Report - mail.publishersreader.com/nz/r/GaZND3o

Report Overview

Submitted URL
mail.publishersreader.com/nz/r/GaZND3o
IP
216.172.184.212
ASN
#46606 UNIFIEDLAYER-AS-1
Submitted
2022-12-04 22:39:22
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
damka.biz	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	351 B	498 B	202.226.37.135
maxcdn.bootstrapcdn.com	724	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	921 B	66 kB	104.18.10.207
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	483 B	31 kB	142.250.74.35
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	393 B	746 B	142.250.74.106
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.7 kB	7.1 kB	23.36.77.32
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	35.163.38.240
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	2.8 kB	142.250.74.131
cdnjs.cloudflare.com	235	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	403 B	2.6 kB	104.17.25.14
officialsite.lolipop.jp	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.3 kB	2.7 kB	163.44.185.217
ajax.googleapis.com	12905	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	390 B	31 kB	172.217.21.170
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	56 kB	34.120.237.76
press-crew.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	9.0 kB	1.0 MB	150.95.59.37
affiliate.dtiserv.com	456046	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	812 B	129 kB	140.174.2.87
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	2.7 kB	93.184.220.29
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	34.102.187.140
mail.publishersreader.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	369 B	232 B	216.172.184.212

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-12-04	medium	mail.publishersreader.com/nz/r/GaZND3o	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (9)

	URL	Size	First Seen	Last Seen
	press-crew.com/js/scrolltopcontrol.js	4.6 kB	2023-03-07	2024-01-21
Pretty URL press-crew.com/js/scrolltopcontrol.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:08 Last Seen2024-01-21 18:09:50 Times Seen75 Hash 9177ace8da6da919226594c3d99b3bef c3559fb38a8a69f4620ca3628bccfd0cae5d245e 099dad584e1588cebc166a88236362234b313e48b88a8992e4de9ba1c1e1d258 Loading...

	officialsite.lolipop.jp/thk-analytics-124/thk/script.php	5.5 kB	2023-03-08	2024-01-21
Pretty URL officialsite.lolipop.jp/thk-analytics-124/thk/script.php IP 163.44.185.217 ASN #7506 GMO Internet,Inc Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:20:14 Last Seen2024-01-21 18:09:50 Times Seen118 Hash f09b517c02abbea6c2db0762d3c01fb9 780e1ff817d32d62cb219d364a2f85c28babc83b 31506808f5080c4427c556fbbaaaac9677ece3fd234ab60f14ef78891c19b9f1 Loading...

	cdnjs.cloudflare.com/ajax/libs/jquery-easing/1.3/jquery.easing.min.js	5.6 kB	2023-03-07	2024-04-19
Pretty URL cdnjs.cloudflare.com/ajax/libs/jquery-easing/1.3/jquery.easing.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:08 Last Seen2024-04-19 11:36:08 Times Seen2660 Hash 3eac3c72434a0945b92dd4a01f7b6b4e 7767b356530e39cd76ec259320b0b2774b4097a8 ac3f3a757bfbfc9d92bc8f5e6e6362e5d4ae41dbf3cebacdda9b8f71afc82e5b Loading...

	press-crew.com/adarutosaito/h4610/	22 B	2023-03-07	2024-01-21
Pretty URL press-crew.com/adarutosaito/h4610/ IP 150.95.59.37 ASN #7506 GMO Internet,Inc Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:08 Last Seen2024-01-21 18:09:50 Times Seen68 Hash c47ee7ca74dfec76f79303e10d469d1f ee8a4f65a013344427fc70bf951b15d0f8ce46ea 17976bc926bdc6a4c3b38d4772e836a108f8327fc05b7c446061edd2996624fd Loading...

	press-crew.com/js/vertical-responsive-menu.min.js	1.2 kB	2023-03-07	2024-01-21
Pretty URL press-crew.com/js/vertical-responsive-menu.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:08 Last Seen2024-01-21 18:09:50 Times Seen77 Hash 8b75175b88f9ffe679ee8ee1a6c0c624 d698e0584dfc764a0ff61f75ece361bce6a8834d 816c1f6eb621712294f1a9af5c708d12cbbe59e184ee75afd16b8c22987a12fc Loading...

	press-crew.com/js/footerFixed.js	2.0 kB	2023-03-07	2024-01-26
Pretty URL press-crew.com/js/footerFixed.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:08 Last Seen2024-01-26 01:10:43 Times Seen72 Hash 41fa6321bd6816f6fc365869ec1a4f8a 8bff786e8c3fa6c2855818080cee736d6c2f7150 451c548511ab368a8f943b6facb3082ada3101c2df2ea3d6938b07cdeed88c8a Loading...

	ajax.googleapis.com/ajax/libs/jquery/2.0.2/jquery.min.js	84 kB	2023-03-07	2024-02-26
Pretty URL ajax.googleapis.com/ajax/libs/jquery/2.0.2/jquery.min.js IP 172.217.21.170 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:08 Last Seen2024-02-26 23:54:40 Times Seen324 Hash 45b39185ca580f908597130ad22093c0 243d8f5f6d482fdfb98e8ad561c4271e9a2ddcd8 9d7d1c727e1cd32745764098a76e5d3d5fb7acd3b6527c5aacd85b7c6f8ce341 Loading...

	press-crew.com/js/nav.jquery.min.js	4.5 kB	2023-03-07	2024-01-21
Pretty URL press-crew.com/js/nav.jquery.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:08 Last Seen2024-01-21 18:09:50 Times Seen74 Hash 5c14183cdd50de3987d956fdf88605c5 1063ffd18a67ef741fd5116eedd4995006c69c55 a6ca6d9bd85572b2d44f67096aecd736902a9ced663990de2f413c1e5ae90397 Loading...

	officialsite.lolipop.jp/thk-analytics-124/thk/track.php?LT=0&RF=&UR=https%3A%2F%2Fpress-crew.com%2Fadarutosaito%2Fh4610%2F&TI=%E3%82%A8%E3%83%83%E3%83%81%E3%81%AA4610%20%E8%A9%B3%E7%B4%B0%E3%83%87%E3%83%BC%E3%82%BF%20%E8%A9%95%E4%BE%A1%E3%83%AC%E3%83%93%E3%83%A5%E3%83%BC%20%E6%84%9F%E6%83%B3%E4%BD%93%E9%A8%93%E8%AB%87%20%E5%8F%A3%E3%82%B3%E3%83%9F%E8%A9%95%E5%88%A4%20%E6%9C%89%E6%96%99%E3%82%A2%E3%83%80%E3%83%AB%E3%83%88%E5%8B%95%E7%94%BB%E3%82%B5%E3%82%A4%E3%83%88%E6%AF%94%E8%BC%832022%E5%B9%B4%E6%9C%80%E6%96%B0%E7%89%88&SW=1280&SH=1024&SC=24&CC=true&s=80	0 B	2023-03-07	2024-04-19
Pretty URL officialsite.lolipop.jp/thk-analytics-124/thk/track.php?LT=0&RF=&UR=https%3A%2F%2Fpress-crew.com%2Fadarutosaito%2Fh4610%2F&TI=%E3%82%A8%E3%83%83%E3%83%81%E3%81%AA4610%20%E8%A9%B3%E7%B4%B0%E3%83%87%E3%83%BC%E3%82%BF%20%E8%A9%95%E4%BE%A1%E3%83%AC%E3%83%93%E3%83%A5%E3%83%BC%20%E6%84%9F%E6%83%B3%E4%BD%93%E9%A8%93%E8%AB%87%20%E5%8F%A3%E3%82%B3%E3%83%9F%E8%A9%95%E5%88%A4%20%E6%9C%89%E6%96%99%E3%82%A2%E3%83%80%E3%83%AB%E3%83%88%E5%8B%95%E7%94%BB%E3%82%B5%E3%82%A4%E3%83%88%E6%AF%94%E8%BC%832022%E5%B9%B4%E6%9C%80%E6%96%B0%E7%89%88&SW=1280&SH=1024&SC=24&CC=true&s=80 IP 163.44.185.217 ASN #7506 GMO Internet,Inc Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-19 22:02:03 Times Seen36967548 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

HTTP Transactions (60)

URL IP Response Size

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
cfec3d7283a9b66d2be426ce54d210f3
808c1feb1ba918951d1928c1f6bfc0c253262774
1bad6c06aa3e88dcbc125fc98a6cb753eb2b18d2c8dd61da21d12209aeeda3f9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3835
Expires: Sun, 04 Dec 2022 23:43:05 GMT
Date: Sun, 04 Dec 2022 22:39:10 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
fb2c0697c6d9a96a5411dd2952947458
79e57f831ec396bbdaa5bfe9472a05e6c9fb31f4
3fd7edcc349ab4402f62e54a142be6b4cecf0e7ee3f431d3168bdf0643ba4d92

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2274
Cache-Control: max-age=131401
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 22:39:10 GMT
Etag: "638c76f5-1d7"
Expires: Tue, 06 Dec 2022 11:09:11 GMT
Last-Modified: Sun, 04 Dec 2022 10:31:17 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 04 Dec 2022 22:20:09 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1141
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1ea206ac3c440825741687351f8c6e4e
2f38dafd8c43dcce2411a0590bc5c02cd6286735
7d7232c8c91bcd18161ba2c9d23e3bff159604e058bd5b3fc1c7fcbcd03a7ee3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4354
Expires: Sun, 04 Dec 2022 23:51:44 GMT
Date: Sun, 04 Dec 2022 22:39:10 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: nDGNjqzSP47A3vsOoa84vD2cBsu+bpzFevxx/VAciBfV8ziJcTDmdvQlbLojY56zn5G6eMC4G9w=
x-amz-request-id: KEV89HDX6VG07XD1
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 04 Dec 2022 21:47:43 GMT
age: 3087
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:39:10 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 04 Dec 2022 22:11:19 GMT
cache-control: public,max-age=3600
age: 1671
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

mail.publishersreader.com/nz/r/GaZND3o

216.172.184.212

302 Moved Temporarily

0 B

URL HTTP/1.1
mail.publishersreader.com/nz/r/GaZND3o
IP
216.172.184.212:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /nz/r/GaZND3o HTTP/1.1
Host: mail.publishersreader.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Moved Temporarily
Date: Sun, 04 Dec 2022 22:39:10 GMT
Server: nginx/1.23.2
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Location: http://damka.biz/config.php
X-Server-Cache: true
X-Proxy-Cache: MISS

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
31b129c94a90b1e695b21395cb54e378
a3cae46b48d469cc61ab0581303bcd5f5b654db9
fac3f681be358a20f78958dff10c89b7a91365c5114c81246c1bc34c1362ba1e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2242
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 22:39:10 GMT
Last-Modified: Sun, 04 Dec 2022 22:01:48 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

35.163.38.240

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.163.38.240:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: cAvXXIdE8odTXkSDVpZbIg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 9Vltl16JmXfhMNT40CBp8j3F4IA=

damka.biz/config.php

202.226.37.135

301 Moved Permanently

260 B

URL HTTP/1.1
damka.biz/config.php
IP
202.226.37.135:0
ASN
#131965 Xserver Inc.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
260 B (260 bytes)
Hash
71fd373bf10ab769982d1d08acb5ba6d
c7a8555d11c57fce5827e37cab78d89289e502d5
44f0eccc1d7d1182e4afacf278eb86c63503f5552511c8160ececc06029c5f99

HTTP Headers

GET /config.php HTTP/1.1
Host: damka.biz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 04 Dec 2022 22:39:11 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 260
Connection: keep-alive
Location: https://press-crew.com/adarutosaito/h4610/config.php

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9067
Expires: Mon, 05 Dec 2022 01:10:19 GMT
Date: Sun, 04 Dec 2022 22:39:12 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9067
Expires: Mon, 05 Dec 2022 01:10:19 GMT
Date: Sun, 04 Dec 2022 22:39:12 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9067
Expires: Mon, 05 Dec 2022 01:10:19 GMT
Date: Sun, 04 Dec 2022 22:39:12 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d407108-e7e2-4672-80f5-d4b4c3e66151.jpeg

34.120.237.76

200 OK

6.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d407108-e7e2-4672-80f5-d4b4c3e66151.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.2 kB (6173 bytes)
Hash
3130c86c084c4c925fb9179dfa5c145d
203f27660f3885d5c1bc68a535baef4e48ff6582
faf2c48c2286fe2149908947de9037640007d32e13694c1261f610250caf3f8f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d407108-e7e2-4672-80f5-d4b4c3e66151.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6173
x-amzn-requestid: dc73ee0d-b1ec-407f-8e98-3ba264725ee3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_sqHqwIAMFwqA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d131d-56d74e8d45baa9e87136708f;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:33 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Gp9v8CfWmPctcSly9jWOxy0VCbBOE-CZs9z636yfpgpVi8eNt_PVvg==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:48:29 GMT
etag: "203f27660f3885d5c1bc68a535baef4e48ff6582"
content-type: image/jpeg
age: 3043
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

13 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feff698a5-ffc4-43ea-b7a3-b681cafeb108.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
13 kB (12830 bytes)
Hash
5d72fb8d20c29763234c2817b119d11b
d4924ec714f5157bcb2fddcb5f768188a3dd37dc
e9aa59142e0673ed3f58b36beaca48213c678dbe4655f9c4b64581cb0f6f22f6

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feff698a5-ffc4-43ea-b7a3-b681cafeb108.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12830
x-amzn-requestid: 66f5f2fa-8472-4484-bbea-20ece7e98b1f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cmcsxGDyIAMFX4Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638c0e51-146167697890d9312ce3dbac;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 03:04:49 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: CYvQg9Tc0rQB9_DoDW4RoLx2GEdMSEaXViCY3qXbijd0P5mMSZWE6Q==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 03:35:27 GMT
age: 68625
etag: "d4924ec714f5157bcb2fddcb5f768188a3dd37dc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa99f7bcf-386e-4655-b6f0-99abdf67f097.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.5 kB (8469 bytes)
Hash
2f60a6490f38a772dcd50a1132e98e1b
ff254a1df087d2c157d88a6ef04e395dc49efe5e
653e40becd103cd76cc2f194a87e933e8c548d346f87520fefca3b16430fc4ab

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa99f7bcf-386e-4655-b6f0-99abdf67f097.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8469
x-amzn-requestid: c17eff92-da62-4f0f-9e75-2741012ec43a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_sqFSjoAMFQ6w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d131d-61d61d2f0bb01ecb21b809ea;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:33 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: kf_hcK2d2YFhladZn1S4cyGq7vLTSKdWgPUTNT0M9LwHXuOV-nlgGw==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:52:07 GMT
age: 2825
etag: "ff254a1df087d2c157d88a6ef04e395dc49efe5e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F47f316c5-1381-4b6e-9e8d-f1956258ef3e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.8 kB (6826 bytes)
Hash
a349d02cce160f72cc93f6fb6e45fa46
a6f82481ea0a820da0f199e8f9051a4aa4013c82
ab320118577a2dcb6ab7ad904d6350e187501a94b39b71fdd70b31cbc8853b24

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F47f316c5-1381-4b6e-9e8d-f1956258ef3e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6826
x-amzn-requestid: f0abdba6-14c8-4aae-ba3b-37ba0af2ff08
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_t2FsLIAMFekA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d1325-3452be066acddb554f528cc3;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:41 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: d5IKLNblcA9AzCoGMpGmIGwUu-kQlHlouju5mm2NwsSOin4MFT40mg==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:56:21 GMT
age: 2571
etag: "a6f82481ea0a820da0f199e8f9051a4aa4013c82"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa1caf4c1-b9c0-4db1-a780-00b9a6198731.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.2 kB (5209 bytes)
Hash
8d76ec668361348eb17d54001fd2e6c6
534299a20a76ea6e3250f0fb35fe772cac04ef51
22676fae3909acf18e6cd4f505ec718fdac156990edb20926afdae2a359a2859

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa1caf4c1-b9c0-4db1-a780-00b9a6198731.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5209
x-amzn-requestid: 682056d5-7815-4fd1-b05b-723619128d8a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cjKUXF5eoAMFRvQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638abdb5-6df5d866267739212832ee66;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 03:08:37 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: pFKMx6_a5Ml_dBK1dafOt4KFMeC5SwUqNlNpc8sO4DVj0Ocb2Yksrw==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 03:17:39 GMT
age: 69693
etag: "534299a20a76ea6e3250f0fb35fe772cac04ef51"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd33bab20-1689-4962-985e-15e304482bee.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.8 kB (9825 bytes)
Hash
37b58bb09c00b591c2819c89e371d927
aa487f4a7767cb4591fe620592da65bde90c0aa2
9b7791d79d1e9702c23e63450d556e7f1f287f4d02788fc147822c1d90f64657

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd33bab20-1689-4962-985e-15e304482bee.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9825
x-amzn-requestid: 1ab366f4-78f2-4aaa-af7b-aa203c2d8234
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_1ZE23IAMFnhw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d1355-35c7b5bb6e4623e93900810c;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:38:29 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: iTF4eWWXKKT97b6S9ONW7NopJ8hXWdOe9y3IwzVF7J9m2eJlT43bCg==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:49:04 GMT
age: 3008
etag: "aa487f4a7767cb4591fe620592da65bde90c0aa2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

press-crew.com/adarutosaito/h4610/config.php

150.95.59.37

302 Found

683 B

URL HTTP/2
press-crew.com/adarutosaito/h4610/config.php
IP
150.95.59.37:0
ASN
#7506 GMO Internet,Inc

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size
683 B (683 bytes)
Hash
6371befc85069a96b0cb3c52e754a55a
de3def799f60ce2a16721687937ffb2a3f9bd3ae
db6f3663ecb5b124f3c02ce15691739fe69888b7ed6112f03062489470517f77

HTTP Headers

GET /adarutosaito/h4610/config.php HTTP/1.1
Host: press-crew.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 302 Found
content-type: text/html
content-length: 683
date: Sun, 04 Dec 2022 22:39:12 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
location: https://press-crew.com/adarutosaito/h4610/
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
1a56736cf1f02c2242946ca0170c2c3a
a47ca5cfc4667a1466875542da0de22f64862f86
0fdd7486e01858e490d7c08343c7a861c5fe856fc0debc08df0541ccc89f80b1

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2083
Cache-Control: max-age=118615
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 22:39:13 GMT
Etag: "638c45c6-118"
Expires: Tue, 06 Dec 2022 07:36:08 GMT
Last-Modified: Sun, 04 Dec 2022 07:01:26 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 280

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
122124f83967c12700f5a6f5546b0f1f
d7acd2db61ad811c388a44b7bd407fa5f4aea8ee
b6b9e0b6c241b4eeb5161b1c297dec2aa6188032017074ee7f8e5533fab87a4d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 22:39:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
1a56736cf1f02c2242946ca0170c2c3a
a47ca5cfc4667a1466875542da0de22f64862f86
0fdd7486e01858e490d7c08343c7a861c5fe856fc0debc08df0541ccc89f80b1

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2083
Cache-Control: max-age=118615
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 22:39:13 GMT
Etag: "638c45c6-118"
Expires: Tue, 06 Dec 2022 07:36:08 GMT
Last-Modified: Sun, 04 Dec 2022 07:01:26 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 280

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
7dfb548d8f8a99d32050803775fad5d6
8b47999a01db7c2217d76a1cec576809a229cf1b
68dd2a1e5a0002f4d25d3b5884ab55bc6b5a91e38f6dc464c4261b19c6e5887e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 22:39:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d5e1627fbeb16ad79a341b7519bf3da8
73dd11c3169bb4c45283bcb0c480ec58c152e636
da3d5ab5a4dbea93b420e4d6c0dc75120ecab715e6a34802c9770641c1bdb3b8

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA3D5AB5A4DBEA93B420E4D6C0DC75120ECAB715E6A34802C9770641C1BDB3B8"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=671
Expires: Sun, 04 Dec 2022 22:50:24 GMT
Date: Sun, 04 Dec 2022 22:39:13 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d5e1627fbeb16ad79a341b7519bf3da8
73dd11c3169bb4c45283bcb0c480ec58c152e636
da3d5ab5a4dbea93b420e4d6c0dc75120ecab715e6a34802c9770641c1bdb3b8

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA3D5AB5A4DBEA93B420E4D6C0DC75120ECAB715E6A34802C9770641C1BDB3B8"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=671
Expires: Sun, 04 Dec 2022 22:50:24 GMT
Date: Sun, 04 Dec 2022 22:39:13 GMT
Connection: keep-alive

press-crew.com/css/style.css

150.95.59.37

200 OK

951 B

URL HTTP/2
press-crew.com/css/style.css
IP
150.95.59.37:0
ASN
#7506 GMO Internet,Inc

File type
Unicode text, UTF-8 (with BOM) text
Size
951 B (951 bytes)
Hash
af0ccd1bf79b41f579381b8a15f1bcf4
794955763d16da678621d353a903e174095767ea
df51fb485f9af8511ee7c41f0c63ebf68dff8b6076fd512096950c0470822965

HTTP Headers

GET /css/style.css HTTP/1.1
Host: press-crew.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://press-crew.com/adarutosaito/h4610/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 11 Dec 2022 22:39:13 GMT
content-type: text/css
last-modified: Sat, 26 Jun 2021 10:06:23 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 951
date: Sun, 04 Dec 2022 22:39:13 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

press-crew.com/css/content.css

150.95.59.37

200 OK

2.5 kB

URL HTTP/2
press-crew.com/css/content.css
IP
150.95.59.37:0
ASN
#7506 GMO Internet,Inc

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (677)
Size
2.5 kB (2474 bytes)
Hash
445a26bbad301d8caea43928e5926c1e
06cc3991efbc3143ed1802f63fc9050fe80475e0
8813da083bfadd4a1b2a376642fc4eb6c3f36b21f10730ac36e2e262edcfce08

HTTP Headers

GET /css/content.css HTTP/1.1
Host: press-crew.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://press-crew.com/adarutosaito/h4610/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 11 Dec 2022 22:39:13 GMT
content-type: text/css
last-modified: Sat, 26 Jun 2021 10:06:23 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2474
date: Sun, 04 Dec 2022 22:39:13 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

press-crew.com/css/vertical-responsive-menu.css

150.95.59.37

200 OK

1.5 kB

URL HTTP/2
press-crew.com/css/vertical-responsive-menu.css
IP
150.95.59.37:0
ASN
#7506 GMO Internet,Inc

File type
Unicode text, UTF-8 text, with very long lines (677)
Size
1.5 kB (1520 bytes)
Hash
ea439ba39fe163e725bc18a73dd563e7
1185e993caec38479c942c6c8a329d850016420a
e97d6ee14c60a1ed63811007e51f1474a85e7ca2cb5a33bdb8a8790b0bb6ae3a

HTTP Headers

GET /css/vertical-responsive-menu.css HTTP/1.1
Host: press-crew.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://press-crew.com/adarutosaito/h4610/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 11 Dec 2022 22:39:13 GMT
content-type: text/css
last-modified: Sat, 26 Jun 2021 10:06:23 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1520
date: Sun, 04 Dec 2022 22:39:13 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

press-crew.com/css/nav-layout.css

150.95.59.37

200 OK

1.4 kB

URL HTTP/2
press-crew.com/css/nav-layout.css
IP
150.95.59.37:0
ASN
#7506 GMO Internet,Inc

File type
Unicode text, UTF-8 text, with very long lines (677)
Size
1.4 kB (1399 bytes)
Hash
1146640160d5bd9a46fea23ec5a35cbc
49cc367f9a3e71e4bac3be0f72a52f69ff351437
9d8660694839371e926c1f7a6e17f7d1446c05038e009fda75ae23ab4b8817e5

HTTP Headers

GET /css/nav-layout.css HTTP/1.1
Host: press-crew.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://press-crew.com/adarutosaito/h4610/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 11 Dec 2022 22:39:13 GMT
content-type: text/css
last-modified: Sat, 26 Jun 2021 10:06:23 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1399
date: Sun, 04 Dec 2022 22:39:13 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

press-crew.com/css/horizontal_menu.css

150.95.59.37

200 OK

456 B

URL HTTP/2
press-crew.com/css/horizontal_menu.css
IP
150.95.59.37:0
ASN
#7506 GMO Internet,Inc

File type
Unicode text, UTF-8 text
Size
456 B (456 bytes)
Hash
4c134fcbc1e028731b7a5fdeb6e080a7
99e3c7ebc4fe71c959c22e0ed4f7f37389d92594
8b2e3bfc23cabb0bdcc282a545bc3c95e19b3106b15ccfa5c10353f332aa3507

HTTP Headers

GET /css/horizontal_menu.css HTTP/1.1
Host: press-crew.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://press-crew.com/adarutosaito/h4610/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 11 Dec 2022 22:39:13 GMT
content-type: text/css
last-modified: Sat, 26 Jun 2021 10:06:23 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 456
date: Sun, 04 Dec 2022 22:39:13 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

press-crew.com/h2.gif

150.95.59.37

200 OK

891 B

URL HTTP/2
press-crew.com/h2.gif
IP
150.95.59.37:0
ASN
#7506 GMO Internet,Inc

File type
GIF image data, version 89a, 145 x 20\012- data
Size
891 B (891 bytes)
Hash
54972197dee2b92f95079d72fe1a2681
f111da8e4a64a7773a6c88c71fe76838d0ba1e74
6e3eb6dca8e0e1680a2c6c8646137e654d6e1137a3a388de7df1b8f14b54e9de

HTTP Headers

GET /h2.gif HTTP/1.1
Host: press-crew.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://press-crew.com/adarutosaito/h4610/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 11 Dec 2022 22:39:13 GMT
content-type: image/gif
last-modified: Sat, 26 Jun 2021 09:25:44 GMT
accept-ranges: bytes
content-length: 891
date: Sun, 04 Dec 2022 22:39:13 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

press-crew.com/adarutosaito/h4610/contents2.png

150.95.59.37

200 OK

4.6 kB

URL HTTP/2
press-crew.com/adarutosaito/h4610/contents2.png
IP
150.95.59.37:0
ASN
#7506 GMO Internet,Inc

File type
PNG image data, 419 x 32, 8-bit/color RGBA, non-interlaced\012- data
Size
4.6 kB (4593 bytes)
Hash
c0e5eaed55d6aba6f586a311dd872e87
798059888f8c6d75eb8ee79e9c0e40578526a5d8
76665fb430d19cbb1870625fc892357296b3dac8678b8362f2af958c2bb388cf

HTTP Headers

GET /adarutosaito/h4610/contents2.png HTTP/1.1
Host: press-crew.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://press-crew.com/adarutosaito/h4610/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 11 Dec 2022 22:39:13 GMT
content-type: image/png
last-modified: Wed, 29 Sep 2021 07:07:37 GMT
accept-ranges: bytes
content-length: 4593
date: Sun, 04 Dec 2022 22:39:13 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

maxcdn.bootstrapcdn.com/font-awesome/4.4.0/fonts/fontawesome-webfont.woff2?v=4.4.0

104.18.10.207

200 OK

64 kB

URL HTTP/2
maxcdn.bootstrapcdn.com/font-awesome/4.4.0/fonts/fontawesome-webfont.woff2?v=4.4.0
IP
104.18.10.207:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format (Version 2), TrueType, length 64464, version 4.262\012- data
Size
64 kB (64464 bytes)
Hash
4b5a84aaf1c9485e060c503a0ff8cadb
574ea2698c03ae9477db2ea3baf460ee32f1a7ea
3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019

HTTP Headers

GET /font-awesome/4.4.0/fonts/fontawesome-webfont.woff2?v=4.4.0 HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://press-crew.com
Connection: keep-alive
Referer: https://maxcdn.bootstrapcdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 04 Dec 2022 22:39:14 GMT
content-type: font/woff2
content-length: 64464
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: "4b5a84aaf1c9485e060c503a0ff8cadb"
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-cachedat: 06/09/2022 10:24:04
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 756
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 6300a887d8f2949a3cd9a35a33c86a6b
cdn-cache: HIT
cf-cache-status: HIT
age: 489492
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 774809714f91b4f7-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
da9700d928847bca71f73dc9ca89bd1c
2f156a1557a7504da776ed9a82dc52563662be6f
428ed39905a42b1fc7aaf84f2144caf58ddcb53ac2fbda9af61784ca7394a344

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 22:39:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/playball/v16/TK3gWksYAxQ7jbsKcg8Eneo.woff2

142.250.74.35

200 OK

30 kB

URL HTTP/2
fonts.gstatic.com/s/playball/v16/TK3gWksYAxQ7jbsKcg8Eneo.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 30352, version 1.0\012- data
Size
30 kB (30352 bytes)
Hash
c6b6f4a49d859d86ea48e3e6d70acf49
78b8a69771e9b7e3b9a399d9a215a85d6369509d
2bdb2c285cdd30b68da0947a4b540c200d29107ca0bad1c223397f2149f449fd

HTTP Headers

GET /s/playball/v16/TK3gWksYAxQ7jbsKcg8Eneo.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://press-crew.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30352
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Dec 2022 01:04:32 GMT
expires: Fri, 01 Dec 2023 01:04:32 GMT
cache-control: public, max-age=31536000
age: 336882
last-modified: Wed, 27 Apr 2022 16:06:10 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
da9700d928847bca71f73dc9ca89bd1c
2f156a1557a7504da776ed9a82dc52563662be6f
428ed39905a42b1fc7aaf84f2144caf58ddcb53ac2fbda9af61784ca7394a344

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 22:39:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

affiliate.dtiserv.com/image/allyoucanwatch/15070001.jpg

140.174.2.87

200 OK

50 kB

URL HTTP/1.1
affiliate.dtiserv.com/image/allyoucanwatch/15070001.jpg
IP
140.174.2.87:0
ASN
#30212 HYPERMEDIA-SYSTEMS

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 700x200, components 3\012- data
Size
50 kB (49786 bytes)
Hash
596b10a14800845b643c5dd2584f2b0c
f6db0962c8c974aa6e7ce062c8e5dcec14360fcf
2b04e32ddd2995e3c588577a882f3309f32f6c589b3da9d617f5aa69c3fd3ff5

HTTP Headers

GET /image/allyoucanwatch/15070001.jpg HTTP/1.1
Host: affiliate.dtiserv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://press-crew.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Sun, 04 Dec 2022 22:39:13 GMT
Content-Type: image/jpeg
Content-Length: 49786
Last-Modified: Tue, 27 Jul 2021 15:08:49 GMT
Connection: keep-alive
ETag: "61002181-c27a"
X-Sh: 104
Accept-Ranges: bytes

press-crew.com/adarutosaito/h4610/contents1.png

150.95.59.37

200 OK

14 kB

URL HTTP/2
press-crew.com/adarutosaito/h4610/contents1.png
IP
150.95.59.37:0
ASN
#7506 GMO Internet,Inc

File type
PNG image data, 706 x 78, 8-bit/color RGBA, non-interlaced\012- data
Size
14 kB (13494 bytes)
Hash
c198f54d3413f6eb14b341d40f77054f
95cd170c9c10c6bcece6b5d0e05ae555619ab923
ca7effa611b9f260116263b9a774fd5d7e551f9675b5fba2dcf466aaf2fdc66f

HTTP Headers

GET /adarutosaito/h4610/contents1.png HTTP/1.1
Host: press-crew.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://press-crew.com/adarutosaito/h4610/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 11 Dec 2022 22:39:13 GMT
content-type: image/png
last-modified: Wed, 29 Sep 2021 07:07:36 GMT
accept-ranges: bytes
content-length: 13494
date: Sun, 04 Dec 2022 22:39:13 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

press-crew.com/header.jpg

150.95.59.37

200 OK

72 kB

URL HTTP/2
press-crew.com/header.jpg
IP
150.95.59.37:0
ASN
#7506 GMO Internet,Inc

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 900x200, components 3\012- data
Size
72 kB (72187 bytes)
Hash
8c9ce6d79df09c50f71a4f4ac7e46aca
036293579496036b220109d03630b2bf2d66f3d7
12ef1ef1e80cc4c48e3daf4c0bc24669f7e9021ace23aec3edefb2658c7c396e

HTTP Headers

GET /header.jpg HTTP/1.1
Host: press-crew.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://press-crew.com/adarutosaito/h4610/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 11 Dec 2022 22:39:13 GMT
content-type: image/jpeg
last-modified: Sat, 26 Jun 2021 09:25:44 GMT
accept-ranges: bytes
content-length: 72187
date: Sun, 04 Dec 2022 22:39:13 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

press-crew.com/link.jpg

150.95.59.37

200 OK

631 B

URL HTTP/2
press-crew.com/link.jpg
IP
150.95.59.37:0
ASN
#7506 GMO Internet,Inc

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 10x11, components 3\012- data
Size
631 B (631 bytes)
Hash
9b7245f6873de0b1c61fd7709f436ee7
574169a033ddb77458c7d82e344539cde3bcba3f
b91d15991a39c0bb192c46636475c0f1c497e0c6ed6cbd7794ed62d156e08ebf

HTTP Headers

GET /link.jpg HTTP/1.1
Host: press-crew.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://press-crew.com/adarutosaito/h4610/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 11 Dec 2022 22:39:13 GMT
content-type: image/jpeg
last-modified: Sat, 26 Jun 2021 09:25:45 GMT
accept-ranges: bytes
content-length: 631
date: Sun, 04 Dec 2022 22:39:13 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

affiliate.dtiserv.com/image/carib/06-700-02.jpg

140.174.2.87

200 OK

78 kB

URL HTTP/1.1
affiliate.dtiserv.com/image/carib/06-700-02.jpg
IP
140.174.2.87:0
ASN
#30212 HYPERMEDIA-SYSTEMS

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 24.0 (Macintosh), datetime=2022:11:17 07:56:51], baseline, precision 8, 700x200, components 3\012- data
Size
78 kB (78536 bytes)
Hash
92720ab1a6408f05d2c746d40bd5874a
c95eb5e7ad7ab14c34e348d62ce3da5fffc0f368
253f5f800cd32244ae99acf96a18688745d317828db82c79de9b36b3b992babc

HTTP Headers

GET /image/carib/06-700-02.jpg HTTP/1.1
Host: affiliate.dtiserv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://press-crew.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Sun, 04 Dec 2022 22:39:13 GMT
Content-Type: image/jpeg
Content-Length: 78536
Last-Modified: Thu, 01 Dec 2022 22:46:17 GMT
Connection: keep-alive
ETag: "63892eb9-132c8"
X-Sh: 102
Accept-Ranges: bytes

press-crew.com/adarutosaito/h4610/diners.png

150.95.59.37

200 OK

53 kB

URL HTTP/2
press-crew.com/adarutosaito/h4610/diners.png
IP
150.95.59.37:0
ASN
#7506 GMO Internet,Inc

File type
PNG image data, 85 x 57, 8-bit/color RGBA, non-interlaced\012- data
Size
53 kB (53065 bytes)
Hash
7dd453615af35b555bfab0b0488bb387
8d72ac58c3d814ce264d664052ddefc6d054ecd2
19dd4a01f66c3c047fe8884a538711ce713d0503cf178190bbcba3b24ac20e9a

HTTP Headers

GET /adarutosaito/h4610/diners.png HTTP/1.1
Host: press-crew.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://press-crew.com/adarutosaito/h4610/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 11 Dec 2022 22:39:13 GMT
content-type: image/png
last-modified: Wed, 29 Sep 2021 07:07:37 GMT
accept-ranges: bytes
content-length: 53065
date: Sun, 04 Dec 2022 22:39:13 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

press-crew.com/adarutosaito/h4610/contents6.png

150.95.59.37

200 OK

6.5 kB

URL HTTP/2
press-crew.com/adarutosaito/h4610/contents6.png
IP
150.95.59.37:0
ASN
#7506 GMO Internet,Inc

File type
PNG image data, 673 x 112, 8-bit/color RGBA, non-interlaced\012- data
Size
6.5 kB (6539 bytes)
Hash
fc629d080811dfcecd85112bafb3446a
e9809711c30c5d0b8553b578d4242a4ed64dce0e
006bbd8bc82963c9acfa54ab505196eeb94b196b74f1d01776395d1285f90db1

HTTP Headers

GET /adarutosaito/h4610/contents6.png HTTP/1.1
Host: press-crew.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://press-crew.com/adarutosaito/h4610/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 11 Dec 2022 22:39:13 GMT
content-type: image/png
last-modified: Wed, 29 Sep 2021 07:07:37 GMT
accept-ranges: bytes
content-length: 6539
date: Sun, 04 Dec 2022 22:39:13 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

press-crew.com/adarutosaito/h4610/contents5.png

150.95.59.37

200 OK

19 kB

URL HTTP/2
press-crew.com/adarutosaito/h4610/contents5.png
IP
150.95.59.37:0
ASN
#7506 GMO Internet,Inc

File type
PNG image data, 707 x 268, 8-bit/color RGBA, non-interlaced\012- data
Size
19 kB (19369 bytes)
Hash
b06da7c219e5aa97482428573b8f2053
5f2d18bab044970634d75db69eae7c5ae60509fe
e00ca31f20c8c696819a5491e2d6d18117f2b42b66a227462ad5be8c567ef737

HTTP Headers

GET /adarutosaito/h4610/contents5.png HTTP/1.1
Host: press-crew.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://press-crew.com/adarutosaito/h4610/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 11 Dec 2022 22:39:13 GMT
content-type: image/png
last-modified: Wed, 29 Sep 2021 07:07:37 GMT
accept-ranges: bytes
content-length: 19369
date: Sun, 04 Dec 2022 22:39:13 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

press-crew.com/adarutosaito/h4610/contents4.png

150.95.59.37

200 OK

42 kB

URL HTTP/2
press-crew.com/adarutosaito/h4610/contents4.png
IP
150.95.59.37:0
ASN
#7506 GMO Internet,Inc

File type
PNG image data, 717 x 554, 8-bit/color RGBA, non-interlaced\012- data
Size
42 kB (42079 bytes)
Hash
aab72fbb29e47ef69e67190a0dc87326
80c6324cfe9cb79fc2e70c474ec692ba5419df84
adfde22e5b9c8288c1c29c9394cad1b977e253bf9456242a4f63ddf6cb72ad74

HTTP Headers

GET /adarutosaito/h4610/contents4.png HTTP/1.1
Host: press-crew.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://press-crew.com/adarutosaito/h4610/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 11 Dec 2022 22:39:13 GMT
content-type: image/png
last-modified: Wed, 29 Sep 2021 07:07:37 GMT
accept-ranges: bytes
content-length: 42079
date: Sun, 04 Dec 2022 22:39:13 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

press-crew.com/adarutosaito/h4610/visa.png

150.95.59.37

200 OK

49 kB

URL HTTP/2
press-crew.com/adarutosaito/h4610/visa.png
IP
150.95.59.37:0
ASN
#7506 GMO Internet,Inc

File type
PNG image data, 85 x 57, 8-bit/color RGBA, non-interlaced\012- data
Size
49 kB (48787 bytes)
Hash
9c9142534c278dd6d76e8e98664458e6
b429f74251a90c7b76b6027ebc8aabb926ea1c88
e5e5b79d8f6c76aeebe11fb95c5519b2d9d977358c9cefb15ec04804b2325981

HTTP Headers

GET /adarutosaito/h4610/visa.png HTTP/1.1
Host: press-crew.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://press-crew.com/adarutosaito/h4610/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 11 Dec 2022 22:39:13 GMT
content-type: image/png
last-modified: Wed, 29 Sep 2021 07:07:38 GMT
accept-ranges: bytes
content-length: 48787
date: Sun, 04 Dec 2022 22:39:13 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

press-crew.com/adarutosaito/h4610/jcb.png

150.95.59.37

200 OK

51 kB

URL HTTP/2
press-crew.com/adarutosaito/h4610/jcb.png
IP
150.95.59.37:0
ASN
#7506 GMO Internet,Inc

File type
PNG image data, 85 x 57, 8-bit/color RGBA, non-interlaced\012- data
Size
51 kB (50659 bytes)
Hash
8adaad75225943e3b18d6e3e2736d389
a6b2ae0f6f37e444c25cdc7f8470f6304aeef904
a933cda18c395bec4bb580d9be8b13e69ebbe28887ae1b6e6591d90925ab3ea3

HTTP Headers

GET /adarutosaito/h4610/jcb.png HTTP/1.1
Host: press-crew.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://press-crew.com/adarutosaito/h4610/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 11 Dec 2022 22:39:13 GMT
content-type: image/png
last-modified: Wed, 29 Sep 2021 07:07:37 GMT
accept-ranges: bytes
content-length: 50659
date: Sun, 04 Dec 2022 22:39:13 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

press-crew.com/adarutosaito/h4610/contents3.png

150.95.59.37

200 OK

43 kB

URL HTTP/2
press-crew.com/adarutosaito/h4610/contents3.png
IP
150.95.59.37:0
ASN
#7506 GMO Internet,Inc

File type
PNG image data, 710 x 669, 8-bit/color RGBA, non-interlaced\012- data
Size
43 kB (43260 bytes)
Hash
2440e0147d49a7e5be6f75229f08709d
2501b4cd21f5bdef8f173959f56c2f7843906cdf
30431ee848879186a6b096fa0dd35b30d51ab2be76776c4412699c1f9dd2dfc9

HTTP Headers

GET /adarutosaito/h4610/contents3.png HTTP/1.1
Host: press-crew.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://press-crew.com/adarutosaito/h4610/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 11 Dec 2022 22:39:13 GMT
content-type: image/png
last-modified: Wed, 29 Sep 2021 07:07:37 GMT
accept-ranges: bytes
content-length: 43260
date: Sun, 04 Dec 2022 22:39:13 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

press-crew.com/adarutosaito/h4610/master.png

150.95.59.37

200 OK

50 kB

URL HTTP/2
press-crew.com/adarutosaito/h4610/master.png
IP
150.95.59.37:0
ASN
#7506 GMO Internet,Inc

File type
PNG image data, 85 x 57, 8-bit/color RGBA, non-interlaced\012- data
Size
50 kB (49870 bytes)
Hash
daff66a92ecb7900632ecff9a3c21a92
45e70636292be5164f650acc8409e1bb64efdf4d
b9bda0277904fafc8969a216eb5553477ba9328102b533a9be707394d16fe615

HTTP Headers

GET /adarutosaito/h4610/master.png HTTP/1.1
Host: press-crew.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://press-crew.com/adarutosaito/h4610/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 11 Dec 2022 22:39:13 GMT
content-type: image/png
last-modified: Wed, 29 Sep 2021 07:07:38 GMT
accept-ranges: bytes
content-length: 49870
date: Sun, 04 Dec 2022 22:39:13 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/jquery-easing/1.3/jquery.easing.min.js

104.17.25.14

200 OK

1.5 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/jquery-easing/1.3/jquery.easing.min.js
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 text, with very long lines (3601)
Size
1.5 kB (1507 bytes)
Hash
d4c78fcda598ce00a38b0effd649e200
e3334dd6c15dd4e6b074b719ac472c6ef0ab56e1
effdd1f8a303725a5f6f7437555bcb36a281bf82cf7d1c2f110291cc5be4db7f

HTTP Headers

GET /ajax/libs/jquery-easing/1.3/jquery.easing.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://press-crew.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 04 Dec 2022 22:39:16 GMT
content-type: application/javascript; charset=utf-8
content-length: 1507
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec1-15b3"
last-modified: Mon, 04 May 2020 16:11:45 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 278335
expires: Fri, 24 Nov 2023 22:39:16 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AG9IyQEMeWBe3Pz7uIWh7HUvDO2OM%2FAOBbSds6zE6Ql84126JM%2FUz8yxKDbrlz6Rfv1Rc2L%2FkMPYC%2FnGNdQ3%2BTKyw3o%2BulUa9%2FK23GuKM0oJoSTeGDpyXSbrl7dJSuQtdgJV8vU%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7748097e2a5f0b59-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ajax.googleapis.com/ajax/libs/jquery/2.0.2/jquery.min.js

172.217.21.170

200 OK

30 kB

URL HTTP/2
ajax.googleapis.com/ajax/libs/jquery/2.0.2/jquery.min.js
IP
172.217.21.170:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (32253)
Size
30 kB (29456 bytes)
Hash
28edb596b774a6e9360c69e846dfa5fc
327cfed605fa568d5465e17384a11f6e85092d80
f9a46bbd84c7604675e70b30a4a20a5124531d0c9bb547a998daed5644ffb01b

HTTP Headers

GET /ajax/libs/jquery/2.0.2/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://press-crew.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 29456
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 07:26:59 GMT
expires: Wed, 29 Nov 2023 07:26:59 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
age: 486737
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
24d4aaa4cbce433e34674adb6e88b8d1
888c1f7f5831fb237e270ebb2908b27c173d2fd1
b56b5b22022e38ec5ddae33d36528d9154daa7623d744cffc1aa15a18d801d49

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B56B5B22022E38EC5DDAE33D36528D9154DAA7623D744CFFC1AA15A18D801D49"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5252
Expires: Mon, 05 Dec 2022 00:06:49 GMT
Date: Sun, 04 Dec 2022 22:39:17 GMT
Connection: keep-alive

officialsite.lolipop.jp/thk-analytics-124/thk/script.php

163.44.185.217

200 OK

2.2 kB

URL HTTP/2
officialsite.lolipop.jp/thk-analytics-124/thk/script.php
IP
163.44.185.217:0
ASN
#7506 GMO Internet,Inc

File type
HTML document, ASCII text, with very long lines (1017)
Size
2.2 kB (2173 bytes)
Hash
00b22fea9d9d80de59af65980ee95318
6cf1100bfa7badb62e0400710f449ec3bfca9050
3e43aa6a1c14979b2ad0094ca1f980eb7f4df452127521b757c9be22a555510c

HTTP Headers

GET /thk-analytics-124/thk/script.php HTTP/1.1
Host: officialsite.lolipop.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://press-crew.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 04 Dec 2022 22:39:17 GMT
content-type: application/x-javascript
content-length: 2173
server: Apache
x-powered-by: PHP/7.4.33
vary: Range,Accept-Encoding
accept-ranges: none
content-encoding: gzip
X-Firefox-Spdy: h2

press-crew.com/adarutosaito/h4610/h4610.png

150.95.59.37

200 OK

586 kB

URL HTTP/2
press-crew.com/adarutosaito/h4610/h4610.png
IP
150.95.59.37:0
ASN
#7506 GMO Internet,Inc

File type
PNG image data, 688 x 443, 8-bit/color RGBA, non-interlaced\012- data
Size
586 kB (585610 bytes)
Hash
7112f636c35faebd0ad81588fb9cf4d5
e1cf49772bffe7b3e5e4851d37d7dc189c6995d0
06fd0b178063a15e4466babb8bcb30689101d4f0dc72fa481798ae36d828d824

HTTP Headers

GET /adarutosaito/h4610/h4610.png HTTP/1.1
Host: press-crew.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://press-crew.com/adarutosaito/h4610/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 11 Dec 2022 22:39:13 GMT
content-type: image/png
last-modified: Wed, 29 Sep 2021 07:07:37 GMT
accept-ranges: bytes
content-length: 585610
date: Sun, 04 Dec 2022 22:39:13 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

officialsite.lolipop.jp/thk-analytics-124/thk/track.php?LT=0&RF=&UR=https%3A%2F%2Fpress-crew.com%2Fadarutosaito%2Fh4610%2F&TI=%E3%82%A8%E3%83%83%E3%83%81%E3%81%AA4610%20%E8%A9%B3%E7%B4%B0%E3%83%87%E3%83%BC%E3%82%BF%20%E8%A9%95%E4%BE%A1%E3%83%AC%E3%83%93%E3%83%A5%E3%83%BC%20%E6%84%9F%E6%83%B3%E4%BD%93%E9%A8%93%E8%AB%87%20%E5%8F%A3%E3%82%B3%E3%83%9F%E8%A9%95%E5%88%A4%20%E6%9C%89%E6%96%99%E3%82%A2%E3%83%80%E3%83%AB%E3%83%88%E5%8B%95%E7%94%BB%E3%82%B5%E3%82%A4%E3%83%88%E6%AF%94%E8%BC%832022%E5%B9%B4%E6%9C%80%E6%96%B0%E7%89%88&SW=1280&SH=1024&SC=24&CC=true&s=80

163.44.185.217

200 OK

0 B

URL HTTP/2
officialsite.lolipop.jp/thk-analytics-124/thk/track.php?LT=0&RF=&UR=https%3A%2F%2Fpress-crew.com%2Fadarutosaito%2Fh4610%2F&TI=%E3%82%A8%E3%83%83%E3%83%81%E3%81%AA4610%20%E8%A9%B3%E7%B4%B0%E3%83%87%E3%83%BC%E3%82%BF%20%E8%A9%95%E4%BE%A1%E3%83%AC%E3%83%93%E3%83%A5%E3%83%BC%20%E6%84%9F%E6%83%B3%E4%BD%93%E9%A8%93%E8%AB%87%20%E5%8F%A3%E3%82%B3%E3%83%9F%E8%A9%95%E5%88%A4%20%E6%9C%89%E6%96%99%E3%82%A2%E3%83%80%E3%83%AB%E3%83%88%E5%8B%95%E7%94%BB%E3%82%B5%E3%82%A4%E3%83%88%E6%AF%94%E8%BC%832022%E5%B9%B4%E6%9C%80%E6%96%B0%E7%89%88&SW=1280&SH=1024&SC=24&CC=true&s=80
IP
163.44.185.217:0
ASN
#7506 GMO Internet,Inc

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /thk-analytics-124/thk/track.php?LT=0&RF=&UR=https%3A%2F%2Fpress-crew.com%2Fadarutosaito%2Fh4610%2F&TI=%E3%82%A8%E3%83%83%E3%83%81%E3%81%AA4610%20%E8%A9%B3%E7%B4%B0%E3%83%87%E3%83%BC%E3%82%BF%20%E8%A9%95%E4%BE%A1%E3%83%AC%E3%83%93%E3%83%A5%E3%83%BC%20%E6%84%9F%E6%83%B3%E4%BD%93%E9%A8%93%E8%AB%87%20%E5%8F%A3%E3%82%B3%E3%83%9F%E8%A9%95%E5%88%A4%20%E6%9C%89%E6%96%99%E3%82%A2%E3%83%80%E3%83%AB%E3%83%88%E5%8B%95%E7%94%BB%E3%82%B5%E3%82%A4%E3%83%88%E6%AF%94%E8%BC%832022%E5%B9%B4%E6%9C%80%E6%96%B0%E7%89%88&SW=1280&SH=1024&SC=24&CC=true&s=80 HTTP/1.1
Host: officialsite.lolipop.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://press-crew.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 04 Dec 2022 22:39:18 GMT
content-type: application/x-javascript
content-length: 0
server: Apache
x-powered-by: PHP/7.4.33
set-cookie: _thk_uid=AeKYvg; path=/thk-analytics-124/thk/; domain=officialsite.lolipop.jp
vary: Range
accept-ranges: none
X-Firefox-Spdy: h2

press-crew.com/adarutosaito/h4610/

150.95.59.37

200 OK

0 B

URL HTTP/2
press-crew.com/adarutosaito/h4610/
IP
150.95.59.37:0
ASN
#7506 GMO Internet,Inc

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /adarutosaito/h4610/ HTTP/1.1
Host: press-crew.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers

HTTP/2 200 OK
content-type: text/html; charset=UTF-8
content-encoding: br
vary: Accept-Encoding
date: Sun, 04 Dec 2022 22:39:12 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css

104.18.10.207

200 OK

0 B

URL HTTP/2
maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css
IP
104.18.10.207:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /font-awesome/4.4.0/css/font-awesome.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://press-crew.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 04 Dec 2022 22:39:13 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-cachedat: 12/13/2021 21:25:06
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 632
cdn-status: 200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-requestid: 8ac87b10825a6871d9cd076fc3a23e4f
cdn-cache: HIT
cf-cache-status: HIT
age: 15640305
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7748096b2b92b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Playball|Teko

142.250.74.106

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Playball|Teko
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Playball|Teko HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://press-crew.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 04 Dec 2022 22:39:13 GMT
date: Sun, 04 Dec 2022 22:39:13 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (9)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations