4LLtQ2ZukFt0Gl93mpcrpni3W6r7r9d%2B0CwLb0c%2BoHvB35QW5NGJHqwPCUhs4fdoN71642wHjQbGJgXsXUeLPXAi1NyHpJPFp94FyDZGGn%2F0aqwW7nO3rnad4rm2qDghx%2BnW6kuU%2FTnY2I8JOnhmRraPlt7DJ0ezOxCF%2F8JYzkh3tPHiNPDM5OIi%2F2Zz1hBpIj5KyiLMYQaQ9IxmL4DyZ8RgHFcv4G0f%2B%2B6NiXdfs7SKTshi3%2F%2FBVlOyOLvF5D2v19RclC7rZXLpU4tBkkFORhD9sbI3BHynXOQ5RFY%2FhUkJ0j7FSQ%2FeaubsGYYNfylRPiNpYag4VKH8XDJj3zapCJKur6YBSPlGDIZQ4khqPXgpp%2F04BIPLvPQ5yc1FgRB2%2BeM%2Bp0uYxFvi7jF%2FYC2k4AGfqsDx6beh8izIZgagpldZGYXW3II436B3axguQebExS8QikISktQUoJSEpQ5QVlUB1zZ0Fb3uLIuDs56eNajaqTz3h490HlPpGQvOyWvTgPzFv%2BosCVOaqLZjSO%2Fw1ijSZOg2Y467SBuhH4r7nQ6cTuElRWkPTd75o6ckNd%2Feg2ZnJCXfryKmB7BqiMweR7UvQFajtqhD7o5anR87KQPmBMFTWlU5wJcV8jyReTb3p46JRdnewvMNxDs%2BMoX8bXJn%2Ff%2FATMVMlPhS%2FmEoKfujm7pkuzf0qUlP9zIctmXO3S609s5zcXCdx%2BK7VIbvr5qh%2FffY1NiOj78SNh8g6Zcpj1LHqxIzoVZ04YJ8vO6%2FVTEN53dXHEmddnGzffX1vuZEdZKnY5B5YSQp8dgckJe5uXsXC9%2BsgZpxjCuQt8dk7OC1Edg2S5sNvdv9QKMmmvizEPpqpEJ4%2FlPJQmUmGMaV7D%2Fw%2FF83rN30TNvguZ3ZldamAqFqkDVENYtjPLMHF%2F5LZoVYuWNYmW8%2FVgZ9e3zcK08qbWjyKetbjNot6lox42wk7QCTmnYaIWtFo2Q2wm79OujfwEAAP%2F%2FAQAA%2F%2F8Tf1neeQQAAA%3D%3D
IP 173.233.137.52:0
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSv28cRRidjS2EREUUCUUIdAVFkPB5f9xPUkQYx8jC%2BaGEXx3MzsyeB8%2FtrGZ2ds%2BuLCKhdBz%2FwfqdHSskQkEUVEToHCmFG3JULnBJj5CoKNBdLI580ur73r5XvHnf9%2FWeOyU%2BHD1ZvaZ3pFJ0uVn3a5c%2BC4LLtQ2ZukFt0Gl93mpcrpni3W6r7r9d%2B0CwLb0c%2BoHvB35QW5NGJHqwPCUhs4fdoN71642wHjQbGJgXsXUeLPXAi1NyHpJPFp94FyDZGGn%2F0aqwW7nO3rnad4rm2qDghx%2BnW6kuU%2FTnY2I8JOnhmRraPlt7DJ0ezOxCF%2F8JYzkh3tPHiNPDM5OIi%2F2Zz1hBpIj5KyiLMYQaQ9IxmL4DyZ8RgHFcv4G0f%2B%2B6NiXdfs7SKTshi3%2F%2FBVlOyOLvF5D2v19RclC7rZXLpU4tBkkFORhD9sbI3BHynXOQ5RFY%2FhUkJ0j7FSQ%2FeaubsGYYNfylRPiNpYag4VKH8XDJj3zapCJKur6YBSPlGDIZQ4khqPXgpp%2F04BIPLvPQ5yc1FgRB2%2BeM%2Bp0uYxFvi7jF%2FYC2k4AGfqsDx6beh8izIZgagpldZGYXW3II436B3axguQebExS8QikISktQUoJSEpQ5QVlUB1zZ0Fb3uLIuDs56eNajaqTz3h490HlPpGQvOyWvTgPzFv%2BosCVOaqLZjSO%2Fw1ijSZOg2Y467SBuhH4r7nQ6cTuElRWkPTd75o6ckNd%2Feg2ZnJCXfryKmB7BqiMweR7UvQFajtqhD7o5anR87KQPmBMFTWlU5wJcV8jyReTb3p46JRdnewvMNxDs%2BMoX8bXJn%2Ff%2FATMVMlPhS%2FmEoKfujm7pkuzf0qUlP9zIctmXO3S609s5zcXCdx%2BK7VIbvr5qh%2FffY1NiOj78SNh8g6Zcpj1LHqxIzoVZ04YJ8vO6%2FVTEN53dXHEmddnGzffX1vuZEdZKnY5B5YSQp8dgckJe5uXsXC9%2BsgZpxjCuQt8dk7OC1Edg2S5sNvdv9QKMmmvizEPpqpEJ4%2FlPJQmUmGMaV7D%2Fw%2FF83rN30TNvguZ3ZldamAqFqkDVENYtjPLMHF%2F5LZoVYuWNYmW8%2FVgZ9e3zcK08qbWjyKetbjNot6lox42wk7QCTmnYaIWtFo2Q2wm79OujfwEAAP%2F%2FAQAA%2F%2F8Tf1neeQQAAA%3D%3D HTTP/1.1
Host: sagedeportflorist.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://internetbitches.com/
Cookie: u_pl=17098400; uid_id2=9fc52340-fe04-4ea2-8cd2-030a5ae3f90e:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slece59b308cc45af1573871b4206b888b72=[3240591]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 19 Sep 2022 20:27:29 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 212b093aa8ad3085abd45c115266ea79
Strict-Transport-Security: max-age=0; includeSubdomains
e1.o.lencr.org/
23.36.77.32200 OK 6.9 kB IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash df307f0a7c9a2e689c7be46a8a76c664
b2131122f156c0a47b04650b64eea6b36169192a
cc95622f8e815de02105b29d4bc538c061a834fb2fd3b870a0b421655ea0f5ab
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "14F4407C37A327FC0B0249C75C3308A898722B100BDD261BF687E7B97821B2CE"
Last-Modified: Sat, 17 Sep 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6274
Expires: Mon, 19 Sep 2022 22:12:03 GMT
Date: Mon, 19 Sep 2022 20:27:29 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 344 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 975198867cba40920c78943d183e7501
79f8094d26eb13a276fa98058ff3edde469825c5
14f4407c37a327fc0b0249c75c3308a898722b100bdd261bf687e7b97821b2ce
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "14F4407C37A327FC0B0249C75C3308A898722B100BDD261BF687E7B97821B2CE"
Last-Modified: Sat, 17 Sep 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6274
Expires: Mon, 19 Sep 2022 22:12:03 GMT
Date: Mon, 19 Sep 2022 20:27:29 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 344 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 975198867cba40920c78943d183e7501
79f8094d26eb13a276fa98058ff3edde469825c5
14f4407c37a327fc0b0249c75c3308a898722b100bdd261bf687e7b97821b2ce
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "14F4407C37A327FC0B0249C75C3308A898722B100BDD261BF687E7B97821B2CE"
Last-Modified: Sat, 17 Sep 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6274
Expires: Mon, 19 Sep 2022 22:12:03 GMT
Date: Mon, 19 Sep 2022 20:27:29 GMT
Connection: keep-alive
cdn.sb4you1.com/sb/interstitial/utility/default/blog/ios_widget_black_BIG/2/img/vpn.png
172.64.201.2200 OK 27 kB URL HTTP/2 cdn.sb4you1.com/sb/interstitial/utility/default/blog/ios_widget_black_BIG/2/img/vpn.png
IP 172.64.201.2:0
File type PNG image data, 400 x 390, 8-bit/color RGBA, non-interlaced\012- data
Hash 1f627dde2b8596dbd62eb42b76c8e6ba
15cf8a62eab44beffb02d9de51a3a18964a8fb62
8208316116f1f38051a9785616a403519015174b65db5f652cb2dae02ffe8491
GET /sb/interstitial/utility/default/blog/ios_widget_black_BIG/2/img/vpn.png HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 20:27:29 GMT
content-type: image/png
content-length: 27328
last-modified: Wed, 03 Aug 2022 08:48:26 GMT
etag: "62ea365a-6ac0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 4098151
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3iB2rBd6otVbgeW%2FkkI1n%2BVBFfH7ML0cdkpZGj7%2FZLpQgVOf5qWDGCPt9ayQ%2Bt8F0kyk47S2WtBqwtNE%2Ft%2BypMjmEgJMinYBiNGaRoAtfkJKPKwffdh8Sq6Si058I66ZAfA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74d50ff33e2c7457-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.yourwebbars.com/sb/interstitial/utility/default/blog/ios_widget_black_BIG/2/index.html
104.26.6.19200 OK 415 B URL HTTP/2 cdn.yourwebbars.com/sb/interstitial/utility/default/blog/ios_widget_black_BIG/2/index.html
IP 104.26.6.19:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 63f354b797849b7c1d2f683dbf0fa4d4
da7d8d35b4dd5cedf196535f903d6c42a0281d37
4971c287640dc9517155b6a4c468554ba2461738beed9e3b453ed631a7d6985e
GET /sb/interstitial/utility/default/blog/ios_widget_black_BIG/2/index.html HTTP/1.1
Host: cdn.yourwebbars.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://internetbitches.com
Connection: keep-alive
Referer: https://internetbitches.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 19 Sep 2022 20:27:29 GMT
content-type: text/html
last-modified: Wed, 02 Feb 2022 09:47:35 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 335778
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YjuD7SQSj%2B5QXkwN5XWQDduDdxcHruzlirk2Zhs6PSQ9jfP1SKItodqZnhLHgbXLsigJnyv19EFRq%2BCcUGFvQIKL4qjD3aeAqCh8Z4zAFsfcUrXU46OARIR4%2B5jKMGkR3lFc9CU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74d50ff25fb60b4d-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn.sb4you1.com/sb/interstitial/utility/default/blog/ios_widget_black_BIG/2/img/close.svg
172.64.201.2200 OK 920 B URL HTTP/2 cdn.sb4you1.com/sb/interstitial/utility/default/blog/ios_widget_black_BIG/2/img/close.svg
IP 172.64.201.2:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text
Hash ecb62e04f902e8df73f1708b405bc735
3b451c11e3746b53f46eef22a104b763edb53565
c4b207ec223c878b72ca1af8824d9cff599301e260ced722b8acb556e5689be8
GET /sb/interstitial/utility/default/blog/ios_widget_black_BIG/2/img/close.svg HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 20:27:29 GMT
content-type: image/svg+xml
last-modified: Wed, 07 Jul 2021 10:21:04 GMT
etag: W/"60e58010-4ff"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 4098151
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OkFcWfDF0Vdvy61jxy%2F8z2u7KVU6dsuX9gdyARQnQQhpBAjw19yJhKWYqURKiACkzGOD8cgvhLh%2FDy1TsKfGgQgpUZx20N0frJcFOSP1iurm51045YOzm2AKeVg9uq31iRM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74d50ff33e2b7457-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sagedeportflorist.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Finterstitial%2Futility%2Fdefault%2Fblog%2Fios_widget_black_BIG%2F2%2Fcss%2Fstyle.css&l=5246&fd=225
173.233.137.52200 OK 0 B URL HTTP/1.1 sagedeportflorist.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Finterstitial%2Futility%2Fdefault%2Fblog%2Fios_widget_black_BIG%2F2%2Fcss%2Fstyle.css&l=5246&fd=225
IP 173.233.137.52:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Finterstitial%2Futility%2Fdefault%2Fblog%2Fios_widget_black_BIG%2F2%2Fcss%2Fstyle.css&l=5246&fd=225 HTTP/1.1
Host: sagedeportflorist.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://internetbitches.com/
Cookie: u_pl=17098400; uid_id2=9fc52340-fe04-4ea2-8cd2-030a5ae3f90e:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slece59b308cc45af1573871b4206b888b72=[3240591]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 19 Sep 2022 20:27:29 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
sagedeportflorist.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Finterstitial%2Futility%2Fdefault%2Fblog%2Fios_widget_black_BIG%2F2%2Fcss%2Fanimate.css&l=79249&fd=322
173.233.137.52200 OK 0 B URL HTTP/1.1 sagedeportflorist.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Finterstitial%2Futility%2Fdefault%2Fblog%2Fios_widget_black_BIG%2F2%2Fcss%2Fanimate.css&l=79249&fd=322
IP 173.233.137.52:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Finterstitial%2Futility%2Fdefault%2Fblog%2Fios_widget_black_BIG%2F2%2Fcss%2Fanimate.css&l=79249&fd=322 HTTP/1.1
Host: sagedeportflorist.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://internetbitches.com/
Cookie: u_pl=17098400; uid_id2=9fc52340-fe04-4ea2-8cd2-030a5ae3f90e:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slece59b308cc45af1573871b4206b888b72=[3240591]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 19 Sep 2022 20:27:29 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
sagedeportflorist.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Finterstitial%2Futility%2Fdefault%2Fblog%2Fios_widget_black_BIG%2F2%2Fjs%2Fscript.js&l=397&fd=357
173.233.137.52200 OK 0 B URL HTTP/1.1 sagedeportflorist.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Finterstitial%2Futility%2Fdefault%2Fblog%2Fios_widget_black_BIG%2F2%2Fjs%2Fscript.js&l=397&fd=357
IP 173.233.137.52:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Finterstitial%2Futility%2Fdefault%2Fblog%2Fios_widget_black_BIG%2F2%2Fjs%2Fscript.js&l=397&fd=357 HTTP/1.1
Host: sagedeportflorist.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://internetbitches.com/
Cookie: u_pl=17098400; uid_id2=9fc52340-fe04-4ea2-8cd2-030a5ae3f90e:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slece59b308cc45af1573871b4206b888b72=[3240591]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 19 Sep 2022 20:27:29 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
sagedeportflorist.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSPW8cVRR9E1sIiYooEooQaAuKIOH1m%2F2cJUWEcYwsnA8lfHXwvmb98Nt5o%2FdmdtauLCKhdCz%2FYHzWjhUSoSAKKiK0jpTCDVkqF7ikR0hUFGg3FkuuNLr3zDnFeefer%2FfyU0KRs5PVa3ZHG8OWm1VaufRZGF6ubOgkH1QGUevzVuNyxfXf7bSq9O3KB0ps2eUaDSkNaVhZ007FdrA8JaHTh52w2qHVRq0aNhsYuBexzwN4FkD2T8l5aDlZfBJcgBZjJL1Hq8pvZTZ952ovNyyzDn15%2BHGyldgiQW8%2Bxi5AnByeqWH9s7XHsMnBzC5s%2Fz8h1xMSPH0MnhyemQTv7898cgOVgMtXUPTHUGYMzcYQ9g60fEYAIXH9BpLevevWFWz7Ocum7IQs%2Fv0XdDEhi79fQNL7fsXoQeW2NXmmbeIxiEvowRi6O0aaHyHbOQddHEFkX0FLgqRXQsuTtzqxaNbqDboUK9pYaihWW4qErC3ROmVNpupxh6pZMFqPoeMxjBqC%2BQD59NMB8jhAngboyZOKCMOwTaVgNOoIUZdtxVuShqwdhyykrQi5mHofIkuHEGYI4XaRul1s6SFc%2Fgv8ZgkvA%2FiMoC9LFIqg8AQFIyg0QZERFP3yQBpf8%2BU9aXzOw7NeO%2Bv1cmSz7h47sFlXJWQvPSWvTgMLFv8osaVOKqrZ4XUaCdFosjhstutRO%2BSNGm3xKIp4uwavS2h%2FbvbMHT0hr%2F%2F0GlI9IS%2F9eBWcHcGbIwh9Hix%2FA6wYtWsUbHPUiCh2kgciV32WsHpVKkhbIs0WkW0He%2BaUXJztLXTfQInjK1%2Fwa5M%2F7%2F8D4UqkrsSX%2BglB19wd3bIF2b9lC09%2BuJFmuqd32HSntzOWqYXvPlTbhXVyfdUP778npsR0fPiR8tkGS6ROup48WNFSKrdmnVDk53X%2FqeI3c7%2B5krskTzduvr%2B23kud8l7bZAymJ4Q8PYbQE%2FKyLGbnevGTNWg3hstL9PJjclbQ9ggi3YVP5%2F69XYAzcw1PAxR5OXI1Pv9pNIFRc8x4Cf8%2FzOfznr%2BLrnsTLLszu9K%2BK9E3JZgZwucLoyx1x1d%2Bq88K3AQjblywz40z3z4P1%2BuTSp3KNlexanPVaDZiJSRvNjkVseB1GUUCmZ%2BIS78%2B%2BhcAAP%2F%2FAQAA%2F%2F%2BTq4w2eQQAAA%3D%3D
173.233.137.52200 OK 7 B URL HTTP/1.1 sagedeportflorist.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSPW8cVRR9E1sIiYooEooQaAuKIOH1m%2F2cJUWEcYwsnA8lfHXwvmb98Nt5o%2FdmdtauLCKhdCz%2FYHzWjhUSoSAKKiK0jpTCDVkqF7ikR0hUFGg3FkuuNLr3zDnFeefer%2FfyU0KRs5PVa3ZHG8OWm1VaufRZGF6ubOgkH1QGUevzVuNyxfXf7bSq9O3KB0ps2eUaDSkNaVhZ007FdrA8JaHTh52w2qHVRq0aNhsYuBexzwN4FkD2T8l5aDlZfBJcgBZjJL1Hq8pvZTZ952ovNyyzDn15%2BHGyldgiQW8%2Bxi5AnByeqWH9s7XHsMnBzC5s%2Fz8h1xMSPH0MnhyemQTv7898cgOVgMtXUPTHUGYMzcYQ9g60fEYAIXH9BpLevevWFWz7Ocum7IQs%2Fv0XdDEhi79fQNL7fsXoQeW2NXmmbeIxiEvowRi6O0aaHyHbOQddHEFkX0FLgqRXQsuTtzqxaNbqDboUK9pYaihWW4qErC3ROmVNpupxh6pZMFqPoeMxjBqC%2BQD59NMB8jhAngboyZOKCMOwTaVgNOoIUZdtxVuShqwdhyykrQi5mHofIkuHEGYI4XaRul1s6SFc%2Fgv8ZgkvA%2FiMoC9LFIqg8AQFIyg0QZERFP3yQBpf8%2BU9aXzOw7NeO%2Bv1cmSz7h47sFlXJWQvPSWvTgMLFv8osaVOKqrZ4XUaCdFosjhstutRO%2BSNGm3xKIp4uwavS2h%2FbvbMHT0hr%2F%2F0GlI9IS%2F9eBWcHcGbIwh9Hix%2FA6wYtWsUbHPUiCh2kgciV32WsHpVKkhbIs0WkW0He%2BaUXJztLXTfQInjK1%2Fwa5M%2F7%2F8D4UqkrsSX%2BglB19wd3bIF2b9lC09%2BuJFmuqd32HSntzOWqYXvPlTbhXVyfdUP778npsR0fPiR8tkGS6ROup48WNFSKrdmnVDk53X%2FqeI3c7%2B5krskTzduvr%2B23kud8l7bZAymJ4Q8PYbQE%2FKyLGbnevGTNWg3hstL9PJjclbQ9ggi3YVP5%2F69XYAzcw1PAxR5OXI1Pv9pNIFRc8x4Cf8%2FzOfznr%2BLrnsTLLszu9K%2BK9E3JZgZwucLoyx1x1d%2Bq88K3AQjblywz40z3z4P1%2BuTSp3KNlexanPVaDZiJSRvNjkVseB1GUUCmZ%2BIS78%2B%2BhcAAP%2F%2FAQAA%2F%2F%2BTq4w2eQQAAA%3D%3D
IP 173.233.137.52:0
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSPW8cVRR9E1sIiYooEooQaAuKIOH1m%2F2cJUWEcYwsnA8lfHXwvmb98Nt5o%2FdmdtauLCKhdCz%2FYHzWjhUSoSAKKiK0jpTCDVkqF7ikR0hUFGg3FkuuNLr3zDnFeefer%2FfyU0KRs5PVa3ZHG8OWm1VaufRZGF6ubOgkH1QGUevzVuNyxfXf7bSq9O3KB0ps2eUaDSkNaVhZ007FdrA8JaHTh52w2qHVRq0aNhsYuBexzwN4FkD2T8l5aDlZfBJcgBZjJL1Hq8pvZTZ952ovNyyzDn15%2BHGyldgiQW8%2Bxi5AnByeqWH9s7XHsMnBzC5s%2Fz8h1xMSPH0MnhyemQTv7898cgOVgMtXUPTHUGYMzcYQ9g60fEYAIXH9BpLevevWFWz7Ocum7IQs%2Fv0XdDEhi79fQNL7fsXoQeW2NXmmbeIxiEvowRi6O0aaHyHbOQddHEFkX0FLgqRXQsuTtzqxaNbqDboUK9pYaihWW4qErC3ROmVNpupxh6pZMFqPoeMxjBqC%2BQD59NMB8jhAngboyZOKCMOwTaVgNOoIUZdtxVuShqwdhyykrQi5mHofIkuHEGYI4XaRul1s6SFc%2Fgv8ZgkvA%2FiMoC9LFIqg8AQFIyg0QZERFP3yQBpf8%2BU9aXzOw7NeO%2Bv1cmSz7h47sFlXJWQvPSWvTgMLFv8osaVOKqrZ4XUaCdFosjhstutRO%2BSNGm3xKIp4uwavS2h%2FbvbMHT0hr%2F%2F0GlI9IS%2F9eBWcHcGbIwh9Hix%2FA6wYtWsUbHPUiCh2kgciV32WsHpVKkhbIs0WkW0He%2BaUXJztLXTfQInjK1%2Fwa5M%2F7%2F8D4UqkrsSX%2BglB19wd3bIF2b9lC09%2BuJFmuqd32HSntzOWqYXvPlTbhXVyfdUP778npsR0fPiR8tkGS6ROup48WNFSKrdmnVDk53X%2FqeI3c7%2B5krskTzduvr%2B23kud8l7bZAymJ4Q8PYbQE%2FKyLGbnevGTNWg3hstL9PJjclbQ9ggi3YVP5%2F69XYAzcw1PAxR5OXI1Pv9pNIFRc8x4Cf8%2FzOfznr%2BLrnsTLLszu9K%2BK9E3JZgZwucLoyx1x1d%2Bq88K3AQjblywz40z3z4P1%2BuTSp3KNlexanPVaDZiJSRvNjkVseB1GUUCmZ%2BIS78%2B%2BhcAAP%2F%2FAQAA%2F%2F%2BTq4w2eQQAAA%3D%3D HTTP/1.1
Host: sagedeportflorist.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://internetbitches.com/
Cookie: u_pl=17098400; uid_id2=9fc52340-fe04-4ea2-8cd2-030a5ae3f90e:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slece59b308cc45af1573871b4206b888b72=[3240591]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 19 Sep 2022 20:27:29 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 8f2f26f4101e58e4302955f479167f75
Strict-Transport-Security: max-age=0; includeSubdomains
sagedeportflorist.com/pixel/sbs?c=1
173.233.137.52200 OK 0 B URL HTTP/1.1 sagedeportflorist.com/pixel/sbs?c=1
IP 173.233.137.52:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbs?c=1 HTTP/1.1
Host: sagedeportflorist.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://internetbitches.com/
Cookie: u_pl=17098400; uid_id2=9fc52340-fe04-4ea2-8cd2-030a5ae3f90e:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slece59b308cc45af1573871b4206b888b72=[3240591]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 19 Sep 2022 20:27:29 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
cdn.sb4you1.com/sb/interstitial/utility/default/blog/ios_widget_black_BIG/2/css/animate.css
172.64.201.2200 OK 47 kB URL HTTP/2 cdn.sb4you1.com/sb/interstitial/utility/default/blog/ios_widget_black_BIG/2/css/animate.css
IP 172.64.201.2:0
Hash 7289aab24a79dfe0e44f4c6558dc366a
e7741465abd983a6d315375f77ea2565fede657e
39c50de3034dc2e3fa9b015011a5155c36135bf1c11f786f727ab2c5239d9c47
GET /sb/interstitial/utility/default/blog/ios_widget_black_BIG/2/css/animate.css HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://internetbitches.com
Connection: keep-alive
Referer: https://internetbitches.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 19 Sep 2022 20:27:29 GMT
content-type: text/css
last-modified: Wed, 07 Jul 2021 10:20:58 GMT
etag: W/"60e5800a-13591"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xFYaXRgXAAWKw1bsdQRtJVsBk0L0rXpmKA899XN%2BrWHTgjD0plBlVeobNCmeWH3tZTPRARsIl5c96GVaq8wysImsngRNYCwybg9tKoHFs96vABJJz3gx0cbK3KdSSdTHhao%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74d50ff2fdae7457-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.sb4you1.com/sb/interstitial/utility/default/blog/ios_widget_black_BIG/2/css/style.css
172.64.201.2200 OK 0 B URL HTTP/2 cdn.sb4you1.com/sb/interstitial/utility/default/blog/ios_widget_black_BIG/2/css/style.css
IP 172.64.201.2:0
GET /sb/interstitial/utility/default/blog/ios_widget_black_BIG/2/css/style.css HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://internetbitches.com
Connection: keep-alive
Referer: https://internetbitches.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 19 Sep 2022 20:27:29 GMT
content-type: text/css
last-modified: Wed, 02 Feb 2022 09:47:17 GMT
etag: W/"61fa5325-147e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DohH8Y3ulwq4NCrF0IYdtyD4G2sEtmLcfxCjeBum5OSpj1tH8Abi%2BFfowl%2FsWil1mp42qZs7NbaSBhHxAtp9flGfhVeuzT3rSWtBbEV1u5SIDVOf%2FWJB7t2U3nmnxEvE6yk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74d50ff30dda7457-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
op00.biz/?te=hftginzzmq5ha3ddf43dkobw
185.177.94.108200 OK 0 B URL HTTP/2 op00.biz/?te=hftginzzmq5ha3ddf43dkobw
IP 185.177.94.108:0
ASN #39572 DataWeb Global Group B.V.
Analyzer Verdict Alert quad9 Sinkholed
GET /?te=hftginzzmq5ha3ddf43dkobw HTTP/1.1
Host: op00.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://internetbitches.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 20:27:21 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
set-cookie: uuid=6936750c-c86e-4ae4-9ae5-edaf39f2f73e; expires=Wed, 19-Oct-2022 20:27:21 GMT; Max-Age=2592000; path=/; SameSite=None; domain=op00.biz; secure
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2
addresseepaper.com/sfp.js
104.21.235.2200 OK 0 B URL HTTP/2 addresseepaper.com/sfp.js
IP 104.21.235.2:0
GET /sfp.js HTTP/1.1
Host: addresseepaper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://internetbitches.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 19 Sep 2022 20:27:27 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 3c1005e4d5a48456a7812ba236033410
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Mon, 19 Sep 2022 20:27:27 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xw3p6SVwQzV2lSalTxuinirFwJykvIXcq6Gpbj1PN2F5PXcDBivE5bLnbbkeiPays68ncDWlLJdaYTxWTsqsgaLZsM9RROixtVoHWM6V02zjuik3nOsndGn7mkHC%2Bmrqk5FOEdA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74d50fea5f7275d1-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.sb4you1.com/sb/interstitial/utility/default/blog/ios_widget_black_BIG/2/js/script.js
172.64.201.2200 OK 0 B URL HTTP/2 cdn.sb4you1.com/sb/interstitial/utility/default/blog/ios_widget_black_BIG/2/js/script.js
IP 172.64.201.2:0
GET /sb/interstitial/utility/default/blog/ios_widget_black_BIG/2/js/script.js HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://internetbitches.com
Connection: keep-alive
Referer: https://internetbitches.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 19 Sep 2022 20:27:29 GMT
content-type: application/javascript
last-modified: Wed, 07 Jul 2021 10:21:07 GMT
etag: W/"60e58013-18d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T1qIkuv4JA%2BaaRNaWEagTyh6wl4ly5XTw76Zl25Ol1MJ%2B27NUhcCR6ihbLL3NkXTZ1jIRJw4Az%2Fl9Sjh2Al5Pp%2Ftp5ZM6gLggLXRRDUt%2BBSALBx12DR0QrE5ZXMd6RMilxc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74d50ff30dc67457-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2