2tty.584ce.wh.wy5532.com/
37.48.65.152200 OK 485 B URL HTTP/1.1 2tty.584ce.wh.wy5532.com/
IP 37.48.65.152:0
ASN #60781 LeaseWeb Netherlands B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (485), with no line terminators
Hash fdeacc98c2fcafd8ee77d484f3f7637e
6f1247c202cf0049efb6a1d49a320fedcb85f220
996f4914d5cbf0f3b56ce7a28cb42fe26f1b9867fd135521298cf62c33cde44a
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: 2tty.584ce.wh.wy5532.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: sid=15b7c34a-7336-11ed-9162-0c49497f5a42
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
accept-ch: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 485
content-type: text/html; charset=utf-8
date: Sat, 03 Dec 2022 18:50:52 GMT
server: nginx
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3bbb845b153026fc5332dd4506585b57
3cad200fac28fd00f34ce6ef79373e661e188743
6035871c0de6ff2d120921461207cfa32bc286e1fe78849ce74815ffbb9ff950
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6035871C0DE6FF2D120921461207CFA32BC286E1FE78849CE74815FFBB9FF950"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6198
Expires: Sat, 03 Dec 2022 20:34:11 GMT
Date: Sat, 03 Dec 2022 18:50:53 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 67e9370f1bf3e4946a01f346eeae8966
aaab391d1134302d718de7a0d5edbedf884633e6
27a8654fb14db88d4b2bb3b45c1b197fc498cd94143d4a68687742fa48a41358
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1189
Cache-Control: max-age=144008
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 18:50:53 GMT
Etag: "638b2570-1d7"
Expires: Mon, 05 Dec 2022 10:51:01 GMT
Last-Modified: Sat, 03 Dec 2022 10:31:12 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 55b4c61a1e99001307750e3647fe1102
7559f9f6770b7d3f45b723167062096312641e08
39f6bb64420bcfc8f0b010168fd35b67732984cd0698409f04d5ae40410422aa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39F6BB64420BCFC8F0B010168FD35B67732984CD0698409F04D5AE40410422AA"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12323
Expires: Sat, 03 Dec 2022 22:16:16 GMT
Date: Sat, 03 Dec 2022 18:50:53 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 03 Dec 2022 18:18:16 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1957
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: bZrHN8jVnk+iS4htjFxPPmpBfQd2EsdRf8Puy1Wu0lpdV2ktnKtgodQdzjiHC7m51/CItM1HAl8=
x-amz-request-id: 308479NQ9SWPQ6J6
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 03 Dec 2022 18:47:14 GMT
age: 219
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 18:50:53 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
2tty.584ce.wh.wy5532.com/favicon.ico
37.48.65.152404 Not Found 9 B URL HTTP/1.1 2tty.584ce.wh.wy5532.com/favicon.ico
IP 37.48.65.152:0
ASN #60781 LeaseWeb Netherlands B.V.
File type ASCII text, with no line terminators
Hash d8f4a1993546cc4b850cde3599e27aec
094b763b4cfcc0b05e5d040581cd513c3ca08067
907ba78b4545338d3539683e63ecb51cf51c10adc9dabd86e92bd52339f298b9
GET /favicon.ico HTTP/1.1
Host: 2tty.584ce.wh.wy5532.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://2tty.584ce.wh.wy5532.com/
Cookie: sid=15b7c34a-7336-11ed-9162-0c49497f5a42
HTTP/1.1 404 Not Found
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 9
date: Sat, 03 Dec 2022 18:50:52 GMT
server: nginx
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, ETag, Alert, Expires, Cache-Control, Backoff, Content-Length, Content-Type, Pragma, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 03 Dec 2022 18:08:58 GMT
cache-control: public,max-age=3600
age: 2515
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a151c326c67e1abb747847c1427db76f
80885d30ef8ba867bf33c40b861976958a27493a
de2b573ee1c8af980e593352e0c331b2595f62bd4499300ace30821d20814760
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1159
Cache-Control: max-age=138916
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 18:50:54 GMT
Etag: "638b11ab-1d7"
Expires: Mon, 05 Dec 2022 09:26:10 GMT
Last-Modified: Sat, 03 Dec 2022 09:06:51 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471
2tty.584ce.wh.wy5532.com/?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY3MDEwMDY1MywiaWF0IjoxNjcwMDkzNDUzLCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIyc21scTlkMnVtcDg1aDN1NGswbWJ0ZTUiLCJuYmYiOjE2NzAwOTM0NTMsInRzIjoxNjcwMDkzNDUzMDUzNDMwfQ.j3KLET5AxbGlgqDQZctPJ1pfCGT_1U8106AUD8mIwc8&sid=15b7c34a-7336-11ed-9162-0c49497f5a42
37.48.65.152302 Found 11 B URL HTTP/1.1 2tty.584ce.wh.wy5532.com/?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY3MDEwMDY1MywiaWF0IjoxNjcwMDkzNDUzLCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIyc21scTlkMnVtcDg1aDN1NGswbWJ0ZTUiLCJuYmYiOjE2NzAwOTM0NTMsInRzIjoxNjcwMDkzNDUzMDUzNDMwfQ.j3KLET5AxbGlgqDQZctPJ1pfCGT_1U8106AUD8mIwc8&sid=15b7c34a-7336-11ed-9162-0c49497f5a42
IP 37.48.65.152:0
ASN #60781 LeaseWeb Netherlands B.V.
File type ASCII text, with no line terminators
Hash 32682312d17c7cbf18e73594f5570319
60e22121bdd0bc71cdb2bae2a3aa577006b2eae9
e55fb1a1d731153e943b68844af12dcce8bfac917c98ffdea64c80da0607dd47
GET /?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY3MDEwMDY1MywiaWF0IjoxNjcwMDkzNDUzLCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIyc21scTlkMnVtcDg1aDN1NGswbWJ0ZTUiLCJuYmYiOjE2NzAwOTM0NTMsInRzIjoxNjcwMDkzNDUzMDUzNDMwfQ.j3KLET5AxbGlgqDQZctPJ1pfCGT_1U8106AUD8mIwc8&sid=15b7c34a-7336-11ed-9162-0c49497f5a42 HTTP/1.1
Host: 2tty.584ce.wh.wy5532.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://2tty.584ce.wh.wy5532.com/
Cookie: sid=15b7c34a-7336-11ed-9162-0c49497f5a42
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 11
date: Sat, 03 Dec 2022 18:50:53 GMT
location: http://click-v4.expmdiadi.com/click?i=iE2K*b7gssY_0
server: nginx
set-cookie: sid=15b7c34a-7336-11ed-9162-0c49497f5a42; path=/; domain=.wy5532.com; expires=Thu, 21 Dec 2090 22:05:01 GMT; max-age=2147483647; HttpOnly
push.services.mozilla.com/
35.164.183.116101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.164.183.116:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 0YQDxYrBsZ5jxPKOdj3umw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: FF3Zlxj0cLb5+VDsy4xQo4CzOzg=
click-v4.expmdiadi.com/click?i=iE2K*b7gssY_0
198.134.116.17302 Found 0 B URL HTTP/1.1 click-v4.expmdiadi.com/click?i=iE2K*b7gssY_0
IP 198.134.116.17:0
ASN #27257 WEBAIR-INTERNET
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click?i=iE2K*b7gssY_0 HTTP/1.1
Host: click-v4.expmdiadi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://2tty.584ce.wh.wy5532.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Cache-Control: no-store
Content-Length: 0
Age: 0
Connection: keep-alive
Location: https://gracelessbrief.com/wq3ht79x1?key=61640e6829406cb5e3f614ac2a9e21c0&psid=wy5532.com
Pragma: no-cache
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9a0280d41f8b469bd62bc3c937a9e663
576d031e77d29a3c71bb9f100206b2fdda371bfa
c8c921898f40c05ed4d74e5e5639fb7b7db02a5405193d532bfd196072fe18af
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C8C921898F40C05ED4D74E5E5639FB7B7DB02A5405193D532BFD196072FE18AF"
Last-Modified: Thu, 01 Dec 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6132
Expires: Sat, 03 Dec 2022 20:33:07 GMT
Date: Sat, 03 Dec 2022 18:50:55 GMT
Connection: keep-alive
gracelessbrief.com/wq3ht79x1?key=61640e6829406cb5e3f614ac2a9e21c0&psid=wy5532.com
192.243.59.20200 OK 2.4 kB URL HTTP/1.1 gracelessbrief.com/wq3ht79x1?key=61640e6829406cb5e3f614ac2a9e21c0&psid=wy5532.com
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (343)
Hash 7e093a6ece04c042d37694fadd623be7
44004daa034446ff8df42df254fa97789adf76e0
5f03e3d98520d0775def463283fb271dd705e19d62f3705c94ea1687a8cd0a21
Analyzer Verdict Alert quad9 Sinkholed
GET /wq3ht79x1?key=61640e6829406cb5e3f614ac2a9e21c0&psid=wy5532.com HTTP/1.1
Host: gracelessbrief.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://2tty.584ce.wh.wy5532.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Sat, 03 Dec 2022 18:50:55 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: u_pl=17612737; expires=Sun, 04 Dec 2022 18:50:55 GMT
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzYxMjczNywiayI6IjYxNjQwZTY4Mjk0MDZjYjVlM2Y2MTRhYzJhOWUyMWMwIiwic2lkIjoid3k1NTMyLmNvbSIsImlzaWQiOjIsImFzaWQiOjEsInppZCI6MTk2NDM0MywicGlkIjozODgwMTIsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MzIsImFpZCI6MjgsInB0Ijo0LCJwayI6IndxM2h0Nzl4MSIsInQiOjF9LCJwYiI6eyJyZXAiOiJodHRwczovL3d3dy5nb29nbGUuY29tLyIsImlmIjp0cnVlLCJuYyI6ZmFsc2UsIm5qIjpmYWxzZSwiaW4iOmZhbHNlLCJ0cCI6MSwibmEiOmZhbHNlfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOmZhbHNlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHA6Ly8ydHR5LjU4NGNlLndoLnd5NTUzMi5jb20vIn19.lHS8aHUlYTfRbwkr5WqXjOBzkJiqOO7BAo3ArTnyPOs; expires=Sat, 03 Dec 2022 18:51:55 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 2e5c1183d2b4173a7d50d7e1cc07baa3
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7314
Expires: Sat, 03 Dec 2022 20:52:49 GMT
Date: Sat, 03 Dec 2022 18:50:55 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7314
Expires: Sat, 03 Dec 2022 20:52:49 GMT
Date: Sat, 03 Dec 2022 18:50:55 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7260
Expires: Sat, 03 Dec 2022 20:51:55 GMT
Date: Sat, 03 Dec 2022 18:50:55 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7314
Expires: Sat, 03 Dec 2022 20:52:49 GMT
Date: Sat, 03 Dec 2022 18:50:55 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7260
Expires: Sat, 03 Dec 2022 20:51:55 GMT
Date: Sat, 03 Dec 2022 18:50:55 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd7dc00fa-a8d3-44bf-ba84-1998d8dd7c5a.jpeg
34.120.237.76200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd7dc00fa-a8d3-44bf-ba84-1998d8dd7c5a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fcb89ca25035b2bbb71ae5dd175fcd40
544428cdad754b1bb7be3cd46a79bf078fd5b450
36dcbbe6cd2710ee502776b4bcf32053e92b750a55e2bd4cdeadbc694c7c2699
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd7dc00fa-a8d3-44bf-ba84-1998d8dd7c5a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4309
x-amzn-requestid: c824c317-e6e3-4006-9f9d-ea54e8170a4c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cf2_tGErIAMF8_A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63896b97-7fc523296afea4dd4b5d1de8;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 03:05:59 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: bd85z5A6C0nxpDjeSEPp1NHJxXFO5sy1OgTLz7KpdWz61TNrfyQ47Q==
via: 1.1 40b967aa4aa18637c4b91214147f3cb4.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 03:53:20 GMT
age: 53855
etag: "544428cdad754b1bb7be3cd46a79bf078fd5b450"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F73b53015-e415-4fff-9252-8a16bbe000f5.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F73b53015-e415-4fff-9252-8a16bbe000f5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 45182367fd4f8b6dd234eef1022acdb1
d4b3052021ff3ad1dc4134fa25eb12a98e7c17da
a57fadaf74db2fb457cfe761314d56f021d22146f5bdb6a8bf11b6519e8a558d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F73b53015-e415-4fff-9252-8a16bbe000f5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9715
x-amzn-requestid: c8102cfa-78dc-4d81-ad6a-e16b9132e238
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ciZO2HQKIAMF8IA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638a6f2b-350c586b568e6565763376bd;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 21:33:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 0QkVKyYm9UwlF5FEeli9UsRAQwEi3-c3bMR-QSJxIKRQe7WWT76dGQ==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 21:51:06 GMT
age: 75589
etag: "d4b3052021ff3ad1dc4134fa25eb12a98e7c17da"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F627a3f86-b7fa-44c4-a119-2e3d23eb8b6a.jpeg
34.120.237.76200 OK 5.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F627a3f86-b7fa-44c4-a119-2e3d23eb8b6a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1e74254b3fdce7d6b84a71a7aff43789
65c8b4abf957f9b54d99d0f78559e639adb29efb
f278c3cc6734da7188862a8c651c803e7ac1fda82234e191761453cb1359d3ee
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F627a3f86-b7fa-44c4-a119-2e3d23eb8b6a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5354
x-amzn-requestid: 3d58ffea-3433-4c5c-a60b-17f6de3a33e5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cSsnvG44oAMFfyQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638427ca-63b375f04189b7ce7d84cd5d;Sampled=0
x-amzn-remapped-date: Mon, 28 Nov 2022 03:15:22 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: -AurmlKwF0QgfsWBsV3ZN9ZyDhw1Zo82zUqrpkBbvbCfh0j7evV2Tg==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 11:01:04 GMT
age: 28191
etag: "65c8b4abf957f9b54d99d0f78559e639adb29efb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg
34.120.237.76200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b986f9fcbeca91ed5c8d58fbfaf47d19
6e6c8bd2bce144cc4da1cd7be375b046b60dca79
07a8938d2841f8c13bd646f4e79e41e46acd6463aa019cd70871b3741f12bb4f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6174
x-amzn-requestid: f78f1e9d-8c0c-495d-a862-61838f8297e8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cZ0iyH2WoAMFQdg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63870144-45442a8544259930564f685b;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 07:07:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: QIOz71_Kr08pIIwOm2GUkWr421fO7-UyUI7LYld0JBaGnYQ0j3IDFg==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 00:57:24 GMT
age: 64411
etag: "6e6c8bd2bce144cc4da1cd7be375b046b60dca79"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg
34.120.237.76200 OK 2.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b47431190f34eccf0a6efb98e2a32b7d
9fc7ab3a4eb2d36fd6df7e0267a26a47627d1704
08d3b6be354cafb70c20e6865788cb375adbf88d47711651fe1a3b855094daf2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 2942
x-amzn-requestid: ed26679f-cd56-477f-9914-f9afbcaaeea6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGeoGFYoAMFWgA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891df7-4ec6bebe21656d5026456994;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:47 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XvG2dAUeB914GQ1qJwQRHovAtra8OSjG-CsXeR8UOBq5r8qVjEbPBQ==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 05:02:08 GMT
age: 49727
etag: "9fc7ab3a4eb2d36fd6df7e0267a26a47627d1704"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F864be807-d5f6-42e3-bd58-f7641a256b9a.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F864be807-d5f6-42e3-bd58-f7641a256b9a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 379a4a1b95d3aa3c5a4f8e7f9abb030f
d45dceb3dc58a07197aa5077582b5b1cd2ff791a
1b92dec5bf90beffbcd9060052b8788f08645dd4ba34219f7ddb2d40bbd2d151
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F864be807-d5f6-42e3-bd58-f7641a256b9a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7732
x-amzn-requestid: 3781c2b7-082a-468a-a186-f7483494e749
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGeoEq3IAMFnKg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891df7-679fe9f905e07abf4e6a812c;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: V4Z3TZtTDMjnyxZx7VdJrKtZ-PbZkWnsQ0-1eFDem4TVyRGvk0dc7A==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 21:39:57 GMT
age: 76258
etag: "d45dceb3dc58a07197aa5077582b5b1cd2ff791a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
gracelessbrief.com/wq3ht79x1?pst=1670093515&rmtc=t&uuid=&pii=&in=false&refer=http%3A%2F%2F2tty.584ce.wh.wy5532.com%2F&key=61640e6829406cb5e3f614ac2a9e21c0&shu=591cbd4128f3fe08ab57f7bc5c473732c039a8d5db8ae4218bd4d960d18043931d5013ea13862f4aef7a2235654bf77c40d50e2def354e4f5d34cc5c016c5d908a4ea9c24cac6363feee16db9f6ca1e141e70d660ea00aadf23dddc0504976&fr=0&sw2=1280&sh2=939&sw3=1280&sh3=176&sw4=1280&sh4=939&sw5=1280&sh5=1024&sw6=1280&sh6=1024&sw7=1280&sh7=1002
192.243.59.20302 Found 0 B URL HTTP/1.1 gracelessbrief.com/wq3ht79x1?pst=1670093515&rmtc=t&uuid=&pii=&in=false&refer=http%3A%2F%2F2tty.584ce.wh.wy5532.com%2F&key=61640e6829406cb5e3f614ac2a9e21c0&shu=591cbd4128f3fe08ab57f7bc5c473732c039a8d5db8ae4218bd4d960d18043931d5013ea13862f4aef7a2235654bf77c40d50e2def354e4f5d34cc5c016c5d908a4ea9c24cac6363feee16db9f6ca1e141e70d660ea00aadf23dddc0504976&fr=0&sw2=1280&sh2=939&sw3=1280&sh3=176&sw4=1280&sh4=939&sw5=1280&sh5=1024&sw6=1280&sh6=1024&sw7=1280&sh7=1002
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /wq3ht79x1?pst=1670093515&rmtc=t&uuid=&pii=&in=false&refer=http%3A%2F%2F2tty.584ce.wh.wy5532.com%2F&key=61640e6829406cb5e3f614ac2a9e21c0&shu=591cbd4128f3fe08ab57f7bc5c473732c039a8d5db8ae4218bd4d960d18043931d5013ea13862f4aef7a2235654bf77c40d50e2def354e4f5d34cc5c016c5d908a4ea9c24cac6363feee16db9f6ca1e141e70d660ea00aadf23dddc0504976&fr=0&sw2=1280&sh2=939&sw3=1280&sh3=176&sw4=1280&sh4=939&sw5=1280&sh5=1024&sw6=1280&sh6=1024&sw7=1280&sh7=1002 HTTP/1.1
Host: gracelessbrief.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://gracelessbrief.com/wq3ht79x1?key=9ca601a9f47c735df76d5ca46fa26a66&submetric=17612737
Cookie: u_pl=17612737; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzYxMjczNywiayI6IjYxNjQwZTY4Mjk0MDZjYjVlM2Y2MTRhYzJhOWUyMWMwIiwic2lkIjoid3k1NTMyLmNvbSIsImlzaWQiOjIsImFzaWQiOjEsInppZCI6MTk2NDM0MywicGlkIjozODgwMTIsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MzIsImFpZCI6MjgsInB0Ijo0LCJwayI6IndxM2h0Nzl4MSIsInQiOjF9LCJwYiI6eyJyZXAiOiJodHRwczovL3d3dy5nb29nbGUuY29tLyIsImlmIjp0cnVlLCJuYyI6ZmFsc2UsIm5qIjpmYWxzZSwiaW4iOmZhbHNlLCJ0cCI6MSwibmEiOmZhbHNlfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6OTA3NTM0NTcsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjozODkxNCwib24iOiJXaW5kb3dzIiwib3YiOiIxMC4wIiwiYmlkIjoxMjA2MjUsImJuIjoiRmlyZWZveCIsImJ2IjoiMTA1LjAiLCJ3diI6ZmFsc2UsImUiOmZhbHNlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHA6Ly8ydHR5LjU4NGNlLndoLnd5NTUzMi5jb20vIn19.lHS8aHUlYTfRbwkr5WqXjOBzkJiqOO7BAo3ArTnyPOs; cjs=t
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 302 Found
Server: nginx/1.17.9
Date: Sat, 03 Dec 2022 18:50:55 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Location: https://supanimegames.com/common/tr/ce/land_ce_300520_na_en/?p1=https://click.hooligapps.com&pid=3&offer_id=12&ref_id=VjN8MTc2MTI3Mzd8MjI3MDcwN3w5MDc1MzQ1N3wxNjcwMDkzNDU1fDAwMDAwMDAwLTAwMDAtMDAwMC0wMDAwLTAwMDAwMDAwMDAwMHw5MS45MC40Mi4xNTR8MXxwc3ViPXd5NTUzMi5jb218c2g9NTkxY2JkNDEyOGYzZmUwOGFiNTdmN2JjNWM0NzM3MzJjMDM5YThkNWRiOGFlNDIxOGJkNGQ5NjBkMTgwNDM5MzFkNTAxM2VhMTM4NjJmNGFlZjdhMjIzNTY1NGJmNzdjNDBkNTBlMmRlZjM1NGU0ZjVkMzRjYzVjMDE2YzVkOTA4YTRlYTljMjRjYWM2MzYzZmVlZTE2ZGI5ZjZjYTFlMTQxZTcwZDY2MGVhMDBhYWRmMjNkZGRjMDUwNDk3Nnxscz0zfG90dj1hfDAzYmY4MmRhYWZmMTkxMDVhNzcxMTNiY2EwODhiMGEy&sub1=pu_remnant&sub2=17612737
Set-Cookie: iprcaf48a398824769a7c6bbe97bb13eb22e=2270707; expires=Sun, 04 Dec 2022 18:50:55 GMT
pdhtkv=true; expires=Sun, 04 Dec 2022 18:50:55 GMT
uncs=1; expires=Sun, 04 Dec 2022 18:50:55 GMT
pdhtkv28=true; expires=Sun, 04 Dec 2022 18:50:55 GMT
uncs28=1; expires=Sun, 04 Dec 2022 18:50:55 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 72175fd543c5643cb6ace1379bcc09fa
Strict-Transport-Security: max-age=0; includeSubdomains
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 3a1aa61ac37426bb9318caee85963578
2c66f65c1afdd4824e847669df7b9d9bb9f4c45f
1a76a3e84188004128e736d6862d83d18412c5b185736889e4c5abbf827a8715
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5562
Cache-Control: max-age=104429
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 18:50:55 GMT
Etag: "638a79c2-116"
Expires: Sun, 04 Dec 2022 23:51:24 GMT
Last-Modified: Fri, 02 Dec 2022 22:18:42 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 3a1aa61ac37426bb9318caee85963578
2c66f65c1afdd4824e847669df7b9d9bb9f4c45f
1a76a3e84188004128e736d6862d83d18412c5b185736889e4c5abbf827a8715
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5562
Cache-Control: max-age=104429
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 18:50:55 GMT
Etag: "638a79c2-116"
Expires: Sun, 04 Dec 2022 23:51:24 GMT
Last-Modified: Fri, 02 Dec 2022 22:18:42 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 278
supanimegames.com/common/tr/ce/land_ce_300520_na_en/image/notice.png
172.67.180.5200 OK 24 kB URL HTTP/2 supanimegames.com/common/tr/ce/land_ce_300520_na_en/image/notice.png
IP 172.67.180.5:0
File type PNG image data, 1920 x 115, 8-bit colormap, non-interlaced\012- data
Hash 3cf58bc7ec31b37ba73eeed2e20922dd
ef0020a4afa74f34bf7496d8ab04171b69e19f26
9f791fa05194d8417e6d68995973bb43babe3b0704cb4c7011dbb63c69eec028
GET /common/tr/ce/land_ce_300520_na_en/image/notice.png HTTP/1.1
Host: supanimegames.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://supanimegames.com/common/tr/ce/land_ce_300520_na_en/?p1=https://click.hooligapps.com&pid=3&offer_id=12&ref_id=VjN8MTc2MTI3Mzd8MjI3MDcwN3w5MDc1MzQ1N3wxNjcwMDkzNDU1fDAwMDAwMDAwLTAwMDAtMDAwMC0wMDAwLTAwMDAwMDAwMDAwMHw5MS45MC40Mi4xNTR8MXxwc3ViPXd5NTUzMi5jb218c2g9NTkxY2JkNDEyOGYzZmUwOGFiNTdmN2JjNWM0NzM3MzJjMDM5YThkNWRiOGFlNDIxOGJkNGQ5NjBkMTgwNDM5MzFkNTAxM2VhMTM4NjJmNGFlZjdhMjIzNTY1NGJmNzdjNDBkNTBlMmRlZjM1NGU0ZjVkMzRjYzVjMDE2YzVkOTA4YTRlYTljMjRjYWM2MzYzZmVlZTE2ZGI5ZjZjYTFlMTQxZTcwZDY2MGVhMDBhYWRmMjNkZGRjMDUwNDk3Nnxscz0zfG90dj1hfDAzYmY4MmRhYWZmMTkxMDVhNzcxMTNiY2EwODhiMGEy&sub1=pu_remnant&sub2=17612737
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 18:50:55 GMT
content-type: image/png
content-length: 23707
last-modified: Mon, 07 Sep 2020 15:55:03 GMT
etag: "5f5657d7-5c9b"
cache-control: max-age=14400
cf-cache-status: HIT
age: 633
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sMgbjOBnzfubEgwDp2vJxw7abYaW2%2FhnSvlrMTed7Y28CHglbq%2FhK5sExmxtoE4Ps%2Ba7gJWQt43iiTSux83CQppGo69r1Pbq8vNTGO%2BrUIawYkofNwpeIw%2FtedU5dk%2FzDFlC7g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 773e7da3baa81c0e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
supanimegames.com/common/tr/ce/land_ce_300520_na_en/image/logo.png
172.67.180.5200 OK 4.8 kB URL HTTP/2 supanimegames.com/common/tr/ce/land_ce_300520_na_en/image/logo.png
IP 172.67.180.5:0
File type PNG image data, 291 x 93, 8-bit colormap, non-interlaced\012- data
Hash d2ce778778e09563ac9eb50b06b2d6fb
79ee65334aa4e0f3d8fe45fa29dba31e4f9d979e
0f56b6c137e245f0b3d6af93e8f3ae48c15ff33e29e36df20530f40abeee8ee3
GET /common/tr/ce/land_ce_300520_na_en/image/logo.png HTTP/1.1
Host: supanimegames.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://supanimegames.com/common/tr/ce/land_ce_300520_na_en/?p1=https://click.hooligapps.com&pid=3&offer_id=12&ref_id=VjN8MTc2MTI3Mzd8MjI3MDcwN3w5MDc1MzQ1N3wxNjcwMDkzNDU1fDAwMDAwMDAwLTAwMDAtMDAwMC0wMDAwLTAwMDAwMDAwMDAwMHw5MS45MC40Mi4xNTR8MXxwc3ViPXd5NTUzMi5jb218c2g9NTkxY2JkNDEyOGYzZmUwOGFiNTdmN2JjNWM0NzM3MzJjMDM5YThkNWRiOGFlNDIxOGJkNGQ5NjBkMTgwNDM5MzFkNTAxM2VhMTM4NjJmNGFlZjdhMjIzNTY1NGJmNzdjNDBkNTBlMmRlZjM1NGU0ZjVkMzRjYzVjMDE2YzVkOTA4YTRlYTljMjRjYWM2MzYzZmVlZTE2ZGI5ZjZjYTFlMTQxZTcwZDY2MGVhMDBhYWRmMjNkZGRjMDUwNDk3Nnxscz0zfG90dj1hfDAzYmY4MmRhYWZmMTkxMDVhNzcxMTNiY2EwODhiMGEy&sub1=pu_remnant&sub2=17612737
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 18:50:55 GMT
content-type: image/png
content-length: 4794
last-modified: Mon, 07 Sep 2020 15:55:03 GMT
etag: "5f5657d7-12ba"
cache-control: max-age=14400
cf-cache-status: HIT
age: 633
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=usukHfRMPWYtw5CTSwK24LmWFy8R0OvdPioG65eZlVR%2Frt0hFrLvRdnE7tv7QqTTkoPpgLWrBnAZA8PDdGKV8js5yCMuUOTH7ozIPybmTuBFj8maR9p1ngQDQ93acZhE5G3wvw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 773e7da3baac1c0e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
supanimegames.com/common/tr/ce/land_ce_300520_na_en/image/n1.png
172.67.180.5200 OK 4.0 kB URL HTTP/2 supanimegames.com/common/tr/ce/land_ce_300520_na_en/image/n1.png
IP 172.67.180.5:0
File type PNG image data, 321 x 70, 8-bit colormap, non-interlaced\012- data
Hash 6620042f764faeabe7cc1cfb38ff601c
877812b21435579792db6aac1b56fde6cda905a2
2e0719b37a163591cfd41f5d16af5881c10363db67a3a3c69d4aa6d0e4d07fac
GET /common/tr/ce/land_ce_300520_na_en/image/n1.png HTTP/1.1
Host: supanimegames.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://supanimegames.com/common/tr/ce/land_ce_300520_na_en/?p1=https://click.hooligapps.com&pid=3&offer_id=12&ref_id=VjN8MTc2MTI3Mzd8MjI3MDcwN3w5MDc1MzQ1N3wxNjcwMDkzNDU1fDAwMDAwMDAwLTAwMDAtMDAwMC0wMDAwLTAwMDAwMDAwMDAwMHw5MS45MC40Mi4xNTR8MXxwc3ViPXd5NTUzMi5jb218c2g9NTkxY2JkNDEyOGYzZmUwOGFiNTdmN2JjNWM0NzM3MzJjMDM5YThkNWRiOGFlNDIxOGJkNGQ5NjBkMTgwNDM5MzFkNTAxM2VhMTM4NjJmNGFlZjdhMjIzNTY1NGJmNzdjNDBkNTBlMmRlZjM1NGU0ZjVkMzRjYzVjMDE2YzVkOTA4YTRlYTljMjRjYWM2MzYzZmVlZTE2ZGI5ZjZjYTFlMTQxZTcwZDY2MGVhMDBhYWRmMjNkZGRjMDUwNDk3Nnxscz0zfG90dj1hfDAzYmY4MmRhYWZmMTkxMDVhNzcxMTNiY2EwODhiMGEy&sub1=pu_remnant&sub2=17612737
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 18:50:55 GMT
content-type: image/png
content-length: 3979
last-modified: Mon, 07 Sep 2020 15:55:03 GMT
etag: "5f5657d7-f8b"
cache-control: max-age=14400
cf-cache-status: HIT
age: 4636
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iYaajvT%2F68s6Xc9KgluiBRv%2BwtOXTBv8Whj0S1lXNLFjlpxtQX2cnjPv%2BB%2FCv%2FjLgENFc7ClZf0KRI3jXkJn6QZJLJ8iHv0S2ttv4Fp%2F%2BNFRVW5zgl2n1Y%2FEM6r6j0YdK1bNiw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 773e7da3baae1c0e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
supanimegames.com/common/tr/ce/land_ce_300520_na_en/image/card1.png
172.67.180.5200 OK 76 kB URL HTTP/2 supanimegames.com/common/tr/ce/land_ce_300520_na_en/image/card1.png
IP 172.67.180.5:0
File type PNG image data, 354 x 607, 8-bit colormap, non-interlaced\012- data
Hash e35b87a58183c9d6050dd668f192bbf7
1c8ae327fd1fde27dc19400b653d1e23f9dbf73e
fa8a6f284a1cabd4e57be38602f0833a67460e4abd9eb087b85d9e0c57bd0032
GET /common/tr/ce/land_ce_300520_na_en/image/card1.png HTTP/1.1
Host: supanimegames.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://supanimegames.com/common/tr/ce/land_ce_300520_na_en/?p1=https://click.hooligapps.com&pid=3&offer_id=12&ref_id=VjN8MTc2MTI3Mzd8MjI3MDcwN3w5MDc1MzQ1N3wxNjcwMDkzNDU1fDAwMDAwMDAwLTAwMDAtMDAwMC0wMDAwLTAwMDAwMDAwMDAwMHw5MS45MC40Mi4xNTR8MXxwc3ViPXd5NTUzMi5jb218c2g9NTkxY2JkNDEyOGYzZmUwOGFiNTdmN2JjNWM0NzM3MzJjMDM5YThkNWRiOGFlNDIxOGJkNGQ5NjBkMTgwNDM5MzFkNTAxM2VhMTM4NjJmNGFlZjdhMjIzNTY1NGJmNzdjNDBkNTBlMmRlZjM1NGU0ZjVkMzRjYzVjMDE2YzVkOTA4YTRlYTljMjRjYWM2MzYzZmVlZTE2ZGI5ZjZjYTFlMTQxZTcwZDY2MGVhMDBhYWRmMjNkZGRjMDUwNDk3Nnxscz0zfG90dj1hfDAzYmY4MmRhYWZmMTkxMDVhNzcxMTNiY2EwODhiMGEy&sub1=pu_remnant&sub2=17612737
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 18:50:55 GMT
content-type: image/png
content-length: 75556
last-modified: Mon, 07 Sep 2020 15:55:03 GMT
etag: "5f5657d7-12724"
cache-control: max-age=14400
cf-cache-status: HIT
age: 633
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=79USxZDThwxy2AOIg%2F3avcldhET8Hc3DDw1qgLL8BP43Re%2BsUP8WdGEGSnganz1%2FOAEKIN0Nl4h0BvsftZNN1ohn8cCh55MGLeUV%2BN1uGBnzNq0asFIIv3RvwUMzKX9uOY74bw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 773e7da3baad1c0e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
supanimegames.com/common/tr/ce/land_ce_300520_na_en/image/card2.png
172.67.180.5200 OK 73 kB URL HTTP/2 supanimegames.com/common/tr/ce/land_ce_300520_na_en/image/card2.png
IP 172.67.180.5:0
File type PNG image data, 354 x 607, 8-bit colormap, non-interlaced\012- data
Hash c35c1130835c4890905a1545b31cbd81
3ea153adfc6a29a18e6b9b81a44be24eefb888fc
08762ec4d73be8c26aba0c720410abcf204514f2d96a78956f008087a0481894
GET /common/tr/ce/land_ce_300520_na_en/image/card2.png HTTP/1.1
Host: supanimegames.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://supanimegames.com/common/tr/ce/land_ce_300520_na_en/?p1=https://click.hooligapps.com&pid=3&offer_id=12&ref_id=VjN8MTc2MTI3Mzd8MjI3MDcwN3w5MDc1MzQ1N3wxNjcwMDkzNDU1fDAwMDAwMDAwLTAwMDAtMDAwMC0wMDAwLTAwMDAwMDAwMDAwMHw5MS45MC40Mi4xNTR8MXxwc3ViPXd5NTUzMi5jb218c2g9NTkxY2JkNDEyOGYzZmUwOGFiNTdmN2JjNWM0NzM3MzJjMDM5YThkNWRiOGFlNDIxOGJkNGQ5NjBkMTgwNDM5MzFkNTAxM2VhMTM4NjJmNGFlZjdhMjIzNTY1NGJmNzdjNDBkNTBlMmRlZjM1NGU0ZjVkMzRjYzVjMDE2YzVkOTA4YTRlYTljMjRjYWM2MzYzZmVlZTE2ZGI5ZjZjYTFlMTQxZTcwZDY2MGVhMDBhYWRmMjNkZGRjMDUwNDk3Nnxscz0zfG90dj1hfDAzYmY4MmRhYWZmMTkxMDVhNzcxMTNiY2EwODhiMGEy&sub1=pu_remnant&sub2=17612737
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 18:50:55 GMT
content-type: image/png
content-length: 73161
last-modified: Mon, 07 Sep 2020 15:55:03 GMT
etag: "5f5657d7-11dc9"
cache-control: max-age=14400
cf-cache-status: HIT
age: 4636
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F17lP4pfFMftZuxFt1PIvkUCCi11MXzcng9tbF4%2FS5%2F8m6o5ngQ6GZh1jy5wEHEJDkn%2FxDg74FrA41vzFnhGhigLsyJKt%2FEk6tVvEqUxqp98DXmPZ9fhTq8CiC4FYXCVlNNK3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 773e7da3bab11c0e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
supanimegames.com/common/tr/ce/land_ce_300520_na_en/image/n2.png
172.67.180.5200 OK 3.1 kB URL HTTP/2 supanimegames.com/common/tr/ce/land_ce_300520_na_en/image/n2.png
IP 172.67.180.5:0
File type PNG image data, 321 x 70, 8-bit colormap, non-interlaced\012- data
Hash cf90c3ff9f0490f4d07c3b4f6d2f2a28
e1b55d2deeb10a2660c776b6ae65b0623f96c7a5
fe7ceed78142de7e4b88367e1e2eeb9d499a804f133b2800270a246b252abe0f
GET /common/tr/ce/land_ce_300520_na_en/image/n2.png HTTP/1.1
Host: supanimegames.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://supanimegames.com/common/tr/ce/land_ce_300520_na_en/?p1=https://click.hooligapps.com&pid=3&offer_id=12&ref_id=VjN8MTc2MTI3Mzd8MjI3MDcwN3w5MDc1MzQ1N3wxNjcwMDkzNDU1fDAwMDAwMDAwLTAwMDAtMDAwMC0wMDAwLTAwMDAwMDAwMDAwMHw5MS45MC40Mi4xNTR8MXxwc3ViPXd5NTUzMi5jb218c2g9NTkxY2JkNDEyOGYzZmUwOGFiNTdmN2JjNWM0NzM3MzJjMDM5YThkNWRiOGFlNDIxOGJkNGQ5NjBkMTgwNDM5MzFkNTAxM2VhMTM4NjJmNGFlZjdhMjIzNTY1NGJmNzdjNDBkNTBlMmRlZjM1NGU0ZjVkMzRjYzVjMDE2YzVkOTA4YTRlYTljMjRjYWM2MzYzZmVlZTE2ZGI5ZjZjYTFlMTQxZTcwZDY2MGVhMDBhYWRmMjNkZGRjMDUwNDk3Nnxscz0zfG90dj1hfDAzYmY4MmRhYWZmMTkxMDVhNzcxMTNiY2EwODhiMGEy&sub1=pu_remnant&sub2=17612737
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 18:50:55 GMT
content-type: image/png
content-length: 3126
last-modified: Mon, 07 Sep 2020 15:55:03 GMT
etag: "5f5657d7-c36"
cache-control: max-age=14400
cf-cache-status: HIT
age: 633
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GUcyqzozUvvDZkfHQLh0ohBvUmNxwRXYxD%2FIFaFgRsL%2B7JmbELaDJPWcHqrVr97L8XncwlS3k63esPte9rRPbV0L37vMAXXZ1OFIk1mjBH%2F1TYHJn1boo%2Fnr1nN6WpxQl2cQbA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 773e7da3bab51c0e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
supanimegames.com/common/tr/ce/land_ce_300520_na_en/image/n3.png
172.67.180.5200 OK 4.4 kB URL HTTP/2 supanimegames.com/common/tr/ce/land_ce_300520_na_en/image/n3.png
IP 172.67.180.5:0
File type PNG image data, 321 x 70, 8-bit colormap, non-interlaced\012- data
Hash fc317e9bd9f72a1a5ba533ff7b075308
d45cb010a1858c7ab98453deaec177b0f7ec2a1a
f9f14555016459f6f23714a23c1d9f8126fd698102fac67240324c0cb07b6ec0
GET /common/tr/ce/land_ce_300520_na_en/image/n3.png HTTP/1.1
Host: supanimegames.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://supanimegames.com/common/tr/ce/land_ce_300520_na_en/?p1=https://click.hooligapps.com&pid=3&offer_id=12&ref_id=VjN8MTc2MTI3Mzd8MjI3MDcwN3w5MDc1MzQ1N3wxNjcwMDkzNDU1fDAwMDAwMDAwLTAwMDAtMDAwMC0wMDAwLTAwMDAwMDAwMDAwMHw5MS45MC40Mi4xNTR8MXxwc3ViPXd5NTUzMi5jb218c2g9NTkxY2JkNDEyOGYzZmUwOGFiNTdmN2JjNWM0NzM3MzJjMDM5YThkNWRiOGFlNDIxOGJkNGQ5NjBkMTgwNDM5MzFkNTAxM2VhMTM4NjJmNGFlZjdhMjIzNTY1NGJmNzdjNDBkNTBlMmRlZjM1NGU0ZjVkMzRjYzVjMDE2YzVkOTA4YTRlYTljMjRjYWM2MzYzZmVlZTE2ZGI5ZjZjYTFlMTQxZTcwZDY2MGVhMDBhYWRmMjNkZGRjMDUwNDk3Nnxscz0zfG90dj1hfDAzYmY4MmRhYWZmMTkxMDVhNzcxMTNiY2EwODhiMGEy&sub1=pu_remnant&sub2=17612737
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 18:50:55 GMT
content-type: image/png
content-length: 4391
last-modified: Mon, 07 Sep 2020 15:55:03 GMT
etag: "5f5657d7-1127"
cache-control: max-age=14400
cf-cache-status: HIT
age: 6876
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T5Lu51Ym01kV3qRNMeczk8RmgULUVF2tcK55FLnv7VouEF13vAeGRBfjl2uXoyoVNdAp7v9%2F4h1R3BZi%2B%2Fp9a2vlRFU%2FreYEjE8o6jRgV8Miko0%2FcPLHrdqF5IsHm8az0I24%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 773e7da3baba1c0e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
supanimegames.com/common/tr/ce/land_ce_300520_na_en/image/card3.png
172.67.180.5200 OK 71 kB URL HTTP/2 supanimegames.com/common/tr/ce/land_ce_300520_na_en/image/card3.png
IP 172.67.180.5:0
File type PNG image data, 354 x 607, 8-bit colormap, non-interlaced\012- data
Hash 24e3ba1facc039348864b88bd2c6a368
8d45419064713a6014e1beabc988a115cef31ac5
95ab81627a772612d51e5fd9b0b0cec1131d2343ec107695fd5cf147234f2d13
GET /common/tr/ce/land_ce_300520_na_en/image/card3.png HTTP/1.1
Host: supanimegames.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://supanimegames.com/common/tr/ce/land_ce_300520_na_en/?p1=https://click.hooligapps.com&pid=3&offer_id=12&ref_id=VjN8MTc2MTI3Mzd8MjI3MDcwN3w5MDc1MzQ1N3wxNjcwMDkzNDU1fDAwMDAwMDAwLTAwMDAtMDAwMC0wMDAwLTAwMDAwMDAwMDAwMHw5MS45MC40Mi4xNTR8MXxwc3ViPXd5NTUzMi5jb218c2g9NTkxY2JkNDEyOGYzZmUwOGFiNTdmN2JjNWM0NzM3MzJjMDM5YThkNWRiOGFlNDIxOGJkNGQ5NjBkMTgwNDM5MzFkNTAxM2VhMTM4NjJmNGFlZjdhMjIzNTY1NGJmNzdjNDBkNTBlMmRlZjM1NGU0ZjVkMzRjYzVjMDE2YzVkOTA4YTRlYTljMjRjYWM2MzYzZmVlZTE2ZGI5ZjZjYTFlMTQxZTcwZDY2MGVhMDBhYWRmMjNkZGRjMDUwNDk3Nnxscz0zfG90dj1hfDAzYmY4MmRhYWZmMTkxMDVhNzcxMTNiY2EwODhiMGEy&sub1=pu_remnant&sub2=17612737
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 18:50:55 GMT
content-type: image/png
content-length: 70719
last-modified: Mon, 07 Sep 2020 15:55:03 GMT
etag: "5f5657d7-1143f"
cache-control: max-age=14400
cf-cache-status: HIT
age: 633
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mktzYVoWENwWHc1nXj0jdoAsstQpsiE5znALf14BQo5OLCzkMO3fSFcRPK8qppOV6w2YMhSOZyw9Q%2B%2BMKKaLLoFNrCRn9kkat%2FavAg6XWrBbpwU13OGWgHxSrG0Ma0w99GU0xA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 773e7da3bab71c0e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
supanimegames.com/common/tr/ce/land_ce_300520_na_en/image/card4.png
172.67.180.5200 OK 76 kB URL HTTP/2 supanimegames.com/common/tr/ce/land_ce_300520_na_en/image/card4.png
IP 172.67.180.5:0
File type PNG image data, 354 x 607, 8-bit colormap, non-interlaced\012- data
Hash 0f0dec893890c919db2c71f3de1f79bf
b2c9715eb4e6ef216f2c422496d56c11653b761e
e5cad0062c33fa9b127ce49c05fd6dc46452c014905ab90ed65051d4cccd37ff
GET /common/tr/ce/land_ce_300520_na_en/image/card4.png HTTP/1.1
Host: supanimegames.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://supanimegames.com/common/tr/ce/land_ce_300520_na_en/?p1=https://click.hooligapps.com&pid=3&offer_id=12&ref_id=VjN8MTc2MTI3Mzd8MjI3MDcwN3w5MDc1MzQ1N3wxNjcwMDkzNDU1fDAwMDAwMDAwLTAwMDAtMDAwMC0wMDAwLTAwMDAwMDAwMDAwMHw5MS45MC40Mi4xNTR8MXxwc3ViPXd5NTUzMi5jb218c2g9NTkxY2JkNDEyOGYzZmUwOGFiNTdmN2JjNWM0NzM3MzJjMDM5YThkNWRiOGFlNDIxOGJkNGQ5NjBkMTgwNDM5MzFkNTAxM2VhMTM4NjJmNGFlZjdhMjIzNTY1NGJmNzdjNDBkNTBlMmRlZjM1NGU0ZjVkMzRjYzVjMDE2YzVkOTA4YTRlYTljMjRjYWM2MzYzZmVlZTE2ZGI5ZjZjYTFlMTQxZTcwZDY2MGVhMDBhYWRmMjNkZGRjMDUwNDk3Nnxscz0zfG90dj1hfDAzYmY4MmRhYWZmMTkxMDVhNzcxMTNiY2EwODhiMGEy&sub1=pu_remnant&sub2=17612737
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 18:50:55 GMT
content-type: image/png
content-length: 75470
last-modified: Mon, 07 Sep 2020 15:55:03 GMT
etag: "5f5657d7-126ce"
cache-control: max-age=14400
cf-cache-status: HIT
age: 633
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LxfCO290%2BLbzHCTR88Y5t3QZqsB0Z%2BZv%2FGVHQizTgiLFR5QukF1dVLbwMampymi1wVBDRurCYUTJ6nTJAV9DeQE1dbGGBwP1lJ4wxqq1X7n4wpSuvU4cp1L8LO3y%2BihvT9GR6A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 773e7da3babc1c0e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
supanimegames.com/common/tr/ce/land_ce_300520_na_en/image/n4.png
172.67.180.5200 OK 4.3 kB URL HTTP/2 supanimegames.com/common/tr/ce/land_ce_300520_na_en/image/n4.png
IP 172.67.180.5:0
File type PNG image data, 321 x 70, 8-bit colormap, non-interlaced\012- data
Hash 65f74de29d19b60c93ba15b5deae46dd
4765ea691275a910643a97dddba71df97293e608
9c4b56d25b2290a9b04ca138b36c30286d8bcb3db442d1cbb8cc40bfec670208
GET /common/tr/ce/land_ce_300520_na_en/image/n4.png HTTP/1.1
Host: supanimegames.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://supanimegames.com/common/tr/ce/land_ce_300520_na_en/?p1=https://click.hooligapps.com&pid=3&offer_id=12&ref_id=VjN8MTc2MTI3Mzd8MjI3MDcwN3w5MDc1MzQ1N3wxNjcwMDkzNDU1fDAwMDAwMDAwLTAwMDAtMDAwMC0wMDAwLTAwMDAwMDAwMDAwMHw5MS45MC40Mi4xNTR8MXxwc3ViPXd5NTUzMi5jb218c2g9NTkxY2JkNDEyOGYzZmUwOGFiNTdmN2JjNWM0NzM3MzJjMDM5YThkNWRiOGFlNDIxOGJkNGQ5NjBkMTgwNDM5MzFkNTAxM2VhMTM4NjJmNGFlZjdhMjIzNTY1NGJmNzdjNDBkNTBlMmRlZjM1NGU0ZjVkMzRjYzVjMDE2YzVkOTA4YTRlYTljMjRjYWM2MzYzZmVlZTE2ZGI5ZjZjYTFlMTQxZTcwZDY2MGVhMDBhYWRmMjNkZGRjMDUwNDk3Nnxscz0zfG90dj1hfDAzYmY4MmRhYWZmMTkxMDVhNzcxMTNiY2EwODhiMGEy&sub1=pu_remnant&sub2=17612737
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 18:50:55 GMT
content-type: image/png
content-length: 4251
last-modified: Mon, 07 Sep 2020 15:55:03 GMT
etag: "5f5657d7-109b"
cache-control: max-age=14400
cf-cache-status: HIT
age: 4636
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0KsmkK6BGqG2Ek3%2BJzqU1CWyCsFThrp3S56bCH8BHtBurkTzA0BBrtJshQExRtzKCCYP0giB5XDx7Rlv9BHq24CrtI2EuxI%2FTUdW5%2FO2zBNKZCHonMUZRlOtYD%2B6WuymErDfWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 773e7da3cac11c0e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
supanimegames.com/common/tr/ce/land_ce_300520_na_en/image/btn.png
172.67.180.5200 OK 9.3 kB URL HTTP/2 supanimegames.com/common/tr/ce/land_ce_300520_na_en/image/btn.png
IP 172.67.180.5:0
File type PNG image data, 505 x 117, 8-bit colormap, non-interlaced\012- data
Hash 672b08064278674893b0f1e8696c9bea
c54921816b08eccac3489c60d74756c8cdac6632
ec1a15d6e26c6e263b93e313442959027839064a148318eb2341173f18a83550
GET /common/tr/ce/land_ce_300520_na_en/image/btn.png HTTP/1.1
Host: supanimegames.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://supanimegames.com/common/tr/ce/land_ce_300520_na_en/?p1=https://click.hooligapps.com&pid=3&offer_id=12&ref_id=VjN8MTc2MTI3Mzd8MjI3MDcwN3w5MDc1MzQ1N3wxNjcwMDkzNDU1fDAwMDAwMDAwLTAwMDAtMDAwMC0wMDAwLTAwMDAwMDAwMDAwMHw5MS45MC40Mi4xNTR8MXxwc3ViPXd5NTUzMi5jb218c2g9NTkxY2JkNDEyOGYzZmUwOGFiNTdmN2JjNWM0NzM3MzJjMDM5YThkNWRiOGFlNDIxOGJkNGQ5NjBkMTgwNDM5MzFkNTAxM2VhMTM4NjJmNGFlZjdhMjIzNTY1NGJmNzdjNDBkNTBlMmRlZjM1NGU0ZjVkMzRjYzVjMDE2YzVkOTA4YTRlYTljMjRjYWM2MzYzZmVlZTE2ZGI5ZjZjYTFlMTQxZTcwZDY2MGVhMDBhYWRmMjNkZGRjMDUwNDk3Nnxscz0zfG90dj1hfDAzYmY4MmRhYWZmMTkxMDVhNzcxMTNiY2EwODhiMGEy&sub1=pu_remnant&sub2=17612737
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 18:50:55 GMT
content-type: image/png
content-length: 9328
last-modified: Mon, 07 Sep 2020 15:55:03 GMT
etag: "5f5657d7-2470"
cache-control: max-age=14400
cf-cache-status: HIT
age: 2399
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f03q8xQv84K2KXhFLcVtd0ImYaGBVMjSzpn5x%2BaIxHjUBQO5XkjEGujFgvwwO6JGWFQNznOcMfLdQoSZmD6Wb2Og9je5o5ZsqB0cv%2FMmVOwaAeNgnGBJSFO0AQzklWhG%2Bw3OUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 773e7da3cac91c0e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f88b63a3e4fad5392a2e6486f231f482
7d76b6ecdb68f5ae45617358b256bfd7c5aecc6d
46cb5e33d3726a4a4fa533a98b90588318a61548dbeb18633c86abe6a59157ce
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "46CB5E33D3726A4A4FA533A98B90588318A61548DBEB18633C86ABE6A59157CE"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6197
Expires: Sat, 03 Dec 2022 20:34:13 GMT
Date: Sat, 03 Dec 2022 18:50:56 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ce6584d7cce4780b6f629d76a15c42fc
ec92eccf2955cfdc0046d9ec149313251109fea4
85d83403d3ea99fe317c5d6f01254c18fa1590ac801b66a0bee364838255299f
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "85D83403D3EA99FE317C5D6F01254C18FA1590AC801B66A0BEE364838255299F"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2640
Expires: Sat, 03 Dec 2022 19:34:56 GMT
Date: Sat, 03 Dec 2022 18:50:56 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ce6584d7cce4780b6f629d76a15c42fc
ec92eccf2955cfdc0046d9ec149313251109fea4
85d83403d3ea99fe317c5d6f01254c18fa1590ac801b66a0bee364838255299f
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "85D83403D3EA99FE317C5D6F01254C18FA1590AC801B66A0BEE364838255299F"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2640
Expires: Sat, 03 Dec 2022 19:34:56 GMT
Date: Sat, 03 Dec 2022 18:50:56 GMT
Connection: keep-alive
syndication.exoclick.com/tag.php?goal=d463e4eafcfd7a2c779b390efdb813cf
95.211.229.247200 OK 20 B URL HTTP/1.1 syndication.exoclick.com/tag.php?goal=d463e4eafcfd7a2c779b390efdb813cf
IP 95.211.229.247:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /tag.php?goal=d463e4eafcfd7a2c779b390efdb813cf HTTP/1.1
Host: syndication.exoclick.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://supanimegames.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 03 Dec 2022 18:50:56 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: goals=a%3A1%3A%7Bi%3A52911%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222022-12-03%22%3B%7D%7D; expires=Sun, 03 Dec 2023 18:50:56 GMT; path=/; domain=.exoclick.com; Secure; SameSite=none
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
ocsp.globalsign.com/gseccovsslca2018
104.18.21.226200 OK 938 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.21.226:0
Hash 92ad9ed35690e76c991bca46b8a7f195
4c8dfb65e8cda58d494949af50c59c523d59b98a
e9dbe907f0a6f857227f9fca887a7636772fdbd8e56f2b03a906ef0ecad814da
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 18:50:56 GMT
Content-Type: application/ocsp-response
Content-Length: 938
Connection: keep-alive
Expires: Wed, 07 Dec 2022 15:23:58 GMT
ETag: "4c8dfb65e8cda58d494949af50c59c523d59b98a"
Last-Modified: Sat, 03 Dec 2022 15:23:59 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1952
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 773e7da6fb3db51d-OSL
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash 3ac233072203aa898099a9f19d5c89f1
49e15a39534a9dadb3a87e90295a1f568e6665d3
025c971b8163c8429372f5be9fed72e934b3c68d6050412f425c08acac55747f
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=154244
Date: Sat, 03 Dec 2022 18:50:56 GMT
Etag: "638b4f9a-1d7"
Expires: Mon, 05 Dec 2022 13:41:40 GMT
Last-Modified: Sat, 03 Dec 2022 13:31:06 GMT
Server: ECS (nyb/1D31)
X-Cache: Miss from cloudfront
Via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 7xBOcpmiaydjoQC6TfSMmM5D87HbXXejOj3i3wBb30M0xWoV8PvEng==
Age: 635
mc.yandex.ru/metrika/tag.js
77.88.21.119200 OK 73 kB URL HTTP/2 mc.yandex.ru/metrika/tag.js
IP 77.88.21.119:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (586)
Hash a4567a1e52f99c2b3870f58375ec8cac
dbfc795e71fc19f7e45e8637abc4ac770f639a48
2b13b5716855040bd9a08972b0e61369e50c6daa402ed937e18f6795f82429c8
GET /metrika/tag.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://supanimegames.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 73266
date: Sat, 03 Dec 2022 18:50:56 GMT
access-control-allow-origin: *
etag: "6388ac0c-11e32"
expires: Sat, 03 Dec 2022 19:50:56 GMT
last-modified: Thu, 01 Dec 2022 16:28:44 GMT
cache-control: max-age=3600
content-encoding: br
content-type: application/javascript
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
simplewebanalysis.com/px.gif?akey=42c6f09dc9e74035608496705631ef5d
18.185.190.54307 Temporary Redirect 0 B URL HTTP/2 simplewebanalysis.com/px.gif?akey=42c6f09dc9e74035608496705631ef5d
IP 18.185.190.54:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /px.gif?akey=42c6f09dc9e74035608496705631ef5d HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://supanimegames.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 307 Temporary Redirect
date: Sat, 03 Dec 2022 18:50:56 GMT
content-type: image/gif
content-length: 0
location: https://professionalswebcheck.com/dbs?uuid=0cb74a15-5c03-4a5a-96bd-15635a3ebd8c&j=eyJhbGciOiJIUzI1NiJ9.eyJhY2FuIjoyLCJhY3VzIjoxLCJhY2kiOnsgIjM3IjoxNjcwMDkzNDU2fSwiYWNjbCI6eyAiMjAsMSI6MTY3MDA5MzQ1Nn19.ENm7ZwpXh-yqKLmPkMqOcDaMLSVWeHNRhrxsLC3kR7k
server: nginx/1.17.6
set-cookie: uid_id2=0cb74a15-5c03-4a5a-96bd-15635a3ebd8c:2:1; expires=Tue, 30 Nov 2032 18:50:56 GMT; secure; SameSite=None
ak=37,1670093456; expires=Fri, 03 Mar 2023 18:50:56 GMT; secure; SameSite=None
acl=20,1,1670093456; expires=Fri, 03 Mar 2023 18:50:56 GMT; secure; SameSite=None
expires: Sat, 03 Dec 2022 18:50:56 GMT
cache-control: max-age=0, : no-cache
X-Firefox-Spdy: h2
mc.yandex.ru/metrika/advert.gif
77.88.21.119200 OK 43 B URL HTTP/2 mc.yandex.ru/metrika/advert.gif
IP 77.88.21.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /metrika/advert.gif HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://supanimegames.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Sat, 03 Dec 2022 18:50:56 GMT
access-control-allow-origin: *
etag: "6388ac0c-2b"
expires: Sat, 03 Dec 2022 19:50:56 GMT
accept-ranges: bytes
last-modified: Thu, 01 Dec 2022 16:28:44 GMT
cache-control: max-age=3600
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/57021556/1?wmode=7&page-url=https%3A%2F%2Fsupanimegames.com%2Fcommon%2Ftr%2Fce%2Fland_ce_300520_na_en%2F%3Fp1%3Dhttps%3A%2F%2Fclick.hooligapps.com%26pid%3D3%26offer_id%3D12%26ref_id%3DVjN8MTc2MTI3Mzd8MjI3MDcwN3w5MDc1MzQ1N3wxNjcwMDkzNDU1fDAwMDAwMDAwLTAwMDAtMDAwMC0wMDAwLTAwMDAwMDAwMDAwMHw5MS45MC40Mi4xNTR8MXxwc3ViPXd5NTUzMi5jb218c2g9NTkxY2JkNDEyOGYzZmUwOGFiNTdmN2JjNWM0NzM3MzJjMDM5YThkNWRiOGFlNDIxOGJkNGQ5NjBkMTgwNDM5MzFkNTAxM2VhMTM4NjJmNGFlZjdhMjIzNTY1NGJmNzdjNDBkNTBlMmRlZjM1NGU0ZjVkMzRjYzVjMDE2YzVkOTA4YTRlYTljMjRjYWM2MzYzZmVlZTE2ZGI5ZjZjYTFlMTQxZTcwZDY2MGVhMDBhYWRmMjNkZGRjMDUwNDk3Nnxscz0zfG90dj1hfDAzYmY4MmRhYWZmMTkxMDVhNzcxMTNiY2EwODhiMGEy%26sub1%3Dpu_remnant%26sub2%3D17612737&page-ref=https%3A%2F%2Fgracelessbrief.com%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afp%3A817%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A1045974896336%3Ahid%3A658197103%3Az%3A0%3Ai%3A20221203185054%3Aet%3A1670093455%3Ac%3A1%3Arn%3A338273866%3Arqn%3A1%3Au%3A1670093455596684774%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A5%2C26%2C138%2C0%2C220%2C0%2C%2C421%2C2%2C%2C%2C%2C813%3Aco%3A0%3Ans%3A1670093453383%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670093455%3At%3AEmpire&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
77.88.21.119200 OK 400 B URL HTTP/2 mc.yandex.ru/watch/57021556/1?wmode=7&page-url=https%3A%2F%2Fsupanimegames.com%2Fcommon%2Ftr%2Fce%2Fland_ce_300520_na_en%2F%3Fp1%3Dhttps%3A%2F%2Fclick.hooligapps.com%26pid%3D3%26offer_id%3D12%26ref_id%3DVjN8MTc2MTI3Mzd8MjI3MDcwN3w5MDc1MzQ1N3wxNjcwMDkzNDU1fDAwMDAwMDAwLTAwMDAtMDAwMC0wMDAwLTAwMDAwMDAwMDAwMHw5MS45MC40Mi4xNTR8MXxwc3ViPXd5NTUzMi5jb218c2g9NTkxY2JkNDEyOGYzZmUwOGFiNTdmN2JjNWM0NzM3MzJjMDM5YThkNWRiOGFlNDIxOGJkNGQ5NjBkMTgwNDM5MzFkNTAxM2VhMTM4NjJmNGFlZjdhMjIzNTY1NGJmNzdjNDBkNTBlMmRlZjM1NGU0ZjVkMzRjYzVjMDE2YzVkOTA4YTRlYTljMjRjYWM2MzYzZmVlZTE2ZGI5ZjZjYTFlMTQxZTcwZDY2MGVhMDBhYWRmMjNkZGRjMDUwNDk3Nnxscz0zfG90dj1hfDAzYmY4MmRhYWZmMTkxMDVhNzcxMTNiY2EwODhiMGEy%26sub1%3Dpu_remnant%26sub2%3D17612737&page-ref=https%3A%2F%2Fgracelessbrief.com%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afp%3A817%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A1045974896336%3Ahid%3A658197103%3Az%3A0%3Ai%3A20221203185054%3Aet%3A1670093455%3Ac%3A1%3Arn%3A338273866%3Arqn%3A1%3Au%3A1670093455596684774%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A5%2C26%2C138%2C0%2C220%2C0%2C%2C421%2C2%2C%2C%2C%2C813%3Aco%3A0%3Ans%3A1670093453383%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670093455%3At%3AEmpire&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
IP 77.88.21.119:0
File type JSON data\012- , ASCII text, with very long lines (400), with no line terminators
Hash 75b1194c21a9111f2af557d8a0a61a64
4dbcf2d6a72fb3c359e0243ad524260b4d4edceb
fdef35a326850d6c582e542b872a88ecb2a2f43b8126285345ca85348dc0bb5f
GET /watch/57021556/1?wmode=7&page-url=https%3A%2F%2Fsupanimegames.com%2Fcommon%2Ftr%2Fce%2Fland_ce_300520_na_en%2F%3Fp1%3Dhttps%3A%2F%2Fclick.hooligapps.com%26pid%3D3%26offer_id%3D12%26ref_id%3DVjN8MTc2MTI3Mzd8MjI3MDcwN3w5MDc1MzQ1N3wxNjcwMDkzNDU1fDAwMDAwMDAwLTAwMDAtMDAwMC0wMDAwLTAwMDAwMDAwMDAwMHw5MS45MC40Mi4xNTR8MXxwc3ViPXd5NTUzMi5jb218c2g9NTkxY2JkNDEyOGYzZmUwOGFiNTdmN2JjNWM0NzM3MzJjMDM5YThkNWRiOGFlNDIxOGJkNGQ5NjBkMTgwNDM5MzFkNTAxM2VhMTM4NjJmNGFlZjdhMjIzNTY1NGJmNzdjNDBkNTBlMmRlZjM1NGU0ZjVkMzRjYzVjMDE2YzVkOTA4YTRlYTljMjRjYWM2MzYzZmVlZTE2ZGI5ZjZjYTFlMTQxZTcwZDY2MGVhMDBhYWRmMjNkZGRjMDUwNDk3Nnxscz0zfG90dj1hfDAzYmY4MmRhYWZmMTkxMDVhNzcxMTNiY2EwODhiMGEy%26sub1%3Dpu_remnant%26sub2%3D17612737&page-ref=https%3A%2F%2Fgracelessbrief.com%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afp%3A817%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A1045974896336%3Ahid%3A658197103%3Az%3A0%3Ai%3A20221203185054%3Aet%3A1670093455%3Ac%3A1%3Arn%3A338273866%3Arqn%3A1%3Au%3A1670093455596684774%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A5%2C26%2C138%2C0%2C220%2C0%2C%2C421%2C2%2C%2C%2C%2C813%3Aco%3A0%3Ans%3A1670093453383%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670093455%3At%3AEmpire&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29 HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://supanimegames.com
Referer: https://supanimegames.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 400
date: Sat, 03 Dec 2022 18:50:56 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://supanimegames.com
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sat, 03-Dec-2022 18:50:56 GMT
last-modified: Sat, 03-Dec-2022 18:50:56 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: application/json; charset=utf-8
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
professionalswebcheck.com/dbs?uuid=0cb74a15-5c03-4a5a-96bd-15635a3ebd8c&j=eyJhbGciOiJIUzI1NiJ9.eyJhY2FuIjoyLCJhY3VzIjoxLCJhY2kiOnsgIjM3IjoxNjcwMDkzNDU2fSwiYWNjbCI6eyAiMjAsMSI6MTY3MDA5MzQ1Nn19.ENm7ZwpXh-yqKLmPkMqOcDaMLSVWeHNRhrxsLC3kR7k
18.185.190.54200 OK 7 B URL HTTP/2 professionalswebcheck.com/dbs?uuid=0cb74a15-5c03-4a5a-96bd-15635a3ebd8c&j=eyJhbGciOiJIUzI1NiJ9.eyJhY2FuIjoyLCJhY3VzIjoxLCJhY2kiOnsgIjM3IjoxNjcwMDkzNDU2fSwiYWNjbCI6eyAiMjAsMSI6MTY3MDA5MzQ1Nn19.ENm7ZwpXh-yqKLmPkMqOcDaMLSVWeHNRhrxsLC3kR7k
IP 18.185.190.54:0
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
GET /dbs?uuid=0cb74a15-5c03-4a5a-96bd-15635a3ebd8c&j=eyJhbGciOiJIUzI1NiJ9.eyJhY2FuIjoyLCJhY3VzIjoxLCJhY2kiOnsgIjM3IjoxNjcwMDkzNDU2fSwiYWNjbCI6eyAiMjAsMSI6MTY3MDA5MzQ1Nn19.ENm7ZwpXh-yqKLmPkMqOcDaMLSVWeHNRhrxsLC3kR7k HTTP/1.1
Host: professionalswebcheck.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://supanimegames.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 18:50:57 GMT
content-type: image/gif
content-length: 7
server: nginx/1.17.6
set-cookie: uid_id2=0cb74a15-5c03-4a5a-96bd-15635a3ebd8c:2:1; expires=Tue, 30 Nov 2032 18:50:56 GMT; secure; SameSite=None
ak=37,1670093456; expires=Fri, 03 Mar 2023 18:50:56 GMT; secure; SameSite=None
acl=20,1,1670093456; expires=Fri, 03 Mar 2023 18:50:56 GMT; secure; SameSite=None
expires: Sat, 03 Dec 2022 18:50:57 GMT
cache-control: max-age=0, : no-cache
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F528dcb40-0960-4efd-98b7-a07004a61b22.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F528dcb40-0960-4efd-98b7-a07004a61b22.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3abdcce275bb9723b4ac1d0c38cc8891
91f0d888c38db0899f106b652e3dcac062648099
ff411fc0d5abaf519d6600961ec51ad71ad9a02e23cc02ad818e27f0324b3d1e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F528dcb40-0960-4efd-98b7-a07004a61b22.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 7657
x-amzn-requestid: c0dbd862-41cf-4fa8-ab6b-256763c63fbf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ciZN1Fo6IAMF9EQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638a6f25-554ffbc83fd70c557437120f;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 21:33:25 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: V_7_ohQr9ENIjOvdvy65ZpJqg2OI9gzRdiuxCTJzl4qwXe2Nmu_tAQ==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 21:49:27 GMT
etag: "91f0d888c38db0899f106b652e3dcac062648099"
content-type: image/jpeg
age: 75695
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
supanimegames.com/awpx_click.js?v=005
172.67.180.5200 OK 0 B URL HTTP/2 supanimegames.com/awpx_click.js?v=005
IP 172.67.180.5:0
GET /awpx_click.js?v=005 HTTP/1.1
Host: supanimegames.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://supanimegames.com/common/tr/ce/land_ce_300520_na_en/?p1=https://click.hooligapps.com&pid=3&offer_id=12&ref_id=VjN8MTc2MTI3Mzd8MjI3MDcwN3w5MDc1MzQ1N3wxNjcwMDkzNDU1fDAwMDAwMDAwLTAwMDAtMDAwMC0wMDAwLTAwMDAwMDAwMDAwMHw5MS45MC40Mi4xNTR8MXxwc3ViPXd5NTUzMi5jb218c2g9NTkxY2JkNDEyOGYzZmUwOGFiNTdmN2JjNWM0NzM3MzJjMDM5YThkNWRiOGFlNDIxOGJkNGQ5NjBkMTgwNDM5MzFkNTAxM2VhMTM4NjJmNGFlZjdhMjIzNTY1NGJmNzdjNDBkNTBlMmRlZjM1NGU0ZjVkMzRjYzVjMDE2YzVkOTA4YTRlYTljMjRjYWM2MzYzZmVlZTE2ZGI5ZjZjYTFlMTQxZTcwZDY2MGVhMDBhYWRmMjNkZGRjMDUwNDk3Nnxscz0zfG90dj1hfDAzYmY4MmRhYWZmMTkxMDVhNzcxMTNiY2EwODhiMGEy&sub1=pu_remnant&sub2=17612737
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 18:50:55 GMT
content-type: application/javascript
last-modified: Mon, 22 Aug 2022 12:36:02 GMT
etag: W/"63037832-5cb"
cache-control: max-age=14400
cf-cache-status: HIT
age: 3149
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nVajb7mUxnH4pMOHwHMcXYxGJH1WFFKACzrS1HPan%2B%2BY9LPcsagbEOTDyx14NNQEiWIZuZ%2BjJg%2FBwmr0jh2oqF1b%2F7G4%2F9LpsFHwHgjfe%2FHjkaS8FnG15UvHaDRLUtC9dhRdzg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 773e7da3baa51c0e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ln.gamesrevenue.com/px1.js
5.161.79.44200 OK 0 B URL HTTP/2 ln.gamesrevenue.com/px1.js
IP 5.161.79.44:0
ASN #213230 Hetzner Online GmbH
GET /px1.js HTTP/1.1
Host: ln.gamesrevenue.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://supanimegames.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 18:50:56 GMT
content-type: application/javascript
last-modified: Thu, 01 Dec 2022 11:50:26 GMT
etag: W/"63889502-3c9d"
content-encoding: gzip
X-Firefox-Spdy: h2
twistconcept.com/index.min.js?pk=42c6f09dc9e74035608496705631ef5d
172.67.215.17200 OK 0 B URL HTTP/2 twistconcept.com/index.min.js?pk=42c6f09dc9e74035608496705631ef5d
IP 172.67.215.17:0
GET /index.min.js?pk=42c6f09dc9e74035608496705631ef5d HTTP/1.1
Host: twistconcept.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://supanimegames.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 18:50:56 GMT
content-type: application/javascript
last-modified: Thu, 07 Apr 2022 08:49:08 GMT
etag: W/"624ea584-28c"
cache-control: max-age=14400
cf-cache-status: HIT
age: 1443
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4ag1IbB0sJuOSeDrFsxi1KPrF1YvWwDpG92YRM3TvXP7YuaGfXIJh6EmKWIAs6sAqmOaXkVsBXOlODxjjPhKzAAjiiHbaEfqkKir84NHNDijnwPm%2B5aLwTy8tw1msViARsWn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 773e7da658ba0b69-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
mc.yandex.ru/watch/57021556?wmode=7&page-url=https%3A%2F%2Fsupanimegames.com%2Fcommon%2Ftr%2Fce%2Fland_ce_300520_na_en%2F%3Fp1%3Dhttps%3A%2F%2Fclick.hooligapps.com%26pid%3D3%26offer_id%3D12%26ref_id%3DVjN8MTc2MTI3Mzd8MjI3MDcwN3w5MDc1MzQ1N3wxNjcwMDkzNDU1fDAwMDAwMDAwLTAwMDAtMDAwMC0wMDAwLTAwMDAwMDAwMDAwMHw5MS45MC40Mi4xNTR8MXxwc3ViPXd5NTUzMi5jb218c2g9NTkxY2JkNDEyOGYzZmUwOGFiNTdmN2JjNWM0NzM3MzJjMDM5YThkNWRiOGFlNDIxOGJkNGQ5NjBkMTgwNDM5MzFkNTAxM2VhMTM4NjJmNGFlZjdhMjIzNTY1NGJmNzdjNDBkNTBlMmRlZjM1NGU0ZjVkMzRjYzVjMDE2YzVkOTA4YTRlYTljMjRjYWM2MzYzZmVlZTE2ZGI5ZjZjYTFlMTQxZTcwZDY2MGVhMDBhYWRmMjNkZGRjMDUwNDk3Nnxscz0zfG90dj1hfDAzYmY4MmRhYWZmMTkxMDVhNzcxMTNiY2EwODhiMGEy%26sub1%3Dpu_remnant%26sub2%3D17612737&page-ref=https%3A%2F%2Fgracelessbrief.com%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afp%3A817%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A1045974896336%3Ahid%3A658197103%3Az%3A0%3Ai%3A20221203185054%3Aet%3A1670093455%3Ac%3A1%3Arn%3A338273866%3Arqn%3A1%3Au%3A1670093455596684774%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A5%2C26%2C138%2C0%2C220%2C0%2C%2C421%2C2%2C%2C%2C%2C813%3Aco%3A0%3Ans%3A1670093453383%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670093455%3At%3AEmpire&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)
77.88.21.119302 Found 0 B URL HTTP/2 mc.yandex.ru/watch/57021556?wmode=7&page-url=https%3A%2F%2Fsupanimegames.com%2Fcommon%2Ftr%2Fce%2Fland_ce_300520_na_en%2F%3Fp1%3Dhttps%3A%2F%2Fclick.hooligapps.com%26pid%3D3%26offer_id%3D12%26ref_id%3DVjN8MTc2MTI3Mzd8MjI3MDcwN3w5MDc1MzQ1N3wxNjcwMDkzNDU1fDAwMDAwMDAwLTAwMDAtMDAwMC0wMDAwLTAwMDAwMDAwMDAwMHw5MS45MC40Mi4xNTR8MXxwc3ViPXd5NTUzMi5jb218c2g9NTkxY2JkNDEyOGYzZmUwOGFiNTdmN2JjNWM0NzM3MzJjMDM5YThkNWRiOGFlNDIxOGJkNGQ5NjBkMTgwNDM5MzFkNTAxM2VhMTM4NjJmNGFlZjdhMjIzNTY1NGJmNzdjNDBkNTBlMmRlZjM1NGU0ZjVkMzRjYzVjMDE2YzVkOTA4YTRlYTljMjRjYWM2MzYzZmVlZTE2ZGI5ZjZjYTFlMTQxZTcwZDY2MGVhMDBhYWRmMjNkZGRjMDUwNDk3Nnxscz0zfG90dj1hfDAzYmY4MmRhYWZmMTkxMDVhNzcxMTNiY2EwODhiMGEy%26sub1%3Dpu_remnant%26sub2%3D17612737&page-ref=https%3A%2F%2Fgracelessbrief.com%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afp%3A817%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A1045974896336%3Ahid%3A658197103%3Az%3A0%3Ai%3A20221203185054%3Aet%3A1670093455%3Ac%3A1%3Arn%3A338273866%3Arqn%3A1%3Au%3A1670093455596684774%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A5%2C26%2C138%2C0%2C220%2C0%2C%2C421%2C2%2C%2C%2C%2C813%3Aco%3A0%3Ans%3A1670093453383%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670093455%3At%3AEmpire&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)
IP 77.88.21.119:0
GET /watch/57021556?wmode=7&page-url=https%3A%2F%2Fsupanimegames.com%2Fcommon%2Ftr%2Fce%2Fland_ce_300520_na_en%2F%3Fp1%3Dhttps%3A%2F%2Fclick.hooligapps.com%26pid%3D3%26offer_id%3D12%26ref_id%3DVjN8MTc2MTI3Mzd8MjI3MDcwN3w5MDc1MzQ1N3wxNjcwMDkzNDU1fDAwMDAwMDAwLTAwMDAtMDAwMC0wMDAwLTAwMDAwMDAwMDAwMHw5MS45MC40Mi4xNTR8MXxwc3ViPXd5NTUzMi5jb218c2g9NTkxY2JkNDEyOGYzZmUwOGFiNTdmN2JjNWM0NzM3MzJjMDM5YThkNWRiOGFlNDIxOGJkNGQ5NjBkMTgwNDM5MzFkNTAxM2VhMTM4NjJmNGFlZjdhMjIzNTY1NGJmNzdjNDBkNTBlMmRlZjM1NGU0ZjVkMzRjYzVjMDE2YzVkOTA4YTRlYTljMjRjYWM2MzYzZmVlZTE2ZGI5ZjZjYTFlMTQxZTcwZDY2MGVhMDBhYWRmMjNkZGRjMDUwNDk3Nnxscz0zfG90dj1hfDAzYmY4MmRhYWZmMTkxMDVhNzcxMTNiY2EwODhiMGEy%26sub1%3Dpu_remnant%26sub2%3D17612737&page-ref=https%3A%2F%2Fgracelessbrief.com%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afp%3A817%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A1045974896336%3Ahid%3A658197103%3Az%3A0%3Ai%3A20221203185054%3Aet%3A1670093455%3Ac%3A1%3Arn%3A338273866%3Arqn%3A1%3Au%3A1670093455596684774%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A5%2C26%2C138%2C0%2C220%2C0%2C%2C421%2C2%2C%2C%2C%2C813%3Aco%3A0%3Ans%3A1670093453383%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670093455%3At%3AEmpire&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://supanimegames.com
Connection: keep-alive
Referer: https://supanimegames.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /watch/57021556/1?wmode=7&page-url=https%3A%2F%2Fsupanimegames.com%2Fcommon%2Ftr%2Fce%2Fland_ce_300520_na_en%2F%3Fp1%3Dhttps%3A%2F%2Fclick.hooligapps.com%26pid%3D3%26offer_id%3D12%26ref_id%3DVjN8MTc2MTI3Mzd8MjI3MDcwN3w5MDc1MzQ1N3wxNjcwMDkzNDU1fDAwMDAwMDAwLTAwMDAtMDAwMC0wMDAwLTAwMDAwMDAwMDAwMHw5MS45MC40Mi4xNTR8MXxwc3ViPXd5NTUzMi5jb218c2g9NTkxY2JkNDEyOGYzZmUwOGFiNTdmN2JjNWM0NzM3MzJjMDM5YThkNWRiOGFlNDIxOGJkNGQ5NjBkMTgwNDM5MzFkNTAxM2VhMTM4NjJmNGFlZjdhMjIzNTY1NGJmNzdjNDBkNTBlMmRlZjM1NGU0ZjVkMzRjYzVjMDE2YzVkOTA4YTRlYTljMjRjYWM2MzYzZmVlZTE2ZGI5ZjZjYTFlMTQxZTcwZDY2MGVhMDBhYWRmMjNkZGRjMDUwNDk3Nnxscz0zfG90dj1hfDAzYmY4MmRhYWZmMTkxMDVhNzcxMTNiY2EwODhiMGEy%26sub1%3Dpu_remnant%26sub2%3D17612737&page-ref=https%3A%2F%2Fgracelessbrief.com%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afp%3A817%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A1045974896336%3Ahid%3A658197103%3Az%3A0%3Ai%3A20221203185054%3Aet%3A1670093455%3Ac%3A1%3Arn%3A338273866%3Arqn%3A1%3Au%3A1670093455596684774%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A5%2C26%2C138%2C0%2C220%2C0%2C%2C421%2C2%2C%2C%2C%2C813%3Aco%3A0%3Ans%3A1670093453383%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670093455%3At%3AEmpire&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
date: Sat, 03 Dec 2022 18:50:56 GMT
access-control-allow-origin: https://supanimegames.com
set-cookie: yabs-sid=880998091670093456; Path=/; SameSite=None; Secure
i=RMgAhiIYMG+sv4PwSng5ZRmD9dGsmgAVoRWZOSgfvlmRBrJsL6EyyB7FBaem0ms7nc+BU6k8aToJg97rXyYczkSkTDo=; Expires=Tue, 30-Nov-2032 18:50:55 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
yandexuid=4534652311670093456; Expires=Sun, 03-Dec-2023 18:50:56 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=4534652311670093456; Expires=Sun, 03-Dec-2023 18:50:56 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
ymex=1701629456.yc.1670093456#1701629456.yrts.1670093456#1701629456.yrtsi.1670093456; Expires=Sun, 03-Dec-2023 18:50:56 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sat, 03-Dec-2022 18:50:56 GMT
last-modified: Sat, 03-Dec-2022 18:50:56 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
supanimegames.com/common/tr/ce/land_ce_300520_na_en/?p1=https://click.hooligapps.com&pid=3&offer_id=12&ref_id=VjN8MTc2MTI3Mzd8MjI3MDcwN3w5MDc1MzQ1N3wxNjcwMDkzNDU1fDAwMDAwMDAwLTAwMDAtMDAwMC0wMDAwLTAwMDAwMDAwMDAwMHw5MS45MC40Mi4xNTR8MXxwc3ViPXd5NTUzMi5jb218c2g9NTkxY2JkNDEyOGYzZmUwOGFiNTdmN2JjNWM0NzM3MzJjMDM5YThkNWRiOGFlNDIxOGJkNGQ5NjBkMTgwNDM5MzFkNTAxM2VhMTM4NjJmNGFlZjdhMjIzNTY1NGJmNzdjNDBkNTBlMmRlZjM1NGU0ZjVkMzRjYzVjMDE2YzVkOTA4YTRlYTljMjRjYWM2MzYzZmVlZTE2ZGI5ZjZjYTFlMTQxZTcwZDY2MGVhMDBhYWRmMjNkZGRjMDUwNDk3Nnxscz0zfG90dj1hfDAzYmY4MmRhYWZmMTkxMDVhNzcxMTNiY2EwODhiMGEy&sub1=pu_remnant&sub2=17612737
172.67.180.5200 OK 0 B URL HTTP/2 supanimegames.com/common/tr/ce/land_ce_300520_na_en/?p1=https://click.hooligapps.com&pid=3&offer_id=12&ref_id=VjN8MTc2MTI3Mzd8MjI3MDcwN3w5MDc1MzQ1N3wxNjcwMDkzNDU1fDAwMDAwMDAwLTAwMDAtMDAwMC0wMDAwLTAwMDAwMDAwMDAwMHw5MS45MC40Mi4xNTR8MXxwc3ViPXd5NTUzMi5jb218c2g9NTkxY2JkNDEyOGYzZmUwOGFiNTdmN2JjNWM0NzM3MzJjMDM5YThkNWRiOGFlNDIxOGJkNGQ5NjBkMTgwNDM5MzFkNTAxM2VhMTM4NjJmNGFlZjdhMjIzNTY1NGJmNzdjNDBkNTBlMmRlZjM1NGU0ZjVkMzRjYzVjMDE2YzVkOTA4YTRlYTljMjRjYWM2MzYzZmVlZTE2ZGI5ZjZjYTFlMTQxZTcwZDY2MGVhMDBhYWRmMjNkZGRjMDUwNDk3Nnxscz0zfG90dj1hfDAzYmY4MmRhYWZmMTkxMDVhNzcxMTNiY2EwODhiMGEy&sub1=pu_remnant&sub2=17612737
IP 172.67.180.5:0
GET /common/tr/ce/land_ce_300520_na_en/?p1=https://click.hooligapps.com&pid=3&offer_id=12&ref_id=VjN8MTc2MTI3Mzd8MjI3MDcwN3w5MDc1MzQ1N3wxNjcwMDkzNDU1fDAwMDAwMDAwLTAwMDAtMDAwMC0wMDAwLTAwMDAwMDAwMDAwMHw5MS45MC40Mi4xNTR8MXxwc3ViPXd5NTUzMi5jb218c2g9NTkxY2JkNDEyOGYzZmUwOGFiNTdmN2JjNWM0NzM3MzJjMDM5YThkNWRiOGFlNDIxOGJkNGQ5NjBkMTgwNDM5MzFkNTAxM2VhMTM4NjJmNGFlZjdhMjIzNTY1NGJmNzdjNDBkNTBlMmRlZjM1NGU0ZjVkMzRjYzVjMDE2YzVkOTA4YTRlYTljMjRjYWM2MzYzZmVlZTE2ZGI5ZjZjYTFlMTQxZTcwZDY2MGVhMDBhYWRmMjNkZGRjMDUwNDk3Nnxscz0zfG90dj1hfDAzYmY4MmRhYWZmMTkxMDVhNzcxMTNiY2EwODhiMGEy&sub1=pu_remnant&sub2=17612737 HTTP/1.1
Host: supanimegames.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gracelessbrief.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 18:50:55 GMT
content-type: text/html; charset=UTF-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mMbLSnFyyQLVTJVbhENNauuPXj4NZ%2Bu3z148BS4eF3Yfhpcn0YZ%2BVind0xTrJGCNiRUu9%2FOpiGdasG9UbDXSPKUMl2%2BAbR%2FogWQSOgW3pQzb4B4D6q%2FkSxzoVZGJY0xExvwv7g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 773e7da2783e1c0e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
supanimegames.com/common/tr/ce/land_ce_300520_na_en/libs/jq.js
172.67.180.5200 OK 0 B URL HTTP/2 supanimegames.com/common/tr/ce/land_ce_300520_na_en/libs/jq.js
IP 172.67.180.5:0
GET /common/tr/ce/land_ce_300520_na_en/libs/jq.js HTTP/1.1
Host: supanimegames.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://supanimegames.com/common/tr/ce/land_ce_300520_na_en/?p1=https://click.hooligapps.com&pid=3&offer_id=12&ref_id=VjN8MTc2MTI3Mzd8MjI3MDcwN3w5MDc1MzQ1N3wxNjcwMDkzNDU1fDAwMDAwMDAwLTAwMDAtMDAwMC0wMDAwLTAwMDAwMDAwMDAwMHw5MS45MC40Mi4xNTR8MXxwc3ViPXd5NTUzMi5jb218c2g9NTkxY2JkNDEyOGYzZmUwOGFiNTdmN2JjNWM0NzM3MzJjMDM5YThkNWRiOGFlNDIxOGJkNGQ5NjBkMTgwNDM5MzFkNTAxM2VhMTM4NjJmNGFlZjdhMjIzNTY1NGJmNzdjNDBkNTBlMmRlZjM1NGU0ZjVkMzRjYzVjMDE2YzVkOTA4YTRlYTljMjRjYWM2MzYzZmVlZTE2ZGI5ZjZjYTFlMTQxZTcwZDY2MGVhMDBhYWRmMjNkZGRjMDUwNDk3Nnxscz0zfG90dj1hfDAzYmY4MmRhYWZmMTkxMDVhNzcxMTNiY2EwODhiMGEy&sub1=pu_remnant&sub2=17612737
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 18:50:55 GMT
content-type: application/javascript
last-modified: Thu, 15 Jul 2021 12:31:47 GMT
etag: W/"60f02ab3-15851"
cache-control: max-age=14400
cf-cache-status: HIT
age: 633
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5ILXlrXhobeIvSpWpVFRhmr%2B6hlt0ElP%2F5LwNRNQKlqASYX2ZtbL3DUmn1Qd%2FNNk6MTkz6om7hWzbcSkYRzBrWqrdKw3L4TO70KSqgAxQUr9%2BiDvOTwZUmt08YDqx7o5cCW6%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 773e7da3baa01c0e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2