r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 8997fa58a7262e8fd559d64b40511a1b
0aa1c4365c28f45e4d7a8a234fbcf51cd009e083
1580d1145f125c765e40e5983cb4bb4e2424010d2920a25ea7da992485da0dea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1580D1145F125C765E40E5983CB4BB4E2424010D2920A25EA7DA992485DA0DEA"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20837
Expires: Sun, 22 Jan 2023 20:02:51 GMT
Date: Sun, 22 Jan 2023 14:15:34 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 8a5e416451617846248067d72b675125
995b0346adefaf5f2e167d1b81e60cc9afc4f19e
c5fafb9127b71cbd4f7b1a44f755fc4aa0e2f47bbc50de4b15c870a22bf160d9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5FAFB9127B71CBD4F7B1A44F755FC4AA0E2F47BBC50DE4B15C870A22BF160D9"
Last-Modified: Fri, 20 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5351
Expires: Sun, 22 Jan 2023 15:44:45 GMT
Date: Sun, 22 Jan 2023 14:15:34 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 22 Jan 2023 13:34:51 GMT
content-type: application/json
age: 2443
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 17094b856fde02b2c8c2d3845ad325cf
26dc3f2ebf81faf5ab96eb75ffcbead6085528b8
6547376c41dcaa352cc4e747291916902bcddc0032b750bd84c5e3b2fe6f7d16
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6547376C41DCAA352CC4E747291916902BCDDC0032B750BD84C5E3B2FE6F7D16"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4187
Expires: Sun, 22 Jan 2023 15:25:21 GMT
Date: Sun, 22 Jan 2023 14:15:34 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: cHLLK7w2QJt0KjjVj9yZSZ/nYTpZDYv7bl+3ZWqDdVoo47OMTFRuEh9rdkeMKc/ey57W0h/RWUc=
x-amz-request-id: 4N4X0SYRTSTTB4VA
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 22 Jan 2023 13:18:27 GMT
age: 3428
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 22 Jan 2023 14:15:35 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
fitgirl-repacks.theunblock.net/old-world/
104.21.23.213200 OK 371 kB URL HTTP/1.1 fitgirl-repacks.theunblock.net/old-world/
IP 104.21.23.213:0
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (60411)
Size 371 kB (370830 bytes)
Hash 4df322548c48aa63094b75d4ec061544
85131dbf34f73a68c5ea100e229758a5d396a319
9ad3001f58242eb2fcee5f05ebdf014f4a9719e320e7fb96d3fe10d3700c8872
GET /old-world/ HTTP/1.1
Host: fitgirl-repacks.theunblock.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 14:15:34 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: view=1; expires=Mon, 23-Jan-2023 14:15:34 GMT; Max-Age=86400
PHPSESSID=pnlmujc8c6mqegbt7pn578iesl; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Access-Control-Allow-Origin: *
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DyJgux3vIZG4y90rh7y4U%2F9YWvP%2BOJKtWsGYWCd7MciKGxApVK1UEqdEZNfmBFICyvCmhUwhWtQnLV8zLL1v5ovu8U4of9lXhS%2FD1s1yMPTYPRbKNqIrE%2Bm2zdDSsTEM34bFqY33wrGjFyP5bs8IpTw%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 78d8e709d87f1c0e-OSL
alt-svc: h2=":443"; ma=60
glimtors.net/ntfc.php?p=2651991
139.45.197.251200 OK 5.9 kB URL HTTP/1.1 glimtors.net/ntfc.php?p=2651991
IP 139.45.197.251:0
File type C source, ASCII text, with very long lines (14324), with no line terminators
Hash c61e768ee0baf1e467bc95ce9f83f0ab
19c82e68906ad53681b45d4e5fbc7ca0ac94aa7d
13900e004c3df4207dff32ed28786d2cac4cf5b13914e5ce1d00884896da7fea
GET /ntfc.php?p=2651991 HTTP/1.1
Host: glimtors.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fitgirl-repacks.theunblock.net/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 22 Jan 2023 14:15:35 GMT
Content-Type: application/javascript
Last-Modified: Wed, 21 Dec 2022 12:58:18 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"63a302ea-37f4"
Access-Control-Allow-Credentials: true
Cache-Control: no-cache
Pragma: no-cache
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 8d5c5df7ef54bb59b4ac0539ec324116
825cd4fd5b58f57d02013cc3a7a40849b165d560
08d3082889ae9e42d63384d4cb2e2e0eae1a1e6dbc7533518ea95c9beecd5db4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=128734
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 14:15:35 GMT
Etag: "63cc98e5-117"
Expires: Tue, 24 Jan 2023 02:01:09 GMT
Last-Modified: Sun, 22 Jan 2023 02:01:09 GMT
Server: nginx
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 8d5c5df7ef54bb59b4ac0539ec324116
825cd4fd5b58f57d02013cc3a7a40849b165d560
08d3082889ae9e42d63384d4cb2e2e0eae1a1e6dbc7533518ea95c9beecd5db4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: max-age=128734
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 14:15:35 GMT
Etag: "63cc98e5-117"
Expires: Tue, 24 Jan 2023 02:01:09 GMT
Last-Modified: Sun, 22 Jan 2023 02:01:09 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 279
fitgirl-repacks.theunblock.net/old-world/
104.21.23.213200 OK 371 kB URL HTTP/1.1 fitgirl-repacks.theunblock.net/old-world/
IP 104.21.23.213:0
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (60411)
Size 371 kB (370830 bytes)
Hash 76eeac441c1f73e112d22775945fdde0
55e047f27c1d57a080e0ccbf34f5e3ed65b6077e
2f86bd652733e71038264463b787aebe81b8ec17728c6dfcc00d1ea087da4b5e
GET /old-world/ HTTP/1.1
Host: fitgirl-repacks.theunblock.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: view=1; PHPSESSID=pnlmujc8c6mqegbt7pn578iesl
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 14:15:35 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: view=1; expires=Mon, 23-Jan-2023 14:15:35 GMT; Max-Age=86400
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Access-Control-Allow-Origin: *
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zYO7O5TM%2B60%2FjlWrmv8%2FLf%2BYSLK%2B2zIl%2F0ih7KryNVLFwMTMo%2BGzM%2F6t0NAkxEGpMi8wtwTJ9S%2FD0CNQ0MWlWxCfdlG6jVSHaviyWbAudaPclMgf9cWg7hdHCcbEJEPGprZSNy5zNc9TkR5XEvu4fG0%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 78d8e70d9c1c1c0e-OSL
alt-svc: h2=":443"; ma=60
glimtors.net/ntfc.php?p=2651991
139.45.197.251304 Not Modified 0 B URL HTTP/1.1 glimtors.net/ntfc.php?p=2651991
IP 139.45.197.251:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ntfc.php?p=2651991 HTTP/1.1
Host: glimtors.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fitgirl-repacks.theunblock.net/
If-Modified-Since: Wed, 21 Dec 2022 12:58:18 GMT
If-None-Match: W/"63a302ea-37f4"
HTTP/1.1 304 Not Modified
Server: nginx
Date: Sun, 22 Jan 2023 14:15:35 GMT
Last-Modified: Wed, 21 Dec 2022 12:58:18 GMT
Connection: keep-alive
ETag: "63a302ea-37f4"
Access-Control-Allow-Credentials: true
Cache-Control: no-cache
Pragma: no-cache
fitgirl-repacks.theunblock.net/app/apx19.js
104.21.23.213200 OK 2.6 kB URL HTTP/1.1 fitgirl-repacks.theunblock.net/app/apx19.js
IP 104.21.23.213:0
File type ASCII text, with very long lines (9183), with no line terminators
Hash 9ea8acd8d74e4f328d558b64219e02c5
156ce99860c738bee0a97dbe9c543a83f4fd5457
cc0dc5bf2c19d0830dd3962179d22ed40f200ecf8dc905a4e64bba0c1ccf9dff
GET /app/apx19.js HTTP/1.1
Host: fitgirl-repacks.theunblock.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fitgirl-repacks.theunblock.net/old-world/
Cookie: PHPSESSID=pnlmujc8c6mqegbt7pn578iesl
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 14:15:35 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 15 Sep 2020 18:46:59 GMT
ETag: W/"5f610c23-23df"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2pSD0%2FVmBIMDSN74osQc4dAFJoqwKYkqa%2Br97fSKAss4v8JSp0neJ0z2vNAtbHqXR6j8JUnQjatDhHVPb6lGMqsJBzJwyWA2y8u%2Fe3%2FCttrk5qvS4Kfy1G%2FeIg7QdwTAHeQjMdJuZynWPMI5soKkv6M%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78d8e70f2d311c0e-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
fitgirl-repacks.theunblock.net/app/apx14.js
104.21.23.213200 OK 2.2 kB URL HTTP/1.1 fitgirl-repacks.theunblock.net/app/apx14.js
IP 104.21.23.213:0
File type ASCII text, with very long lines (7663), with no line terminators
Hash 5fd0d992c153321728eef72725f9e2f1
11af100c190b0c91d3126ca0c792aa6cd3954897
f39352e9834fda1868dab410b72a2850f516686f140843e9f0eef835be503330
GET /app/apx14.js HTTP/1.1
Host: fitgirl-repacks.theunblock.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fitgirl-repacks.theunblock.net/old-world/
Cookie: PHPSESSID=pnlmujc8c6mqegbt7pn578iesl
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 14:15:35 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 15 Sep 2020 18:26:19 GMT
ETag: W/"5f61074b-1def"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KdTb0cKU8b9EWSs73s66y0FhCAk7A7ztfEozapeVje0AUU4oRBzyWtvQVueeA0ctKpb9YJF0CTUUPX3rohck2%2B%2FJ%2ByaCwOixNbPkm%2BD3qRQNh%2FOXEzsvy41hlckJa4CRyu1ODXm0FtWcg78miPHQCoo%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78d8e70f9afbb4f4-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
fitgirl-repacks.theunblock.net/app/x12.js
104.21.23.213200 OK 3.0 kB URL HTTP/1.1 fitgirl-repacks.theunblock.net/app/x12.js
IP 104.21.23.213:0
File type ASCII text, with very long lines (11180), with no line terminators
Hash 7f0c811d15a31a93662cfa30df4ef5ea
3f5b8f499bc7f50d2315eadc7cf043d317b60b95
af3050874dc2886642989014b75a7b4734239520ee7d36ea06d4527e41d92beb
GET /app/x12.js HTTP/1.1
Host: fitgirl-repacks.theunblock.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fitgirl-repacks.theunblock.net/old-world/
Cookie: PHPSESSID=pnlmujc8c6mqegbt7pn578iesl
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 14:15:35 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 15 Sep 2020 18:26:18 GMT
ETag: W/"5f61074a-2bac"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uDwGfdiAEg1uRqEJF20vzVzPDdN49VWeu3xVW2mFWACRO%2FAn1ztYF89brjMDNdiMs0cOyUfSb64pfcE%2BxYEZkRGTvrjdW6dkrzGQ2Ze7a6nG1BEowHKAxjprVcS%2Bk0UbaT%2BUASKDmtLkFS35g8BlAfE%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78d8e70f98e20b39-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
benumelan.com/5/2632704
139.45.197.239200 OK 24 kB IP 139.45.197.239:0
File type ASCII text, with very long lines (64431), with no line terminators
Hash 69d68528ff819a77061c8a62d9d71aca
aa63eb1fa6831da3c9537399e7ab05445e701a05
da7981ee9ffec836ca964aaee95249ee31a59d27a44dc76815f09a7daa4c0a6c
Analyzer Verdict Alert quad9 Sinkholed
GET /5/2632704 HTTP/1.1
Host: benumelan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fitgirl-repacks.theunblock.net/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 22 Jan 2023 14:15:35 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: e1ea6f8dbf34d0de2b66b6c889841430
Link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Access-Control-Max-Age: 86400
Timing-Allow-Origin: *
Set-Cookie: OAID=4ccd948d81024406b973b7bc8e547770; expires=Mon, 22 Jan 2024 14:15:35 GMT; path=/
oaidts=1674396935; expires=Mon, 22 Jan 2024 14:15:35 GMT; path=/
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
Pragma: no-cache, no-cache
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 1d1122eabe5bf25dc4199705b70eb165
ec09fd1f2650b309c0a36737ad859938ae894d50
bcb1cd48513d2457ce146f58dd430a7808a650bee1ad58ec7f19cbdee795c8d5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 14:15:35 GMT
Server: ECS (amb/6B9F)
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 1d1122eabe5bf25dc4199705b70eb165
ec09fd1f2650b309c0a36737ad859938ae894d50
bcb1cd48513d2457ce146f58dd430a7808a650bee1ad58ec7f19cbdee795c8d5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 14:15:35 GMT
Server: ECS (amb/6B88)
Content-Length: 280
fitgirl-repacks.theunblock.net/hy.js?q22q2q2
104.21.23.213200 OK 18 kB URL HTTP/1.1 fitgirl-repacks.theunblock.net/hy.js?q22q2q2
IP 104.21.23.213:0
File type ASCII text, with very long lines (56131), with no line terminators
Hash f12634066d38736854588dc61b5ba109
623e90c430f1609e59e16407553e2d2ff8882d8e
7ca898a6218b8e61a9a999ffb0c76a9c60f86dfd4353b2496225e6473c72c0de
GET /hy.js?q22q2q2 HTTP/1.1
Host: fitgirl-repacks.theunblock.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fitgirl-repacks.theunblock.net/old-world/
Cookie: PHPSESSID=pnlmujc8c6mqegbt7pn578iesl
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 14:15:35 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 02 Mar 2021 05:53:48 GMT
ETag: W/"603dd2ec-db43"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5fbVvp43zyvzlALAO0YhbV5HLQubqgixk8YEl29zwyXQg%2FU6FeKFnpjr4azWq5wge7MG%2BnkdmXd8kA7NiY608tXssBy0yiBmQqwcQ0UYalODH4bTGYBzai6tgjSKF525vcWMAlgnLAtRTxZCD6%2FKi1A%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78d8e70f8fc4b4fa-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
fitgirl-repacks.theunblock.net/zpp/zpp4.js?q22q2q2
104.21.23.213200 OK 14 kB URL HTTP/1.1 fitgirl-repacks.theunblock.net/zpp/zpp4.js?q22q2q2
IP 104.21.23.213:0
File type ASCII text, with very long lines (38995), with no line terminators
Hash 3c741ddc90399bc2910b2cdc0a826716
163182c6b04f146fbf6de424ead05c91e59e3c51
e6753c7588e28e17f44aa00cbe8c314de3f2bbcb8e892a439eed11dd989b1d84
GET /zpp/zpp4.js?q22q2q2 HTTP/1.1
Host: fitgirl-repacks.theunblock.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fitgirl-repacks.theunblock.net/old-world/
Cookie: PHPSESSID=pnlmujc8c6mqegbt7pn578iesl
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 14:15:35 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 02 Mar 2021 05:53:53 GMT
ETag: W/"603dd2f1-9853"
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yR%2Bzo9fKsndbC%2BrcqJnJIMZoqMoAHH9J4LQmPcFGfCRnItOF%2FfOjKoZFwIPXYZweaHzGQAUBNgLR%2BwK%2BE4NgLKPviMFlon5TijOFAJhv%2FpNm2ZE%2FA7PMZK6MD%2FCqQfkrljFiSFxVS0ng65ZF5tN4OOY%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78d8e70f8f1b0b3d-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
inpagepush.com/400/3064505
139.45.197.237200 OK 32 kB URL HTTP/1.1 inpagepush.com/400/3064505
IP 139.45.197.237:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 3c7b80b92bae203a8cda9cc769300cd8
20c07f7aba9d42b17de1a45c318162349fac902f
39c7370cf1920e8cafaf7ab9ed0cdde1f1b2a3d6cc62f9eb9d2d3f6f841e104a
GET /400/3064505 HTTP/1.1
Host: inpagepush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fitgirl-repacks.theunblock.net/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 22 Jan 2023 14:15:35 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: 0b2152eeb7c9fc5da80392751f879f82
Expires: Tue, 11 Jan 1994 10:00:00 GMT
Cache-Control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Pragma: no-cache
Vary: Origin
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Link
Access-Control-Allow-Credentials: true
Set-Cookie: OAID=8b1d8ab52f6b4099aaa134a7401ae3ed; expires=Mon, 22 Jan 2024 14:15:35 GMT; path=/; secure; SameSite=None
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Timing-Allow-Origin: *, *
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 032ea16a79a95a9f16a60674c5f3ad5c
daea213df10fabce0cd857bcd4f3e64dd1293fad
4637cdfefc8df89f6f6cc042daa30247921cbd001bd16484b18c384f1e7b9781
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 14:15:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 032ea16a79a95a9f16a60674c5f3ad5c
daea213df10fabce0cd857bcd4f3e64dd1293fad
4637cdfefc8df89f6f6cc042daa30247921cbd001bd16484b18c384f1e7b9781
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 14:15:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash ace90ee2f1ce8ca0d69556c6398555a6
49b53ab37b77ebf26525ef3a84aaa9a817af9df4
6d66736ed5245c62987c88f0c3570eefd8f45c09f60dc9b2e1d585f05d1f00e2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 14:15:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1p5/jKntGJq7zmE
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/jKntGJq7zmE
IP 142.250.74.131:0
Hash c5929edbd59c8545dc7bc958572c7aa4
de040546e628c46913990f4836666692f0d36afa
f12b5d26c6af3f3236bc1af55fc72ace5a9572e07fa2b5024932e79d91acf80c
POST /s/gts1p5/jKntGJq7zmE HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 14:15:35 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 1d1122eabe5bf25dc4199705b70eb165
ec09fd1f2650b309c0a36737ad859938ae894d50
bcb1cd48513d2457ce146f58dd430a7808a650bee1ad58ec7f19cbdee795c8d5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 14:15:35 GMT
Server: ECS (amb/6B81)
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 1d1122eabe5bf25dc4199705b70eb165
ec09fd1f2650b309c0a36737ad859938ae894d50
bcb1cd48513d2457ce146f58dd430a7808a650bee1ad58ec7f19cbdee795c8d5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 14:15:35 GMT
Server: ECS (amb/6B8F)
Content-Length: 280
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Expires, Last-Modified, Alert, Content-Type, Content-Length, ETag, Pragma, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 22 Jan 2023 13:48:58 GMT
age: 1597
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 0c74880fa99032b5c3831c179d702419
0020b368309735c94d8053d3781a7efb7283cfc5
437e2d4e2bbfb33b0ff696172378ce55a0a5ed005a1b8c4005eab4a6995a3042
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1250
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 14:15:36 GMT
Last-Modified: Sun, 22 Jan 2023 13:54:46 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
fonts.googleapis.com/css2?family=Roboto:wght@400&display=swap
142.250.74.74200 OK 1.0 kB URL HTTP/2 fonts.googleapis.com/css2?family=Roboto:wght@400&display=swap
IP 142.250.74.74:0
Hash 2ad11adecfa9ba88570882092fc000bc
6d0b0fe35d6ad031f3b1e5d753d6636459e26495
794eb1b596cd7fbed5e0499204f7108e28ed63600b779ea9d0e821ff273e3b4e
GET /css2?family=Roboto:wght@400&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fitgirl-repacks.theunblock.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 22 Jan 2023 14:15:35 GMT
date: Sun, 22 Jan 2023 14:15:35 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 032ea16a79a95a9f16a60674c5f3ad5c
daea213df10fabce0cd857bcd4f3e64dd1293fad
4637cdfefc8df89f6f6cc042daa30247921cbd001bd16484b18c384f1e7b9781
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 14:15:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.youtube.com/s/player/4248d311/www-player.css
142.250.74.46200 OK 50 kB URL HTTP/2 www.youtube.com/s/player/4248d311/www-player.css
IP 142.250.74.46:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 8a6331ed48be29c59230b0c7360068de
22a20436f427d6b8e26eb30ed9aab51a43d389bf
72f0818ab04697fc29d331b2add584f3cd5e269446c7297300701a4666c9d95e
GET /s/player/4248d311/www-player.css HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/IFzUTKsrbN8
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 49911
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 19 Jan 2023 16:03:19 GMT
expires: Fri, 19 Jan 2024 16:03:19 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 12 Jan 2023 01:15:11 GMT
content-type: text/css
age: 252737
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 1d1122eabe5bf25dc4199705b70eb165
ec09fd1f2650b309c0a36737ad859938ae894d50
bcb1cd48513d2457ce146f58dd430a7808a650bee1ad58ec7f19cbdee795c8d5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 14:15:36 GMT
Last-Modified: Sun, 22 Jan 2023 14:15:35 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 280
www.youtube.com/s/player/4248d311/www-embed-player.vflset/www-embed-player.js
142.250.74.46200 OK 109 kB URL HTTP/2 www.youtube.com/s/player/4248d311/www-embed-player.vflset/www-embed-player.js
IP 142.250.74.46:0
File type ASCII text, with very long lines (679)
Size 109 kB (109432 bytes)
Hash 711fcfe6f1ab52d89ab3474d437c1e48
b2f3e69e9d40b193de5e76ae13c6ad9ce0a8e537
361236d1317543e128074c35d22d65a2ba70f6ce9906b07a543e6b3c96239019
GET /s/player/4248d311/www-embed-player.vflset/www-embed-player.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/IFzUTKsrbN8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 109432
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 19 Jan 2023 16:03:20 GMT
expires: Fri, 19 Jan 2024 16:03:20 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 12 Jan 2023 01:15:11 GMT
content-type: text/javascript
age: 252736
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 7af38eaffe97bedd3d88022042075f70
678da9a19dadad139ae077119f2309946a6fce25
5d3161428afea60aa3a705678993e833a73154f7a50696b7d4609d7145b969dd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5D3161428AFEA60AA3A705678993E833A73154F7A50696B7D4609D7145B969DD"
Last-Modified: Fri, 20 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5567
Expires: Sun, 22 Jan 2023 15:48:23 GMT
Date: Sun, 22 Jan 2023 14:15:36 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash ace90ee2f1ce8ca0d69556c6398555a6
49b53ab37b77ebf26525ef3a84aaa9a817af9df4
6d66736ed5245c62987c88f0c3570eefd8f45c09f60dc9b2e1d585f05d1f00e2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 14:15:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.youtube.com/s/player/4248d311/fetch-polyfill.vflset/fetch-polyfill.js
142.250.74.46200 OK 2.8 kB URL HTTP/2 www.youtube.com/s/player/4248d311/fetch-polyfill.vflset/fetch-polyfill.js
IP 142.250.74.46:0
File type Algol 68 source text\012- Pascal source, ASCII text, with very long lines (555)
Hash 80fe2d229007996c8397073b00755dc7
121f82c77bcf2a297a1085e3b092415c463fcafe
033dfa8941482c82d4f1aaa4a9172fb379b9e46a02d5b36297c5476bbbfdea2c
GET /s/player/4248d311/fetch-polyfill.vflset/fetch-polyfill.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/IFzUTKsrbN8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 2786
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 19 Jan 2023 16:14:47 GMT
expires: Fri, 19 Jan 2024 16:14:47 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 12 Jan 2023 01:15:11 GMT
content-type: text/javascript
age: 252049
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.youtube.com/s/player/4248d311/player_ias.vflset/en_US/base.js
142.250.74.46200 OK 611 kB URL HTTP/2 www.youtube.com/s/player/4248d311/player_ias.vflset/en_US/base.js
IP 142.250.74.46:0
File type ASCII text, with very long lines (517)
Size 611 kB (611243 bytes)
Hash 4bafbf546e35e79d802b8e836cf03e3b
cff2ccd4542a73b82c18cdac6b3e4af01198566e
da6660452c1ebd120eb25d4c1a742e2fe20cf5ccfbd3523acb5e1d5693170d70
GET /s/player/4248d311/player_ias.vflset/en_US/base.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/IFzUTKsrbN8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding, Origin
content-encoding: br
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 611243
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 19 Jan 2023 13:03:55 GMT
expires: Fri, 19 Jan 2024 13:03:55 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 12 Jan 2023 01:15:11 GMT
content-type: text/javascript
age: 263501
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
glimtors.net/zone?pub=0&zone_id=2651991&is_mobile=false&domain=fitgirl-repacks.theunblock.net&var=&ymid=&var_3=
139.45.197.251200 OK 705 B URL HTTP/2 glimtors.net/zone?pub=0&zone_id=2651991&is_mobile=false&domain=fitgirl-repacks.theunblock.net&var=&ymid=&var_3=
IP 139.45.197.251:0
File type JSON data\012- , ASCII text, with very long lines (704)
Hash fe3e4db36ad933c90ac425e5a6ac64fe
4b9ab4375cc192f32b98c2788105c97b3fdf8cb9
e962fd8c0ed953b271738422fdea4e338405651c40c5dee6860d802d132509b4
GET /zone?pub=0&zone_id=2651991&is_mobile=false&domain=fitgirl-repacks.theunblock.net&var=&ymid=&var_3= HTTP/1.1
Host: glimtors.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://fitgirl-repacks.theunblock.net/
Origin: http://fitgirl-repacks.theunblock.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 22 Jan 2023 14:15:36 GMT
content-type: application/json; charset=utf-8
content-length: 705
x-trace-id: 5bac936c11b1fd7e855b227ec5acefdc
access-control-allow-origin: http://fitgirl-repacks.theunblock.net
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 1d1122eabe5bf25dc4199705b70eb165
ec09fd1f2650b309c0a36737ad859938ae894d50
bcb1cd48513d2457ce146f58dd430a7808a650bee1ad58ec7f19cbdee795c8d5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 14:15:36 GMT
Server: ECS (amb/6B74)
Content-Length: 280
push.services.mozilla.com/
52.89.255.30101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.89.255.30:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Vp3bIJtc3NQzG1r7cMaEVg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: lb5rL2K77O2O5Co9AdOg9J94iuI=
i.imgur.com/TH5z5DM.png
151.101.84.193200 OK 1.5 kB IP 151.101.84.193:0
File type PNG image data, 94 x 89, 8-bit/color RGBA, non-interlaced\012- data
Hash 063ed504acc2ee96cec413d248379761
c2ba3db79e0b25c801ff431539a63d17014533ca
5718709bc4408d9d06689ad12333e3e79299dd44abcf447ca6a5718aedc8a517
GET /TH5z5DM.png HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fitgirl-repacks.theunblock.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Sun, 25 Jul 2021 13:23:59 GMT
etag: "063ed504acc2ee96cec413d248379761"
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Sun, 22 Jan 2023 14:15:36 GMT
age: 1972619
x-served-by: cache-iad-kiad7000147-IAD, cache-bma1631-BMA
x-cache: HIT, HIT
x-cache-hits: 3588, 5
x-timer: S1674396936.383458,VS0,VE0
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 1476
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsalphasha2g2
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp2.globalsign.com/gsalphasha2g2
IP 104.18.21.226:0
Hash b6b02e8aa518c4be305848e52dc0be36
60ae690f99cec5d9cf66dd08036d01044413c9a2
43f16f23d59cb4bed87ef0baf54ead8c3d35b191653c34b211141ae140886599
POST /gsalphasha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 14:15:36 GMT
Content-Type: application/ocsp-response
Content-Length: 1423
Connection: keep-alive
Expires: Thu, 26 Jan 2023 11:12:16 GMT
ETag: "60ae690f99cec5d9cf66dd08036d01044413c9a2"
Last-Modified: Sun, 22 Jan 2023 11:12:17 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 259
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78d8e7148fa80b59-OSL
heartilyscales.com/a2/86/90/a286902791a7f4c98bcb1e812322cd78.js
173.233.137.36200 OK 13 kB URL HTTP/1.1 heartilyscales.com/a2/86/90/a286902791a7f4c98bcb1e812322cd78.js
IP 173.233.137.36:0
File type ASCII text, with very long lines (37144), with no line terminators
Hash f654b31d4dc85804f99cb3acdb7e6cab
5bab6013397cc77bdf70047cff4e327a94c65552
a1acbc5029e22e383b6412051b74fc48ead7e6ec1643c1bf777db4b5aafd6fbe
Analyzer Verdict Alert quad9 Sinkholed
GET /a2/86/90/a286902791a7f4c98bcb1e812322cd78.js HTTP/1.1
Host: heartilyscales.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fitgirl-repacks.theunblock.net/
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 22 Jan 2023 14:15:36 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 499d82d63aa702af372398c387cafb28
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
fonts.googleapis.com/css?family=Lato%3A300%2C400%2C700%2C900%2C300italic%2C400italic%2C700italic&subset=latin%2Clatin-ext&display=fallback
142.250.74.74200 OK 1.0 kB URL HTTP/2 fonts.googleapis.com/css?family=Lato%3A300%2C400%2C700%2C900%2C300italic%2C400italic%2C700italic&subset=latin%2Clatin-ext&display=fallback
IP 142.250.74.74:0
Hash c50e5ee80ff327cf11be36b726409d1b
7b0f831692c56794af7daf720120c9bcc6e4e545
12dcaef08cb949982454d2ee789f950128b6b9f8738258e19b05fc194765172e
GET /css?family=Lato%3A300%2C400%2C700%2C900%2C300italic%2C400italic%2C700italic&subset=latin%2Clatin-ext&display=fallback HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fitgirl-repacks.theunblock.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 22 Jan 2023 14:15:35 GMT
date: Sun, 22 Jan 2023 14:15:35 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
torrent-stats.info/2abf/da78ec1a.png
87.98.254.167200 OK 11 kB URL HTTP/1.1 torrent-stats.info/2abf/da78ec1a.png
IP 87.98.254.167:0
File type PNG image data, 416 x 47, 8-bit/color RGB, non-interlaced\012- data
Hash 574c4ecd0ce16fea5e296927c7eeecb0
7e34d5e30005cd465823c282749356db9026129c
44155f8229f97c393418eeca12c70cc00cbff13423b78ce4f645a80e926edc7e
GET /2abf/da78ec1a.png HTTP/1.1
Host: torrent-stats.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fitgirl-repacks.theunblock.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 14:15:36 GMT
Server: Apache
X-Powered-By: PHP/5.3.3
Expires: Sun, 22 Jan 2023 16:29:39 GMT
Pragma: cache
Cache-Control: max-age=8043
Last-Modified: Sun, 22 Jan 2023 11:45:21 GMT
Keep-Alive: timeout=5, max=10
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: image/png
i3.imageban.ru/out/2021/07/02/4ccb6aa62fa1087f8d8c224d8ed3aa17.jpg
82.146.61.17200 OK 70 kB URL HTTP/2 i3.imageban.ru/out/2021/07/02/4ccb6aa62fa1087f8d8c224d8ed3aa17.jpg
IP 82.146.61.17:0
File type JPEG image data, progressive, precision 8, 375x500, components 3\012- data
Hash 886441091b18194d2f2699e738f25ec7
5a887d2dced20749f29204cecb1520d1ce5af0d2
bf0a17c8c1d7ce353f77d3659b2488f05bc0d9147012444a426fa86373988046
GET /out/2021/07/02/4ccb6aa62fa1087f8d8c224d8ed3aa17.jpg HTTP/1.1
Host: i3.imageban.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fitgirl-repacks.theunblock.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.14.2
date: Sun, 22 Jan 2023 14:15:36 GMT
content-type: image/jpeg
content-length: 70457
last-modified: Fri, 02 Jul 2021 12:40:18 GMT
etag: "60df0932-11339"
accept-ranges: bytes
X-Firefox-Spdy: h2
fitgirl-repacks.theunblock.net/wp-content/uploads/2016/08/cropped-icon-192x192.jpg
104.21.23.213200 OK 6.9 kB URL HTTP/1.1 fitgirl-repacks.theunblock.net/wp-content/uploads/2016/08/cropped-icon-192x192.jpg
IP 104.21.23.213:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 192x192, components 3\012- data
Hash 11a1f6e4ec6e64709ce253c2cfd39713
ce6f2127abbfc3f6bba91e0b2e70bc186eef9400
9c3b9f45b1c61888566dfcd113a390d82b6c0e0b25c1d33973198beb434ed0c7
GET /wp-content/uploads/2016/08/cropped-icon-192x192.jpg HTTP/1.1
Host: fitgirl-repacks.theunblock.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fitgirl-repacks.theunblock.net/old-world/
Cookie: PHPSESSID=pnlmujc8c6mqegbt7pn578iesl
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 14:15:36 GMT
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Access-Control-Allow-Origin: *
CF-Cache-Status: BYPASS
Set-Cookie: view=1; expires=Mon, 23-Jan-2023 14:15:36 GMT; Max-Age=86400
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EW8HSPdqS1fzlCiR2825HwHPHnDd5TgfMFlC%2FGZaYENN1tS3TR6evUYQ%2B8DPfL0iJ9hJ%2Fnm9PYssqbub5fj5iHKZr%2B09cxD2tfcuWHHYyvaHNywMKmKnv9q%2FuIgrKONEKcdUY670%2BMBsrpDH2HvwmC4%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78d8e713fd94b4fa-OSL
alt-svc: h2=":443"; ma=60
glimtors.net/pfe/current/universal.min.js?v=3.1.411
139.45.197.251200 OK 34 kB URL HTTP/2 glimtors.net/pfe/current/universal.min.js?v=3.1.411
IP 139.45.197.251:0
Hash 5a3f939057a42809dd07358c05859593
e934b39df9d22509d6e3bbabaf97583165fc617e
e6d5603427196d2da521b1c86cb32714c702c0edc4d7921c2e515db54d7d5ee1
GET /pfe/current/universal.min.js?v=3.1.411 HTTP/1.1
Host: glimtors.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://fitgirl-repacks.theunblock.net/
Origin: http://fitgirl-repacks.theunblock.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 22 Jan 2023 14:15:36 GMT
content-type: application/javascript
last-modified: Wed, 21 Dec 2022 12:58:18 GMT
etag: W/"63a302ea-18c6c"
access-control-allow-origin: http://fitgirl-repacks.theunblock.net
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 25d59e4444b16818a49fec7128c90dcd
ea263f33790881a01e317fa03d935f7109523e41
22e26ea1917d1a0fed0b2af636f1baecb59768b0f85c9ab6b1c37d45e84dfa2d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 14:15:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 25d59e4444b16818a49fec7128c90dcd
ea263f33790881a01e317fa03d935f7109523e41
22e26ea1917d1a0fed0b2af636f1baecb59768b0f85c9ab6b1c37d45e84dfa2d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 14:15:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 25d59e4444b16818a49fec7128c90dcd
ea263f33790881a01e317fa03d935f7109523e41
22e26ea1917d1a0fed0b2af636f1baecb59768b0f85c9ab6b1c37d45e84dfa2d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 14:15:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fitgirl-repacks.theunblock.net/wp-content/plugins/wp-latest-posts/css/wplp_front.css?ver=6.0.2
104.21.23.213200 OK 19 kB URL HTTP/2 fitgirl-repacks.theunblock.net/wp-content/plugins/wp-latest-posts/css/wplp_front.css?ver=6.0.2
IP 104.21.23.213:0
Hash 98a7b3a6d3360583f5df8b0f22da4785
65f709e5deea312f748cff0d020ed41ca00070f6
e25f751204bcfc24a1dff93299223d51f38cd4b0ab90e11e42ae1f246e6e5a15
GET /wp-content/plugins/wp-latest-posts/css/wplp_front.css?ver=6.0.2 HTTP/1.1
Host: fitgirl-repacks.theunblock.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fitgirl-repacks.theunblock.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 22 Jan 2023 14:15:36 GMT
content-type: text/css;charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
access-control-allow-origin: *
cf-cache-status: BYPASS
set-cookie: view=1; expires=Mon, 23-Jan-2023 14:15:35 GMT; Max-Age=86400
PHPSESSID=q4otiuobgnvaqr19mjds7fa245; path=/
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uO20NpXeyrFpWmnABwWjU8QnYGUJ4quXgIr2NNCpdgp95o7m78NTd0zsCxLu2AmUuXdDpUhC1gMgscVPWMSlY8riE0dOzhEebRCNeHN0IYaCtd4CPZPbPOgtvcayjaaX6FDMZu6Sl%2FcpYyzL6kvkgjs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78d8e710ebb6b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh50XSwiPGQ.woff2
142.250.74.35200 OK 22 kB URL HTTP/2 fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh50XSwiPGQ.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 22504, version 1.0\012- data
Hash 1c6c65523675abc6fcd78e804325bd77
898d9808304dc157f5dcb18ca169ec6e2b96b3d7
08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92
GET /s/lato/v23/S6u9w4BMUTPHh50XSwiPGQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://fitgirl-repacks.theunblock.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 22504
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 17 Jan 2023 17:14:55 GMT
expires: Wed, 17 Jan 2024 17:14:55 GMT
cache-control: public, max-age=31536000
age: 421241
last-modified: Tue, 26 Apr 2022 16:04:16 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh7USSwiPGQ.woff2
142.250.74.35200 OK 23 kB URL HTTP/2 fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh7USSwiPGQ.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 23236, version 1.0\012- data
Hash 716309aab2bca045f9627f63ad79d0bf
38804233a29aaf975d557fe14e762c627bef76e0
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
GET /s/lato/v23/S6u9w4BMUTPHh7USSwiPGQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://fitgirl-repacks.theunblock.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 18 Jan 2023 12:50:52 GMT
expires: Thu, 18 Jan 2024 12:50:52 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 26 Apr 2022 16:04:12 GMT
content-type: font/woff2
age: 350684
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fitgirl-repacks.theunblock.net/wp-content/plugins/jetpack/css/jetpack.css?ver=11.2
104.21.23.213200 OK 40 kB URL HTTP/2 fitgirl-repacks.theunblock.net/wp-content/plugins/jetpack/css/jetpack.css?ver=11.2
IP 104.21.23.213:0
File type Unicode text, UTF-8 text, with very long lines (65533), with no line terminators
Hash 5b4f69c0536780b8816551f7933fc17e
b477295183dbb051d5a24525a0c9679304bb67db
60f78c7d672b946d3e83a33ddeac38d15b2b9d00a31ba9ab75633e3df7812b5f
GET /wp-content/plugins/jetpack/css/jetpack.css?ver=11.2 HTTP/1.1
Host: fitgirl-repacks.theunblock.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fitgirl-repacks.theunblock.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 22 Jan 2023 14:15:35 GMT
content-type: text/css;charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
access-control-allow-origin: *
cf-cache-status: BYPASS
set-cookie: view=1; expires=Mon, 23-Jan-2023 14:15:35 GMT; Max-Age=86400
PHPSESSID=ljcr6429plsib2l1tkgl7k76kl; path=/
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r3VrAng6mwUafpz1Ur%2Fi2xblVjClqvlxuzdM7B1NOKPda7FVF9QzOWTMMQ6iZ27sS9WvYYMPI3CIKZyldRx%2BkvuwOUDa1fsXoKg9NsycHYkEcuHOHQt3745SWLKgGvk%2FVEP9bh%2BTj3yX0OAGLJGoLEo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78d8e710ebb5b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2
142.250.74.35200 OK 23 kB URL HTTP/2 fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 23040, version 1.0\012- data
Hash de69cf9e514df447d1b0bb16f49d2457
2ac78601179c3a63ba3f3f3081556b12ddcaf655
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
GET /s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://fitgirl-repacks.theunblock.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23040
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 22 Jan 2023 10:25:03 GMT
expires: Mon, 22 Jan 2024 10:25:03 GMT
cache-control: public, max-age=31536000
age: 13833
last-modified: Tue, 26 Apr 2022 15:56:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
s01.riotpixels.net/data/4c/a7/4ca7b811-d06b-4ca0-b604-54648401ebaa.jpg.240p.jpg
172.67.143.35200 OK 22 kB URL HTTP/1.1 s01.riotpixels.net/data/4c/a7/4ca7b811-d06b-4ca0-b604-54648401ebaa.jpg.240p.jpg
IP 172.67.143.35:0
File type JPEG image data, progressive, precision 8, 427x240, components 3\012- data
Hash b92c4272a03d6b273b25854c80a90526
364acdca2e9dac53654b482c69aa3aaa606c9bc5
54fa2cca1dd4b324ce81c24f3846292f9d30257b62064a8f75e0b2ac41d2bec9
GET /data/4c/a7/4ca7b811-d06b-4ca0-b604-54648401ebaa.jpg.240p.jpg HTTP/1.1
Host: s01.riotpixels.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fitgirl-repacks.theunblock.net/
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 14:15:36 GMT
Content-Type: image/jpeg
Content-Length: 22014
Connection: keep-alive
Last-Modified: Thu, 16 Apr 2020 06:51:30 GMT
ETag: "5e980072-55fe"
Expires: Fri, 10 Nov 2023 23:06:41 GMT
Cache-Control: max-age=31536000
CF-Cache-Status: HIT
Age: 6275335
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mQHAPVnk4ZTIDdus6epS%2Fqdr0QU2PCiXQZVSpgMRuuJTIepwEUNuYyHGQNWWbfsPZQIHFvzJDhsFRLCLYbecvx6EZS2aBhQPOSNN%2B0WjWKtWvXGdGVZJSoIcC2tbO1lscKmPyQs%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78d8e7169c32b527-OSL
alt-svc: h2=":443"; ma=60
s01.riotpixels.net/data/6a/53/6a531d0d-3cbf-4028-8402-06e93313fd2a.jpg.240p.jpg
172.67.143.35200 OK 27 kB URL HTTP/1.1 s01.riotpixels.net/data/6a/53/6a531d0d-3cbf-4028-8402-06e93313fd2a.jpg.240p.jpg
IP 172.67.143.35:0
File type JPEG image data, progressive, precision 8, 427x240, components 3\012- data
Hash b8af9c9b00581dc79ce4ef8cc9087406
2a4999a9ff5cc765a547c73714ccc4ade2e6e211
036069cb05b29e2e71f8c9e6d60bc52e702ce0e23cb6f2cb3214ad7715394765
GET /data/6a/53/6a531d0d-3cbf-4028-8402-06e93313fd2a.jpg.240p.jpg HTTP/1.1
Host: s01.riotpixels.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fitgirl-repacks.theunblock.net/
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 14:15:36 GMT
Content-Type: image/jpeg
Content-Length: 26872
Connection: keep-alive
Last-Modified: Thu, 16 Apr 2020 06:51:18 GMT
ETag: "5e980066-68f8"
Expires: Fri, 22 Dec 2023 11:53:27 GMT
Cache-Control: max-age=31536000
CF-Cache-Status: HIT
Age: 2686929
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YFsBT5qrdR3oRszdw65trJF%2F1XB833UF%2BgX2IjnD3IKakUvABHKrseGBIQu7yeh%2B%2Fnx7pxeAWNdK6rHo2uzPntAS8a4LsrdIaAyJHvcYbRWDsO8%2F%2BWmk5gEdHLmYdhwcIdjHpWI%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78d8e7169f74b505-OSL
alt-svc: h2=":443"; ma=60
fitgirl-repacks.theunblock.net/wp-content/plugins/shortcodes-ultimate/includes/css/icons.css?ver=1.1.5
104.21.23.213200 OK 30 kB URL HTTP/2 fitgirl-repacks.theunblock.net/wp-content/plugins/shortcodes-ultimate/includes/css/icons.css?ver=1.1.5
IP 104.21.23.213:0
File type ASCII text, with very long lines (36350)
Hash b77f9c898b8e6fd42a51fd1c264fe173
4e74b796c4d75fde4d0c5015636b3df6a0729cd8
c5c1f44e830b6e25c8a7c2483fa1b7fb5705bdb41b00cb3a7ed69cfc7437532b
GET /wp-content/plugins/shortcodes-ultimate/includes/css/icons.css?ver=1.1.5 HTTP/1.1
Host: fitgirl-repacks.theunblock.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fitgirl-repacks.theunblock.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 22 Jan 2023 14:15:36 GMT
content-type: text/css;charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
access-control-allow-origin: *
cf-cache-status: BYPASS
set-cookie: view=1; expires=Mon, 23-Jan-2023 14:15:35 GMT; Max-Age=86400
PHPSESSID=nfkvl8iain4j6ba4asjko5g9ir; path=/
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lkCPskFaGkPHtHZ5fRFbwMenAEpUzls5l7I3RwNuiAynADnbpGBZn9C%2Bwr9u07Pyicwxp9mpIbBos%2FYnKKAIwh7z46PcNX%2FQFrfCwDWZBJwB78l7PTTvMQwGzi3ZSpIbLPZ323iLHh666%2BE9%2Fox2M5A%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78d8e710fbccb511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
s01.riotpixels.net/data/a3/be/a3be6ff9-dacb-4fa4-8736-3db90f0f2cb4.jpg.240p.jpg
172.67.143.35200 OK 21 kB URL HTTP/1.1 s01.riotpixels.net/data/a3/be/a3be6ff9-dacb-4fa4-8736-3db90f0f2cb4.jpg.240p.jpg
IP 172.67.143.35:0
File type JPEG image data, progressive, precision 8, 427x240, components 3\012- data
Hash a9b42bcbd9e770000b7195620eb5c939
6b0885ddfc8cee55a470088d45e5edc4958184ad
43bdcf58f8023ae79c11c02464cc85558b9f5f877da6257ac8044e8fd1cdff51
GET /data/a3/be/a3be6ff9-dacb-4fa4-8736-3db90f0f2cb4.jpg.240p.jpg HTTP/1.1
Host: s01.riotpixels.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fitgirl-repacks.theunblock.net/
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 14:15:36 GMT
Content-Type: image/jpeg
Content-Length: 20879
Connection: keep-alive
Last-Modified: Tue, 14 Apr 2020 18:40:55 GMT
ETag: "5e9603b7-518f"
Expires: Fri, 22 Dec 2023 11:53:27 GMT
Cache-Control: max-age=31536000
CF-Cache-Status: HIT
Age: 2686929
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KYeWkI%2FzrLb59PXqNusBMuaJ6UHK8XoK5nx9oNfAyOU5gI3ynt9OezW%2F%2BCcjlS3MDsikQ7NeArnQRxpP0erJjLAWsufXLHn56cqmzQx8%2BcBKb00iGqFOXwgb2ZXUURegLkuRinI%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78d8e716aab0b4f3-OSL
alt-svc: h2=":443"; ma=60
s01.riotpixels.net/data/1d/dd/1dddd01f-60c8-444c-98d5-3804c0e0ab04.jpg.240p.jpg
172.67.143.35200 OK 13 kB URL HTTP/1.1 s01.riotpixels.net/data/1d/dd/1dddd01f-60c8-444c-98d5-3804c0e0ab04.jpg.240p.jpg
IP 172.67.143.35:0
File type JPEG image data, progressive, precision 8, 427x240, components 3\012- data
Hash eebfc3b83474e0341d46ed6982f9f045
f68c59c09ec4e48f85bc29a9f6faec32fac777db
76a14b29c8afdbf0d9503004fa6c03297f70a454800ca2fc66d6371f6465cdf9
GET /data/1d/dd/1dddd01f-60c8-444c-98d5-3804c0e0ab04.jpg.240p.jpg HTTP/1.1
Host: s01.riotpixels.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fitgirl-repacks.theunblock.net/
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 14:15:36 GMT
Content-Type: image/jpeg
Content-Length: 12781
Connection: keep-alive
Last-Modified: Tue, 14 Apr 2020 18:40:53 GMT
ETag: "5e9603b5-31ed"
Expires: Fri, 19 Jan 2024 09:00:18 GMT
Cache-Control: max-age=31536000
CF-Cache-Status: HIT
Age: 278118
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NtdmpuW0PV%2BIuVeM7fuyT8wDptEeTXmFueovAL4RYS9bFWXSal0%2Ftmy%2B80hDTiSP0jazLXa7BGv3RkXsBTRd0xhZFpvd4UGczlrgayhgj8qsuc7nzWaXN9j92VOV4wQojUMSIRQ%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78d8e716ade0b524-OSL
alt-svc: h2=":443"; ma=60
s01.riotpixels.net/data/58/1f/581f6695-b908-4c4a-b12a-fd1f4c526c61.jpg.240p.jpg
172.67.143.35200 OK 19 kB URL HTTP/1.1 s01.riotpixels.net/data/58/1f/581f6695-b908-4c4a-b12a-fd1f4c526c61.jpg.240p.jpg
IP 172.67.143.35:0
File type JPEG image data, progressive, precision 8, 427x240, components 3\012- data
Hash 87f66ce3e86cbc8fec7122eebac2f0a3
a0af22eca6e1be93e20804b1c8f2dce51219ba63
1c548636a1efde9e4f06fa6059dc8968f5f0e126583459e950a8d22382789e28
GET /data/58/1f/581f6695-b908-4c4a-b12a-fd1f4c526c61.jpg.240p.jpg HTTP/1.1
Host: s01.riotpixels.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fitgirl-repacks.theunblock.net/
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 14:15:36 GMT
Content-Type: image/jpeg
Content-Length: 19254
Connection: keep-alive
Last-Modified: Tue, 14 Apr 2020 18:40:58 GMT
ETag: "5e9603ba-4b36"
Expires: Fri, 10 Nov 2023 23:06:42 GMT
Cache-Control: max-age=31536000
CF-Cache-Status: HIT
Age: 6275334
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XZ5O13ObwQ4afPK5kIu9OuXGiccakU0cvO6oVIBS5PpKRY72OJ56wxPvGNgMHR%2B7NjIFNxcop8o5Dxcaawe8H72rXBceGE7WglqdWFH3XXS5jFsd9HVuIGdgpRImeDfPg%2BA8f10%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78d8e716adf8b518-OSL
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 25d59e4444b16818a49fec7128c90dcd
ea263f33790881a01e317fa03d935f7109523e41
22e26ea1917d1a0fed0b2af636f1baecb59768b0f85c9ab6b1c37d45e84dfa2d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 14:15:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fitgirl-repacks.theunblock.net/user.php
104.21.23.213200 OK 25 B URL HTTP/1.1 fitgirl-repacks.theunblock.net/user.php
IP 104.21.23.213:0
Hash 363f411ba212d4d1ccf7856f856145e9
08331057577f273187dd15e7c6f57937835e0aff
c50b40612adfdbf2e228758746fc7927cf440cb9bb5a8280c00d7946632a1943
POST /user.php HTTP/1.1
Host: fitgirl-repacks.theunblock.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
X-Requested-With: XMLHttpRequest
Content-Length: 39
Origin: http://fitgirl-repacks.theunblock.net
Connection: keep-alive
Referer: http://fitgirl-repacks.theunblock.net/old-world/
Cookie: PHPSESSID=hrr2ktf2ecb5d1vdtvtn28fd5m
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 14:15:36 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YxCgOI%2FIN4Lx0xyuNk1%2Bt5yrkD2oxNv5t%2FlxoPLiuBFUDjrw1SjfggclptII8tpelMkPLK1fhVf0ssvBNqqUMYWfIuuFaHXZHps1rMLN6Zwhqe2GU7A0TrLXLvZC6C2Wpd%2BsNYtSQGOyWshAc1tJZH4%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 78d8e716a94cb4fa-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
glimtors.net/ntfc.php?p=2651991
139.45.197.251304 Not Modified 0 B URL HTTP/1.1 glimtors.net/ntfc.php?p=2651991
IP 139.45.197.251:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ntfc.php?p=2651991 HTTP/1.1
Host: glimtors.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fitgirl-repacks.theunblock.net/
If-Modified-Since: Wed, 21 Dec 2022 12:58:18 GMT
If-None-Match: W/"63a302ea-37f4"
HTTP/1.1 304 Not Modified
Server: nginx
Date: Sun, 22 Jan 2023 14:15:36 GMT
Last-Modified: Wed, 21 Dec 2022 12:58:18 GMT
Connection: keep-alive
ETag: "63a302ea-37f4"
Access-Control-Allow-Credentials: true
Cache-Control: no-cache
Pragma: no-cache
fitgirl-repacks.theunblock.net/helper-js/
104.21.23.213200 OK 1.0 kB URL HTTP/1.1 fitgirl-repacks.theunblock.net/helper-js/
IP 104.21.23.213:0
File type ASCII text, with very long lines (2612), with CRLF line terminators
Hash 67e238577ff1bed8fa58e0adf620ecfe
45105af2b3260aa35d365049c36a19cad067c4c8
d53cb72cae28c9e552a77dd5cf6cc131d4fe8a3fe8719ec12067b2c81e845fb5
GET /helper-js/ HTTP/1.1
Host: fitgirl-repacks.theunblock.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fitgirl-repacks.theunblock.net/old-world/
Cookie: PHPSESSID=hrr2ktf2ecb5d1vdtvtn28fd5m
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 14:15:37 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: s-maxage=0, max-age=0 no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qolUOCl2nyXp%2FNXaUYbvQn66ARB4ZsiWAD3S3Pa%2Fgve4T93Nwmmj%2Btqf1d2%2BTJpW3XuEgfbCCCWvKQ4S3NaU2wH9S4HQPjEg3DyxwVs3O%2F4%2BhtQOhbyiiGkkzb1tP17nQb8%2Fc2A4lPC%2F0QggguxC38c%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 78d8e717db10b4fa-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
matomo.hellohi.me/matomo.js
104.21.94.42301 Moved Permanently 169 B URL HTTP/1.1 matomo.hellohi.me/matomo.js
IP 104.21.94.42:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash f3099a531821c476589c3d2d00d53772
8e539d05a8355d6835a56f94b75f405c6e55f6f3
a5287e1cf9fe9dc106bd2172a5b175c7833427866b7819872b1b6fa34b66daef
GET /matomo.js HTTP/1.1
Host: matomo.hellohi.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fitgirl-repacks.theunblock.net/
HTTP/1.1 301 Moved Permanently
Date: Sun, 22 Jan 2023 14:15:37 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://matomo.hellohi.me/matomo.js
Referrer-Policy: origin
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qkb9TTwH883Ns1SSD59r%2BmvQfdxV5coMGeQansFTs1WyeRai0rRXnspt8Ib9jz9BMismISYSYEhqUkPHPKEgikL%2FVAC98SPXUYMcghRI5xB%2FaFvVj%2BI2KJl%2ByLi7KEzNXUByxg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78d8e717cf65fabc-OSL
alt-svc: h2=":443"; ma=60
thaudray.com/5/2632704/?oo=1&aab=1
139.45.197.237200 OK 1.4 kB URL HTTP/1.1 thaudray.com/5/2632704/?oo=1&aab=1
IP 139.45.197.237:0
File type JSON data\012- , ASCII text, with very long lines (2775), with no line terminators
Hash 28bf20be95a320848eb39c551906efd5
5ef4cec09c5882a2b1d1a181af8aef49949faaa6
5dfa4fe292e8829429cca9dcba863c29339208edf51b2ab818331b7f610e4138
GET /5/2632704/?oo=1&aab=1 HTTP/1.1
Host: thaudray.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://fitgirl-repacks.theunblock.net
Connection: keep-alive
Referer: http://fitgirl-repacks.theunblock.net/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 22 Jan 2023 14:15:37 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: d08614d7db24b7968c87c057cc583c6f
Link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
Access-Control-Allow-Origin: http://fitgirl-repacks.theunblock.net
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Access-Control-Max-Age: 86400
Timing-Allow-Origin: *
Set-Cookie: OAID=6df1566f13294b81aee666b99e3886df; expires=Mon, 22 Jan 2024 14:15:37 GMT; path=/
oaidts=1674396937; expires=Mon, 22 Jan 2024 14:15:37 GMT; path=/
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
Pragma: no-cache, no-cache
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
Content-Encoding: gzip
fitgirl-repacks.theunblock.net/old-world/
104.21.23.213200 OK 0 B URL HTTP/1.1 fitgirl-repacks.theunblock.net/old-world/
IP 104.21.23.213:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
HEAD /old-world/ HTTP/1.1
Host: fitgirl-repacks.theunblock.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fitgirl-repacks.theunblock.net/old-world/
Cookie: view=1; PHPSESSID=hrr2ktf2ecb5d1vdtvtn28fd5m
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 14:15:37 GMT
Connection: keep-alive
Set-Cookie: view=1; expires=Mon, 23-Jan-2023 14:15:37 GMT; Max-Age=86400
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Access-Control-Allow-Origin: *
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0e7SU6dFxjQAjZ8F7nI5CWjLeNQfGSd%2BYBFzrN2rOEcbY8C802KibvZJD%2FiN9nH%2FLe4etofIZ2ANFswliDaheMxbj7L0DNxmBoWMw8YskHtIv1GC%2FZq6TEr7%2BHkLYAqtspGQdaOtvV2pgVnlp78WJmM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 78d8e7189c44b4fa-OSL
alt-svc: h2=":443"; ma=60
thaudray.com/tag.min.js
139.45.197.237200 OK 25 kB IP 139.45.197.237:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 8efd6d7c5fc225b8e3fc302aaad993c3
05e3cf51d5a6b54bcde5c7152fa3f025d9268dcf
e338909041dba9912c4c3197b4b71447f99441bf890e9f685dd086513823ffe2
Analyzer Verdict Alert fortinet Malware
GET /tag.min.js HTTP/1.1
Host: thaudray.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fitgirl-repacks.theunblock.net/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 22 Jan 2023 14:15:37 GMT
Content-Type: text/javascript; charset=utf-8
Content-Length: 25301
Connection: keep-alive
Content-Encoding: gzip
X-Trace-Id: ba47add9bcaf216f5616f3d4390af1d3
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0
Accept-Ranges: bytes
Last-Modified: Tue, 17 Jan 2023 16:40:49 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Access-Control-Max-Age: 86400
Pragma: no-cache
Expires: Tue, 11 Jan 1994 10:00:00 GMT
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Timing-Allow-Origin: *, *
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash a8e6f157fd0ee89e42425a42b41a56b8
79e06666b07d926fed4cda7ee026f65dabbef491
cc71872eca6011b9bd4202ab8d970829a11a7f207507a2f6228b1599086dd69d
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=89540
Date: Sun, 22 Jan 2023 14:15:37 GMT
Etag: "63cbe91a-1d7"
Expires: Mon, 23 Jan 2023 15:07:57 GMT
Last-Modified: Sat, 21 Jan 2023 13:31:06 GMT
Server: ECS (nyb/1D0A)
X-Cache: Miss from cloudfront
Via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: UYcGno6Y_0i_slavxwwriSroJBX-PAdHoW3SSIibDYT8LKilSPqDSQ==
Age: 5811
rndskittytor.com/400/4837723
139.45.197.238200 OK 32 kB URL HTTP/1.1 rndskittytor.com/400/4837723
IP 139.45.197.238:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash f1f20bfbab39f7022d50bc84806305ff
4102c2f750fe01b04a319316d21d4cc6d0941842
7fcff773e749bb3206c06869420e546ff56f58a199c4f1cd8eee3546fef1fa27
Analyzer Verdict Alert quad9 Sinkholed
GET /400/4837723 HTTP/1.1
Host: rndskittytor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fitgirl-repacks.theunblock.net/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 22 Jan 2023 14:15:37 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: 06981e8546f77311af1e131aeb7a4a66
Expires: Tue, 11 Jan 1994 10:00:00 GMT
Cache-Control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Pragma: no-cache
Vary: Origin
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Link
Access-Control-Allow-Credentials: true
Set-Cookie: OAID=3967c03e03bb4db9bb3fe1b741e81932; expires=Mon, 22 Jan 2024 14:15:37 GMT; path=/; secure; SameSite=None
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Timing-Allow-Origin: *, *
Content-Encoding: gzip
simplewebanalysis.com/stats
35.156.167.37200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 35.156.167.37:0
File type ASCII text, with no line terminators
Hash e0ecba6690d87ab03d93f6a0b0ce937f
4f7e4b56d74cfde824fb77eb3820b357b4297e73
8a4596db9d4ad4324a093c53e8649079d8a6fcd8689ffaf0cafce24abe9cb209
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://fitgirl-repacks.theunblock.net
Connection: keep-alive
Referer: http://fitgirl-repacks.theunblock.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 22 Jan 2023 14:15:37 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: http://fitgirl-repacks.theunblock.net
access-control-allow-credentials: true
set-cookie: uid_id2=16259d6d-b64d-46f2-bca6-bc91ff88036d:2:1; expires=Wed, 19 Jan 2033 14:15:37 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.35200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 19 Jan 2023 21:48:03 GMT
expires: Fri, 19 Jan 2024 21:48:03 GMT
cache-control: public, max-age=31536000
age: 232054
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
142.250.74.35200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 19 Jan 2023 16:40:43 GMT
expires: Fri, 19 Jan 2024 16:40:43 GMT
cache-control: public, max-age=31536000
age: 250494
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
benumelan.com/5/2632704
139.45.197.239200 OK 24 kB IP 139.45.197.239:0
File type ASCII text, with very long lines (64431), with no line terminators
Hash 35440e60e0c6603c6b6b01c3139e0dd4
6107b1e7b39df0a2ae332209cc0dda2ae781f47a
0f83000ed248cbd4fae2fcfa46958bd75ae3995ba0b08b2360bda6717abe86a5
Analyzer Verdict Alert quad9 Sinkholed
GET /5/2632704 HTTP/1.1
Host: benumelan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fitgirl-repacks.theunblock.net/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 22 Jan 2023 14:15:37 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: c8f3642500c0b253c5d08fcd7e8f065c
Link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Access-Control-Max-Age: 86400
Timing-Allow-Origin: *
Set-Cookie: OAID=c5ee55c272064631ba74bb5cfc0fb870; expires=Mon, 22 Jan 2024 14:15:37 GMT; path=/
oaidts=1674396937; expires=Mon, 22 Jan 2024 14:15:37 GMT; path=/
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
Pragma: no-cache, no-cache
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
Content-Encoding: gzip
overzubatan.com/5/2632704
139.45.197.239200 OK 24 kB URL HTTP/1.1 overzubatan.com/5/2632704
IP 139.45.197.239:0
File type ASCII text, with very long lines (64435), with no line terminators
Hash 6ca359f96cf6a1b0c3b7162523d78fbd
530cdf800fafbfa89fbbc3dacf1f83ce2ec5d78c
b8d2c3d5ce4c98d3754537002d3ea5672befbb001f40c55ff4da9497b7608edf
Analyzer Verdict Alert quad9 Sinkholed
GET /5/2632704 HTTP/1.1
Host: overzubatan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fitgirl-repacks.theunblock.net/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 22 Jan 2023 14:15:37 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: 82f68c07d3fb2a9eb1606072e897458b
Link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Access-Control-Max-Age: 86400
Timing-Allow-Origin: *
Set-Cookie: OAID=bb41af45f6d74ece959deb39adc168df; expires=Mon, 22 Jan 2024 14:15:37 GMT; path=/
oaidts=1674396937; expires=Mon, 22 Jan 2024 14:15:37 GMT; path=/
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
Pragma: no-cache, no-cache
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
Content-Encoding: gzip
friendshipmale.com/sfp.js
172.64.202.23200 OK 28 kB URL HTTP/1.1 friendshipmale.com/sfp.js
IP 172.64.202.23:0
File type Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Hash b1fa950e77a7db5425f9a5257af02e9c
2d5580451f34ad96218f8b97edf9708f9ee1be87
d999c4320df27dc4a1d3de5aec22bb3ef201560b47a7eff3f28f4133c1997a14
Analyzer Verdict Alert fortinet Malware
GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fitgirl-repacks.theunblock.net/
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 14:15:37 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: max-age=14400
X-Request-ID: e622205cdc254f6bf6f66356ce9293c3
Strict-Transport-Security: max-age=0; includeSubdomains
CF-Cache-Status: EXPIRED
Last-Modified: Sun, 22 Jan 2023 14:15:36 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GcVZEpaJb4SLAvWvF4XnAIxV5s%2FZYppNsKmdroqpgeJFZAn%2F9U2u2Nq%2BrtK8f7m%2BhIaEdlMo6ITn1nJB88G7gaPq8siA4uj4nZDXS8kQS7RcB2sWXsljWUzzQJhORROwTomb7n4%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78d8e7186c8376c6-LHR
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
fitgirl-repacks.theunblock.net/wp-content/plugins/jetpack/modules/theme-tools/compat/twentyfourteen.css?ver=11.2
104.21.23.213200 OK 2.2 kB URL HTTP/2 fitgirl-repacks.theunblock.net/wp-content/plugins/jetpack/modules/theme-tools/compat/twentyfourteen.css?ver=11.2
IP 104.21.23.213:0
Hash 62d453c01601841f4ef2b2b5c2410dc8
a0fd37d64b32e5cef6cc606832ae41ad225e8c6d
c7e426ccba8d549d97e745d886bb0bc41d210f632a8e8b5d664772e1738cf110
GET /wp-content/plugins/jetpack/modules/theme-tools/compat/twentyfourteen.css?ver=11.2 HTTP/1.1
Host: fitgirl-repacks.theunblock.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fitgirl-repacks.theunblock.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 22 Jan 2023 14:15:35 GMT
content-type: text/css;charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
access-control-allow-origin: *
cf-cache-status: BYPASS
set-cookie: view=1; expires=Mon, 23-Jan-2023 14:15:35 GMT; Max-Age=86400
PHPSESSID=6r32e0s6ofph5t4jmqc85b5ua9; path=/
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vpL4MFXK4Nrx62BGZQM1pnmi%2Bw4SBRXiI6bWOv%2FvCd57hyIb8WJyR5tietCSLwdmB1pFHFrNCwGNj2jRJMOrSI3l%2FedQhWH5lWG75Vbgm%2FYxiNBuZeOJaXhDPqntCNHqv5Jp0rKO%2BBeLAVCmMCYqmGM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78d8e710eba5b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash a618971ebc90b5698ddbabc4637e3345
f920b73a7c9b57d77194ba8ba406664d8469b6b6
f7c66c647552a10c53d758e1eedd450226c969b0001a25a616773d57f10e16bf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F7C66C647552A10C53D758E1EEDD450226C969B0001A25A616773D57F10E16BF"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8552
Expires: Sun, 22 Jan 2023 16:38:09 GMT
Date: Sun, 22 Jan 2023 14:15:37 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 3.1 kB IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 672f58fffd77d7dc369274b11c2a863a
27a555118e67de7f8fa25a31e0df47fb76a4c14f
8d956f16dd80a62aa8488538781cd113592b9db36fc9302548641ab19ebed9cc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F7C66C647552A10C53D758E1EEDD450226C969B0001A25A616773D57F10E16BF"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8552
Expires: Sun, 22 Jan 2023 16:38:09 GMT
Date: Sun, 22 Jan 2023 14:15:37 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F78e98c30-5996-4c9f-8207-16807fdf9242.jpeg
34.120.237.76200 OK 5.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F78e98c30-5996-4c9f-8207-16807fdf9242.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 278120411564827c9e80134f4f0e2291
bf87f6e184830ee496e8d1aa5ccd9f2b273e7a64
51de0be8e47289d12f8a7fe670afcffe36597846dd3674f87e465d9489c984ce
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F78e98c30-5996-4c9f-8207-16807fdf9242.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5822
x-amzn-requestid: 71e2ad62-a46a-46a7-b00d-d9b67c891b71
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fHN6fGg3oAMFQSg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cc5d0f-2b990007732b97603562fcfe;Sampled=0
x-amzn-remapped-date: Sat, 21 Jan 2023 21:45:51 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: _cmzhQLruXYV_qt5LAimGCJgwhTAn_BHkFKufBGCfjMqhbrB4rEaRw==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 21 Jan 2023 22:00:41 GMT
age: 58496
etag: "bf87f6e184830ee496e8d1aa5ccd9f2b273e7a64"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffa8dd86d-d1f8-4246-a33c-c80dbc2c2538.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffa8dd86d-d1f8-4246-a33c-c80dbc2c2538.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b429642344aabb638e3acbd63463fe8d
f9ea147291359b0fb6e7a78983643949665003d7
acda68bb2566774c9b279e048b62aaaa5a27b87e783048d6765e598ac2c584fd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffa8dd86d-d1f8-4246-a33c-c80dbc2c2538.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12743
x-amzn-requestid: 6c542779-10fa-4bbd-9294-3127a104de12
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fHNkBEa3IAMF6-w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cc5c7f-4d5a606011cb84fd14d7b175;Sampled=0
x-amzn-remapped-date: Sat, 21 Jan 2023 21:43:27 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: NLwQoDRTYi8Ol0cDp3gaJpQ7-0kq6ITtm9lzj1qFrKe2oGOK7YWMzg==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 21 Jan 2023 21:51:56 GMT
age: 59021
etag: "f9ea147291359b0fb6e7a78983643949665003d7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
benumelan.com/1?z=3372123
139.45.197.239200 OK 9.6 kB URL HTTP/2 benumelan.com/1?z=3372123
IP 139.45.197.239:0
Hash ac01b9bee28f69cf4bf6694de0af8af5
a5a253685aa7c18084e480cd451e64f60eb65c1d
75125db2a047b30dc7480b6d073b53e5db9c337d4e91c59abbb85306e77fec3f
Analyzer Verdict Alert quad9 Sinkholed
GET /1?z=3372123 HTTP/1.1
Host: benumelan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fitgirl-repacks.theunblock.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 22 Jan 2023 14:15:36 GMT
content-type: text/javascript
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: 45209a6b2df2bf3ec85bcb1e655d1548
access-control-expose-headers: X-Sc
x-sc: LB6DWdMMCpFr8Bs8yH58LJ5Vsm586iEVuibcNC-iwo0RyZohZ1Wh_AhXh0f_1vvCLD0UYnS9P4-cY6eB7BKrT9_alZw=
set-cookie: scm=1; expires=Mon, 22 Jan 2024 14:15:36 GMT; secure; SameSite=None
OAID=a1ebc6874496458b99cc320ab53fb384; expires=Mon, 22 Jan 2024 14:15:36 GMT; secure; SameSite=None
oaidts=1674396936; expires=Mon, 22 Jan 2024 14:15:36 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
benumelan.com/27/8862a520384edb88c0ba1902bb6160b9
139.45.197.239200 OK 137 kB URL HTTP/2 benumelan.com/27/8862a520384edb88c0ba1902bb6160b9
IP 139.45.197.239:0
Size 137 kB (137040 bytes)
Hash 2098bbad58dd322ab0417e94948dde5e
04ce9fc3d06cf5b7a7742d1e889829ab5b44e33b
1c3c1b89fe96039b44b298d92ae0768aa3b67e634e6aa2561a0da8e80886af20
Analyzer Verdict Alert quad9 Sinkholed
GET /27/8862a520384edb88c0ba1902bb6160b9 HTTP/1.1
Host: benumelan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fitgirl-repacks.theunblock.net/
Cookie: scm=1; OAID=a1ebc6874496458b99cc320ab53fb384; oaidts=1674396936
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 22 Jan 2023 14:15:37 GMT
content-type: application/javascript
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
cache-control: max-age:290304000, public
last-modified: Thu, 19 Jan 2023 06:40:19 GMT
expires: Thu, 18 Feb 2083 06:40:19 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd68d33e7-2d1d-4f9d-9544-28746d9156e6.jpeg
34.120.237.76200 OK 8.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd68d33e7-2d1d-4f9d-9544-28746d9156e6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4e71636bb9a13ad7d52d253e16cd6a3f
401dd58e34982d3434739b9a2f7182487ea1cac5
1ac336df72b6eb569983e197f094378a26a175113249bedca0610cabd57e2e54
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd68d33e7-2d1d-4f9d-9544-28746d9156e6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8057
x-amzn-requestid: 5469b005-6740-4f3d-80ca-a45fd39cae68
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fHNkCFiZoAMF8oQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cc5c80-210da08f113a3273257b7d61;Sampled=0
x-amzn-remapped-date: Sat, 21 Jan 2023 21:43:28 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: bvxndyaEjWVBvL2nJxC78dz74Pd-mf2NwURh-C-y548P9KfPZiWaZQ==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Sat, 21 Jan 2023 21:54:17 GMT
age: 58880
etag: "401dd58e34982d3434739b9a2f7182487ea1cac5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F831c16ae-85e5-4da2-b22e-f840afcd3678.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F831c16ae-85e5-4da2-b22e-f840afcd3678.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5a7ab95a69ddfa5014258076e66a6e19
1a54cca86788536002d6d18c5180ccf265ba1169
09348afd6055b26b5dba6f8f6ef763d52e6e040c039c6f763d64f71b8ca08d51
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F831c16ae-85e5-4da2-b22e-f840afcd3678.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10988
x-amzn-requestid: 67c03c6c-3896-4890-a75b-ecd7c1c1a4e9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e3foHG8tIAMF3XQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c61300-2de17e5b0225f9427c197bc5;Sampled=0
x-amzn-remapped-date: Tue, 17 Jan 2023 03:16:16 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tYwSI7_1wwDixmup43f8j54sJ541GjyzB2rboENRXfSpuwPKImlNjA==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Sun, 22 Jan 2023 01:38:03 GMT
age: 45454
etag: "1a54cca86788536002d6d18c5180ccf265ba1169"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
betotodilea.com/400/4495524
139.45.197.237200 OK 31 kB URL HTTP/1.1 betotodilea.com/400/4495524
IP 139.45.197.237:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash d144270c4b12d5c1f9b39ca854a45051
2420738bf5bb24dd034d0eac1a47f362ee814442
3c3918a0f79a87b465a590ea54090bf9c50a9d95c4d6fdc3d35fa42ea98dcc04
Analyzer Verdict Alert quad9 Sinkholed
GET /400/4495524 HTTP/1.1
Host: betotodilea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fitgirl-repacks.theunblock.net/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 22 Jan 2023 14:15:37 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: 6aabee1e65373e43f860d0a663a1af7d
Expires: Tue, 11 Jan 1994 10:00:00 GMT
Cache-Control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Pragma: no-cache
Vary: Origin
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Link
Access-Control-Allow-Credentials: true
Set-Cookie: OAID=b73e625023974c8686177dd9ee315764; expires=Mon, 22 Jan 2024 14:15:37 GMT; path=/; secure; SameSite=None
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Timing-Allow-Origin: *, *
Content-Encoding: gzip
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash c65560284a12fda8f5cd0971dbc75bc2
dcdf5d74941ce0eaa10088b5ca8b259f8c44c80d
19589c82290dd38f3660bdcc948ca2ecda6f3188c959b049218ee0076fea52fc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "19589C82290DD38F3660BDCC948CA2ECDA6F3188C959B049218EE0076FEA52FC"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7572
Expires: Sun, 22 Jan 2023 16:21:49 GMT
Date: Sun, 22 Jan 2023 14:15:37 GMT
Connection: keep-alive
glimtors.net/pfe/current/universal.min.js?v=3.1.411
139.45.197.251304 Not Modified 0 B URL HTTP/2 glimtors.net/pfe/current/universal.min.js?v=3.1.411
IP 139.45.197.251:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pfe/current/universal.min.js?v=3.1.411 HTTP/1.1
Host: glimtors.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://fitgirl-repacks.theunblock.net/
Origin: http://fitgirl-repacks.theunblock.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Wed, 21 Dec 2022 12:58:18 GMT
If-None-Match: W/"63a302ea-18c6c"
TE: trailers
HTTP/2 304 Not Modified
server: nginx
date: Sun, 22 Jan 2023 14:15:37 GMT
last-modified: Wed, 21 Dec 2022 12:58:18 GMT
etag: "63a302ea-18c6c"
access-control-allow-origin: http://fitgirl-repacks.theunblock.net
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
X-Firefox-Spdy: h2
my.rtmark.net/gid.js?userId=4ccd948d81024406b973b7bc8e547770
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?userId=4ccd948d81024406b973b7bc8e547770
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash 0d959d4623811bae330c0e6d47fa8928
2b23bfdaba4318e93f9bc5f51050b1cccac2567c
f5187eac8aa643748992d3604ef9ad629380449a1913488b3364e98cfb6a4aa1
GET /gid.js?userId=4ccd948d81024406b973b7bc8e547770 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://fitgirl-repacks.theunblock.net
Connection: keep-alive
Referer: http://fitgirl-repacks.theunblock.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 22 Jan 2023 14:15:37 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: http://fitgirl-repacks.theunblock.net
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=4ccd948d81024406b973b7bc8e547770; expires=Mon, 22 Jan 2024 14:15:37 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
glimtors.net/zone?pub=0&zone_id=2651991&is_mobile=false&domain=fitgirl-repacks.theunblock.net&var=&ymid=&var_3=
139.45.197.251200 OK 705 B URL HTTP/2 glimtors.net/zone?pub=0&zone_id=2651991&is_mobile=false&domain=fitgirl-repacks.theunblock.net&var=&ymid=&var_3=
IP 139.45.197.251:0
File type JSON data\012- , ASCII text, with very long lines (704)
Hash fe3e4db36ad933c90ac425e5a6ac64fe
4b9ab4375cc192f32b98c2788105c97b3fdf8cb9
e962fd8c0ed953b271738422fdea4e338405651c40c5dee6860d802d132509b4
GET /zone?pub=0&zone_id=2651991&is_mobile=false&domain=fitgirl-repacks.theunblock.net&var=&ymid=&var_3= HTTP/1.1
Host: glimtors.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://fitgirl-repacks.theunblock.net/
Origin: http://fitgirl-repacks.theunblock.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 22 Jan 2023 14:15:37 GMT
content-type: application/json; charset=utf-8
content-length: 705
x-trace-id: 42fe4e91ca6deb619289b8374737b3af
access-control-allow-origin: http://fitgirl-repacks.theunblock.net
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 536d764a9cdc6c59c8460e9dbbb686eb
8f8ad4e1955df7aa2484217ff18ec84a57422877
aea7c380c0fdb704879212127985a60712ffaf67895cc1fb7ba8be6dc103b656
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AEA7C380C0FDB704879212127985A60712FFAF67895CC1FB7BA8BE6DC103B656"
Last-Modified: Sat, 21 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15484
Expires: Sun, 22 Jan 2023 18:33:41 GMT
Date: Sun, 22 Jan 2023 14:15:37 GMT
Connection: keep-alive
ocsp.pki.goog/s/gts1p5/x-QEV4IR2x0
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/x-QEV4IR2x0
IP 142.250.74.131:0
Hash f17ab4b08e86e6db7f33c6a5f00a4f25
1fc4a03b055e8b3a54f90dcad4a2b09895999f48
4471e05921743ea29bc5f5ae15c87f045564039b84b3f58fcafd0638f81a84ba
POST /s/gts1p5/x-QEV4IR2x0 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 14:15:37 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
betotodilea.com/400/4495524
139.45.197.237200 OK 31 kB URL HTTP/1.1 betotodilea.com/400/4495524
IP 139.45.197.237:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 7bf305f0130798a44969b7ab9bcb6006
0d889f9782713e77b34b62412c2efdd7ad566e3c
2ca6d4030935d92cbf359ad1a92884bb49a5507140f05182885816732700d893
Analyzer Verdict Alert quad9 Sinkholed
GET /400/4495524 HTTP/1.1
Host: betotodilea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fitgirl-repacks.theunblock.net/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 22 Jan 2023 14:15:37 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: 1b83500bbf5313aef69fea7658c53a25
Expires: Tue, 11 Jan 1994 10:00:00 GMT
Cache-Control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Pragma: no-cache
Vary: Origin
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Link
Access-Control-Allow-Credentials: true
Set-Cookie: OAID=5359111de475465987c36103d3bfbf43; expires=Mon, 22 Jan 2024 14:15:37 GMT; path=/; secure; SameSite=None
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Timing-Allow-Origin: *, *
Content-Encoding: gzip
ocsp.pki.goog/s/gts1p5/x-QEV4IR2x0
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/x-QEV4IR2x0
IP 142.250.74.131:0
Hash f17ab4b08e86e6db7f33c6a5f00a4f25
1fc4a03b055e8b3a54f90dcad4a2b09895999f48
4471e05921743ea29bc5f5ae15c87f045564039b84b3f58fcafd0638f81a84ba
POST /s/gts1p5/x-QEV4IR2x0 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 14:15:37 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.globalsign.com/gseccovsslca2018
104.18.20.226200 OK 938 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.20.226:0
Hash 656e4c33470c7826d047ef55c19cce87
49d5e019eee169d5a6958fdcbed73e1f42d9da2e
62d5ea0f6afdead269903abbeb6e11c5249776124210d0acf07bba8a696204c1
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 14:15:38 GMT
Content-Type: application/ocsp-response
Content-Length: 938
Connection: keep-alive
Expires: Thu, 26 Jan 2023 12:34:01 GMT
ETag: "49d5e019eee169d5a6958fdcbed73e1f42d9da2e"
Last-Modified: Sun, 22 Jan 2023 12:34:02 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1587
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78d8e71f0a1fb4ed-OSL
my.rtmark.net/gid.js?pub=0&userId=daa503fd8c274ed6b3d1146624e23ce8&zoneId=2651991&checkDuplicate=true&ymid=&var=
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?pub=0&userId=daa503fd8c274ed6b3d1146624e23ce8&zoneId=2651991&checkDuplicate=true&ymid=&var=
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash 0d959d4623811bae330c0e6d47fa8928
2b23bfdaba4318e93f9bc5f51050b1cccac2567c
f5187eac8aa643748992d3604ef9ad629380449a1913488b3364e98cfb6a4aa1
GET /gid.js?pub=0&userId=daa503fd8c274ed6b3d1146624e23ce8&zoneId=2651991&checkDuplicate=true&ymid=&var= HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://fitgirl-repacks.theunblock.net/
Origin: http://fitgirl-repacks.theunblock.net
Connection: keep-alive
Cookie: ID=4ccd948d81024406b973b7bc8e547770
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 22 Jan 2023 14:15:38 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: http://fitgirl-repacks.theunblock.net
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=4ccd948d81024406b973b7bc8e547770; expires=Mon, 22 Jan 2024 14:15:38 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
glimtors.net/custom
139.45.197.251200 OK 0 B IP 139.45.197.251:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /custom HTTP/1.1
Host: glimtors.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: http://fitgirl-repacks.theunblock.net/
Origin: http://fitgirl-repacks.theunblock.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 22 Jan 2023 14:15:38 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: http://fitgirl-repacks.theunblock.net
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
betotodilea.com/400/4495524
139.45.197.237200 OK 31 kB URL HTTP/1.1 betotodilea.com/400/4495524
IP 139.45.197.237:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 0b2361e7e6a49bc554debb60f94f0cd0
2e0bdb5e58011f19325390c488df864114129124
66786dc371a0129c3883f3401058ca35df1a85da5723df71c860966127eb97ba
Analyzer Verdict Alert quad9 Sinkholed
GET /400/4495524 HTTP/1.1
Host: betotodilea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fitgirl-repacks.theunblock.net/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 22 Jan 2023 14:15:38 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: 17e4afb202f633ce7b347f6beae54208
Expires: Tue, 11 Jan 1994 10:00:00 GMT
Cache-Control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Pragma: no-cache
Vary: Origin
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Link
Access-Control-Allow-Credentials: true
Set-Cookie: OAID=e33fc715387341ef8014a26fb0dcb34c; expires=Mon, 22 Jan 2024 14:15:38 GMT; path=/; secure; SameSite=None
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Timing-Allow-Origin: *, *
Content-Encoding: gzip
glimtors.net/custom
139.45.197.251200 OK 39 B IP 139.45.197.251:0
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: glimtors.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://fitgirl-repacks.theunblock.net/
Content-Type: application/json
Origin: http://fitgirl-repacks.theunblock.net
Content-Length: 406
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 22 Jan 2023 14:15:38 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: b445cca31b1f274786e6891ab1115c03
access-control-allow-origin: http://fitgirl-repacks.theunblock.net
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
mc.yandex.ru/metrika/tag.js
87.250.250.119200 OK 74 kB URL HTTP/2 mc.yandex.ru/metrika/tag.js
IP 87.250.250.119:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (659)
Hash a236c7014c1f1a1e52d356f59e5d665a
b66c638eb2346287364c37725819bbab1f409d66
ad2d57579e453af0eac49156840bcd1dcfbd802a82135af98f41f714d7e698f2
GET /metrika/tag.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fitgirl-repacks.theunblock.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 73769
date: Sun, 22 Jan 2023 14:15:38 GMT
access-control-allow-origin: *
etag: "63c93a4b-12029"
expires: Sun, 22 Jan 2023 15:15:38 GMT
last-modified: Thu, 19 Jan 2023 15:40:43 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: max-age=3600
content-type: application/javascript
content-encoding: br
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 39575bd6b9eabe88a5ed9d6e0d145b2d
f8cde48ad15b435045f6b617579191bba9f22ca8
1802b3fbb74dfcd57331256214cd79e91d811893e45eb00bf4341ab529bc7370
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 14:15:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.doubleclick.net/instream/ad_status.js
142.250.74.102200 OK 29 B URL HTTP/2 static.doubleclick.net/instream/ad_status.js
IP 142.250.74.102:0
Hash 1fa71744db23d0f8df9cce6719defcb7
e4be9b7136697942a036f97cf26ebaf703ad2067
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
GET /instream/ad_status.js HTTP/1.1
Host: static.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 29
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 22 Jan 2023 14:02:34 GMT
expires: Sun, 22 Jan 2023 14:17:34 GMT
cache-control: public, max-age=900
age: 784
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 39575bd6b9eabe88a5ed9d6e0d145b2d
f8cde48ad15b435045f6b617579191bba9f22ca8
1802b3fbb74dfcd57331256214cd79e91d811893e45eb00bf4341ab529bc7370
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 14:15:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
matomo.hellohi.me/matomo.js
104.21.94.42200 OK 22 kB URL HTTP/2 matomo.hellohi.me/matomo.js
IP 104.21.94.42:0
File type ASCII text, with very long lines (1601)
Hash aafdc57eb9e930f0e02bdb6eafab4eb3
ea31c3c0b954473a6d1c947d3258c312caa799aa
896ec098ffc86afc4c54977d63c3e26ed12a4d3272f5f3dbde186289b1a902b4
GET /matomo.js HTTP/1.1
Host: matomo.hellohi.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://fitgirl-repacks.theunblock.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 22 Jan 2023 14:15:37 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Wed, 18 Jan 2023 10:58:41 GMT
etag: W/"63c7d0e1-10132"
expires: Sun, 22 Jan 2023 14:53:20 GMT
cache-control: public, max-age=14400
pragma: public
cf-cache-status: HIT
age: 1337
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fv5rZAVh9H4DQqfVCscpbjLH0wxfXv9mMn%2F58KxBqWd%2Fe2b%2BnTT3VFUA3RQXK35r%2F1N%2FWN95kS%2FuZdO97TzFGihpq%2FaBNc8OW11cq9q%2BNA2Ci7rX%2BLkSOMOVrev6kIq3JJ%2FLCw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78d8e71e0fc7b529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5074bfa38808c4a0f18b00a601cfef53
ffc0c526e49251605b2c95d0d1d595f9c702cd9a
6262e4155e8fbf18388f2f38c8e65cb87db94dae66d1dbbd329b4973d8b243df
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 14:15:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/id
142.250.74.2302 Found 0 B URL HTTP/2 googleads.g.doubleclick.net/pagead/id
IP 142.250.74.2:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/id HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
date: Sun, 22 Jan 2023 14:15:38 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/id
142.250.74.2302 Found 6.9 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/id
IP 142.250.74.2:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 192x192, components 3\012- data
Hash 11a1f6e4ec6e64709ce253c2cfd39713
ce6f2127abbfc3f6bba91e0b2e70bc186eef9400
9c3b9f45b1c61888566dfcd113a390d82b6c0e0b25c1d33973198beb434ed0c7
GET /pagead/id HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
date: Sun, 22 Jan 2023 14:15:38 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 39575bd6b9eabe88a5ed9d6e0d145b2d
f8cde48ad15b435045f6b617579191bba9f22ca8
1802b3fbb74dfcd57331256214cd79e91d811893e45eb00bf4341ab529bc7370
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 14:15:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5074bfa38808c4a0f18b00a601cfef53
ffc0c526e49251605b2c95d0d1d595f9c702cd9a
6262e4155e8fbf18388f2f38c8e65cb87db94dae66d1dbbd329b4973d8b243df
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 14:15:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
matomo.hellohi.me/matomo.php?action_name=Old%20World%3A%20Complete%20-%20v.1.0.64528%20%2B%20Heroes%20of%20the%20Aegean%20DLC%20-%20FitGirl%20Repacks&idsite=1&rec=1&r=120660&h=14&m=15&s=37&url=http%3A%2F%2Ffitgirl-repacks.theunblock.net%2Fold-world%2F&_id=9f74839dbd73797d&_idn=1&send_image=0&_refts=0&cookie=1&res=1280x1024&pv_id=2Smsat&pf_net=0&pf_srv=134&pf_tfr=92&pf_dm1=1802&uadata=%7B%7D
104.21.94.42301 Moved Permanently 169 B URL HTTP/1.1 matomo.hellohi.me/matomo.php?action_name=Old%20World%3A%20Complete%20-%20v.1.0.64528%20%2B%20Heroes%20of%20the%20Aegean%20DLC%20-%20FitGirl%20Repacks&idsite=1&rec=1&r=120660&h=14&m=15&s=37&url=http%3A%2F%2Ffitgirl-repacks.theunblock.net%2Fold-world%2F&_id=9f74839dbd73797d&_idn=1&send_image=0&_refts=0&cookie=1&res=1280x1024&pv_id=2Smsat&pf_net=0&pf_srv=134&pf_tfr=92&pf_dm1=1802&uadata=%7B%7D
IP 104.21.94.42:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash f3099a531821c476589c3d2d00d53772
8e539d05a8355d6835a56f94b75f405c6e55f6f3
a5287e1cf9fe9dc106bd2172a5b175c7833427866b7819872b1b6fa34b66daef
POST /matomo.php?action_name=Old%20World%3A%20Complete%20-%20v.1.0.64528%20%2B%20Heroes%20of%20the%20Aegean%20DLC%20-%20FitGirl%20Repacks&idsite=1&rec=1&r=120660&h=14&m=15&s=37&url=http%3A%2F%2Ffitgirl-repacks.theunblock.net%2Fold-world%2F&_id=9f74839dbd73797d&_idn=1&send_image=0&_refts=0&cookie=1&res=1280x1024&pv_id=2Smsat&pf_net=0&pf_srv=134&pf_tfr=92&pf_dm1=1802&uadata=%7B%7D HTTP/1.1
Host: matomo.hellohi.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=utf-8
Content-Length: 0
Origin: http://fitgirl-repacks.theunblock.net
Connection: keep-alive
Referer: http://fitgirl-repacks.theunblock.net/
HTTP/1.1 301 Moved Permanently
Date: Sun, 22 Jan 2023 14:15:38 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://matomo.hellohi.me/matomo.php?action_name=Old%20World%3A%20Complete%20-%20v.1.0.64528%20%2B%20Heroes%20of%20the%20Aegean%20DLC%20-%20FitGirl%20Repacks&idsite=1&rec=1&r=120660&h=14&m=15&s=37&url=http%3A%2F%2Ffitgirl-repacks.theunblock.net%2Fold-world%2F&_id=9f74839dbd73797d&_idn=1&send_image=0&_refts=0&cookie=1&res=1280x1024&pv_id=2Smsat&pf_net=0&pf_srv=134&pf_tfr=92&pf_dm1=1802&uadata=%7B%7D
Referrer-Policy: origin
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rmtN2d8M2uQCg8GLCEtuHCjEG1dtt8X4B4fKICsNSW4%2FmBjxjgyIW8dKV%2FU4wUNdhZp56tW8PcCQQRVY0PgWmct0olJbtI4neTm8EF%2F%2BZ2kZOwOEiSthqTFmNqn%2FJbQ8ln28%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 78d8e721ce49fabc-OSL
alt-svc: h2=":443"; ma=60
benumelan.com/9?z=3372123&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=http%3A%2F%2Ffitgirl-repacks.theunblock.net%2Fold-world%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&sah=1002&drf=&hil=1&ist=0&oaid=u0ik261664xc873674984g0e1qips858
139.45.197.239204 No Content 0 B URL HTTP/2 benumelan.com/9?z=3372123&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=http%3A%2F%2Ffitgirl-repacks.theunblock.net%2Fold-world%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&sah=1002&drf=&hil=1&ist=0&oaid=u0ik261664xc873674984g0e1qips858
IP 139.45.197.239:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
OPTIONS /9?z=3372123&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=http%3A%2F%2Ffitgirl-repacks.theunblock.net%2Fold-world%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&sah=1002&drf=&hil=1&ist=0&oaid=u0ik261664xc873674984g0e1qips858 HTTP/1.1
Host: benumelan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: http://fitgirl-repacks.theunblock.net/
Origin: http://fitgirl-repacks.theunblock.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Sun, 22 Jan 2023 14:15:38 GMT
access-control-allow-credentials: true
access-control-allow-origin: http://fitgirl-repacks.theunblock.net
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
my.rtmark.net/gid.js?userId=u0ik261664xc873674984g0e1qips858
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?userId=u0ik261664xc873674984g0e1qips858
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash 0d959d4623811bae330c0e6d47fa8928
2b23bfdaba4318e93f9bc5f51050b1cccac2567c
f5187eac8aa643748992d3604ef9ad629380449a1913488b3364e98cfb6a4aa1
GET /gid.js?userId=u0ik261664xc873674984g0e1qips858 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://fitgirl-repacks.theunblock.net
Connection: keep-alive
Referer: http://fitgirl-repacks.theunblock.net/
Cookie: ID=4ccd948d81024406b973b7bc8e547770
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 22 Jan 2023 14:15:38 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: http://fitgirl-repacks.theunblock.net
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=4ccd948d81024406b973b7bc8e547770; expires=Mon, 22 Jan 2024 14:15:38 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.170200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.170:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Sun, 22 Jan 2023 14:15:38 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash f4d171538addb3e350e03876c9c23d81
9874648e426c9a8b65ddcb1d3fc944b8464be9f5
e89b056e51c85f967d05f0cb23a2212d0f391838df414dda9f61e67a96dbefff
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 14:15:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.170200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.170:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash c2af3d24f43166f47f04f7c327565aac
693f6d4acd317b5f24e518d34b838f1ee20cd244
d11f73b10f9dde3569e8f72905f6719c4cfed0d26fe714f23f83c9c1f4ca2c7e
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sun, 22 Jan 2023 14:15:38 GMT
server: ESF
cache-control: private
content-length: 30730
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/js/th/x4UJj8gT6CtT5_PZSB2sMkWT7oT3ONYvYheI_Vl_kb0.js
142.250.74.164200 OK 14 kB URL HTTP/2 www.google.com/js/th/x4UJj8gT6CtT5_PZSB2sMkWT7oT3ONYvYheI_Vl_kb0.js
IP 142.250.74.164:0
File type ASCII text, with very long lines (36171)
Hash a13a76dd17af226d4a24bd16ef702377
c364171cd0f66eb4a1a8dde04e1e083154d81dbd
1dd3352cbdb7561b142954006a2bb94008486c22760c3d5ebb1b6fffeb325173
GET /js/th/x4UJj8gT6CtT5_PZSB2sMkWT7oT3ONYvYheI_Vl_kb0.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 14250
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 20 Jan 2023 18:38:28 GMT
expires: Sat, 20 Jan 2024 18:38:28 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 03 Jan 2023 15:00:00 GMT
content-type: text/javascript
age: 157030
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
35.156.167.37200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 35.156.167.37:0
File type ASCII text, with no line terminators
Hash e0ecba6690d87ab03d93f6a0b0ce937f
4f7e4b56d74cfde824fb77eb3820b357b4297e73
8a4596db9d4ad4324a093c53e8649079d8a6fcd8689ffaf0cafce24abe9cb209
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://fitgirl-repacks.theunblock.net
Connection: keep-alive
Referer: http://fitgirl-repacks.theunblock.net/
Cookie: uid_id2=16259d6d-b64d-46f2-bca6-bc91ff88036d:2:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 22 Jan 2023 14:15:38 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: http://fitgirl-repacks.theunblock.net
access-control-allow-credentials: true
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.170200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.170:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash f7eb4dc5d126ca65acf855c80430a2d1
2abcd780e98e9272b22254efdf62e2cf79391199
0356137d9b7da4cd993209786a4ad62fd08972c752f7c59e4be3e5a74a5d18e8
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sun, 22 Jan 2023 14:15:38 GMT
server: ESF
cache-control: private
content-length: 30753
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
glimtors.net/custom
139.45.197.251200 OK 39 B IP 139.45.197.251:0
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: glimtors.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://fitgirl-repacks.theunblock.net/
Content-Type: application/json
Origin: http://fitgirl-repacks.theunblock.net
Content-Length: 666
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 22 Jan 2023 14:15:38 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 98a992a4aeda427361fd38b9af697ed4
access-control-allow-origin: http://fitgirl-repacks.theunblock.net
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash da015b9617eb971181d9c4dd127122ba
71c66195564fa97ae91eeea42abf3bcf834f2ee1
6d40594224e810808c9181cde5055053db53ecb7615e533e6c45741708f3a406
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 14:15:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash da015b9617eb971181d9c4dd127122ba
71c66195564fa97ae91eeea42abf3bcf834f2ee1
6d40594224e810808c9181cde5055053db53ecb7615e533e6c45741708f3a406
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 14:15:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i.ytimg.com/vi_webp/72QAAOaYW2M/default.webp
216.58.207.214200 OK 3.3 kB URL HTTP/2 i.ytimg.com/vi_webp/72QAAOaYW2M/default.webp
IP 216.58.207.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 120x90, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 8ac61aee1d60d9a9562da9a3bd2dcefe
a5cf877897f5b5fbc6fc979ae4000f16d663794e
3b74c2eff89adb0d644cfa3979a76c1680f8ed258e33070af0d5a31371f7c3d3
GET /vi_webp/72QAAOaYW2M/default.webp HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 3292
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 22 Jan 2023 14:12:45 GMT
expires: Sun, 22 Jan 2023 16:12:45 GMT
cache-control: public, max-age=7200
etag: "1460204676"
content-type: image/webp
age: 174
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
i.ytimg.com/vi/IFzUTKsrbN8/default.jpg
216.58.207.214200 OK 3.0 kB URL HTTP/2 i.ytimg.com/vi/IFzUTKsrbN8/default.jpg
IP 216.58.207.214:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 120x90, components 3\012- data
Hash e9c6c409ef5e1a22855a4472d8e72aa6
e86cf9d559698243b073b8b8aedaeaefa147aa8e
602027a7f4d116a72115a6a938517df3af9c860027fd1cdc4424b9a72e76b3c9
GET /vi/IFzUTKsrbN8/default.jpg HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 3014
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 22 Jan 2023 13:10:26 GMT
expires: Sun, 22 Jan 2023 15:10:26 GMT
cache-control: public, max-age=7200
etag: "1404196803"
content-type: image/jpeg
age: 3913
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash da015b9617eb971181d9c4dd127122ba
71c66195564fa97ae91eeea42abf3bcf834f2ee1
6d40594224e810808c9181cde5055053db53ecb7615e533e6c45741708f3a406
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 14:15:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tzegilo.com/stattag.js
172.67.141.224200 OK 5.3 kB IP 172.67.141.224:0
File type ASCII text, with very long lines (13121), with no line terminators
Hash 69599ccb0b322c5919bb7f588a743ab6
aaf5551525223bc6cfa47bfdbb90368a8613aecc
bc58d50736374e380cf7c5650e52f608b40d9d494795403dd0e73af8241257a5
GET /stattag.js HTTP/1.1
Host: tzegilo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fitgirl-repacks.theunblock.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 22 Jan 2023 14:15:37 GMT
content-type: application/javascript
last-modified: Thu, 29 Dec 2022 16:01:28 GMT
etag: W/"63adb9d8-3341"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 2961
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fzRGILTKhZ1Yom%2Fl4xYRfhcVtcvuWSNksad4ggJeLNTQc5FBlDb8g4y7McRbJZZrY5a%2FCuSZjHjEKS4z1GOV3ffgMlM9G1QuRd86raM7%2B7v79GgfaHsJ9PHGFjIJgg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78d8e71d990ab509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 734914122d719ab9651f0bf7a4c1fe2f
6dab619cf1acaa1645caf9658fc31c1ee8530bec
9f81a0f9e79924cbbeb56efd122ad30c1e2097eac0d96ca27435027514c57241
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 14:15:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 734914122d719ab9651f0bf7a4c1fe2f
6dab619cf1acaa1645caf9658fc31c1ee8530bec
9f81a0f9e79924cbbeb56efd122ad30c1e2097eac0d96ca27435027514c57241
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 14:15:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
yt3.ggpht.com/ytc/AMLnZu_-4a4LY288fg84gf4c8ur5q09mTitaRO5LY6mqXQ=s68-c-k-c0x00ffffff-no-rj
142.250.74.161200 OK 1.6 kB URL HTTP/2 yt3.ggpht.com/ytc/AMLnZu_-4a4LY288fg84gf4c8ur5q09mTitaRO5LY6mqXQ=s68-c-k-c0x00ffffff-no-rj
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 68x68, components 3\012- data
Hash 3dc5bbb4c783a269afec7c1af0f8eeb9
0e867f902b64ad6ab94c9e4fb70149febfbfaff6
76fdc38f11f29922e30aad5011ad33b6abd46fe6abe9a1774f1f2552a66d68b0
GET /ytc/AMLnZu_-4a4LY288fg84gf4c8ur5q09mTitaRO5LY6mqXQ=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 1567
x-xss-protection: 0
date: Sun, 22 Jan 2023 11:08:56 GMT
expires: Sat, 21 Jan 2023 18:29:18 GMT
cache-control: public, max-age=86400, no-transform
age: 11203
etag: "v33f"
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
yt3.ggpht.com/ytc/AMLnZu_gPoxaG_K9GqFGxjBw_YkvK3jx_g7yIAzZVQ=s68-c-k-c0x00ffffff-no-rj
142.250.74.161200 OK 1.3 kB URL HTTP/2 yt3.ggpht.com/ytc/AMLnZu_gPoxaG_K9GqFGxjBw_YkvK3jx_g7yIAzZVQ=s68-c-k-c0x00ffffff-no-rj
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 68x68, components 3\012- data
Hash bacb2bcb7ba229d27cfb4e1bd1de24fc
7d7b78cf4e3630699d9f0371a351e136f3505e78
3850d74aa3f4c2667c2e35c28ae39f715d85badc6ca9f831f5eef438a2f371e0
GET /ytc/AMLnZu_gPoxaG_K9GqFGxjBw_YkvK3jx_g7yIAzZVQ=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 1256
x-xss-protection: 0
date: Sun, 22 Jan 2023 14:05:21 GMT
expires: Mon, 23 Jan 2023 14:05:21 GMT
cache-control: public, max-age=86400, no-transform
content-type: image/jpeg
age: 618
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
betotodilea.com/400/4495524
139.45.197.237200 OK 31 kB URL HTTP/1.1 betotodilea.com/400/4495524
IP 139.45.197.237:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 72ec6113fdc07b73d03765ce19736d74
51a6e3265a3da2870d6d73713f423acf3a797af0
4679db5fccafac7096481edea3892d24ace26a85adca3d593bf149471833d67e
Analyzer Verdict Alert quad9 Sinkholed
GET /400/4495524 HTTP/1.1
Host: betotodilea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fitgirl-repacks.theunblock.net/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 22 Jan 2023 14:15:39 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: 646a509968217b506126a990c3122f4d
Expires: Tue, 11 Jan 1994 10:00:00 GMT
Cache-Control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Pragma: no-cache
Vary: Origin
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Link
Access-Control-Allow-Credentials: true
Set-Cookie: OAID=26559d42c4dc4065b9964db36ac0d1fa; expires=Mon, 22 Jan 2024 14:15:39 GMT; path=/; secure; SameSite=None
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Timing-Allow-Origin: *, *
Content-Encoding: gzip
benumelan.com/11?rnd=1205842169&z=3372123&b=16380033&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=F2MGKKtr8JtfQCmV6bhqOsnZDFLaB7s9m6Gy11C2XK5ZlWtEi6tXOyHuyKEfrExtHfUHpn27i99Qk6D7aku3gG30OSedV62v-L1ZpxkZeo-UsAe9S3Hg9U7B8ZtIv_V6kWO1tbCkM7Ocyni9s4s19twoq2Pun7q0JZLQjyWwuHC1F2PszYOZcls-3xxp0SDmiLCXkTKs8AUunkqfH0ZjOyQ06618hLGMy1x6PFYI7jr34SyQNJiFVfUBY981mbWs1I5r6OHY4O9OKdZOymJhZgNOjrIAu_C3rg8uP_k479iNqDp1NbSWvm9L5-0FAejp8XKUUV28I9I105KRhCGNr1PoT3E-ioKTnVQ6JM8t5WYI20Tc7d7PT1oebYI0xAlbRUtcz5MLUweK6eMXG1rQCkBn8d03YCv4Pv96VWGgiyL_y-5zn8okrUdEpNdwyWy7jKVCVTBP-hSg2w5HmDHxrda82kL1btFEMAmUvIH2A0xxIqAxc_ZYEDzQqTi5_-R_5H-GO06UO4chAa_8nU0OP93KsceBOvq2rUMuzr2zEvjaoOG47lEg9KLYncsCBSnlap8fwXOxOFiAYz4zQgbD-djmClN8Hpp6&ruid=e35ea401-4d65-4223-83f6-fbba0e0a9f03&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=http%3A%2F%2Ffitgirl-repacks.theunblock.net%2Fold-world%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&sah=1002&drf=&hil=1&ist=0&ot=304
139.45.197.239200 OK 0 B URL HTTP/2 benumelan.com/11?rnd=1205842169&z=3372123&b=16380033&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=F2MGKKtr8JtfQCmV6bhqOsnZDFLaB7s9m6Gy11C2XK5ZlWtEi6tXOyHuyKEfrExtHfUHpn27i99Qk6D7aku3gG30OSedV62v-L1ZpxkZeo-UsAe9S3Hg9U7B8ZtIv_V6kWO1tbCkM7Ocyni9s4s19twoq2Pun7q0JZLQjyWwuHC1F2PszYOZcls-3xxp0SDmiLCXkTKs8AUunkqfH0ZjOyQ06618hLGMy1x6PFYI7jr34SyQNJiFVfUBY981mbWs1I5r6OHY4O9OKdZOymJhZgNOjrIAu_C3rg8uP_k479iNqDp1NbSWvm9L5-0FAejp8XKUUV28I9I105KRhCGNr1PoT3E-ioKTnVQ6JM8t5WYI20Tc7d7PT1oebYI0xAlbRUtcz5MLUweK6eMXG1rQCkBn8d03YCv4Pv96VWGgiyL_y-5zn8okrUdEpNdwyWy7jKVCVTBP-hSg2w5HmDHxrda82kL1btFEMAmUvIH2A0xxIqAxc_ZYEDzQqTi5_-R_5H-GO06UO4chAa_8nU0OP93KsceBOvq2rUMuzr2zEvjaoOG47lEg9KLYncsCBSnlap8fwXOxOFiAYz4zQgbD-djmClN8Hpp6&ruid=e35ea401-4d65-4223-83f6-fbba0e0a9f03&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=http%3A%2F%2Ffitgirl-repacks.theunblock.net%2Fold-world%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&sah=1002&drf=&hil=1&ist=0&ot=304
IP 139.45.197.239:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /11?rnd=1205842169&z=3372123&b=16380033&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=F2MGKKtr8JtfQCmV6bhqOsnZDFLaB7s9m6Gy11C2XK5ZlWtEi6tXOyHuyKEfrExtHfUHpn27i99Qk6D7aku3gG30OSedV62v-L1ZpxkZeo-UsAe9S3Hg9U7B8ZtIv_V6kWO1tbCkM7Ocyni9s4s19twoq2Pun7q0JZLQjyWwuHC1F2PszYOZcls-3xxp0SDmiLCXkTKs8AUunkqfH0ZjOyQ06618hLGMy1x6PFYI7jr34SyQNJiFVfUBY981mbWs1I5r6OHY4O9OKdZOymJhZgNOjrIAu_C3rg8uP_k479iNqDp1NbSWvm9L5-0FAejp8XKUUV28I9I105KRhCGNr1PoT3E-ioKTnVQ6JM8t5WYI20Tc7d7PT1oebYI0xAlbRUtcz5MLUweK6eMXG1rQCkBn8d03YCv4Pv96VWGgiyL_y-5zn8okrUdEpNdwyWy7jKVCVTBP-hSg2w5HmDHxrda82kL1btFEMAmUvIH2A0xxIqAxc_ZYEDzQqTi5_-R_5H-GO06UO4chAa_8nU0OP93KsceBOvq2rUMuzr2zEvjaoOG47lEg9KLYncsCBSnlap8fwXOxOFiAYz4zQgbD-djmClN8Hpp6&ruid=e35ea401-4d65-4223-83f6-fbba0e0a9f03&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=http%3A%2F%2Ffitgirl-repacks.theunblock.net%2Fold-world%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&sah=1002&drf=&hil=1&ist=0&ot=304 HTTP/1.1
Host: benumelan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://fitgirl-repacks.theunblock.net
Connection: keep-alive
Referer: http://fitgirl-repacks.theunblock.net/
Cookie: scm=1; OAID=u0ik261664xc873674984g0e1qips858; oaidts=1674396936
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 22 Jan 2023 14:15:39 GMT
content-type: image/jpeg
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: http://fitgirl-repacks.theunblock.net
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: 83d216befbd56ddbc09ff35880974c72
access-control-expose-headers: X-Sc
set-cookie: OAID=u0ik261664xc873674984g0e1qips858; expires=Mon, 22 Jan 2024 14:15:39 GMT; secure; SameSite=None
oaidts=1674396936; expires=Mon, 22 Jan 2024 14:15:39 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
my.rtmark.net/gid.js?userId=u0ik261664xc873674984g0e1qips858
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?userId=u0ik261664xc873674984g0e1qips858
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash 0d959d4623811bae330c0e6d47fa8928
2b23bfdaba4318e93f9bc5f51050b1cccac2567c
f5187eac8aa643748992d3604ef9ad629380449a1913488b3364e98cfb6a4aa1
GET /gid.js?userId=u0ik261664xc873674984g0e1qips858 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://fitgirl-repacks.theunblock.net
Connection: keep-alive
Referer: http://fitgirl-repacks.theunblock.net/
Cookie: ID=4ccd948d81024406b973b7bc8e547770
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 22 Jan 2023 14:15:39 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: http://fitgirl-repacks.theunblock.net
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=4ccd948d81024406b973b7bc8e547770; expires=Mon, 22 Jan 2024 14:15:39 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 734914122d719ab9651f0bf7a4c1fe2f
6dab619cf1acaa1645caf9658fc31c1ee8530bec
9f81a0f9e79924cbbeb56efd122ad30c1e2097eac0d96ca27435027514c57241
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 14:15:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
mc.yandex.ru/metrika/advert.gif
87.250.250.119200 OK 43 B URL HTTP/2 mc.yandex.ru/metrika/advert.gif
IP 87.250.250.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /metrika/advert.gif HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fitgirl-repacks.theunblock.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Sun, 22 Jan 2023 14:15:39 GMT
access-control-allow-origin: *
etag: "63c93a4b-2b"
expires: Sun, 22 Jan 2023 15:15:39 GMT
accept-ranges: bytes
last-modified: Thu, 19 Jan 2023 15:40:43 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: max-age=3600
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/57311164?wmode=7&page-url=http%3A%2F%2Ffitgirl-repacks.theunblock.net%2Fold-world%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A1437%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1046803294611%3Ahid%3A650562248%3Az%3A0%3Ai%3A20230122141537%3Aet%3A1674396937%3Ac%3A1%3Arn%3A200325964%3Arqn%3A1%3Au%3A1674396937154455138%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C133%2C0%2C1%2C0%2C%2C1844%2C1%2C%2C%2C%2C2258%3Aco%3A0%3Ans%3A1674396934125%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1674396938%3At%3AOld%20World%3A%20Complete%20-%20v.1.0.64528%20%2B%20Heroes%20of%20the%20Aegean%20DLC%20-%20FitGirl%20Repacks&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)
87.250.250.119302 Found 407 B URL HTTP/2 mc.yandex.ru/watch/57311164?wmode=7&page-url=http%3A%2F%2Ffitgirl-repacks.theunblock.net%2Fold-world%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A1437%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1046803294611%3Ahid%3A650562248%3Az%3A0%3Ai%3A20230122141537%3Aet%3A1674396937%3Ac%3A1%3Arn%3A200325964%3Arqn%3A1%3Au%3A1674396937154455138%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C133%2C0%2C1%2C0%2C%2C1844%2C1%2C%2C%2C%2C2258%3Aco%3A0%3Ans%3A1674396934125%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1674396938%3At%3AOld%20World%3A%20Complete%20-%20v.1.0.64528%20%2B%20Heroes%20of%20the%20Aegean%20DLC%20-%20FitGirl%20Repacks&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)
IP 87.250.250.119:0
File type JSON data\012- , ASCII text, with very long lines (407), with no line terminators
Hash 84d31f5da1ee90a2d319937fba5b1ce6
51cdc5334397da5dc23781582b0d221972c0356c
e313194fba139af3371f94fe7c39d2ad5ad6ae67c844d98456c80edc77fe305e
GET /watch/57311164?wmode=7&page-url=http%3A%2F%2Ffitgirl-repacks.theunblock.net%2Fold-world%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A1437%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1046803294611%3Ahid%3A650562248%3Az%3A0%3Ai%3A20230122141537%3Aet%3A1674396937%3Ac%3A1%3Arn%3A200325964%3Arqn%3A1%3Au%3A1674396937154455138%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C133%2C0%2C1%2C0%2C%2C1844%2C1%2C%2C%2C%2C2258%3Aco%3A0%3Ans%3A1674396934125%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1674396938%3At%3AOld%20World%3A%20Complete%20-%20v.1.0.64528%20%2B%20Heroes%20of%20the%20Aegean%20DLC%20-%20FitGirl%20Repacks&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://fitgirl-repacks.theunblock.net
Connection: keep-alive
Referer: http://fitgirl-repacks.theunblock.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /watch/57311164/1?wmode=7&page-url=http%3A%2F%2Ffitgirl-repacks.theunblock.net%2Fold-world%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A1437%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1046803294611%3Ahid%3A650562248%3Az%3A0%3Ai%3A20230122141537%3Aet%3A1674396937%3Ac%3A1%3Arn%3A200325964%3Arqn%3A1%3Au%3A1674396937154455138%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C133%2C0%2C1%2C0%2C%2C1844%2C1%2C%2C%2C%2C2258%3Aco%3A0%3Ans%3A1674396934125%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1674396938%3At%3AOld%20World%3A%20Complete%20-%20v.1.0.64528%20%2B%20Heroes%20of%20the%20Aegean%20DLC%20-%20FitGirl%20Repacks&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
date: Sun, 22 Jan 2023 14:15:38 GMT
access-control-allow-origin: http://fitgirl-repacks.theunblock.net
set-cookie: yabs-sid=1023983581674396938; Path=/; SameSite=None; Secure
i=ba0rczuYpcHEcAg0FZpBfualuu4yU2lxr4PU44mMVNSh8IJpWxDKixfBv3NNbaq2EAa5pfqHwSuyDmHtrEdj8UguJMg=; Expires=Wed, 19-Jan-2033 14:15:37 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
yandexuid=6299624521674396938; Expires=Mon, 22-Jan-2024 14:15:38 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=6299624521674396938; Expires=Mon, 22-Jan-2024 14:15:38 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
ymex=1705932938.yc.1674396938#1705932938.yrts.1674396938#1705932938.yrtsi.1674396938; Expires=Mon, 22-Jan-2024 14:15:38 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sun, 22-Jan-2023 14:15:38 GMT
last-modified: Sun, 22-Jan-2023 14:15:38 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/57311164/1?wmode=7&page-url=http%3A%2F%2Ffitgirl-repacks.theunblock.net%2Fold-world%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A1437%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1046803294611%3Ahid%3A650562248%3Az%3A0%3Ai%3A20230122141537%3Aet%3A1674396937%3Ac%3A1%3Arn%3A200325964%3Arqn%3A1%3Au%3A1674396937154455138%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C133%2C0%2C1%2C0%2C%2C1844%2C1%2C%2C%2C%2C2258%3Aco%3A0%3Ans%3A1674396934125%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1674396938%3At%3AOld%20World%3A%20Complete%20-%20v.1.0.64528%20%2B%20Heroes%20of%20the%20Aegean%20DLC%20-%20FitGirl%20Repacks&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
87.250.250.119200 OK 419 B URL HTTP/2 mc.yandex.ru/watch/57311164/1?wmode=7&page-url=http%3A%2F%2Ffitgirl-repacks.theunblock.net%2Fold-world%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A1437%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1046803294611%3Ahid%3A650562248%3Az%3A0%3Ai%3A20230122141537%3Aet%3A1674396937%3Ac%3A1%3Arn%3A200325964%3Arqn%3A1%3Au%3A1674396937154455138%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C133%2C0%2C1%2C0%2C%2C1844%2C1%2C%2C%2C%2C2258%3Aco%3A0%3Ans%3A1674396934125%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1674396938%3At%3AOld%20World%3A%20Complete%20-%20v.1.0.64528%20%2B%20Heroes%20of%20the%20Aegean%20DLC%20-%20FitGirl%20Repacks&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
IP 87.250.250.119:0
File type JSON data\012- , ASCII text, with very long lines (419), with no line terminators
Hash dc15d388a78d30e8c7894505630463f3
5bc6581555c2cf2869dd95f63980e5a14f9752a9
7d5a2af084e5db2fc351f5d17d0ae214063c574954b7b32ba7a5f28c6cb3858f
GET /watch/57311164/1?wmode=7&page-url=http%3A%2F%2Ffitgirl-repacks.theunblock.net%2Fold-world%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A1437%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1046803294611%3Ahid%3A650562248%3Az%3A0%3Ai%3A20230122141537%3Aet%3A1674396937%3Ac%3A1%3Arn%3A200325964%3Arqn%3A1%3Au%3A1674396937154455138%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C133%2C0%2C1%2C0%2C%2C1844%2C1%2C%2C%2C%2C2258%3Aco%3A0%3Ans%3A1674396934125%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1674396938%3At%3AOld%20World%3A%20Complete%20-%20v.1.0.64528%20%2B%20Heroes%20of%20the%20Aegean%20DLC%20-%20FitGirl%20Repacks&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29 HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://fitgirl-repacks.theunblock.net
Referer: http://fitgirl-repacks.theunblock.net/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 419
date: Sun, 22 Jan 2023 14:15:39 GMT
x-content-type-options: nosniff
access-control-allow-origin: http://fitgirl-repacks.theunblock.net
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sun, 22-Jan-2023 14:15:39 GMT
last-modified: Sun, 22-Jan-2023 14:15:39 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: application/json; charset=utf-8
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
inpagepush.com/500/3064505?excludes=&oaid=4ccd948d81024406b973b7bc8e547770&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&pl=http%3A%2F%2Ffitgirl-repacks.theunblock.net%2Fold-world%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.237200 OK 0 B URL HTTP/1.1 inpagepush.com/500/3064505?excludes=&oaid=4ccd948d81024406b973b7bc8e547770&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&pl=http%3A%2F%2Ffitgirl-repacks.theunblock.net%2Fold-world%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.237:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /500/3064505?excludes=&oaid=4ccd948d81024406b973b7bc8e547770&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&pl=http%3A%2F%2Ffitgirl-repacks.theunblock.net%2Fold-world%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: inpagepush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: http://fitgirl-repacks.theunblock.net/
Origin: http://fitgirl-repacks.theunblock.net
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 22 Jan 2023 14:15:39 GMT
Content-Length: 0
Connection: keep-alive
Allow: GET, OPTIONS
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Origin: http://fitgirl-repacks.theunblock.net
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 600
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Timing-Allow-Origin: *
inpagepush.com/500/3064505?excludes=&oaid=4ccd948d81024406b973b7bc8e547770&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&pl=http%3A%2F%2Ffitgirl-repacks.theunblock.net%2Fold-world%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.237200 OK 937 B URL HTTP/1.1 inpagepush.com/500/3064505?excludes=&oaid=4ccd948d81024406b973b7bc8e547770&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&pl=http%3A%2F%2Ffitgirl-repacks.theunblock.net%2Fold-world%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.237:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (1166), with no line terminators
Hash 263c3da59d78160de2c2112ee158c807
a89adc5a44c057151770e89f256b775bdbcb5590
c57d6386eaed676359c9217d004d35e88ed27d71f597142151a6966d7212b19b
GET /500/3064505?excludes=&oaid=4ccd948d81024406b973b7bc8e547770&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&pl=http%3A%2F%2Ffitgirl-repacks.theunblock.net%2Fold-world%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: inpagepush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/json
Origin: http://fitgirl-repacks.theunblock.net
Connection: keep-alive
Referer: http://fitgirl-repacks.theunblock.net/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 22 Jan 2023 14:15:39 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: 62d1bca9c297e659f47dc61bdfcb8577
Cache-Control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Pragma: no-cache
Expires: Tue, 11 Jan 1994 10:00:00 GMT
Vary: Origin
Access-Control-Allow-Origin: http://fitgirl-repacks.theunblock.net
Access-Control-Expose-Headers: Link
Access-Control-Allow-Credentials: true
Set-Cookie: OAID=4ccd948d81024406b973b7bc8e547770; expires=Mon, 22 Jan 2024 14:15:39 GMT; path=/; secure; SameSite=None
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Timing-Allow-Origin: *, *
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash fede3ea3cc0e157fd159a0389e440383
66fcb7eced04f6a1de073c880195508f0db49dd7
d2ae6de8c3b06bacf93bd26a6304736ccce5bee873aa138dc2a8040bc93c23f9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3429
Cache-Control: max-age=128901
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 14:15:39 GMT
Etag: "63cc8c2c-117"
Expires: Tue, 24 Jan 2023 02:04:00 GMT
Last-Modified: Sun, 22 Jan 2023 01:06:52 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 279
offerimage.com/www/images/c203639f459b6e675afc744dd5393fc6.jpeg
104.22.33.172200 OK 11 kB URL HTTP/2 offerimage.com/www/images/c203639f459b6e675afc744dd5393fc6.jpeg
IP 104.22.33.172:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3\012- data
Hash c203639f459b6e675afc744dd5393fc6
c83a0142c1a7f6a07c2dd360243197a27f560932
64b4e386658d3f5764261f576a4673eb506fcad5e38e69ef085723f8dab72263
GET /www/images/c203639f459b6e675afc744dd5393fc6.jpeg HTTP/1.1
Host: offerimage.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fitgirl-repacks.theunblock.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 22 Jan 2023 14:15:39 GMT
content-type: image/jpeg
content-length: 10857
cache-control: max-age=86400
cf-bgj: h2pri
etag: "6388849a-2a69"
expires: Mon, 23 Jan 2023 03:11:40 GMT
last-modified: Thu, 01 Dec 2022 10:40:26 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 39838
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 78d8e729ba380d52-ARN
X-Firefox-Spdy: h2
betotodilea.com/500/4495524?excludes=&oaid=4ccd948d81024406b973b7bc8e547770&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&pl=http%3A%2F%2Ffitgirl-repacks.theunblock.net%2Fold-world%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.237200 OK 0 B URL HTTP/1.1 betotodilea.com/500/4495524?excludes=&oaid=4ccd948d81024406b973b7bc8e547770&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&pl=http%3A%2F%2Ffitgirl-repacks.theunblock.net%2Fold-world%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.237:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
OPTIONS /500/4495524?excludes=&oaid=4ccd948d81024406b973b7bc8e547770&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&pl=http%3A%2F%2Ffitgirl-repacks.theunblock.net%2Fold-world%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: betotodilea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: http://fitgirl-repacks.theunblock.net/
Origin: http://fitgirl-repacks.theunblock.net
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 22 Jan 2023 14:15:39 GMT
Content-Length: 0
Connection: keep-alive
Allow: GET, OPTIONS
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Origin: http://fitgirl-repacks.theunblock.net
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 600
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Timing-Allow-Origin: *
cdn.itskiddien.club/?rb=5hE-GECc7_eztQq9UN64tHoMRBDrj6YTptUHzaSUI_t-iTLpJqyT_NkJhHv2vTgGF9Bocs8JMM-iBbMVBvIh24wR6zBUYpLtZ9oT1V_ESq9VXhmbj-1M1uU-zpuOdyJPOx6JToT9wwSjyPpVsc11BHcffZEhX8y8DAACI4yzdVcf7qHbMn-kR5abPmKbckZfriU0zxUtDBnufGoJm0yKfmel0YvCKXP2Z5XOfSy5H1MQN6IuUT7O9pP-0i3jxjs_&request_ab2=0&zoneid=3388548&js_build=iclick-v1.471.1&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=3&pl=http%3A%2F%2Ffitgirl-repacks.theunblock.net%2Fold-world%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.471.1&bs=337cdf5e-89aa-4ffc-8ed8-cfec380b8fbb&userId=u0ik261664xc873674984g0e1qips858&m=link
139.45.197.236200 OK 1.3 kB URL HTTP/1.1 cdn.itskiddien.club/?rb=5hE-GECc7_eztQq9UN64tHoMRBDrj6YTptUHzaSUI_t-iTLpJqyT_NkJhHv2vTgGF9Bocs8JMM-iBbMVBvIh24wR6zBUYpLtZ9oT1V_ESq9VXhmbj-1M1uU-zpuOdyJPOx6JToT9wwSjyPpVsc11BHcffZEhX8y8DAACI4yzdVcf7qHbMn-kR5abPmKbckZfriU0zxUtDBnufGoJm0yKfmel0YvCKXP2Z5XOfSy5H1MQN6IuUT7O9pP-0i3jxjs_&request_ab2=0&zoneid=3388548&js_build=iclick-v1.471.1&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=3&pl=http%3A%2F%2Ffitgirl-repacks.theunblock.net%2Fold-world%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.471.1&bs=337cdf5e-89aa-4ffc-8ed8-cfec380b8fbb&userId=u0ik261664xc873674984g0e1qips858&m=link
IP 139.45.197.236:0
File type JSON data\012- , ASCII text, with very long lines (1653), with no line terminators
Hash 541ff25a4d1b69e5b26c6fae9f9da1f2
fa834280300a603d3f43fa32a853310edbc07ef2
f745deabc01c7652563a109df1bc5a76eeac6831886b416306501fa4071d2f62
GET /?rb=5hE-GECc7_eztQq9UN64tHoMRBDrj6YTptUHzaSUI_t-iTLpJqyT_NkJhHv2vTgGF9Bocs8JMM-iBbMVBvIh24wR6zBUYpLtZ9oT1V_ESq9VXhmbj-1M1uU-zpuOdyJPOx6JToT9wwSjyPpVsc11BHcffZEhX8y8DAACI4yzdVcf7qHbMn-kR5abPmKbckZfriU0zxUtDBnufGoJm0yKfmel0YvCKXP2Z5XOfSy5H1MQN6IuUT7O9pP-0i3jxjs_&request_ab2=0&zoneid=3388548&js_build=iclick-v1.471.1&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=3&pl=http%3A%2F%2Ffitgirl-repacks.theunblock.net%2Fold-world%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.471.1&bs=337cdf5e-89aa-4ffc-8ed8-cfec380b8fbb&userId=u0ik261664xc873674984g0e1qips858&m=link HTTP/1.1
Host: cdn.itskiddien.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://fitgirl-repacks.theunblock.net/
Origin: http://fitgirl-repacks.theunblock.net
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 22 Jan 2023 14:15:39 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: bf888a77c5d1b55346c85005989d8469
Access-Control-Allow-Origin: http://fitgirl-repacks.theunblock.net
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Access-Control-Max-Age: 86400
Pragma: no-cache
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 11 Jan 1994 10:00:00 GMT
Set-Cookie: OAID=u0ik261664xc873674984g0e1qips858; expires=Mon, 22 Jan 2024 14:15:39 GMT; path=/
oaidts=1674396939; expires=Mon, 22 Jan 2024 14:15:39 GMT; path=/
syncedCookie=true; expires=Sun, 29 Jan 2023 14:15:39 GMT; path=/
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Timing-Allow-Origin: *, *
Content-Encoding: gzip
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash dc4ecda5368b52c2e2e0f855c3069d54
094d4c4753e9411e78bba8e036dfe4d578a3136e
6543817b84fb50bf50d47656d95e228b120961571cde07e3aae7f5f60b788920
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 22 Jan 2023 14:15:39 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 22 Jan 2023 03:49:36 GMT
Expires: Sun, 29 Jan 2023 03:49:35 GMT
Etag: "094d4c4753e9411e78bba8e036dfe4d578a3136e"
Cache-Control: max-age=566635,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78d8e72a2b5cb4ff-OSL
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 1fe4d9925422ffff00c8f8a69ebb46a1
e188a3e66274b47c70b5b588e11bca5ebb6d877c
8b37732bceb4cdf52b1b11ac3555c7b438f6ca996bc249f95d8fe3eba8f03afa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8B37732BCEB4CDF52B1B11AC3555C7B438F6CA996BC249F95D8FE3EBA8F03AFA"
Last-Modified: Sat, 21 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3352
Expires: Sun, 22 Jan 2023 15:11:31 GMT
Date: Sun, 22 Jan 2023 14:15:39 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 6ec7632200e35267293042028940bd4f
58c255f2de6a2d881f4876230d5bd912feff9ff3
17372b064b1c6e4d3629e7199a6082418ca328455f587484893a3c9b322efe69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "17372B064B1C6E4D3629E7199A6082418CA328455F587484893A3C9B322EFE69"
Last-Modified: Fri, 20 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19886
Expires: Sun, 22 Jan 2023 19:47:05 GMT
Date: Sun, 22 Jan 2023 14:15:39 GMT
Connection: keep-alive
matomo.hellohi.me/matomo.php?action_name=Old%20World%3A%20Complete%20-%20v.1.0.64528%20%2B%20Heroes%20of%20the%20Aegean%20DLC%20-%20FitGirl%20Repacks&idsite=1&rec=1&r=612703&h=14&m=15&s=37&url=http%3A%2F%2Ffitgirl-repacks.theunblock.net%2Fold-world%2F&_id=9f74839dbd73797d&_idn=0&send_image=0&_refts=0&cookie=1&res=1280x1024&pv_id=JZFB6r&pf_net=0&pf_srv=134&pf_tfr=92&pf_dm1=1802&uadata=%7B%7D
104.21.94.42301 Moved Permanently 169 B URL HTTP/1.1 matomo.hellohi.me/matomo.php?action_name=Old%20World%3A%20Complete%20-%20v.1.0.64528%20%2B%20Heroes%20of%20the%20Aegean%20DLC%20-%20FitGirl%20Repacks&idsite=1&rec=1&r=612703&h=14&m=15&s=37&url=http%3A%2F%2Ffitgirl-repacks.theunblock.net%2Fold-world%2F&_id=9f74839dbd73797d&_idn=0&send_image=0&_refts=0&cookie=1&res=1280x1024&pv_id=JZFB6r&pf_net=0&pf_srv=134&pf_tfr=92&pf_dm1=1802&uadata=%7B%7D
IP 104.21.94.42:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash f3099a531821c476589c3d2d00d53772
8e539d05a8355d6835a56f94b75f405c6e55f6f3
a5287e1cf9fe9dc106bd2172a5b175c7833427866b7819872b1b6fa34b66daef
POST /matomo.php?action_name=Old%20World%3A%20Complete%20-%20v.1.0.64528%20%2B%20Heroes%20of%20the%20Aegean%20DLC%20-%20FitGirl%20Repacks&idsite=1&rec=1&r=612703&h=14&m=15&s=37&url=http%3A%2F%2Ffitgirl-repacks.theunblock.net%2Fold-world%2F&_id=9f74839dbd73797d&_idn=0&send_image=0&_refts=0&cookie=1&res=1280x1024&pv_id=JZFB6r&pf_net=0&pf_srv=134&pf_tfr=92&pf_dm1=1802&uadata=%7B%7D HTTP/1.1
Host: matomo.hellohi.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=utf-8
Content-Length: 0
Origin: http://fitgirl-repacks.theunblock.net
Connection: keep-alive
Referer: http://fitgirl-repacks.theunblock.net/
HTTP/1.1 301 Moved Permanently
Date: Sun, 22 Jan 2023 14:15:39 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://matomo.hellohi.me/matomo.php?action_name=Old%20World%3A%20Complete%20-%20v.1.0.64528%20%2B%20Heroes%20of%20the%20Aegean%20DLC%20-%20FitGirl%20Repacks&idsite=1&rec=1&r=612703&h=14&m=15&s=37&url=http%3A%2F%2Ffitgirl-repacks.theunblock.net%2Fold-world%2F&_id=9f74839dbd73797d&_idn=0&send_image=0&_refts=0&cookie=1&res=1280x1024&pv_id=JZFB6r&pf_net=0&pf_srv=134&pf_tfr=92&pf_dm1=1802&uadata=%7B%7D
Referrer-Policy: origin
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5kuuTKWsjZ9h%2BIlwrA6%2FDwu29EDIK2W8pLXbDl%2BI5%2BDhG%2BoM54Fk9ClVDd3bIu4cb0yXNVqAtMLTt59NuicyFSOr45mHa71BgBnAtmsu7mKq8mkSr3o1nqrXhERUh9ikZq1aBA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 78d8e72a2cc0fabc-OSL
alt-svc: h2=":443"; ma=60
fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
139.45.195.254200 OK 12 B URL HTTP/1.1 fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
IP 139.45.195.254:0
File type JSON data\012- , ASCII text, with no line terminators
Hash adb4650bfc9d2a73d4dd69583b0ceb14
1ce399d6e936232aaf2192cd7903a279c5015f22
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed
Analyzer Verdict Alert quad9 Sinkholed
POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f HTTP/1.1
Host: fleraprt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1227
Origin: http://fitgirl-repacks.theunblock.net
Connection: keep-alive
Referer: http://fitgirl-repacks.theunblock.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Sun, 22 Jan 2023 14:16:05 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: http://fitgirl-repacks.theunblock.net
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
betotodilea.com/500/4495524?excludes=&oaid=4ccd948d81024406b973b7bc8e547770&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&pl=http%3A%2F%2Ffitgirl-repacks.theunblock.net%2Fold-world%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.237200 OK 1.0 kB URL HTTP/1.1 betotodilea.com/500/4495524?excludes=&oaid=4ccd948d81024406b973b7bc8e547770&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&pl=http%3A%2F%2Ffitgirl-repacks.theunblock.net%2Fold-world%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.237:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (1258), with no line terminators
Hash 9cab6af8828bfb4a4bc95c698112aa33
fe1d4545913a932aca5c287bd16d1d99ddb596f5
380e43cc2237bd270e4feab078bb7c176743b609e5f914a8eba06becae77252c
Analyzer Verdict Alert quad9 Sinkholed
GET /500/4495524?excludes=&oaid=4ccd948d81024406b973b7bc8e547770&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&pl=http%3A%2F%2Ffitgirl-repacks.theunblock.net%2Fold-world%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: betotodilea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/json
Origin: http://fitgirl-repacks.theunblock.net
Connection: keep-alive
Referer: http://fitgirl-repacks.theunblock.net/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 22 Jan 2023 14:15:40 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: daa00a50b8c6dbf25ae5c4fd8eabea85
Cache-Control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Pragma: no-cache
Expires: Tue, 11 Jan 1994 10:00:00 GMT
Vary: Origin
Access-Control-Allow-Origin: http://fitgirl-repacks.theunblock.net
Access-Control-Expose-Headers: Link
Access-Control-Allow-Credentials: true
Set-Cookie: OAID=4ccd948d81024406b973b7bc8e547770; expires=Mon, 22 Jan 2024 14:15:39 GMT; path=/; secure; SameSite=None
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Timing-Allow-Origin: *, *
Content-Encoding: gzip
glimtors.net/custom
139.45.197.251200 OK 39 B IP 139.45.197.251:0
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
POST /custom HTTP/1.1
Host: glimtors.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://fitgirl-repacks.theunblock.net/
Content-Type: application/json
Origin: http://fitgirl-repacks.theunblock.net
Content-Length: 403
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 22 Jan 2023 14:15:40 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: c0588172fd98ee79b0132869b5e56528
access-control-allow-origin: http://fitgirl-repacks.theunblock.net
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
offerimage.com/www/images/0fb6066747e1a495065815fb44fb9b41.png
104.22.33.172200 OK 12 kB URL HTTP/2 offerimage.com/www/images/0fb6066747e1a495065815fb44fb9b41.png
IP 104.22.33.172:0
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash 0fb6066747e1a495065815fb44fb9b41
c62f83dec41d2b508176f11784edc75db8dbb6f8
dca249be9c1aeee895ea79046856c178a1830f46a55cfc7f552b95b04eb3e5a6
GET /www/images/0fb6066747e1a495065815fb44fb9b41.png HTTP/1.1
Host: offerimage.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fitgirl-repacks.theunblock.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 22 Jan 2023 14:15:40 GMT
content-type: image/png
content-length: 11899
last-modified: Thu, 25 Aug 2022 05:53:00 GMT
etag: "63070e3c-2e7b"
expires: Mon, 23 Jan 2023 12:15:34 GMT
cache-control: max-age=86400
timing-allow-origin: *
cf-cache-status: HIT
age: 7206
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 78d8e72b3ae00d52-ARN
X-Firefox-Spdy: h2
interstitial-07.com/contents/s/d6/57/d0/b45c722c9203953e7fbb92fc33/01117258015882.jpeg
139.45.197.152200 OK 20 kB URL HTTP/2 interstitial-07.com/contents/s/d6/57/d0/b45c722c9203953e7fbb92fc33/01117258015882.jpeg
IP 139.45.197.152:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 256x256, components 3\012- data
Hash d657d0b45c722c9203953e7fbb92fc33
e1ff29e4b8f1ea03d163e6a3c8f4d381cae5a3e2
40785963d6afef460b6d58db44d00d3bbed11a81f88e64e6a1b91d317b220d40
GET /contents/s/d6/57/d0/b45c722c9203953e7fbb92fc33/01117258015882.jpeg HTTP/1.1
Host: interstitial-07.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://interstitial-07.com/?l=5m6UFzXYYi5sfZO&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fbenumelan.com%2F12%3Frnd%3D538025895%26z%3D3372123%26b%3D16380033%26c%3D6511541%26var%3D%26d%3Dhttps%253A%252F%252Fsingelstodate.com%252Fbase.php%253Fc%253D1499%2526key%253D078e8e1696ef5f705a04995394169693%2526zoneid%253D%257Bzoneid%257D%2526cost%253D%257Bcost%257D%2526subid%253D%2524%257BSUBID%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3DF2MGKKtr8JtfQCmV6bhqOsnZDFLaB7s9m6Gy11C2XK5ZlWtEi6tXOyHuyKEfrExtHfUHpn27i99Qk6D7aku3gG30OSedV62v-L1ZpxkZeo-UsAe9S3Hg9U7B8ZtIv_V6kWO1tbCkM7Ocyni9s4s19twoq2Pun7q0JZLQjyWwuHC1F2PszYOZcls-3xxp0SDmiLCXkTKs8AUunkqfH0ZjOyQ06618hLGMy1x6PFYI7jr34SyQNJiFVfUBY981mbWs1I5r6OHY4O9OKdZOymJhZgNOjrIAu_C3rg8uP_k479iNqDp1NbSWvm9L5-0FAejp8XKUUV28I9I105KRhCGNr1PoT3E-ioKTnVQ6JM8t5WYI20Tc7d7PT1oebYI0xAlbRUtcz5MLUweK6eMXG1rQCkBn8d03YCv4Pv96VWGgiyL_y-5zn8okrUdEpNdwyWy7jKVCVTBP-hSg2w5HmDHxrda82kL1btFEMAmUvIH2A0xxIqAxc_ZYEDzQqTi5_-R_5H-GO06UO4chAa_8nU0OP93KsceBOvq2rUMuzr2zEvjaoOG47lEg9KLYncsCBSnlap8fwXOxOFiAYz4zQgbD-djmClN8Hpp6%26bag%3DmtlVseJPZwq8MrL-yExcig%3D%3D%26ruid%3De35ea401-4d65-4223-83f6-fbba0e0a9f03%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttp%253A%252F%252Ffitgirl-repacks.theunblock.net%252Fold-world%252F%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1268%26wiw%3D1280%26wih%3D939%26wfc%3D3%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 22 Jan 2023 14:15:40 GMT
content-type: image/jpeg
content-length: 19879
last-modified: Wed, 05 Oct 2022 17:04:55 GMT
vary: Accept-Encoding
etag: "633db937-4da7"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
X-Firefox-Spdy: h2
interstitial-07.com/contents/s/9b/2c/29/3f4695bb8f89f5bdc53f2634e2/01175794239723.jpeg
139.45.197.152200 OK 63 kB URL HTTP/2 interstitial-07.com/contents/s/9b/2c/29/3f4695bb8f89f5bdc53f2634e2/01175794239723.jpeg
IP 139.45.197.152:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 492x328, components 3\012- data
Hash 9b2c293f4695bb8f89f5bdc53f2634e2
fda95c173965012fa72bd0386a0f1e4f0e5220fa
f7090a9b5e00f32721b1d83183b54e836e4237f6d407186327f7835caf3c265a
GET /contents/s/9b/2c/29/3f4695bb8f89f5bdc53f2634e2/01175794239723.jpeg HTTP/1.1
Host: interstitial-07.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://interstitial-07.com/?l=5m6UFzXYYi5sfZO&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fbenumelan.com%2F12%3Frnd%3D538025895%26z%3D3372123%26b%3D16380033%26c%3D6511541%26var%3D%26d%3Dhttps%253A%252F%252Fsingelstodate.com%252Fbase.php%253Fc%253D1499%2526key%253D078e8e1696ef5f705a04995394169693%2526zoneid%253D%257Bzoneid%257D%2526cost%253D%257Bcost%257D%2526subid%253D%2524%257BSUBID%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3DF2MGKKtr8JtfQCmV6bhqOsnZDFLaB7s9m6Gy11C2XK5ZlWtEi6tXOyHuyKEfrExtHfUHpn27i99Qk6D7aku3gG30OSedV62v-L1ZpxkZeo-UsAe9S3Hg9U7B8ZtIv_V6kWO1tbCkM7Ocyni9s4s19twoq2Pun7q0JZLQjyWwuHC1F2PszYOZcls-3xxp0SDmiLCXkTKs8AUunkqfH0ZjOyQ06618hLGMy1x6PFYI7jr34SyQNJiFVfUBY981mbWs1I5r6OHY4O9OKdZOymJhZgNOjrIAu_C3rg8uP_k479iNqDp1NbSWvm9L5-0FAejp8XKUUV28I9I105KRhCGNr1PoT3E-ioKTnVQ6JM8t5WYI20Tc7d7PT1oebYI0xAlbRUtcz5MLUweK6eMXG1rQCkBn8d03YCv4Pv96VWGgiyL_y-5zn8okrUdEpNdwyWy7jKVCVTBP-hSg2w5HmDHxrda82kL1btFEMAmUvIH2A0xxIqAxc_ZYEDzQqTi5_-R_5H-GO06UO4chAa_8nU0OP93KsceBOvq2rUMuzr2zEvjaoOG47lEg9KLYncsCBSnlap8fwXOxOFiAYz4zQgbD-djmClN8Hpp6%26bag%3DmtlVseJPZwq8MrL-yExcig%3D%3D%26ruid%3De35ea401-4d65-4223-83f6-fbba0e0a9f03%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttp%253A%252F%252Ffitgirl-repacks.theunblock.net%252Fold-world%252F%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1268%26wiw%3D1280%26wih%3D939%26wfc%3D3%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 22 Jan 2023 14:15:40 GMT
content-type: image/jpeg
content-length: 63121
last-modified: Wed, 05 Oct 2022 17:04:52 GMT
vary: Accept-Encoding
etag: "633db934-f691"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash a742f5dbcc87af3e4ac216b6d135669f
614af7c7cd417ad9d1449cb54d91e2908cd8b141
a01fccfbaf92d832555b5421cc79d7157b40f53fd17036146fd9c579cf20d360
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A01FCCFBAF92D832555B5421CC79D7157B40F53FD17036146FD9C579CF20D360"
Last-Modified: Sat, 21 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10623
Expires: Sun, 22 Jan 2023 17:12:43 GMT
Date: Sun, 22 Jan 2023 14:15:40 GMT
Connection: keep-alive
unphionetor.com/vctx?t=72747
139.45.197.236204 No Content 0 B URL HTTP/2 unphionetor.com/vctx?t=72747
IP 139.45.197.236:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /vctx?t=72747 HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://interstitial-07.com
Connection: keep-alive
Referer: https://interstitial-07.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Sun, 22 Jan 2023 14:15:40 GMT
access-control-allow-origin: https://interstitial-07.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: cc33a8d968a0450bacd574cd46330a05
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
distributionrealmoth.com/sbar.json?key=a286902791a7f4c98bcb1e812322cd78&uuid=16259d6d-b64d-46f2-bca6-bc91ff88036d%3A2%3A1
192.243.61.225200 OK 4.4 kB URL HTTP/1.1 distributionrealmoth.com/sbar.json?key=a286902791a7f4c98bcb1e812322cd78&uuid=16259d6d-b64d-46f2-bca6-bc91ff88036d%3A2%3A1
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (6270), with no line terminators
Hash 617acd62c18cd2415e9191b01286468e
9e1171379e1d0c48844b6d7e6443330fb45d030e
729611ac3c78240ee3edd8fc050e55e252d7f4137406d1d8af641c24739a173e
Analyzer Verdict Alert quad9 Sinkholed
GET /sbar.json?key=a286902791a7f4c98bcb1e812322cd78&uuid=16259d6d-b64d-46f2-bca6-bc91ff88036d%3A2%3A1 HTTP/1.1
Host: distributionrealmoth.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://fitgirl-repacks.theunblock.net
Connection: keep-alive
Referer: http://fitgirl-repacks.theunblock.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 22 Jan 2023 14:15:40 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://fitgirl-repacks.theunblock.net
Access-Control-Allow-Origin: http://fitgirl-repacks.theunblock.net
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=15816950; expires=Mon, 23 Jan 2023 14:15:40 GMT; secure; SameSite=None
uid_id2=16259d6d-b64d-46f2-bca6-bc91ff88036d:2:1; expires=Sun, 29 Jan 2023 14:15:40 GMT; secure; SameSite=None
pdhtkv=true; expires=Mon, 23 Jan 2023 14:15:40 GMT; secure; SameSite=None
uncs=1; expires=Mon, 23 Jan 2023 14:15:40 GMT; secure; SameSite=None
pdhtkv29=true; expires=Mon, 23 Jan 2023 14:15:40 GMT; secure; SameSite=None
uncs29=1; expires=Mon, 23 Jan 2023 14:15:40 GMT; secure; SameSite=None
sleca286902791a7f4c98bcb1e812322cd78=[3952979]; expires=Sun, 22 Jan 2023 14:15:45 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 89bebf01c173bdc9e4164b6d8f788476
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
unphionetor.com/vbl?t=72747&bid=undefined&aid=undefined
139.45.197.236204 No Content 0 B URL HTTP/2 unphionetor.com/vbl?t=72747&bid=undefined&aid=undefined
IP 139.45.197.236:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
POST /vbl?t=72747&bid=undefined&aid=undefined HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://interstitial-07.com
Connection: keep-alive
Referer: https://interstitial-07.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Sun, 22 Jan 2023 14:15:40 GMT
access-control-allow-origin: https://interstitial-07.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: af3fa6f8154f82b0af80a29a88e878f8
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
unseenreport.com/pxf.gif?uuid=16259d6d-b64d-46f2-bca6-bc91ff88036d&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1053&b_frame=0&pk=a286902791a7f4c98bcb1e812322cd78&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=14
192.243.61.227200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=16259d6d-b64d-46f2-bca6-bc91ff88036d&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1053&b_frame=0&pk=a286902791a7f4c98bcb1e812322cd78&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=14
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=16259d6d-b64d-46f2-bca6-bc91ff88036d&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1053&b_frame=0&pk=a286902791a7f4c98bcb1e812322cd78&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=14 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fitgirl-repacks.theunblock.net/
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 22 Jan 2023 14:15:40 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 4a1b77526115603078a41f62142e5bc1
Strict-Transport-Security: max-age=0; includeSubdomains
distributionrealmoth.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRSujptTvBi8eBAa8RDBnXT3%2FGwjLMYkEoxJTCIRyaV%2B9Ww5NV1NVff0ZPEQDYRcJONJjz3fJFnUIOYPEGRGD7J4cBR0D45%2FgQcRc5aZHVx8h3rv1fcO3%2Fe9d2dcLEiAgu5ffsvsKK3pyWYt8E9cV6kwpfMvXvPDoBac8q%2BrtNU45Q%2BXjx28EgbNWvCS%2F4bkPXMyCsIgCIPQP6esTMzw5AqFyh7FYS0Oao2oFjYbGNr%2F967w4KgHMViQ41BifnT7h8dQfIq0%2F%2FUZ6Xq5yV4%2B2y80zY3FQOy%2Bk%2FZSU6boH5aJ9ZCku%2BtpGDcn5LMjMOnuWgHM4P5SAZiaE%2B%2FXECzdXdMEGzw4YMo0ZAomjqEcTCH1FIpOwc1tKPETAbjAxUtI%2Bw8vGlvSmwcoXaJzsvHkb6hyTjZ%2BfxZp%2F6vTWg39q0YXuTKpwzCpoIZTqO4UWTFDvuNBlTPw%2FCMoQZD2Kyix%2F2LYipqxaIlN1mqIzUYriTYZp61NxuMwSTqdoN4SK2uUmkIlU2g5AnVHUDgPhfJQJB6KzENf7Pu0GSdB0E5YUq93Gpzzep3zZqclmqLe6CQBCr7kPkKejcD1CNzeQmZvoadGsMW3cNsVnPDgcoKBqFBKgtIRlJSgVARlTlAOqgdCu8hVD4V2BQvXOVrnejUxeXdMH5i8K1MyzhbkmZVhf737BD2579Oo04qDqB2HtJ00eNxhnIWyE0b1KOKi3YFTFZQ7Auo87Cy3Vy2QqTkh934DozM4PQNXL4AWz4OWk3YUgG5PGp0AO%2BmjImXa8J4UNSUgTIUs30B%2B0xvrBXluxePVt69C8r2tP8cbN%2B4c%2FwXcVshshffVdwRdfXdyxZTk%2FhVTOvL4Uparvtqhy6VezWkuj37xprxZGivOn3Gjz1%2FjS2BZPromXX6BpkKlXUe%2BPK2EkPacsVySb86765JdLtz26cKmRXbh8uvnzvczK51TJp2CLqV9%2BAG4mpNjXro6WH%2B4gLJT2KJCv9gj64AyM%2FDsFly2t%2FXpx5f%2BOCXegzMEVh%2FOsMxDWVQTG7HDT60ItDzsKavg5N7W99N7N078MwOT%2FxkydnfRtR5ofnt1pgNbYaArUD2CK56a5Jnd2%2Fq5vgow7U2Ytt59pq3%2B5MBcp%2FZ92UyCRAaRZEnMkjYNRJw0YkbjULZZk4bI3Zz%2FePbpfwEAAP%2F%2FAQAA%2F%2F%2F8V71ziAQAAA%3D%3D
192.243.61.225200 OK 7 B URL HTTP/1.1 distributionrealmoth.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRSujptTvBi8eBAa8RDBnXT3%2FGwjLMYkEoxJTCIRyaV%2B9Ww5NV1NVff0ZPEQDYRcJONJjz3fJFnUIOYPEGRGD7J4cBR0D45%2FgQcRc5aZHVx8h3rv1fcO3%2Fe9d2dcLEiAgu5ffsvsKK3pyWYt8E9cV6kwpfMvXvPDoBac8q%2BrtNU45Q%2BXjx28EgbNWvCS%2F4bkPXMyCsIgCIPQP6esTMzw5AqFyh7FYS0Oao2oFjYbGNr%2F967w4KgHMViQ41BifnT7h8dQfIq0%2F%2FUZ6Xq5yV4%2B2y80zY3FQOy%2Bk%2FZSU6boH5aJ9ZCku%2BtpGDcn5LMjMOnuWgHM4P5SAZiaE%2B%2FXECzdXdMEGzw4YMo0ZAomjqEcTCH1FIpOwc1tKPETAbjAxUtI%2Bw8vGlvSmwcoXaJzsvHkb6hyTjZ%2BfxZp%2F6vTWg39q0YXuTKpwzCpoIZTqO4UWTFDvuNBlTPw%2FCMoQZD2Kyix%2F2LYipqxaIlN1mqIzUYriTYZp61NxuMwSTqdoN4SK2uUmkIlU2g5AnVHUDgPhfJQJB6KzENf7Pu0GSdB0E5YUq93Gpzzep3zZqclmqLe6CQBCr7kPkKejcD1CNzeQmZvoadGsMW3cNsVnPDgcoKBqFBKgtIRlJSgVARlTlAOqgdCu8hVD4V2BQvXOVrnejUxeXdMH5i8K1MyzhbkmZVhf737BD2579Oo04qDqB2HtJ00eNxhnIWyE0b1KOKi3YFTFZQ7Auo87Cy3Vy2QqTkh934DozM4PQNXL4AWz4OWk3YUgG5PGp0AO%2BmjImXa8J4UNSUgTIUs30B%2B0xvrBXluxePVt69C8r2tP8cbN%2B4c%2FwXcVshshffVdwRdfXdyxZTk%2FhVTOvL4Uparvtqhy6VezWkuj37xprxZGivOn3Gjz1%2FjS2BZPromXX6BpkKlXUe%2BPK2EkPacsVySb86765JdLtz26cKmRXbh8uvnzvczK51TJp2CLqV9%2BAG4mpNjXro6WH%2B4gLJT2KJCv9gj64AyM%2FDsFly2t%2FXpx5f%2BOCXegzMEVh%2FOsMxDWVQTG7HDT60ItDzsKavg5N7W99N7N078MwOT%2FxkydnfRtR5ofnt1pgNbYaArUD2CK56a5Jnd2%2Fq5vgow7U2Ytt59pq3%2B5MBcp%2FZ92UyCRAaRZEnMkjYNRJw0YkbjULZZk4bI3Zz%2FePbpfwEAAP%2F%2FAQAA%2F%2F%2F8V71ziAQAAA%3D%3D
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRSujptTvBi8eBAa8RDBnXT3%2FGwjLMYkEoxJTCIRyaV%2B9Ww5NV1NVff0ZPEQDYRcJONJjz3fJFnUIOYPEGRGD7J4cBR0D45%2FgQcRc5aZHVx8h3rv1fcO3%2Fe9d2dcLEiAgu5ffsvsKK3pyWYt8E9cV6kwpfMvXvPDoBac8q%2BrtNU45Q%2BXjx28EgbNWvCS%2F4bkPXMyCsIgCIPQP6esTMzw5AqFyh7FYS0Oao2oFjYbGNr%2F967w4KgHMViQ41BifnT7h8dQfIq0%2F%2FUZ6Xq5yV4%2B2y80zY3FQOy%2Bk%2FZSU6boH5aJ9ZCku%2BtpGDcn5LMjMOnuWgHM4P5SAZiaE%2B%2FXECzdXdMEGzw4YMo0ZAomjqEcTCH1FIpOwc1tKPETAbjAxUtI%2Bw8vGlvSmwcoXaJzsvHkb6hyTjZ%2BfxZp%2F6vTWg39q0YXuTKpwzCpoIZTqO4UWTFDvuNBlTPw%2FCMoQZD2Kyix%2F2LYipqxaIlN1mqIzUYriTYZp61NxuMwSTqdoN4SK2uUmkIlU2g5AnVHUDgPhfJQJB6KzENf7Pu0GSdB0E5YUq93Gpzzep3zZqclmqLe6CQBCr7kPkKejcD1CNzeQmZvoadGsMW3cNsVnPDgcoKBqFBKgtIRlJSgVARlTlAOqgdCu8hVD4V2BQvXOVrnejUxeXdMH5i8K1MyzhbkmZVhf737BD2579Oo04qDqB2HtJ00eNxhnIWyE0b1KOKi3YFTFZQ7Auo87Cy3Vy2QqTkh934DozM4PQNXL4AWz4OWk3YUgG5PGp0AO%2BmjImXa8J4UNSUgTIUs30B%2B0xvrBXluxePVt69C8r2tP8cbN%2B4c%2FwXcVshshffVdwRdfXdyxZTk%2FhVTOvL4Uparvtqhy6VezWkuj37xprxZGivOn3Gjz1%2FjS2BZPromXX6BpkKlXUe%2BPK2EkPacsVySb86765JdLtz26cKmRXbh8uvnzvczK51TJp2CLqV9%2BAG4mpNjXro6WH%2B4gLJT2KJCv9gj64AyM%2FDsFly2t%2FXpx5f%2BOCXegzMEVh%2FOsMxDWVQTG7HDT60ItDzsKavg5N7W99N7N078MwOT%2FxkydnfRtR5ofnt1pgNbYaArUD2CK56a5Jnd2%2Fq5vgow7U2Ytt59pq3%2B5MBcp%2FZ92UyCRAaRZEnMkjYNRJw0YkbjULZZk4bI3Zz%2FePbpfwEAAP%2F%2FAQAA%2F%2F%2F8V71ziAQAAA%3D%3D HTTP/1.1
Host: distributionrealmoth.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fitgirl-repacks.theunblock.net/
Cookie: u_pl=15816950; uid_id2=16259d6d-b64d-46f2-bca6-bc91ff88036d:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; sleca286902791a7f4c98bcb1e812322cd78=[3952979]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 22 Jan 2023 14:15:40 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 80c00ca8b3aa3d62b62f53ddee9d0148
Strict-Transport-Security: max-age=0; includeSubdomains
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash e8555cd54a728c10171ce72414331cdb
5bba7f55e623a10facf0117b3ad4739607385ec8
df970fea629aeffce2f22ff7b780006b10b957b4040aec6b7ddb42c5f546c44c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DF970FEA629AEFFCE2F22FF7B780006B10B957B4040AEC6B7DDB42C5F546C44C"
Last-Modified: Fri, 20 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14555
Expires: Sun, 22 Jan 2023 18:18:15 GMT
Date: Sun, 22 Jan 2023 14:15:40 GMT
Connection: keep-alive
cdn.barscreative1.com/sb/au/5e/2f/d4/5e2fd4b3d4c51bdf7b2952c27a9795ef/1652872195.html
45.133.44.3200 OK 955 B URL HTTP/2 cdn.barscreative1.com/sb/au/5e/2f/d4/5e2fd4b3d4c51bdf7b2952c27a9795ef/1652872195.html
IP 45.133.44.3:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document, ASCII text
Hash 3311b451b6e90781dab5ae61a1e4f65d
940e4700d9c5fbf74f8c15dcf10c28661e34cf2c
3def788280ca0f9ba09e050e3f3bfba82e5268fe2104f1c02a8f265c12774023
Analyzer Verdict Alert fortinet Phishing
GET /sb/au/5e/2f/d4/5e2fd4b3d4c51bdf7b2952c27a9795ef/1652872195.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://fitgirl-repacks.theunblock.net
Connection: keep-alive
Referer: http://fitgirl-repacks.theunblock.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 22 Jan 2023 14:15:40 GMT
content-type: text/html; charset=utf-8
content-length: 955
server: nginx/1.17.6
last-modified: Wed, 18 May 2022 11:09:59 GMT
etag: "6284d407-3bb"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
expires: Sun, 22 Jan 2023 15:15:40 GMT
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.33.119.27200 OK 344 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash f82a4633fe57b496fb5cd05288b04145
ac0346f5dcb9cf3e1a2cc701848f95ee57b0bfd2
a081933eef2483a8b7fe00e421b35ea57db032bbdae36b45d520935df4006425
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "A081933EEF2483A8B7FE00E421B35EA57DB032BBDAE36B45D520935DF4006425"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6599
Expires: Sun, 22 Jan 2023 16:05:39 GMT
Date: Sun, 22 Jan 2023 14:15:40 GMT
Connection: keep-alive
e1.o.lencr.org/
23.33.119.27200 OK 344 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash f82a4633fe57b496fb5cd05288b04145
ac0346f5dcb9cf3e1a2cc701848f95ee57b0bfd2
a081933eef2483a8b7fe00e421b35ea57db032bbdae36b45d520935df4006425
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "A081933EEF2483A8B7FE00E421B35EA57DB032BBDAE36B45D520935DF4006425"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6599
Expires: Sun, 22 Jan 2023 16:05:39 GMT
Date: Sun, 22 Jan 2023 14:15:40 GMT
Connection: keep-alive
e1.o.lencr.org/
23.33.119.27200 OK 344 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash f82a4633fe57b496fb5cd05288b04145
ac0346f5dcb9cf3e1a2cc701848f95ee57b0bfd2
a081933eef2483a8b7fe00e421b35ea57db032bbdae36b45d520935df4006425
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "A081933EEF2483A8B7FE00E421B35EA57DB032BBDAE36B45D520935DF4006425"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6599
Expires: Sun, 22 Jan 2023 16:05:39 GMT
Date: Sun, 22 Jan 2023 14:15:40 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 17b5497dcca96babf4213b1b57650fab
3a526e7aba95d5b5f478981622d8fceb7a30700e
7d035ad50cf4a906b236cbd1eebf42fd3fdfa76145b627eb3de2c02a0a004c3d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D035AD50CF4A906B236CBD1EEBF42FD3FDFA76145B627EB3DE2C02A0A004C3D"
Last-Modified: Fri, 20 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15325
Expires: Sun, 22 Jan 2023 18:31:05 GMT
Date: Sun, 22 Jan 2023 14:15:40 GMT
Connection: keep-alive
distributionrealmoth.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2F5e%2F2f%2Fd4%2F5e2fd4b3d4c51bdf7b2952c27a9795ef%2F1652872195.html&l=955&fd=323
192.243.61.225200 OK 0 B URL HTTP/1.1 distributionrealmoth.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2F5e%2F2f%2Fd4%2F5e2fd4b3d4c51bdf7b2952c27a9795ef%2F1652872195.html&l=955&fd=323
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2F5e%2F2f%2Fd4%2F5e2fd4b3d4c51bdf7b2952c27a9795ef%2F1652872195.html&l=955&fd=323 HTTP/1.1
Host: distributionrealmoth.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fitgirl-repacks.theunblock.net/
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 22 Jan 2023 14:15:40 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
cdn.cloudimagesb.com/si/e3/38/1c/e3381c2969587380b30458753c6349d5/1674361501.png
45.133.44.10200 OK 12 kB URL HTTP/2 cdn.cloudimagesb.com/si/e3/38/1c/e3381c2969587380b30458753c6349d5/1674361501.png
IP 45.133.44.10:0
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash c07f1baac701b672939b359081f813c7
d38ffbae259aae1e8ad3b38959339bb29da9b69f
85bc8e3de3651f6f03dc381ea4bbaff350d8973c37f598582838677817bf1826
GET /si/e3/38/1c/e3381c2969587380b30458753c6349d5/1674361501.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 22 Jan 2023 14:15:40 GMT
content-type: image/png
content-length: 12186
server: nginx/1.17.6
last-modified: Sun, 22 Jan 2023 04:25:10 GMT
etag: "63ccbaa6-2f9a"
expires: Tue, 24 Jan 2023 14:15:40 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/notifications/software/us/ios/desk-new-big/js/script.js
172.64.166.9200 OK 533 B URL HTTP/2 cdn.creative-bars1.com/sb/notifications/software/us/ios/desk-new-big/js/script.js
IP 172.64.166.9:0
Hash 0eb55c9dae7189fc18a3aedffa31e9f4
a7334ac51dd755e6460e5e5ee8b89738e3a6f98c
fd09d308b81bdb72811107e282de12b52096f2e40c3c2c36ccfac976d34910b6
GET /sb/notifications/software/us/ios/desk-new-big/js/script.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://fitgirl-repacks.theunblock.net
Connection: keep-alive
Referer: http://fitgirl-repacks.theunblock.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 22 Jan 2023 14:15:41 GMT
content-type: application/javascript
last-modified: Wed, 17 Feb 2021 11:44:05 GMT
etag: W/"602d0185-183"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LLhejqauMYMjLRRbSDLhu52RsLlehBd%2BZc3G%2FziwPmC2bmrfpZkzqxUVYZCp4penUO9RWuFXdgpXZi2YTphfHq6afz9%2BEClKe6Sz0tBSLJ5XjnlT1M8BLp7oi5GD%2FKxDAEIC19VDITPN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78d8e7306bd776bd-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
unphionetor.com/fv.js?t=72747&cb=1391342891
139.45.197.236200 OK 2.2 kB URL HTTP/2 unphionetor.com/fv.js?t=72747&cb=1391342891
IP 139.45.197.236:0
File type ASCII text, with very long lines (5213), with no line terminators
Hash 0254fb1dad74628b7ad0f97d304fac92
35f7af13a08eb87023ec7df4d3c35c21b2cde79d
47fb6ce428ca80ea69b772e4f66e4e5c622a4005db601746033d04511bd27536
Analyzer Verdict Alert quad9 Sinkholed
GET /fv.js?t=72747&cb=1391342891 HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://interstitial-07.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 22 Jan 2023 14:15:40 GMT
content-type: text/javascript; charset=utf8
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: c3d6d0161c854f248ad9e99fd1f22d4b
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/notifications/software/us/ios/desk-new-big/css/animate.css
172.64.166.9200 OK 4.8 kB URL HTTP/2 cdn.creative-bars1.com/sb/notifications/software/us/ios/desk-new-big/css/animate.css
IP 172.64.166.9:0
Hash 21eb7a65c17a2c22ba104a7ecbf1dc0f
ea8c53be54889c7489aed04e30e3eb83af64dec9
090bd9ceb9a58da038e5ed4a39dfbb63ece49ed4f4f0656ce35f7faa41a3b237
GET /sb/notifications/software/us/ios/desk-new-big/css/animate.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://fitgirl-repacks.theunblock.net
Connection: keep-alive
Referer: http://fitgirl-repacks.theunblock.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 22 Jan 2023 14:15:41 GMT
content-type: text/css
last-modified: Wed, 17 Feb 2021 11:44:02 GMT
etag: W/"602d0182-1358d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wtgqaPGqGoQx4%2FvpbBL1LcSXr7fQq6uFAxuXe3RZPKij9Ia5d6abWa2HHfPmgDvzisQuMOsuYG%2FWuo4bD1UIoeOIK82jCH1BjhoLdP9ihG0eofRq0dVPeyZ1jV5wtgr691u%2Fft7U3jTZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78d8e7305bc676bd-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/notifications/software/us/ios/desk-new-big/css/style.css
172.64.166.9200 OK 1.4 kB URL HTTP/2 cdn.creative-bars1.com/sb/notifications/software/us/ios/desk-new-big/css/style.css
IP 172.64.166.9:0
Hash 954946af293f20017b57891b7f1f1d43
0042745327e1848dffb87f07a86c8144b65b19b0
87874b145dd9c611a7be81faaf6fd92b9c6cd639a297c7b097c767317da9f755
GET /sb/notifications/software/us/ios/desk-new-big/css/style.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://fitgirl-repacks.theunblock.net
Connection: keep-alive
Referer: http://fitgirl-repacks.theunblock.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 22 Jan 2023 14:15:41 GMT
content-type: text/css
last-modified: Thu, 23 Sep 2021 12:16:53 GMT
etag: W/"614c7035-145e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=78DtrFTEpm%2B6bcSi0%2FqLdXuHZmlqTnQGbR7ggQOGtdMLQk3HV1cWhWmh5WazZSUmPGGjA7qoTLTtV8d%2FqBql2EoHhYWzQ8rO9MaUdtgH%2BzcQ%2BMUeiC154iE8rVjKxboW%2Fe7mKLINVmp9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78d8e7306bd676bd-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
distributionrealmoth.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRSujptTvBi8eBAa8RDBnXT3%2FOoxwmJMIsGYxCQSkVzqV8%2BWU9PVVHVPTxYP0UDIRTKe9NjzTZJFDWL%2BAEFm9CCLB0dB9%2BD4F3gQMWeZ2cHFd6j3Xn3v8H3fe3fGxYIEKOj%2B5bfMjtKanmzWAv%2FEdZUKUzr%2F4jU%2FDGrBKf%2B6SluNU%2F5w%2BdjBK2HQrAUv%2BW9I3jMnoyAMgjAI%2FXPKysQMT65QqOxRJ6x1glojqoXNBob2%2F70rPDjqQQwW5DiUmB%2Fd%2FuExFJ8i7X99RrpebrKXz%2FYLTXNjMRC776S91JQp%2BodlYj0k6e56GsbNCfnsCEy6u1YAM7i%2FVACm5sT7NQRLd9c0wQYPDpgyDZmCiWMoB1NIPYWiU3BzG0r8RAAucPES0v7Di8aW9OYBSpfonGw8%2BRuqnJON359F2v%2FqtFZD%2F6rRRa5M6jBMKqjhFKo7RVbMkO94UOUMPP8IShCk%2FQpK7L8YtqJmR7TEJms1xGajlUSbjNPWJuOdMEniOKi3xMoapaZQyRRajkDdERTOQ6E8FImHIvPQF%2Fs%2BbXaSIGgnLKnX4wbnvF7nvBm3RFPUG3ESoOBL7iPk2Qhcj8DtLWT2FnpqBFt8C7ddwQkPLicYiAqlJCgdQUkJSkVQ5gTloHogtItc9VBoV7BwnaN1rlcTk3fH9IHJuzIl42xBnlkZ9te7T9CT%2Bz6N4lYniNqdkLaTBu%2FEjLNQxmFUjyIu2jGcqqDcEVDnYWe5vWqBTM0JufcbGJ3B6Rm4egG0eB60nLSjAHR70ogD7KSPipRpw3tS1JSAMBWyfAP5TW%2BsF%2BS5FY9X374Kyfe2%2Fhxv3Lhz%2FBdwWyGzFd5X3xF09d3JFVOS%2B1dM6cjjS1mu%2BmqHLpd6Nae5PPrFm%2FJmaaw4f8aNPn%2BNL4Fl%2BeiadPkFmgqVdh358rQSQtpzxnJJvjnvrkt2uXDbpwubFtmFy6%2BfO9%2FPrHROmXQKupT24Qfgak6OeenqYP3hAspOYYsK%2FWKPrAPKzMCzW3DZ3tanH1%2F645R4D84QWH04wzIPZVFNbMQOP7Ui0PKwp6yCk3tb30%2Fv3TjxzwxM%2FmfI2N1F13qg%2Be3VmQ5shYGuQPUIrnhqkmd2b%2Bvn%2BirAtDdh2nr3mbb6kwNzndr3m2FDxixucyGY5CJsR%2FW4HgSREI12R4Yd5G7Ofzz79L8AAAD%2F%2FwEAAP%2F%2F6F8zlYgEAAA%3D
192.243.61.225200 OK 7 B URL HTTP/1.1 distributionrealmoth.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRSujptTvBi8eBAa8RDBnXT3%2FOoxwmJMIsGYxCQSkVzqV8%2BWU9PVVHVPTxYP0UDIRTKe9NjzTZJFDWL%2BAEFm9CCLB0dB9%2BD4F3gQMWeZ2cHFd6j3Xn3v8H3fe3fGxYIEKOj%2B5bfMjtKanmzWAv%2FEdZUKUzr%2F4jU%2FDGrBKf%2B6SluNU%2F5w%2BdjBK2HQrAUv%2BW9I3jMnoyAMgjAI%2FXPKysQMT65QqOxRJ6x1glojqoXNBob2%2F70rPDjqQQwW5DiUmB%2Fd%2FuExFJ8i7X99RrpebrKXz%2FYLTXNjMRC776S91JQp%2BodlYj0k6e56GsbNCfnsCEy6u1YAM7i%2FVACm5sT7NQRLd9c0wQYPDpgyDZmCiWMoB1NIPYWiU3BzG0r8RAAucPES0v7Di8aW9OYBSpfonGw8%2BRuqnJON359F2v%2FqtFZD%2F6rRRa5M6jBMKqjhFKo7RVbMkO94UOUMPP8IShCk%2FQpK7L8YtqJmR7TEJms1xGajlUSbjNPWJuOdMEniOKi3xMoapaZQyRRajkDdERTOQ6E8FImHIvPQF%2Fs%2BbXaSIGgnLKnX4wbnvF7nvBm3RFPUG3ESoOBL7iPk2Qhcj8DtLWT2FnpqBFt8C7ddwQkPLicYiAqlJCgdQUkJSkVQ5gTloHogtItc9VBoV7BwnaN1rlcTk3fH9IHJuzIl42xBnlkZ9te7T9CT%2Bz6N4lYniNqdkLaTBu%2FEjLNQxmFUjyIu2jGcqqDcEVDnYWe5vWqBTM0JufcbGJ3B6Rm4egG0eB60nLSjAHR70ogD7KSPipRpw3tS1JSAMBWyfAP5TW%2BsF%2BS5FY9X374Kyfe2%2Fhxv3Lhz%2FBdwWyGzFd5X3xF09d3JFVOS%2B1dM6cjjS1mu%2BmqHLpd6Nae5PPrFm%2FJmaaw4f8aNPn%2BNL4Fl%2BeiadPkFmgqVdh358rQSQtpzxnJJvjnvrkt2uXDbpwubFtmFy6%2BfO9%2FPrHROmXQKupT24Qfgak6OeenqYP3hAspOYYsK%2FWKPrAPKzMCzW3DZ3tanH1%2F645R4D84QWH04wzIPZVFNbMQOP7Ui0PKwp6yCk3tb30%2Fv3TjxzwxM%2FmfI2N1F13qg%2Be3VmQ5shYGuQPUIrnhqkmd2b%2Bvn%2BirAtDdh2nr3mbb6kwNzndr3m2FDxixucyGY5CJsR%2FW4HgSREI12R4Yd5G7Ofzz79L8AAAD%2F%2FwEAAP%2F%2F6F8zlYgEAAA%3D
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRSujptTvBi8eBAa8RDBnXT3%2FOoxwmJMIsGYxCQSkVzqV8%2BWU9PVVHVPTxYP0UDIRTKe9NjzTZJFDWL%2BAEFm9CCLB0dB9%2BD4F3gQMWeZ2cHFd6j3Xn3v8H3fe3fGxYIEKOj%2B5bfMjtKanmzWAv%2FEdZUKUzr%2F4jU%2FDGrBKf%2B6SluNU%2F5w%2BdjBK2HQrAUv%2BW9I3jMnoyAMgjAI%2FXPKysQMT65QqOxRJ6x1glojqoXNBob2%2F70rPDjqQQwW5DiUmB%2Fd%2FuExFJ8i7X99RrpebrKXz%2FYLTXNjMRC776S91JQp%2BodlYj0k6e56GsbNCfnsCEy6u1YAM7i%2FVACm5sT7NQRLd9c0wQYPDpgyDZmCiWMoB1NIPYWiU3BzG0r8RAAucPES0v7Di8aW9OYBSpfonGw8%2BRuqnJON359F2v%2FqtFZD%2F6rRRa5M6jBMKqjhFKo7RVbMkO94UOUMPP8IShCk%2FQpK7L8YtqJmR7TEJms1xGajlUSbjNPWJuOdMEniOKi3xMoapaZQyRRajkDdERTOQ6E8FImHIvPQF%2Fs%2BbXaSIGgnLKnX4wbnvF7nvBm3RFPUG3ESoOBL7iPk2Qhcj8DtLWT2FnpqBFt8C7ddwQkPLicYiAqlJCgdQUkJSkVQ5gTloHogtItc9VBoV7BwnaN1rlcTk3fH9IHJuzIl42xBnlkZ9te7T9CT%2Bz6N4lYniNqdkLaTBu%2FEjLNQxmFUjyIu2jGcqqDcEVDnYWe5vWqBTM0JufcbGJ3B6Rm4egG0eB60nLSjAHR70ogD7KSPipRpw3tS1JSAMBWyfAP5TW%2BsF%2BS5FY9X374Kyfe2%2Fhxv3Lhz%2FBdwWyGzFd5X3xF09d3JFVOS%2B1dM6cjjS1mu%2BmqHLpd6Nae5PPrFm%2FJmaaw4f8aNPn%2BNL4Fl%2BeiadPkFmgqVdh358rQSQtpzxnJJvjnvrkt2uXDbpwubFtmFy6%2BfO9%2FPrHROmXQKupT24Qfgak6OeenqYP3hAspOYYsK%2FWKPrAPKzMCzW3DZ3tanH1%2F645R4D84QWH04wzIPZVFNbMQOP7Ui0PKwp6yCk3tb30%2Fv3TjxzwxM%2FmfI2N1F13qg%2Be3VmQ5shYGuQPUIrnhqkmd2b%2Bvn%2BirAtDdh2nr3mbb6kwNzndr3m2FDxixucyGY5CJsR%2FW4HgSREI12R4Yd5G7Ofzz79L8AAAD%2F%2FwEAAP%2F%2F6F8zlYgEAAA%3D HTTP/1.1
Host: distributionrealmoth.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fitgirl-repacks.theunblock.net/
Cookie: u_pl=15816950; uid_id2=16259d6d-b64d-46f2-bca6-bc91ff88036d:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; sleca286902791a7f4c98bcb1e812322cd78=[3952979]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 22 Jan 2023 14:15:41 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 584d6041b2a6784b5505c8c282924f2d
Strict-Transport-Security: max-age=0; includeSubdomains
distributionrealmoth.com/pixel/sbs?c=1
192.243.61.225200 OK 0 B URL HTTP/1.1 distributionrealmoth.com/pixel/sbs?c=1
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbs?c=1 HTTP/1.1
Host: distributionrealmoth.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fitgirl-repacks.theunblock.net/
Cookie: u_pl=15816950; uid_id2=16259d6d-b64d-46f2-bca6-bc91ff88036d:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; sleca286902791a7f4c98bcb1e812322cd78=[3952979]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 22 Jan 2023 14:15:41 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
cdn.creative-bars1.com/sb/notifications/software/us/ios/desk-new-big/SFUIText-Regular.woff
172.64.166.9200 OK 73 kB URL HTTP/2 cdn.creative-bars1.com/sb/notifications/software/us/ios/desk-new-big/SFUIText-Regular.woff
IP 172.64.166.9:0
File type Web Open Font Format, TrueType, length 72696, version 11.0\012- data
Hash 53d97caea7ef8a12beab745fcc5744e1
b8c70e4f67957e4f2cb809a58d84c773a3bde6d0
542772868e28df6d786b6f00f9dec929cba214d928cb013b32588485b46f8715
GET /sb/notifications/software/us/ios/desk-new-big/SFUIText-Regular.woff HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://fitgirl-repacks.theunblock.net
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 22 Jan 2023 14:15:41 GMT
content-type: application/font-woff
content-length: 72696
last-modified: Wed, 17 Feb 2021 11:42:38 GMT
etag: "602d012e-11bf8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VbdZwLfqtvQZRAebAuYjqxqLJ1i5wH%2FwwmA3brOLVlg1vIzgByBOjWBl3YkbTOLdmtjjh9rpiQtOLP1X1kp3HnmQeOzo3PD%2BUd6OwNTm6a6A1d6PUzOYKJkLxEpIot8iG09aKh%2Bm9uYe"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78d8e732cebf76bd-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rndskittytor.com/500/4837723?excludes=&oaid=4ccd948d81024406b973b7bc8e547770&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=6&pl=http%3A%2F%2Ffitgirl-repacks.theunblock.net%2Fold-world%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.238200 OK 0 B URL HTTP/1.1 rndskittytor.com/500/4837723?excludes=&oaid=4ccd948d81024406b973b7bc8e547770&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=6&pl=http%3A%2F%2Ffitgirl-repacks.theunblock.net%2Fold-world%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.238:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
OPTIONS /500/4837723?excludes=&oaid=4ccd948d81024406b973b7bc8e547770&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=6&pl=http%3A%2F%2Ffitgirl-repacks.theunblock.net%2Fold-world%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: rndskittytor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: http://fitgirl-repacks.theunblock.net/
Origin: http://fitgirl-repacks.theunblock.net
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 22 Jan 2023 14:15:42 GMT
Content-Length: 0
Connection: keep-alive
Allow: GET, OPTIONS
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Origin: http://fitgirl-repacks.theunblock.net
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 600
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Timing-Allow-Origin: *
rndskittytor.com/500/4837723?excludes=&oaid=4ccd948d81024406b973b7bc8e547770&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=6&pl=http%3A%2F%2Ffitgirl-repacks.theunblock.net%2Fold-world%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.238200 OK 940 B URL HTTP/1.1 rndskittytor.com/500/4837723?excludes=&oaid=4ccd948d81024406b973b7bc8e547770&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=6&pl=http%3A%2F%2Ffitgirl-repacks.theunblock.net%2Fold-world%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.238:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (1170), with no line terminators
Hash 2eb0de1d449e9f958141c39a04f56509
87255ba4ce440ddf8edb0fdfb64d8a853553b212
fdcc026bbf3af71704fa3b531e9fdca6647bf60aea75134d042c8f26ce0130de
Analyzer Verdict Alert quad9 Sinkholed
GET /500/4837723?excludes=&oaid=4ccd948d81024406b973b7bc8e547770&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=6&pl=http%3A%2F%2Ffitgirl-repacks.theunblock.net%2Fold-world%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: rndskittytor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/json
Origin: http://fitgirl-repacks.theunblock.net
Connection: keep-alive
Referer: http://fitgirl-repacks.theunblock.net/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 22 Jan 2023 14:15:42 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: e9bd28ede3294ee32524e6e2879459df
Pragma: no-cache
Expires: Tue, 11 Jan 1994 10:00:00 GMT
Cache-Control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Vary: Origin
Access-Control-Allow-Origin: http://fitgirl-repacks.theunblock.net
Access-Control-Expose-Headers: Link
Access-Control-Allow-Credentials: true
Set-Cookie: OAID=4ccd948d81024406b973b7bc8e547770; expires=Mon, 22 Jan 2024 14:15:42 GMT; path=/; secure; SameSite=None
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Timing-Allow-Origin: *, *
Content-Encoding: gzip
metrica-yandex.com/metrika/tag.js?1001
172.67.193.32200 OK 0 B URL HTTP/2 metrica-yandex.com/metrika/tag.js?1001
IP 172.67.193.32:0
GET /metrika/tag.js?1001 HTTP/1.1
Host: metrica-yandex.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fitgirl-repacks.theunblock.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 22 Jan 2023 14:15:35 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Thu, 30 Sep 2021 23:00:22 GMT
etag: W/"61564186-eb6f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 289902
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DFDR1KzNfUhncXVlBgybzzJENxf8uk31HEevhtgQrwfIfvfN4zgtd9zQYgqJnEccWdfjIKWuVVZVLvag1inUUiWZAGUm56QwKz06lG6b6TxBtiK2rUVTI2DahPexT5wHOA1B2Oc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78d8e70d3ad5b4ff-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
interstitial-07.com/?l=5m6UFzXYYi5sfZO&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fbenumelan.com%2F12%3Frnd%3D538025895%26z%3D3372123%26b%3D16380033%26c%3D6511541%26var%3D%26d%3Dhttps%253A%252F%252Fsingelstodate.com%252Fbase.php%253Fc%253D1499%2526key%253D078e8e1696ef5f705a04995394169693%2526zoneid%253D%257Bzoneid%257D%2526cost%253D%257Bcost%257D%2526subid%253D%2524%257BSUBID%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3DF2MGKKtr8JtfQCmV6bhqOsnZDFLaB7s9m6Gy11C2XK5ZlWtEi6tXOyHuyKEfrExtHfUHpn27i99Qk6D7aku3gG30OSedV62v-L1ZpxkZeo-UsAe9S3Hg9U7B8ZtIv_V6kWO1tbCkM7Ocyni9s4s19twoq2Pun7q0JZLQjyWwuHC1F2PszYOZcls-3xxp0SDmiLCXkTKs8AUunkqfH0ZjOyQ06618hLGMy1x6PFYI7jr34SyQNJiFVfUBY981mbWs1I5r6OHY4O9OKdZOymJhZgNOjrIAu_C3rg8uP_k479iNqDp1NbSWvm9L5-0FAejp8XKUUV28I9I105KRhCGNr1PoT3E-ioKTnVQ6JM8t5WYI20Tc7d7PT1oebYI0xAlbRUtcz5MLUweK6eMXG1rQCkBn8d03YCv4Pv96VWGgiyL_y-5zn8okrUdEpNdwyWy7jKVCVTBP-hSg2w5HmDHxrda82kL1btFEMAmUvIH2A0xxIqAxc_ZYEDzQqTi5_-R_5H-GO06UO4chAa_8nU0OP93KsceBOvq2rUMuzr2zEvjaoOG47lEg9KLYncsCBSnlap8fwXOxOFiAYz4zQgbD-djmClN8Hpp6%26bag%3DmtlVseJPZwq8MrL-yExcig%3D%3D%26ruid%3De35ea401-4d65-4223-83f6-fbba0e0a9f03%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttp%253A%252F%252Ffitgirl-repacks.theunblock.net%252Fold-world%252F%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1268%26wiw%3D1280%26wih%3D939%26wfc%3D3%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
139.45.197.152200 OK 0 B URL HTTP/2 interstitial-07.com/?l=5m6UFzXYYi5sfZO&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fbenumelan.com%2F12%3Frnd%3D538025895%26z%3D3372123%26b%3D16380033%26c%3D6511541%26var%3D%26d%3Dhttps%253A%252F%252Fsingelstodate.com%252Fbase.php%253Fc%253D1499%2526key%253D078e8e1696ef5f705a04995394169693%2526zoneid%253D%257Bzoneid%257D%2526cost%253D%257Bcost%257D%2526subid%253D%2524%257BSUBID%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3DF2MGKKtr8JtfQCmV6bhqOsnZDFLaB7s9m6Gy11C2XK5ZlWtEi6tXOyHuyKEfrExtHfUHpn27i99Qk6D7aku3gG30OSedV62v-L1ZpxkZeo-UsAe9S3Hg9U7B8ZtIv_V6kWO1tbCkM7Ocyni9s4s19twoq2Pun7q0JZLQjyWwuHC1F2PszYOZcls-3xxp0SDmiLCXkTKs8AUunkqfH0ZjOyQ06618hLGMy1x6PFYI7jr34SyQNJiFVfUBY981mbWs1I5r6OHY4O9OKdZOymJhZgNOjrIAu_C3rg8uP_k479iNqDp1NbSWvm9L5-0FAejp8XKUUV28I9I105KRhCGNr1PoT3E-ioKTnVQ6JM8t5WYI20Tc7d7PT1oebYI0xAlbRUtcz5MLUweK6eMXG1rQCkBn8d03YCv4Pv96VWGgiyL_y-5zn8okrUdEpNdwyWy7jKVCVTBP-hSg2w5HmDHxrda82kL1btFEMAmUvIH2A0xxIqAxc_ZYEDzQqTi5_-R_5H-GO06UO4chAa_8nU0OP93KsceBOvq2rUMuzr2zEvjaoOG47lEg9KLYncsCBSnlap8fwXOxOFiAYz4zQgbD-djmClN8Hpp6%26bag%3DmtlVseJPZwq8MrL-yExcig%3D%3D%26ruid%3De35ea401-4d65-4223-83f6-fbba0e0a9f03%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttp%253A%252F%252Ffitgirl-repacks.theunblock.net%252Fold-world%252F%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1268%26wiw%3D1280%26wih%3D939%26wfc%3D3%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
IP 139.45.197.152:0
GET /?l=5m6UFzXYYi5sfZO&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fbenumelan.com%2F12%3Frnd%3D538025895%26z%3D3372123%26b%3D16380033%26c%3D6511541%26var%3D%26d%3Dhttps%253A%252F%252Fsingelstodate.com%252Fbase.php%253Fc%253D1499%2526key%253D078e8e1696ef5f705a04995394169693%2526zoneid%253D%257Bzoneid%257D%2526cost%253D%257Bcost%257D%2526subid%253D%2524%257BSUBID%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3DF2MGKKtr8JtfQCmV6bhqOsnZDFLaB7s9m6Gy11C2XK5ZlWtEi6tXOyHuyKEfrExtHfUHpn27i99Qk6D7aku3gG30OSedV62v-L1ZpxkZeo-UsAe9S3Hg9U7B8ZtIv_V6kWO1tbCkM7Ocyni9s4s19twoq2Pun7q0JZLQjyWwuHC1F2PszYOZcls-3xxp0SDmiLCXkTKs8AUunkqfH0ZjOyQ06618hLGMy1x6PFYI7jr34SyQNJiFVfUBY981mbWs1I5r6OHY4O9OKdZOymJhZgNOjrIAu_C3rg8uP_k479iNqDp1NbSWvm9L5-0FAejp8XKUUV28I9I105KRhCGNr1PoT3E-ioKTnVQ6JM8t5WYI20Tc7d7PT1oebYI0xAlbRUtcz5MLUweK6eMXG1rQCkBn8d03YCv4Pv96VWGgiyL_y-5zn8okrUdEpNdwyWy7jKVCVTBP-hSg2w5HmDHxrda82kL1btFEMAmUvIH2A0xxIqAxc_ZYEDzQqTi5_-R_5H-GO06UO4chAa_8nU0OP93KsceBOvq2rUMuzr2zEvjaoOG47lEg9KLYncsCBSnlap8fwXOxOFiAYz4zQgbD-djmClN8Hpp6%26bag%3DmtlVseJPZwq8MrL-yExcig%3D%3D%26ruid%3De35ea401-4d65-4223-83f6-fbba0e0a9f03%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttp%253A%252F%252Ffitgirl-repacks.theunblock.net%252Fold-world%252F%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1268%26wiw%3D1280%26wih%3D939%26wfc%3D3%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0 HTTP/1.1
Host: interstitial-07.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fitgirl-repacks.theunblock.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 22 Jan 2023 14:15:40 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.4.26
set-cookie: reverse=HktUlKnubMj25qCY7xYuJkajCj7dG6c59EcS7cSR28s; expires=Sun, 22-Jan-2023 15:15:39 GMT; Max-Age=3600; path=/
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-encoding: br
X-Firefox-Spdy: h2
fitgirl-repacks.theunblock.net/wp-content/themes/twentyfourteen/css/blocks.css?ver=20190102
104.21.23.213200 OK 0 B URL HTTP/2 fitgirl-repacks.theunblock.net/wp-content/themes/twentyfourteen/css/blocks.css?ver=20190102
IP 104.21.23.213:0
GET /wp-content/themes/twentyfourteen/css/blocks.css?ver=20190102 HTTP/1.1
Host: fitgirl-repacks.theunblock.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fitgirl-repacks.theunblock.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 22 Jan 2023 14:15:35 GMT
content-type: text/css;charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
access-control-allow-origin: *
cf-cache-status: BYPASS
set-cookie: view=1; expires=Mon, 23-Jan-2023 14:15:35 GMT; Max-Age=86400
PHPSESSID=hsm6bfcp1uvu9al6mdca2pifhn; path=/
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qvK%2BuJ6etSdnZadusbL0G5xvCjUOVQGkqN2xTD7Duk6B0ZsizNkfKFUOTj9FwYykVfFAt289BdLlb1evJTu%2BXV7LYXqxxRlVj07ct4Qj29tC6ZGdFp8YmPZDfz3QHaaImtrK%2FJ7trYAYZ1CpiXC09Lk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78d8e710ebb3b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fitgirl-repacks.theunblock.net/wp-content/plugins/jetpack/_inc/genericons/genericons/genericons.css?ver=3.1
104.21.23.213200 OK 0 B URL HTTP/2 fitgirl-repacks.theunblock.net/wp-content/plugins/jetpack/_inc/genericons/genericons/genericons.css?ver=3.1
IP 104.21.23.213:0
GET /wp-content/plugins/jetpack/_inc/genericons/genericons/genericons.css?ver=3.1 HTTP/1.1
Host: fitgirl-repacks.theunblock.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fitgirl-repacks.theunblock.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 22 Jan 2023 14:15:36 GMT
content-type: text/css;charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
access-control-allow-origin: *
cf-cache-status: BYPASS
set-cookie: view=1; expires=Mon, 23-Jan-2023 14:15:35 GMT; Max-Age=86400
PHPSESSID=0qv38tmfep3qil6ksbeuobh2v2; path=/
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a3aszBK5ouKlfui3I65LblhG25owRkJUrumLCuXzvMkI7GXeep1iUnR2rs9%2BfHh1Kpnghl61rgX4KIDxspJt6d6UEMiJ39nWCisQFZxfZSI%2BpEsEb5iX%2Br1kp%2FPLq%2FrNmzSzf%2Bl5Ef7E0OdjBlVQYdw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78d8e710fbe0b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
benumelan.com/9?z=3372123&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=http%3A%2F%2Ffitgirl-repacks.theunblock.net%2Fold-world%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&sah=1002&drf=&hil=1&ist=0&oaid=u0ik261664xc873674984g0e1qips858
139.45.197.239200 OK 0 B URL HTTP/2 benumelan.com/9?z=3372123&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=http%3A%2F%2Ffitgirl-repacks.theunblock.net%2Fold-world%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&sah=1002&drf=&hil=1&ist=0&oaid=u0ik261664xc873674984g0e1qips858
IP 139.45.197.239:0
Analyzer Verdict Alert quad9 Sinkholed
POST /9?z=3372123&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=http%3A%2F%2Ffitgirl-repacks.theunblock.net%2Fold-world%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&sah=1002&drf=&hil=1&ist=0&oaid=u0ik261664xc873674984g0e1qips858 HTTP/1.1
Host: benumelan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 121
Origin: http://fitgirl-repacks.theunblock.net
Connection: keep-alive
Referer: http://fitgirl-repacks.theunblock.net/
Cookie: scm=1; OAID=a1ebc6874496458b99cc320ab53fb384; oaidts=1674396936
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 22 Jan 2023 14:15:38 GMT
content-type: application/json
access-control-allow-credentials: true
access-control-allow-origin: http://fitgirl-repacks.theunblock.net
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: ffbc838018490c3545467737fb465370
access-control-expose-headers: X-Sc
set-cookie: OAID=u0ik261664xc873674984g0e1qips858; expires=Mon, 22 Jan 2024 14:15:38 GMT; secure; SameSite=None
oaidts=1674396936; expires=Mon, 22 Jan 2024 14:15:38 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
fitgirl-repacks.theunblock.net/wp-content/plugins/shortcodes-ultimate/includes/css/shortcodes.css?ver=5.12.0
104.21.23.213200 OK 0 B URL HTTP/2 fitgirl-repacks.theunblock.net/wp-content/plugins/shortcodes-ultimate/includes/css/shortcodes.css?ver=5.12.0
IP 104.21.23.213:0
GET /wp-content/plugins/shortcodes-ultimate/includes/css/shortcodes.css?ver=5.12.0 HTTP/1.1
Host: fitgirl-repacks.theunblock.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fitgirl-repacks.theunblock.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 22 Jan 2023 14:15:35 GMT
content-type: text/css;charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
access-control-allow-origin: *
cf-cache-status: BYPASS
set-cookie: view=1; expires=Mon, 23-Jan-2023 14:15:35 GMT; Max-Age=86400
PHPSESSID=0dqhtu8cinn70ku6neoikv9c2n; path=/
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jtlxHXTqLzFTbPhXRPrZ16VTNVcK7mpSV8TqdStEUDj2Uw%2B1WTEfXR33iqD0C3oCc6h3WYax94eYRCauyoVDyi6ds%2FPQQgNwtVt1vTjx%2B9mWvK2B7TMz83YopZ0NzXIUmXJT6Fs6Z6qYImp9I5Kuo2k%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78d8e710fbddb511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ecma.sidebyz.com/j/m/w2.js.php
172.67.167.53200 OK 0 B URL HTTP/2 ecma.sidebyz.com/j/m/w2.js.php
IP 172.67.167.53:0
GET /j/m/w2.js.php HTTP/1.1
Host: ecma.sidebyz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fitgirl-repacks.theunblock.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 22 Jan 2023 14:15:37 GMT
content-type: application/javascript; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate, max-age=0
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CdJSAB6qjw0KGLqejFKHLwkuzxqRcLv%2FyW2QTOJSbK0FaQcGi19fOF3yUTzj2WrPofLYGR3%2F6RG%2FsHduHswnJrZpC0ZDJ9I9op1HuhbVsxJFmq7noDXclkTrnfMkUvyNGhBl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78d8e7186c15b521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.youtube.com/embed/IFzUTKsrbN8
142.250.74.46200 OK 0 B URL HTTP/2 www.youtube.com/embed/IFzUTKsrbN8
IP 142.250.74.46:0
GET /embed/IFzUTKsrbN8 HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fitgirl-repacks.theunblock.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 22 Jan 2023 14:15:35 GMT
strict-transport-security: max-age=31536000
cross-origin-resource-policy: cross-origin
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=K7G3M8Gb9kU; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
DEVICE_INFO=ChxOekU1TVRRNE1EQTNOelk0TlRNM05ESXlPQT09EIeKtZ4GGIeKtZ4G; Domain=.youtube.com; Expires=Fri, 21-Jul-2023 14:15:35 GMT; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=qtecfB4OpO4; Domain=.youtube.com; Expires=Fri, 21-Jul-2023 14:15:35 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+219; expires=Tue, 21-Jan-2025 14:15:35 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.itskiddien.club/apu.php?zoneid=3388548
139.45.197.236200 OK 0 B URL HTTP/2 cdn.itskiddien.club/apu.php?zoneid=3388548
IP 139.45.197.236:0
GET /apu.php?zoneid=3388548 HTTP/1.1
Host: cdn.itskiddien.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fitgirl-repacks.theunblock.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 22 Jan 2023 14:15:37 GMT
content-type: application/javascript
x-trace-id: 6cc64e14c435655c239c70bec938513f
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=ebfdc0ee50644999b5b0d8471fd569b6; expires=Mon, 22 Jan 2024 14:15:37 GMT; path=/; secure; SameSite=None
oaidts=1674396937; expires=Mon, 22 Jan 2024 14:15:37 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
theusualsuspects.biz/j/m/qqqq.js
104.21.56.226200 OK 0 B URL HTTP/2 theusualsuspects.biz/j/m/qqqq.js
IP 104.21.56.226:0
GET /j/m/qqqq.js HTTP/1.1
Host: theusualsuspects.biz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fitgirl-repacks.theunblock.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 22 Jan 2023 14:15:35 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Tue, 02 Mar 2021 03:16:06 GMT
etag: W/"603dadf6-bcdf"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 1327910
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AJrPHOnwkIQ%2BO%2FWAVuVvgsPsiG%2Fn4UHW1kgqWrMm7nrjJbhJxhZKuTMAlyd9J29XFTDy1NC4jQBpGZAABGmne0vQKCFlpZNAYTwPXE0Y98eeqWNU5KvYVv9L%2FtZ0q71aqQHYJaCh6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78d8e711da920b51-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
mc.yandex.ru/watch/90922641?wmode=7&page-url=http%3A%2F%2Ffitgirl-repacks.theunblock.net%2Fold-world%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A1437%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A2%3Adp%3A0%3Als%3A1404194357676%3Ahid%3A650562248%3Az%3A0%3Ai%3A20230122141537%3Aet%3A1674396938%3Ac%3A1%3Arn%3A732332288%3Arqn%3A1%3Au%3A1674396937154455138%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C133%2C0%2C1%2C0%2C%2C1844%2C1%2C%2C%2C%2C2258%3Aco%3A0%3Ans%3A1674396934125%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1674396938%3At%3AOld%20World%3A%20Complete%20-%20v.1.0.64528%20%2B%20Heroes%20of%20the%20Aegean%20DLC%20-%20FitGirl%20Repacks&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)
87.250.250.119302 Found 0 B URL HTTP/2 mc.yandex.ru/watch/90922641?wmode=7&page-url=http%3A%2F%2Ffitgirl-repacks.theunblock.net%2Fold-world%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A1437%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A2%3Adp%3A0%3Als%3A1404194357676%3Ahid%3A650562248%3Az%3A0%3Ai%3A20230122141537%3Aet%3A1674396938%3Ac%3A1%3Arn%3A732332288%3Arqn%3A1%3Au%3A1674396937154455138%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C133%2C0%2C1%2C0%2C%2C1844%2C1%2C%2C%2C%2C2258%3Aco%3A0%3Ans%3A1674396934125%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1674396938%3At%3AOld%20World%3A%20Complete%20-%20v.1.0.64528%20%2B%20Heroes%20of%20the%20Aegean%20DLC%20-%20FitGirl%20Repacks&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)
IP 87.250.250.119:0
GET /watch/90922641?wmode=7&page-url=http%3A%2F%2Ffitgirl-repacks.theunblock.net%2Fold-world%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A1437%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A2%3Adp%3A0%3Als%3A1404194357676%3Ahid%3A650562248%3Az%3A0%3Ai%3A20230122141537%3Aet%3A1674396938%3Ac%3A1%3Arn%3A732332288%3Arqn%3A1%3Au%3A1674396937154455138%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C133%2C0%2C1%2C0%2C%2C1844%2C1%2C%2C%2C%2C2258%3Aco%3A0%3Ans%3A1674396934125%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1674396938%3At%3AOld%20World%3A%20Complete%20-%20v.1.0.64528%20%2B%20Heroes%20of%20the%20Aegean%20DLC%20-%20FitGirl%20Repacks&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://fitgirl-repacks.theunblock.net
Connection: keep-alive
Referer: http://fitgirl-repacks.theunblock.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /watch/90922641/1?wmode=7&page-url=http%3A%2F%2Ffitgirl-repacks.theunblock.net%2Fold-world%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asm0eap24hzlr84c06sesn%3Afp%3A1437%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A2%3Adp%3A0%3Als%3A1404194357676%3Ahid%3A650562248%3Az%3A0%3Ai%3A20230122141537%3Aet%3A1674396938%3Ac%3A1%3Arn%3A732332288%3Arqn%3A1%3Au%3A1674396937154455138%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C133%2C0%2C1%2C0%2C%2C1844%2C1%2C%2C%2C%2C2258%3Aco%3A0%3Ans%3A1674396934125%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1674396938%3At%3AOld%20World%3A%20Complete%20-%20v.1.0.64528%20%2B%20Heroes%20of%20the%20Aegean%20DLC%20-%20FitGirl%20Repacks&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
date: Sun, 22 Jan 2023 14:15:38 GMT
access-control-allow-origin: http://fitgirl-repacks.theunblock.net
set-cookie: yabs-sid=1075137521674396938; Path=/; SameSite=None; Secure
i=lknC8pwGYf4VdB99X4l6v7+u7Ln5m7bAuyMGd9Udnccs5zyD3F99zH2zQp7P2OCd8lNEEvfNYLCFY43auDj9mmODcMY=; Expires=Wed, 19-Jan-2033 14:15:37 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
yandexuid=7656016781674396938; Expires=Mon, 22-Jan-2024 14:15:38 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=7656016781674396938; Expires=Mon, 22-Jan-2024 14:15:38 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
ymex=1705932938.yc.1674396938#1705932938.yrts.1674396938#1705932938.yrtsi.1674396938; Expires=Mon, 22-Jan-2024 14:15:38 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sun, 22-Jan-2023 14:15:38 GMT
last-modified: Sun, 22-Jan-2023 14:15:38 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
www.youtube.com/embed/72QAAOaYW2M
142.250.74.46200 OK 0 B URL HTTP/2 www.youtube.com/embed/72QAAOaYW2M
IP 142.250.74.46:0
GET /embed/72QAAOaYW2M HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fitgirl-repacks.theunblock.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 22 Jan 2023 14:15:36 GMT
strict-transport-security: max-age=31536000
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-resource-policy: cross-origin
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=2i2NZDndSeQ; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
DEVICE_INFO=ChxOekU1TVRRNE1EQTRNRGsxTmpreE9UWTBPUT09EIiKtZ4GGIiKtZ4G; Domain=.youtube.com; Expires=Fri, 21-Jul-2023 14:15:36 GMT; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=WMzLxxcas6Y; Domain=.youtube.com; Expires=Fri, 21-Jul-2023 14:15:36 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+305; expires=Tue, 21-Jan-2025 14:15:36 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Raleway%3A400%2C500%2C600%2C700%2C800%2C900%7CAlegreya%3A400%2C400italic%2C700%2C700italic%2C900%2C900italic%7CVarela+Round&subset=latin%2Clatin-ext&ver=6.0.2
142.250.74.74200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Raleway%3A400%2C500%2C600%2C700%2C800%2C900%7CAlegreya%3A400%2C400italic%2C700%2C700italic%2C900%2C900italic%7CVarela+Round&subset=latin%2Clatin-ext&ver=6.0.2
IP 142.250.74.74:0
GET /css?family=Raleway%3A400%2C500%2C600%2C700%2C800%2C900%7CAlegreya%3A400%2C400italic%2C700%2C700italic%2C900%2C900italic%7CVarela+Round&subset=latin%2Clatin-ext&ver=6.0.2 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fitgirl-repacks.theunblock.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 22 Jan 2023 14:15:35 GMT
date: Sun, 22 Jan 2023 14:15:35 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fitgirl-repacks.theunblock.net/wp-content/themes/twentyfourteen/style.css?ver=20190507
104.21.23.213200 OK 0 B URL HTTP/2 fitgirl-repacks.theunblock.net/wp-content/themes/twentyfourteen/style.css?ver=20190507
IP 104.21.23.213:0
GET /wp-content/themes/twentyfourteen/style.css?ver=20190507 HTTP/1.1
Host: fitgirl-repacks.theunblock.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fitgirl-repacks.theunblock.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 22 Jan 2023 14:15:36 GMT
content-type: text/css;charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
access-control-allow-origin: *
cf-cache-status: BYPASS
set-cookie: view=1; expires=Mon, 23-Jan-2023 14:15:35 GMT; Max-Age=86400
PHPSESSID=pe28uu7h0sive8unlg0k4hfkh2; path=/
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C1vDRi4RDlGcQjIvVgVsHg6pA4DGC0dLabPuFqar6IKKW34LuxJAKG1xKwb3b1JveVrdXeIs55E1BkjvJrRXXVaqAOeCx7tu9sB35LhS66ah2pYbrAFgEM7tsGsRgTLo%2B4jbRcPj77Smw7KCbByP65c%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78d8e7110bf6b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fitgirl-repacks.theunblock.net/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.0.2
104.21.23.213200 OK 0 B URL HTTP/2 fitgirl-repacks.theunblock.net/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.0.2
IP 104.21.23.213:0
GET /wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.0.2 HTTP/1.1
Host: fitgirl-repacks.theunblock.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fitgirl-repacks.theunblock.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 22 Jan 2023 14:15:36 GMT
content-type: text/css;charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
access-control-allow-origin: *
cf-cache-status: BYPASS
set-cookie: view=1; expires=Mon, 23-Jan-2023 14:15:36 GMT; Max-Age=86400
PHPSESSID=r6sv4u9pii6705542m4id1srku; path=/
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LfRpitpMO01Y%2FqH6frXhQ3KWqIifig0fvksXMB%2F3n2oQSNA6NsIW6xq67IhkpwqGz2sj3CsVtqa0eRSqX%2F1rxtmMPD631PoIm%2BIbVuKUk12XjDMCWhCVi3dW0dD4dbK3Bmu73ETHD6nWVwZQD4wlWKI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78d8e7120dbeb511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
glimtors.net/pfe/current/defaultSkin.min.js
139.45.197.251200 OK 0 B URL HTTP/2 glimtors.net/pfe/current/defaultSkin.min.js
IP 139.45.197.251:0
GET /pfe/current/defaultSkin.min.js HTTP/1.1
Host: glimtors.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://fitgirl-repacks.theunblock.net/
Origin: http://fitgirl-repacks.theunblock.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 22 Jan 2023 14:15:39 GMT
content-type: application/javascript
last-modified: Wed, 21 Dec 2022 12:58:18 GMT
etag: W/"63a302ea-df63"
access-control-allow-origin: http://fitgirl-repacks.theunblock.net
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2