appkamods.com/wp-content/uploads/2023/03/Click-to-go-to-next-page.jpg
172.67.184.230200 OK 21 kB URL GET HTTP/2 appkamods.com/wp-content/uploads/2023/03/Click-to-go-to-next-page.jpg
IP 172.67.184.230:443
Requested by https://mixrootmods.com/?go=88ec7bbe4a25dae9a7645d5cd64e9wApbsCadfEeFlgiHnikaU0xWVRseDdqWXphTCtNQ1F6L2ZDRCtOVzBML1I1cGdHU3FWTERkOS9oaz0=
Certificate IssuerLet's Encrypt
Subjectappkamods.com
FingerprintCF:C6:98:32:39:17:61:24:D4:94:F9:65:F0:3B:B7:5F:13:18:B1:31
ValidityFri, 05 May 2023 09:33:58 GMT - Thu, 03 Aug 2023 09:33:57 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 601x209, components 3\012- data
Hash 921b528b9ef9eb07b97a164de3c023bb
8b22fc50f0b9c4b18bf3a15db58f388ef0309f87
3121a25a411e9883cacbe2094f0094cc6ba9b909927741c6d01350bd950ff044
GET /wp-content/uploads/2023/03/Click-to-go-to-next-page.jpg HTTP/1.1
Host: appkamods.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mixrootmods.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 20 May 2023 10:51:17 GMT
content-type: image/jpeg
content-length: 21164
cache-control: public, max-age=31536000
expires: Sat, 20 May 2023 14:10:05 GMT
last-modified: Fri, 10 Mar 2023 15:32:08 GMT
vary: User-Agent,User-Agent, Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 268135
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m99K2K1b%2BNHIjqKi05An%2FmBBkI%2B7XhMkazV7Cz05cKV22qY0EZ9kIia9zSKbP6UklBSdW7vEGy0W%2Fz3J1O0bSWpeH5rXTbCZr8w7tyqdISwhrv55LZ3VJXJ%2Ban6VIlNY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ca40607a957b505-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
technicalatg.com/wp-content/uploads/2022/08/c2b0165c490aa7aff8b35843961d9ab5.gif
188.114.96.1200 OK 8.9 kB URL GET HTTP/2 technicalatg.com/wp-content/uploads/2022/08/c2b0165c490aa7aff8b35843961d9ab5.gif
IP 188.114.96.1:443
Requested by https://mixrootmods.com/?go=88ec7bbe4a25dae9a7645d5cd64e9wApbsCadfEeFlgiHnikaU0xWVRseDdqWXphTCtNQ1F6L2ZDRCtOVzBML1I1cGdHU3FWTERkOS9oaz0=
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint14:16:B2:1A:D4:C5:6A:4D:D0:29:B5:7B:76:E0:BE:C1:32:AB:CB:16
ValidityThu, 02 Feb 2023 00:00:00 GMT - Thu, 01 Feb 2024 23:59:59 GMT
File type GIF image data, version 89a, 464 x 114\012- data
Hash 8a0080ca4126ce4658e9e817dfde3613
839227ccb5252d46c9e50a99194633966b67b407
bb28a678e90b9d97bba59a3c3028c2b3a5bd1c61c8e8fbb32edc0d25d5102685
GET /wp-content/uploads/2022/08/c2b0165c490aa7aff8b35843961d9ab5.gif HTTP/1.1
Host: technicalatg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mixrootmods.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 20 May 2023 10:51:17 GMT
content-type: image/gif
content-length: 8944
cache-control: public, max-age=16070400
expires: Sat, 20 May 2023 06:28:33 GMT
last-modified: Wed, 14 Sep 2022 14:22:04 GMT
vary: User-Agent,User-Agent, Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 64854
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=onAM4PLhyJ5DJUC3G2aJ0%2F%2BDD0n8Cx70opuatqAFNmgaIIhxd1zPm9eVClqMDmJ04IvWvbtwLyQPEvhr%2FDYZnhRASs9Q5lOwMcncIv2yz4PCpkX92hFtfl1X%2FT7S5fjEJKd0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ca40607d8fa0b4d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
technicalatg.com/wp-content/uploads/2022/11/wait4-1.png
188.114.96.1200 OK 2.2 kB URL GET HTTP/2 technicalatg.com/wp-content/uploads/2022/11/wait4-1.png
IP 188.114.96.1:443
Requested by https://mixrootmods.com/?go=88ec7bbe4a25dae9a7645d5cd64e9wApbsCadfEeFlgiHnikaU0xWVRseDdqWXphTCtNQ1F6L2ZDRCtOVzBML1I1cGdHU3FWTERkOS9oaz0=
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint14:16:B2:1A:D4:C5:6A:4D:D0:29:B5:7B:76:E0:BE:C1:32:AB:CB:16
ValidityThu, 02 Feb 2023 00:00:00 GMT - Thu, 01 Feb 2024 23:59:59 GMT
File type PNG image data, 220 x 30, 8-bit/color RGB, non-interlaced\012- data
Hash cd04415ff2c2107d4a85dca7642ab4a4
e25af02258da821d7a01b97764e85642ccf97a51
806452f1b480eeeadffcc371cb695fc34d6accba5ebaab95fe8c7b50d8d6061b
GET /wp-content/uploads/2022/11/wait4-1.png HTTP/1.1
Host: technicalatg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 20 May 2023 10:51:17 GMT
content-type: image/png
content-length: 2178
cache-control: public, max-age=16070400
expires: Sat, 20 May 2023 06:28:33 GMT
last-modified: Thu, 24 Nov 2022 21:48:46 GMT
vary: User-Agent,User-Agent, Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 268135
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1yPCkRylSSaOejGo7IzMWiu0mf7zsK45svrBT32xhy%2BpCxC0cZmYkYqroyjZNImPkihJGQlPQgDRhkRlI4jOlXr6PCgf5c%2BZP7z6T73BZCYazM0IYFSDnxODBJ1nc5VH8WFK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ca40607d8fb0b4d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
maxcdn.bootstrapcdn.com/font-awesome/4.2.0/css/font-awesome.min.css
104.18.10.207200 OK 5.5 kB URL GET HTTP/2 maxcdn.bootstrapcdn.com/font-awesome/4.2.0/css/font-awesome.min.css
IP 104.18.10.207:443
Requested by https://mixrootmods.com/?go=88ec7bbe4a25dae9a7645d5cd64e9wApbsCadfEeFlgiHnikaU0xWVRseDdqWXphTCtNQ1F6L2ZDRCtOVzBML1I1cGdHU3FWTERkOS9oaz0=
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint5B:F7:8F:50:AD:E5:5B:5E:8C:4A:39:3D:0C:98:E8:8C:18:4B:3D:8A
ValidityFri, 30 Dec 2022 00:00:00 GMT - Sat, 30 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (21822)
Hash feda974a77ea5783b8be673f142b7c88
b71d1c7c315b67c614563382d1c2a868ac14d729
0fb1bbca73646e8e2b93c82e8d8b219647b13d4b440c48e338290b9a685b8de1
GET /font-awesome/4.2.0/css/font-awesome.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mixrootmods.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 20 May 2023 10:51:17 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: US
cdn-edgestorageid: 718, 718
last-modified: Mon, 25 Jan 2021 22:04:53 GMT
cdn-cachedat: 2021-04-13 02:36:00
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: 357c5298f2849c0ce9712c57ec240f4e
cdn-cache: HIT
cf-cache-status: HIT
age: 10476321
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7ca406076abdb518-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
maxcdn.bootstrapcdn.com/bootstrap/3.3.4/css/bootstrap.min.css
104.18.10.207200 OK 20 kB URL GET HTTP/2 maxcdn.bootstrapcdn.com/bootstrap/3.3.4/css/bootstrap.min.css
IP 104.18.10.207:443
Requested by https://mixrootmods.com/?go=88ec7bbe4a25dae9a7645d5cd64e9wApbsCadfEeFlgiHnikaU0xWVRseDdqWXphTCtNQ1F6L2ZDRCtOVzBML1I1cGdHU3FWTERkOS9oaz0=
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint5B:F7:8F:50:AD:E5:5B:5E:8C:4A:39:3D:0C:98:E8:8C:18:4B:3D:8A
ValidityFri, 30 Dec 2022 00:00:00 GMT - Sat, 30 Dec 2023 23:59:59 GMT
File type ASCII text, with very long lines (65371)
Hash eedf9ee80c2faa4e1b9ab9017cdfcb88
ed29315e0ffb3f14382431f2724235bf67f44eb3
f04b517ba5d6a0510485689a3e42dac000f51640fd71b986804cba178eae42a5
GET /bootstrap/3.3.4/css/bootstrap.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mixrootmods.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 20 May 2023 10:51:17 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: US
cdn-edgestorageid: 617, 617
last-modified: Mon, 25 Jan 2021 22:03:58 GMT
cdn-cachedat: 2021-06-08 14:01:04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: 33fc7f6c64f18e27ebb95ab9e21d92ab
cdn-cache: HIT
cf-cache-status: HIT
age: 30021397
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7ca406075a9db518-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash 572462dd4adbe106835908e03722b18a
bdaaf6113bb8fb7e7cecea35e3ea71f85c02ee9c
d45c2bcf7a56f321862b87e349c745f2982dde920c26449c5c4ac10d800702c4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 20 May 2023 10:51:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
mixrootmods.com/?go=88ec7bbe4a25dae9a7645d5cd64e9wApbsCadfEeFlgiHnikaU0xWVRseDdqWXphTCtNQ1F6L2ZDRCtOVzBML1I1cGdHU3FWTERkOS9oaz0=
188.114.96.1200 OK 93 kB URL User Request GET HTTP/2 mixrootmods.com/?go=88ec7bbe4a25dae9a7645d5cd64e9wApbsCadfEeFlgiHnikaU0xWVRseDdqWXphTCtNQ1F6L2ZDRCtOVzBML1I1cGdHU3FWTERkOS9oaz0=
IP 188.114.96.1:443
Certificate IssuerGoogle Trust Services LLC
Subject*.mixrootmods.com
FingerprintD0:6F:CA:2D:B6:E6:5B:C3:5C:BB:96:27:B7:ED:BD:CE:C8:6A:E5:C2
ValidityThu, 06 Apr 2023 05:18:48 GMT - Wed, 05 Jul 2023 05:18:47 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (3747), with CRLF, LF line terminators
Hash 719dbe131cbd37a3391e9eea75aedd87
2e3d3441c211ec7782f9c5638636361a97c559af
8cb2c37a2a1b6c4b2b2619dac1db5721c634b9de117ad60e4b4b7d77a62acce4
GET /?go=88ec7bbe4a25dae9a7645d5cd64e9wApbsCadfEeFlgiHnikaU0xWVRseDdqWXphTCtNQ1F6L2ZDRCtOVzBML1I1cGdHU3FWTERkOS9oaz0= HTTP/1.1
Host: mixrootmods.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 20 May 2023 10:51:16 GMT
content-type: text/html; charset=UTF-8
x-ua-compatible: IE=edge
link: <https://mixrootmods.com/wp-json/>; rel="https://api.w.org/"
vary: Accept-Encoding,User-Agent,User-Agent
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l31rK2AxMXUklel1Y4fpC65ZkjHT1JrkBDo4YfhrxUyKE%2BAC%2FV4X9qYpvzNJ2yLR3Lv4e2PuaooA9paVM9h5ml6imUO3lXOBdYyu4HR5u4SwZ8hPlP4lynzoDyUUg7cSdqM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ca406012aae0b51-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
code.jquery.com/jquery-1.11.2.min.js
69.16.175.42200 OK 33 kB URL GET HTTP/2 code.jquery.com/jquery-1.11.2.min.js
IP 69.16.175.42:443
Requested by https://mixrootmods.com/?go=88ec7bbe4a25dae9a7645d5cd64e9wApbsCadfEeFlgiHnikaU0xWVRseDdqWXphTCtNQ1F6L2ZDRCtOVzBML1I1cGdHU3FWTERkOS9oaz0=
Certificate IssuerSectigo Limited
Subject*.jquery.com
Fingerprint64:50:4C:BB:DF:F3:1D:70:CC:5D:9E:B7:BE:80:91:84:03:C1:D1:83
ValidityWed, 03 Aug 2022 00:00:00 GMT - Fri, 14 Jul 2023 23:59:59 GMT
File type ASCII text, with very long lines (32047)
Hash 5790ead7ad3ba27397aedfa3d263b867
8130544c215fe5d1ec081d83461bf4a711e74882
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0
GET /jquery-1.11.2.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mixrootmods.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 20 May 2023 10:51:17 GMT
content-encoding: gzip
content-length: 33262
content-type: application/javascript; charset=utf-8
last-modified: Wed, 16 Feb 2022 10:50:39 GMT
accept-ranges: bytes
server: nginx
etag: W/"620cd6ff-176bb"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1684579877.dop069.sk1.t,1684579877.cds016.sk1.hn,1684579877.cds264.sk1.c
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash 572462dd4adbe106835908e03722b18a
bdaaf6113bb8fb7e7cecea35e3ea71f85c02ee9c
d45c2bcf7a56f321862b87e349c745f2982dde920c26449c5c4ac10d800702c4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 20 May 2023 10:51:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ss.mndsrv.com/banner.js
199.241.100.27200 OK 7.2 kB IP 199.241.100.27:443
Requested by https://mixrootmods.com/?go=88ec7bbe4a25dae9a7645d5cd64e9wApbsCadfEeFlgiHnikaU0xWVRseDdqWXphTCtNQ1F6L2ZDRCtOVzBML1I1cGdHU3FWTERkOS9oaz0=
Certificate IssuerLet's Encrypt
Subjectpp.mndsrv.com
FingerprintF7:B8:D1:83:E6:0E:A0:A4:C0:BA:53:78:0C:5A:D2:65:62:B4:07:4D
ValidityFri, 24 Mar 2023 11:56:58 GMT - Thu, 22 Jun 2023 11:56:57 GMT
File type ASCII text, with very long lines (7216)
Hash 03288fa566af3dabc5229481d0e72dab
45ee859fea09473ea6d3bb8bc650a853d6ffbc43
8a64910872e140c9fdee68753b9a8a8c6ade93b2e55be7cf91dbcf060b314fe8
GET /banner.js HTTP/1.1
Host: ss.mndsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mixrootmods.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 20 May 2023 10:51:17 GMT
Content-Type: application/javascript
Content-Length: 7217
Last-Modified: Wed, 19 Apr 2023 08:14:08 GMT
Connection: keep-alive
ETag: "643fa2d0-1c31"
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
ss.mndsrv.com/native.js
199.241.100.27200 OK 74 kB IP 199.241.100.27:443
Requested by https://mixrootmods.com/?go=88ec7bbe4a25dae9a7645d5cd64e9wApbsCadfEeFlgiHnikaU0xWVRseDdqWXphTCtNQ1F6L2ZDRCtOVzBML1I1cGdHU3FWTERkOS9oaz0=
Certificate IssuerLet's Encrypt
Subjectpp.mndsrv.com
FingerprintF7:B8:D1:83:E6:0E:A0:A4:C0:BA:53:78:0C:5A:D2:65:62:B4:07:4D
ValidityFri, 24 Mar 2023 11:56:58 GMT - Thu, 22 Jun 2023 11:56:57 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash 2f6b3f37f986dba25aaf8522a3e14608
1e500673b4a14c2f0ad3f3e6be63bba8173b87d0
24b05a7f551a61746572b9c72e45608f295268e9e69bcbb27ffeaa3c2c9669ca
GET /native.js HTTP/1.1
Host: ss.mndsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mixrootmods.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 20 May 2023 10:51:17 GMT
Content-Type: application/javascript
Content-Length: 73822
Last-Modified: Tue, 16 May 2023 12:00:59 GMT
Connection: keep-alive
ETag: "6463707b-1205e"
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
clipperroutesevere.com/ec7d30e6b26451ac549412bb2938d005/invoke.js
192.243.59.12200 OK 9.8 kB URL GET HTTP/1.1 clipperroutesevere.com/ec7d30e6b26451ac549412bb2938d005/invoke.js
IP 192.243.59.12:443
ASN #39572 DataWeb Global Group B.V.
Requested by https://mixrootmods.com/?go=88ec7bbe4a25dae9a7645d5cd64e9wApbsCadfEeFlgiHnikaU0xWVRseDdqWXphTCtNQ1F6L2ZDRCtOVzBML1I1cGdHU3FWTERkOS9oaz0=
Certificate IssuerLet's Encrypt
Subjectclipperroutesevere.com
Fingerprint35:29:53:9F:28:8D:13:92:6D:4D:0B:1E:E2:2C:8C:35:E3:A3:35:75
ValidityWed, 26 Apr 2023 06:21:40 GMT - Tue, 25 Jul 2023 06:21:39 GMT
File type exported SGML document, ASCII text, with very long lines (26943), with no line terminators
Hash 82c7c3efa529c49e4b1d4c047c03952f
76bae3c31bddd8b9ad67d73bf0bf90797f5036ec
f50a8707541f07770a6cbb57d726c0e0efa2ccf3f06fc11149f908a49256c924
Analyzer Verdict Alert quad9 Sinkholed
GET /ec7d30e6b26451ac549412bb2938d005/invoke.js HTTP/1.1
Host: clipperroutesevere.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mixrootmods.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 20 May 2023 10:51:18 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 9690c568b907844b3f80332b7c5d7695
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ocsp.r2m01.amazontrust.com/
143.204.48.16 471 B URL ocsp.r2m01.amazontrust.com/
IP 143.204.48.16:0
Hash 979bbcdacc024b709fdedc40f32b36e0
124ee22d296e546420c33c17e90344441cf9ea52
5db03a576484e3ae34be20f78f5138825d5cbbbc8b7144793786a7faa6938fce
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Sat, 20 May 2023 10:51:18 GMT
Etag: "6467a454-1d7"
Expires: Sat, 20 May 2023 12:51:18 GMT
Last-Modified: Fri, 19 May 2023 16:31:16 GMT
Server: ECAcc (nya/789C)
X-Cache: Miss from cloudfront
Via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: GDcZwBAtbEk5JWC2g1idr5I8Z_f_PhZByO4t_zS8uUVnNpDfzBJunQ==
Age: 1774
clipperroutesevere.com/aefd811efd7c738594511efeea2c4791/invoke.js
192.243.59.12200 OK 9.8 kB URL GET HTTP/1.1 clipperroutesevere.com/aefd811efd7c738594511efeea2c4791/invoke.js
IP 192.243.59.12:443
ASN #39572 DataWeb Global Group B.V.
Requested by https://mixrootmods.com/?go=88ec7bbe4a25dae9a7645d5cd64e9wApbsCadfEeFlgiHnikaU0xWVRseDdqWXphTCtNQ1F6L2ZDRCtOVzBML1I1cGdHU3FWTERkOS9oaz0=
Certificate IssuerLet's Encrypt
Subjectclipperroutesevere.com
Fingerprint35:29:53:9F:28:8D:13:92:6D:4D:0B:1E:E2:2C:8C:35:E3:A3:35:75
ValidityWed, 26 Apr 2023 06:21:40 GMT - Tue, 25 Jul 2023 06:21:39 GMT
File type exported SGML document, ASCII text, with very long lines (26935), with no line terminators
Hash a6b6e980a9816551d47957f458183aff
7efdb0623660715819fd1a0850e82cb04d13850a
6c3c98f76f587c35e4ee603e32ae3ed2098de1de4b5f9585052b823032eec994
Analyzer Verdict Alert quad9 Sinkholed
GET /aefd811efd7c738594511efeea2c4791/invoke.js HTTP/1.1
Host: clipperroutesevere.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mixrootmods.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 20 May 2023 10:51:18 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: afb4a5d30972360671f17e0f6e98d461
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
simplewebanalysis.com/stats
18.192.155.180200 OK 40 B URL GET HTTP/2 simplewebanalysis.com/stats
IP 18.192.155.180:443
Requested by https://mixrootmods.com/?go=88ec7bbe4a25dae9a7645d5cd64e9wApbsCadfEeFlgiHnikaU0xWVRseDdqWXphTCtNQ1F6L2ZDRCtOVzBML1I1cGdHU3FWTERkOS9oaz0=
Certificate IssuerAmazon
Subjectsimplewebanalysis.com
FingerprintE5:9D:30:D3:0E:8A:EF:0D:43:46:4C:4C:53:AD:05:78:63:E9:04:07
ValidityThu, 02 Mar 2023 00:00:00 GMT - Sun, 31 Mar 2024 23:59:59 GMT
File type ASCII text, with no line terminators
Hash 59bed5d56253f02a20abfae9f0e2d6f3
e2864f27e894eb7e8c6dce91ca5ba27b25ae00dd
9ada99ebc39bb828d90b7d51e7e39e1259b03b55e6e2d96beaa106f6a83c3dc0
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mixrootmods.com
DNT: 1
Connection: keep-alive
Referer: https://mixrootmods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 20 May 2023 10:51:18 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://mixrootmods.com
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=d81658ae-403f-4b67-a998-f9c1cc010cfc:1:1; expires=Tue, 17 May 2033 10:51:18 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
18.192.155.180200 OK 40 B URL GET HTTP/2 simplewebanalysis.com/stats
IP 18.192.155.180:443
Requested by https://mixrootmods.com/?go=88ec7bbe4a25dae9a7645d5cd64e9wApbsCadfEeFlgiHnikaU0xWVRseDdqWXphTCtNQ1F6L2ZDRCtOVzBML1I1cGdHU3FWTERkOS9oaz0=
Certificate IssuerAmazon
Subjectsimplewebanalysis.com
FingerprintE5:9D:30:D3:0E:8A:EF:0D:43:46:4C:4C:53:AD:05:78:63:E9:04:07
ValidityThu, 02 Mar 2023 00:00:00 GMT - Sun, 31 Mar 2024 23:59:59 GMT
File type ASCII text, with no line terminators
Hash 59bed5d56253f02a20abfae9f0e2d6f3
e2864f27e894eb7e8c6dce91ca5ba27b25ae00dd
9ada99ebc39bb828d90b7d51e7e39e1259b03b55e6e2d96beaa106f6a83c3dc0
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mixrootmods.com
DNT: 1
Connection: keep-alive
Referer: https://mixrootmods.com/
Cookie: uid_id2=d81658ae-403f-4b67-a998-f9c1cc010cfc:1:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 20 May 2023 10:51:18 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://mixrootmods.com
vary: Origin
access-control-allow-credentials: true
X-Firefox-Spdy: h2
clipperroutesevere.com/aefd811efd7c738594511efeea2c4791/invoke.js
192.243.59.12200 OK 9.8 kB URL GET HTTP/1.1 clipperroutesevere.com/aefd811efd7c738594511efeea2c4791/invoke.js
IP 192.243.59.12:443
ASN #39572 DataWeb Global Group B.V.
Requested by https://mixrootmods.com/?go=88ec7bbe4a25dae9a7645d5cd64e9wApbsCadfEeFlgiHnikaU0xWVRseDdqWXphTCtNQ1F6L2ZDRCtOVzBML1I1cGdHU3FWTERkOS9oaz0=
Certificate IssuerLet's Encrypt
Subjectclipperroutesevere.com
Fingerprint35:29:53:9F:28:8D:13:92:6D:4D:0B:1E:E2:2C:8C:35:E3:A3:35:75
ValidityWed, 26 Apr 2023 06:21:40 GMT - Tue, 25 Jul 2023 06:21:39 GMT
File type exported SGML document, ASCII text, with very long lines (26961), with no line terminators
Hash e4665c32f4f7983f4cdf081327d8043c
5476a4bb03d75286c02873cd9c1e453d332390ed
00c55f046989dfbf639ff31ebc603e56c542b8497b6637844b97439eeab2e9cf
Analyzer Verdict Alert quad9 Sinkholed
GET /aefd811efd7c738594511efeea2c4791/invoke.js HTTP/1.1
Host: clipperroutesevere.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mixrootmods.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 20 May 2023 10:51:18 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 73de67b03c0a0a364ba94b221139637a
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
mixrootmods.com/
188.114.96.1200 OK 25 kB IP 188.114.96.1:443
Requested by https://mixrootmods.com/?go=88ec7bbe4a25dae9a7645d5cd64e9wApbsCadfEeFlgiHnikaU0xWVRseDdqWXphTCtNQ1F6L2ZDRCtOVzBML1I1cGdHU3FWTERkOS9oaz0=
Certificate IssuerGoogle Trust Services LLC
Subject*.mixrootmods.com
FingerprintD0:6F:CA:2D:B6:E6:5B:C3:5C:BB:96:27:B7:ED:BD:CE:C8:6A:E5:C2
ValidityThu, 06 Apr 2023 05:18:48 GMT - Wed, 05 Jul 2023 05:18:47 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (24483), with CRLF, LF line terminators
Hash 8a47d967053be78b5bf52bc4bbaa1127
a9095404ff340d4f9f37bc4db258cd6f693e566f
442af5e9260145ea06d3efebd4cf9d337a77014a4d35b41753eba66e1de76c6e
GET / HTTP/1.1
Host: mixrootmods.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mixrootmods.com/?go=88ec7bbe4a25dae9a7645d5cd64e9wApbsCadfEeFlgiHnikaU0xWVRseDdqWXphTCtNQ1F6L2ZDRCtOVzBML1I1cGdHU3FWTERkOS9oaz0=
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=9PhEkb76V_yyRYTTSlFKgPfjy9869ecHykeS2J6.IyM-1684579877-0-AfhzFKMAL0dIIU01sTqI1jdQcmpr6yCzZHvMU2Yl1CdJ+AamHxr8q/KAXNiHhFzZjHQuWW+JuEOzY83jOJDRG9F7Bn7pCiW6hA89l8eHcIc2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 20 May 2023 10:51:18 GMT
content-type: text/html; charset=UTF-8
x-ua-compatible: IE=edge
link: <https://mixrootmods.com/wp-json/>; rel="https://api.w.org/"
vary: Accept-Encoding,User-Agent,User-Agent
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B7u%2B9Owi2ldQS4G9Q%2Fuo462H3syrL9aRgAJ%2Bkyd4SqghiYPGVlsuSgrkdsRpTdxzhfr2LDxJc%2FsAAMPBUs561C%2FgOB9wu6qkgWMAjrSp5lCkkLPwy9Ye9GsaBZAzZxpl7kI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ca4060d9ba40b61-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
teethbatchevy.com/watch.1241057207780.js?key=ec7d30e6b26451ac549412bb2938d005&kw=%5B%22objectives%22%2C%22of%22%2C%22accounting%22%5D&refer=https%3A%2F%2Fmixrootmods.com%2F%3Fgo%3D88ec7bbe4a25dae9a7645d5cd64e9wApbsCadfEeFlgiHnikaU0xWVRseDdqWXphTCtNQ1F6L2ZDRCtOVzBML1I1cGdHU3FWTERkOS9oaz0%3D&tz=0&dev=e&res=12.2079&uuid=d81658ae-403f-4b67-a998-f9c1cc010cfc%3A1%3A1
173.233.137.44307 Temporary Redirect 0 B URL GET HTTP/1.1 teethbatchevy.com/watch.1241057207780.js?key=ec7d30e6b26451ac549412bb2938d005&kw=%5B%22objectives%22%2C%22of%22%2C%22accounting%22%5D&refer=https%3A%2F%2Fmixrootmods.com%2F%3Fgo%3D88ec7bbe4a25dae9a7645d5cd64e9wApbsCadfEeFlgiHnikaU0xWVRseDdqWXphTCtNQ1F6L2ZDRCtOVzBML1I1cGdHU3FWTERkOS9oaz0%3D&tz=0&dev=e&res=12.2079&uuid=d81658ae-403f-4b67-a998-f9c1cc010cfc%3A1%3A1
IP 173.233.137.44:443
Requested by https://mixrootmods.com/?go=88ec7bbe4a25dae9a7645d5cd64e9wApbsCadfEeFlgiHnikaU0xWVRseDdqWXphTCtNQ1F6L2ZDRCtOVzBML1I1cGdHU3FWTERkOS9oaz0=
Certificate IssuerLet's Encrypt
Subjectteethbatchevy.com
FingerprintE5:AE:86:BC:67:0B:82:56:A6:92:10:1C:58:59:53:F9:F6:FB:7C:33
ValidityWed, 03 May 2023 21:36:47 GMT - Tue, 01 Aug 2023 21:36:46 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1241057207780.js?key=ec7d30e6b26451ac549412bb2938d005&kw=%5B%22objectives%22%2C%22of%22%2C%22accounting%22%5D&refer=https%3A%2F%2Fmixrootmods.com%2F%3Fgo%3D88ec7bbe4a25dae9a7645d5cd64e9wApbsCadfEeFlgiHnikaU0xWVRseDdqWXphTCtNQ1F6L2ZDRCtOVzBML1I1cGdHU3FWTERkOS9oaz0%3D&tz=0&dev=e&res=12.2079&uuid=d81658ae-403f-4b67-a998-f9c1cc010cfc%3A1%3A1 HTTP/1.1
Host: teethbatchevy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mixrootmods.com
DNT: 1
Connection: keep-alive
Referer: https://mixrootmods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Sat, 20 May 2023 10:51:19 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://mixrootmods.com
Access-Control-Allow-Origin: https://mixrootmods.com
Access-Control-Allow-Credentials: true
Location: https://teethbatchevy.com/watch.1241057207780.js?key=ec7d30e6b26451ac549412bb2938d005&kw=%5B%22objectives%22%2C%22of%22%2C%22accounting%22%5D&refer=https%3A%2F%2Fmixrootmods.com%2F%3Fgo%3D88ec7bbe4a25dae9a7645d5cd64e9wApbsCadfEeFlgiHnikaU0xWVRseDdqWXphTCtNQ1F6L2ZDRCtOVzBML1I1cGdHU3FWTERkOS9oaz0%3D&tz=0&dev=e&res=12.2079&uuid=d81658ae-403f-4b67-a998-f9c1cc010cfc%3A1%3A1&shu=d35e45456f1a51b41801dae7099afec0a5705e652e99a3e304a5f8550f4d8921480a1c61eb5a1c1add9479484e96c46ea6d8f6af5c777c91465648fc0833bca86924916964d38fe98e11f270a0597b5fc2b767adfda327bfbfdcf22683c8bf3ab0&pst=1684579939&rmtc=t
Set-Cookie: u_pl=19326056; expires=Sun, 21 May 2023 10:51:19 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxOTMyNjA1NiwiayI6ImVjN2QzMGU2YjI2NDUxYWM1NDk0MTJiYjI5MzhkMDA1Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyNTM0NzUyLCJwaWQiOjIxNTYzNSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjo1LCJwdCI6NCwicGsiOiJmdnNxaTJndWMiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6MTc5MDg4OTQ4LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjEyNDM4NiwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMTEuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL21peHJvb3Rtb2RzLmNvbS8_Z289ODhlYzdiYmU0YTI1ZGFlOWE3NjQ1ZDVjZDY0ZTl3QXBic0NhZGZFZUZsZ2lIbmlrYVUweFdWUnNlRGRxV1hwaFRDdE5RMUY2TDJaRFJDdE9WekJNTDFJMWNHZEhVM0ZXVEVSa09TOW9hejA9In19.7Fkb9vpio7Zj2ZD4wGJIZbB43g9CvymecgOmtpGZQrk; expires=Sat, 20 May 2023 10:52:19 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: fc3ca60b8ac0e08ba029f328b263ca90
Strict-Transport-Security: max-age=0; includeSubdomains
teethbatchevy.com/watch.1241057207780.js?key=ec7d30e6b26451ac549412bb2938d005&kw=%5B%22objectives%22%2C%22of%22%2C%22accounting%22%5D&refer=https%3A%2F%2Fmixrootmods.com%2F%3Fgo%3D88ec7bbe4a25dae9a7645d5cd64e9wApbsCadfEeFlgiHnikaU0xWVRseDdqWXphTCtNQ1F6L2ZDRCtOVzBML1I1cGdHU3FWTERkOS9oaz0%3D&tz=0&dev=e&res=12.2079&uuid=d81658ae-403f-4b67-a998-f9c1cc010cfc%3A1%3A1&shu=d35e45456f1a51b41801dae7099afec0a5705e652e99a3e304a5f8550f4d8921480a1c61eb5a1c1add9479484e96c46ea6d8f6af5c777c91465648fc0833bca86924916964d38fe98e11f270a0597b5fc2b767adfda327bfbfdcf22683c8bf3ab0&pst=1684579939&rmtc=t
173.233.137.44200 OK 2.1 kB URL GET HTTP/1.1 teethbatchevy.com/watch.1241057207780.js?key=ec7d30e6b26451ac549412bb2938d005&kw=%5B%22objectives%22%2C%22of%22%2C%22accounting%22%5D&refer=https%3A%2F%2Fmixrootmods.com%2F%3Fgo%3D88ec7bbe4a25dae9a7645d5cd64e9wApbsCadfEeFlgiHnikaU0xWVRseDdqWXphTCtNQ1F6L2ZDRCtOVzBML1I1cGdHU3FWTERkOS9oaz0%3D&tz=0&dev=e&res=12.2079&uuid=d81658ae-403f-4b67-a998-f9c1cc010cfc%3A1%3A1&shu=d35e45456f1a51b41801dae7099afec0a5705e652e99a3e304a5f8550f4d8921480a1c61eb5a1c1add9479484e96c46ea6d8f6af5c777c91465648fc0833bca86924916964d38fe98e11f270a0597b5fc2b767adfda327bfbfdcf22683c8bf3ab0&pst=1684579939&rmtc=t
IP 173.233.137.44:443
Requested by https://mixrootmods.com/?go=88ec7bbe4a25dae9a7645d5cd64e9wApbsCadfEeFlgiHnikaU0xWVRseDdqWXphTCtNQ1F6L2ZDRCtOVzBML1I1cGdHU3FWTERkOS9oaz0=
Certificate IssuerLet's Encrypt
Subjectteethbatchevy.com
FingerprintE5:AE:86:BC:67:0B:82:56:A6:92:10:1C:58:59:53:F9:F6:FB:7C:33
ValidityWed, 03 May 2023 21:36:47 GMT - Tue, 01 Aug 2023 21:36:46 GMT
File type HTML document text\012- HTML document, ASCII text, with very long lines (2630)
Hash 043109c2f75b95a5471fe1042e7168f2
b4ee5ae7318afb520edadddddd0c9cc65ee22b5c
760e47e6cdf6b891f8c849885230855827e07438a016b9107e3700611dee1e9f
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1241057207780.js?key=ec7d30e6b26451ac549412bb2938d005&kw=%5B%22objectives%22%2C%22of%22%2C%22accounting%22%5D&refer=https%3A%2F%2Fmixrootmods.com%2F%3Fgo%3D88ec7bbe4a25dae9a7645d5cd64e9wApbsCadfEeFlgiHnikaU0xWVRseDdqWXphTCtNQ1F6L2ZDRCtOVzBML1I1cGdHU3FWTERkOS9oaz0%3D&tz=0&dev=e&res=12.2079&uuid=d81658ae-403f-4b67-a998-f9c1cc010cfc%3A1%3A1&shu=d35e45456f1a51b41801dae7099afec0a5705e652e99a3e304a5f8550f4d8921480a1c61eb5a1c1add9479484e96c46ea6d8f6af5c777c91465648fc0833bca86924916964d38fe98e11f270a0597b5fc2b767adfda327bfbfdcf22683c8bf3ab0&pst=1684579939&rmtc=t HTTP/1.1
Host: teethbatchevy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mixrootmods.com
Referer: https://mixrootmods.com/
DNT: 1
Connection: keep-alive
Cookie: u_pl=19326056; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxOTMyNjA1NiwiayI6ImVjN2QzMGU2YjI2NDUxYWM1NDk0MTJiYjI5MzhkMDA1Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyNTM0NzUyLCJwaWQiOjIxNTYzNSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjo1LCJwdCI6NCwicGsiOiJmdnNxaTJndWMiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6MTc5MDg4OTQ4LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjEyNDM4NiwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMTEuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL21peHJvb3Rtb2RzLmNvbS8_Z289ODhlYzdiYmU0YTI1ZGFlOWE3NjQ1ZDVjZDY0ZTl3QXBic0NhZGZFZUZsZ2lIbmlrYVUweFdWUnNlRGRxV1hwaFRDdE5RMUY2TDJaRFJDdE9WekJNTDFJMWNHZEhVM0ZXVEVSa09TOW9hejA9In19.7Fkb9vpio7Zj2ZD4wGJIZbB43g9CvymecgOmtpGZQrk
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 20 May 2023 10:51:19 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://mixrootmods.com
Access-Control-Allow-Origin: https://mixrootmods.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=d81658ae-403f-4b67-a998-f9c1cc010cfc:1:1; expires=Sat, 27 May 2023 10:51:19 GMT; secure; SameSite=None
iprc4baa0920e35e932355cc231a85c74c45=3569806; expires=Sat, 20 May 2023 14:51:19 GMT; secure; SameSite=None
pdhtkv=true; expires=Sun, 21 May 2023 10:51:19 GMT; secure; SameSite=None
uncs=1; expires=Sun, 21 May 2023 10:51:19 GMT; secure; SameSite=None
pdhtkv5=true; expires=Sun, 21 May 2023 10:51:19 GMT; secure; SameSite=None
uncs5=1; expires=Sun, 21 May 2023 10:51:19 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 8e6281da07011d51b55bad7ddc4d2a25
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
openerkey.com/watch.1232355302441.js?key=aefd811efd7c738594511efeea2c4791&kw=%5B%22objectives%22%2C%22of%22%2C%22accounting%22%5D&refer=https%3A%2F%2Fmixrootmods.com%2F%3Fgo%3D88ec7bbe4a25dae9a7645d5cd64e9wApbsCadfEeFlgiHnikaU0xWVRseDdqWXphTCtNQ1F6L2ZDRCtOVzBML1I1cGdHU3FWTERkOS9oaz0%3D&tz=0&dev=e&res=12.2079&uuid=d81658ae-403f-4b67-a998-f9c1cc010cfc%3A1%3A1
192.243.61.225307 Temporary Redirect 0 B URL GET HTTP/1.1 openerkey.com/watch.1232355302441.js?key=aefd811efd7c738594511efeea2c4791&kw=%5B%22objectives%22%2C%22of%22%2C%22accounting%22%5D&refer=https%3A%2F%2Fmixrootmods.com%2F%3Fgo%3D88ec7bbe4a25dae9a7645d5cd64e9wApbsCadfEeFlgiHnikaU0xWVRseDdqWXphTCtNQ1F6L2ZDRCtOVzBML1I1cGdHU3FWTERkOS9oaz0%3D&tz=0&dev=e&res=12.2079&uuid=d81658ae-403f-4b67-a998-f9c1cc010cfc%3A1%3A1
IP 192.243.61.225:443
ASN #39572 DataWeb Global Group B.V.
Requested by https://mixrootmods.com/?go=88ec7bbe4a25dae9a7645d5cd64e9wApbsCadfEeFlgiHnikaU0xWVRseDdqWXphTCtNQ1F6L2ZDRCtOVzBML1I1cGdHU3FWTERkOS9oaz0=
Certificate IssuerLet's Encrypt
Subjectopenerkey.com
FingerprintC6:26:38:90:61:93:C6:56:F0:02:B4:EF:E9:73:F8:5B:E8:49:75:87
ValidityFri, 28 Apr 2023 01:23:43 GMT - Thu, 27 Jul 2023 01:23:42 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1232355302441.js?key=aefd811efd7c738594511efeea2c4791&kw=%5B%22objectives%22%2C%22of%22%2C%22accounting%22%5D&refer=https%3A%2F%2Fmixrootmods.com%2F%3Fgo%3D88ec7bbe4a25dae9a7645d5cd64e9wApbsCadfEeFlgiHnikaU0xWVRseDdqWXphTCtNQ1F6L2ZDRCtOVzBML1I1cGdHU3FWTERkOS9oaz0%3D&tz=0&dev=e&res=12.2079&uuid=d81658ae-403f-4b67-a998-f9c1cc010cfc%3A1%3A1 HTTP/1.1
Host: openerkey.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mixrootmods.com
DNT: 1
Connection: keep-alive
Referer: https://mixrootmods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Sat, 20 May 2023 10:51:19 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://mixrootmods.com
Access-Control-Allow-Origin: https://mixrootmods.com
Access-Control-Allow-Credentials: true
Location: https://openerkey.com/watch.1232355302441.js?key=aefd811efd7c738594511efeea2c4791&kw=%5B%22objectives%22%2C%22of%22%2C%22accounting%22%5D&refer=https%3A%2F%2Fmixrootmods.com%2F%3Fgo%3D88ec7bbe4a25dae9a7645d5cd64e9wApbsCadfEeFlgiHnikaU0xWVRseDdqWXphTCtNQ1F6L2ZDRCtOVzBML1I1cGdHU3FWTERkOS9oaz0%3D&tz=0&dev=e&res=12.2079&uuid=d81658ae-403f-4b67-a998-f9c1cc010cfc%3A1%3A1&shu=41652a84a7d277c8dbfc817cf2513b6630c780f94355e91eeeb9a0a11d8a9a0be0f74ca606f39497e8e4e892897fd33b3826dc4b24d8c1370639a6eea4c01bc291a1b7d8e31eb8d92011e9728e7e70f33158e1ce&pst=1684579939&rmtc=t
Set-Cookie: u_pl=19326071; expires=Sun, 21 May 2023 10:51:19 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxOTMyNjA3MSwiayI6ImFlZmQ4MTFlZmQ3YzczODU5NDUxMWVmZWVhMmM0NzkxIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyNTM0NzUyLCJwaWQiOjIxNTYzNSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjoyNSwicHQiOjQsInBrIjoidTZoMHB5czYiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6MTc5MDg4OTQ4LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjEyNDM4NiwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMTEuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL21peHJvb3Rtb2RzLmNvbS8_Z289ODhlYzdiYmU0YTI1ZGFlOWE3NjQ1ZDVjZDY0ZTl3QXBic0NhZGZFZUZsZ2lIbmlrYVUweFdWUnNlRGRxV1hwaFRDdE5RMUY2TDJaRFJDdE9WekJNTDFJMWNHZEhVM0ZXVEVSa09TOW9hejA9In19.NFbb1PLStPpD-BxWpCi2Dm6UvlU_cBS-HIMwZoj85S8; expires=Sat, 20 May 2023 10:52:19 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: e4db323930e3698d9f402c4bc25374e6
Strict-Transport-Security: max-age=0; includeSubdomains
ib.adnxs.com/ut/v3/prebid
185.89.210.180200 OK 498 B URL POST HTTP/1.1 ib.adnxs.com/ut/v3/prebid
IP 185.89.210.180:443
Requested by https://mixrootmods.com/?go=88ec7bbe4a25dae9a7645d5cd64e9wApbsCadfEeFlgiHnikaU0xWVRseDdqWXphTCtNQ1F6L2ZDRCtOVzBML1I1cGdHU3FWTERkOS9oaz0=
Certificate IssuerDigiCert Inc
Subject*.adnxs.com
Fingerprint30:E1:57:C8:5A:77:64:AE:54:99:08:F7:2B:B8:C7:F4:28:85:56:08
ValidityMon, 13 Feb 2023 00:00:00 GMT - Fri, 15 Mar 2024 23:59:59 GMT
File type JSON data\012- , ASCII text, with very long lines (498), with no line terminators
Hash 1157a247c44120efaa0e16ea6c6636d8
5b08fe6984561d8eb42ef0d45f586b8574c5c73c
9d3511a0cbd847ff8e3566b87eeaa5d7066d35bf050b40760da4bc6c728a661e
POST /ut/v3/prebid HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 2587
Origin: https://mixrootmods.com
DNT: 1
Connection: keep-alive
Referer: https://mixrootmods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sat, 20 May 2023 10:51:19 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 498
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://mixrootmods.com
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
AN-X-Request-Uuid: 8f29b996-1e17-43ca-8c72-b00bbc8821c0
Set-Cookie: icu=ChkIl9KIARAKGAEgASgBMKfMoqMGOAFAAUgBEKfMoqMGGAA.; SameSite=None; Path=/; Max-Age=7776000; Expires=Fri, 18-Aug-2023 10:51:19 GMT; Domain=.adnxs.com; Secure; HttpOnly
uuid2=5225481582847185377; SameSite=None; Path=/; Max-Age=7776000; Expires=Fri, 18-Aug-2023 10:51:19 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ocsp.r2m02.amazontrust.com/
143.204.48.16 471 B URL ocsp.r2m02.amazontrust.com/
IP 143.204.48.16:0
Hash 5062976d863b73dabbe5c8135280fb8b
1a2148c7cf6eb00dcc716cdc426946d312133f46
7d37b4929c90c2b2b5288b3143f953dc784f349a4ad224db341683515e06b8c1
POST / HTTP/1.1
Host: ocsp.r2m02.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=7200'
Date: Sat, 20 May 2023 10:51:19 GMT
Last-Modified: Sat, 20 May 2023 09:32:02 GMT
Server: ECAcc (dcb/7EBC)
X-Cache: Miss from cloudfront
Via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: U0xA3p9HLxOmYJFeZ8lP_gsjEnGEcYApMaYDQUKOmPN9V5hZh9GB_w==
Age: 4757
dolphinabberantleaflet.com/watch.742600046828.js?key=aefd811efd7c738594511efeea2c4791&kw=%5B%22objectives%22%2C%22of%22%2C%22accounting%22%5D&refer=https%3A%2F%2Fmixrootmods.com%2F%3Fgo%3D88ec7bbe4a25dae9a7645d5cd64e9wApbsCadfEeFlgiHnikaU0xWVRseDdqWXphTCtNQ1F6L2ZDRCtOVzBML1I1cGdHU3FWTERkOS9oaz0%3D&tz=0&dev=e&res=12.2079&uuid=d81658ae-403f-4b67-a998-f9c1cc010cfc%3A1%3A1
192.243.59.20307 Temporary Redirect 0 B URL GET HTTP/1.1 dolphinabberantleaflet.com/watch.742600046828.js?key=aefd811efd7c738594511efeea2c4791&kw=%5B%22objectives%22%2C%22of%22%2C%22accounting%22%5D&refer=https%3A%2F%2Fmixrootmods.com%2F%3Fgo%3D88ec7bbe4a25dae9a7645d5cd64e9wApbsCadfEeFlgiHnikaU0xWVRseDdqWXphTCtNQ1F6L2ZDRCtOVzBML1I1cGdHU3FWTERkOS9oaz0%3D&tz=0&dev=e&res=12.2079&uuid=d81658ae-403f-4b67-a998-f9c1cc010cfc%3A1%3A1
IP 192.243.59.20:443
ASN #39572 DataWeb Global Group B.V.
Requested by https://mixrootmods.com/?go=88ec7bbe4a25dae9a7645d5cd64e9wApbsCadfEeFlgiHnikaU0xWVRseDdqWXphTCtNQ1F6L2ZDRCtOVzBML1I1cGdHU3FWTERkOS9oaz0=
Certificate IssuerLet's Encrypt
Subjectdolphinabberantleaflet.com
Fingerprint96:DD:F7:B8:BA:04:7B:75:A4:F6:43:5C:B9:8E:6A:DE:79:0D:1E:BE
ValiditySat, 29 Apr 2023 06:15:54 GMT - Fri, 28 Jul 2023 06:15:53 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.742600046828.js?key=aefd811efd7c738594511efeea2c4791&kw=%5B%22objectives%22%2C%22of%22%2C%22accounting%22%5D&refer=https%3A%2F%2Fmixrootmods.com%2F%3Fgo%3D88ec7bbe4a25dae9a7645d5cd64e9wApbsCadfEeFlgiHnikaU0xWVRseDdqWXphTCtNQ1F6L2ZDRCtOVzBML1I1cGdHU3FWTERkOS9oaz0%3D&tz=0&dev=e&res=12.2079&uuid=d81658ae-403f-4b67-a998-f9c1cc010cfc%3A1%3A1 HTTP/1.1
Host: dolphinabberantleaflet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mixrootmods.com
DNT: 1
Connection: keep-alive
Referer: https://mixrootmods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Sat, 20 May 2023 10:51:19 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://mixrootmods.com
Access-Control-Allow-Origin: https://mixrootmods.com
Access-Control-Allow-Credentials: true
Location: https://dolphinabberantleaflet.com/watch.742600046828.js?key=aefd811efd7c738594511efeea2c4791&kw=%5B%22objectives%22%2C%22of%22%2C%22accounting%22%5D&refer=https%3A%2F%2Fmixrootmods.com%2F%3Fgo%3D88ec7bbe4a25dae9a7645d5cd64e9wApbsCadfEeFlgiHnikaU0xWVRseDdqWXphTCtNQ1F6L2ZDRCtOVzBML1I1cGdHU3FWTERkOS9oaz0%3D&tz=0&dev=e&res=12.2079&uuid=d81658ae-403f-4b67-a998-f9c1cc010cfc%3A1%3A1&shu=6889b226edd38696f3ff2f3c3469122924fab6a4cb56d0a9889f778394a1f60b79ee7d17a6aeed94639845ea72a4e8dc9af94d658bb6fa14b301f6ad4b318cda142b0bf39df50695cd605b55fbc272ccd5a66b&pst=1684579939&rmtc=t
Set-Cookie: u_pl=19326071; expires=Sun, 21 May 2023 10:51:19 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxOTMyNjA3MSwiayI6ImFlZmQ4MTFlZmQ3YzczODU5NDUxMWVmZWVhMmM0NzkxIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyNTM0NzUyLCJwaWQiOjIxNTYzNSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjoyNSwicHQiOjQsInBrIjoidTZoMHB5czYiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6MTc5MDg4OTQ4LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjEyNDM4NiwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMTEuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL21peHJvb3Rtb2RzLmNvbS8_Z289ODhlYzdiYmU0YTI1ZGFlOWE3NjQ1ZDVjZDY0ZTl3QXBic0NhZGZFZUZsZ2lIbmlrYVUweFdWUnNlRGRxV1hwaFRDdE5RMUY2TDJaRFJDdE9WekJNTDFJMWNHZEhVM0ZXVEVSa09TOW9hejA9In19.NFbb1PLStPpD-BxWpCi2Dm6UvlU_cBS-HIMwZoj85S8; expires=Sat, 20 May 2023 10:52:19 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: b0fdd81abc9f59f3d15d6dd299236b40
Strict-Transport-Security: max-age=0; includeSubdomains
pp.mndsrv.com/v1/01f7ad64-da34-4401-bfd5-e1cb7f6c1ee9
199.241.100.27204 No Content 0 B URL POST HTTP/1.1 pp.mndsrv.com/v1/01f7ad64-da34-4401-bfd5-e1cb7f6c1ee9
IP 199.241.100.27:443
Requested by https://mixrootmods.com/?go=88ec7bbe4a25dae9a7645d5cd64e9wApbsCadfEeFlgiHnikaU0xWVRseDdqWXphTCtNQ1F6L2ZDRCtOVzBML1I1cGdHU3FWTERkOS9oaz0=
Certificate IssuerLet's Encrypt
Subjectpp.mndsrv.com
FingerprintF7:B8:D1:83:E6:0E:A0:A4:C0:BA:53:78:0C:5A:D2:65:62:B4:07:4D
ValidityFri, 24 Mar 2023 11:56:58 GMT - Thu, 22 Jun 2023 11:56:57 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /v1/01f7ad64-da34-4401-bfd5-e1cb7f6c1ee9 HTTP/1.1
Host: pp.mndsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 157
Origin: https://mixrootmods.com
DNT: 1
Connection: keep-alive
Referer: https://mixrootmods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 204 No Content
Server: nginx/1.20.1
Date: Sat, 20 May 2023 10:51:19 GMT
Connection: keep-alive
Access-Control-Allow-Origin: *
pp.mndsrv.com/v1/fbbe694a-5f37-443a-9a24-0df288da60b1
199.241.100.27204 No Content 0 B URL POST HTTP/1.1 pp.mndsrv.com/v1/fbbe694a-5f37-443a-9a24-0df288da60b1
IP 199.241.100.27:443
Requested by https://mixrootmods.com/?go=88ec7bbe4a25dae9a7645d5cd64e9wApbsCadfEeFlgiHnikaU0xWVRseDdqWXphTCtNQ1F6L2ZDRCtOVzBML1I1cGdHU3FWTERkOS9oaz0=
Certificate IssuerLet's Encrypt
Subjectpp.mndsrv.com
FingerprintF7:B8:D1:83:E6:0E:A0:A4:C0:BA:53:78:0C:5A:D2:65:62:B4:07:4D
ValidityFri, 24 Mar 2023 11:56:58 GMT - Thu, 22 Jun 2023 11:56:57 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /v1/fbbe694a-5f37-443a-9a24-0df288da60b1 HTTP/1.1
Host: pp.mndsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 156
Origin: https://mixrootmods.com
DNT: 1
Connection: keep-alive
Referer: https://mixrootmods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 204 No Content
Server: nginx/1.20.1
Date: Sat, 20 May 2023 10:51:19 GMT
Connection: keep-alive
Access-Control-Allow-Origin: *
pp.mndsrv.com/v1/1514844d-5dd1-4e5d-9bf9-8d468bba7a6f
199.241.100.27204 No Content 0 B URL POST HTTP/1.1 pp.mndsrv.com/v1/1514844d-5dd1-4e5d-9bf9-8d468bba7a6f
IP 199.241.100.27:443
Requested by https://mixrootmods.com/?go=88ec7bbe4a25dae9a7645d5cd64e9wApbsCadfEeFlgiHnikaU0xWVRseDdqWXphTCtNQ1F6L2ZDRCtOVzBML1I1cGdHU3FWTERkOS9oaz0=
Certificate IssuerLet's Encrypt
Subjectpp.mndsrv.com
FingerprintF7:B8:D1:83:E6:0E:A0:A4:C0:BA:53:78:0C:5A:D2:65:62:B4:07:4D
ValidityFri, 24 Mar 2023 11:56:58 GMT - Thu, 22 Jun 2023 11:56:57 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /v1/1514844d-5dd1-4e5d-9bf9-8d468bba7a6f HTTP/1.1
Host: pp.mndsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 156
Origin: https://mixrootmods.com
DNT: 1
Connection: keep-alive
Referer: https://mixrootmods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 204 No Content
Server: nginx/1.20.1
Date: Sat, 20 May 2023 10:51:19 GMT
Connection: keep-alive
Access-Control-Allow-Origin: *
openerkey.com/watch.1232355302441.js?key=aefd811efd7c738594511efeea2c4791&kw=%5B%22objectives%22%2C%22of%22%2C%22accounting%22%5D&refer=https%3A%2F%2Fmixrootmods.com%2F%3Fgo%3D88ec7bbe4a25dae9a7645d5cd64e9wApbsCadfEeFlgiHnikaU0xWVRseDdqWXphTCtNQ1F6L2ZDRCtOVzBML1I1cGdHU3FWTERkOS9oaz0%3D&tz=0&dev=e&res=12.2079&uuid=d81658ae-403f-4b67-a998-f9c1cc010cfc%3A1%3A1&shu=41652a84a7d277c8dbfc817cf2513b6630c780f94355e91eeeb9a0a11d8a9a0be0f74ca606f39497e8e4e892897fd33b3826dc4b24d8c1370639a6eea4c01bc291a1b7d8e31eb8d92011e9728e7e70f33158e1ce&pst=1684579939&rmtc=t
192.243.61.225200 OK 2.0 kB URL GET HTTP/1.1 openerkey.com/watch.1232355302441.js?key=aefd811efd7c738594511efeea2c4791&kw=%5B%22objectives%22%2C%22of%22%2C%22accounting%22%5D&refer=https%3A%2F%2Fmixrootmods.com%2F%3Fgo%3D88ec7bbe4a25dae9a7645d5cd64e9wApbsCadfEeFlgiHnikaU0xWVRseDdqWXphTCtNQ1F6L2ZDRCtOVzBML1I1cGdHU3FWTERkOS9oaz0%3D&tz=0&dev=e&res=12.2079&uuid=d81658ae-403f-4b67-a998-f9c1cc010cfc%3A1%3A1&shu=41652a84a7d277c8dbfc817cf2513b6630c780f94355e91eeeb9a0a11d8a9a0be0f74ca606f39497e8e4e892897fd33b3826dc4b24d8c1370639a6eea4c01bc291a1b7d8e31eb8d92011e9728e7e70f33158e1ce&pst=1684579939&rmtc=t
IP 192.243.61.225:443
ASN #39572 DataWeb Global Group B.V.
Requested by https://mixrootmods.com/?go=88ec7bbe4a25dae9a7645d5cd64e9wApbsCadfEeFlgiHnikaU0xWVRseDdqWXphTCtNQ1F6L2ZDRCtOVzBML1I1cGdHU3FWTERkOS9oaz0=
Certificate IssuerLet's Encrypt
Subjectopenerkey.com
FingerprintC6:26:38:90:61:93:C6:56:F0:02:B4:EF:E9:73:F8:5B:E8:49:75:87
ValidityFri, 28 Apr 2023 01:23:43 GMT - Thu, 27 Jul 2023 01:23:42 GMT
File type HTML document, ASCII text, with very long lines (2460)
Hash a0d34572122e5589bfa43fc6d7d9a5f4
bd02aa505ea5190000d67f7f278de2f2ff4a2c1f
2d9adb9b6e05d32d37b63a82cd17f358afffad7175e1ffa0ccdb6648fe1a0ccf
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1232355302441.js?key=aefd811efd7c738594511efeea2c4791&kw=%5B%22objectives%22%2C%22of%22%2C%22accounting%22%5D&refer=https%3A%2F%2Fmixrootmods.com%2F%3Fgo%3D88ec7bbe4a25dae9a7645d5cd64e9wApbsCadfEeFlgiHnikaU0xWVRseDdqWXphTCtNQ1F6L2ZDRCtOVzBML1I1cGdHU3FWTERkOS9oaz0%3D&tz=0&dev=e&res=12.2079&uuid=d81658ae-403f-4b67-a998-f9c1cc010cfc%3A1%3A1&shu=41652a84a7d277c8dbfc817cf2513b6630c780f94355e91eeeb9a0a11d8a9a0be0f74ca606f39497e8e4e892897fd33b3826dc4b24d8c1370639a6eea4c01bc291a1b7d8e31eb8d92011e9728e7e70f33158e1ce&pst=1684579939&rmtc=t HTTP/1.1
Host: openerkey.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mixrootmods.com
Referer: https://mixrootmods.com/
DNT: 1
Connection: keep-alive
Cookie: u_pl=19326071; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxOTMyNjA3MSwiayI6ImFlZmQ4MTFlZmQ3YzczODU5NDUxMWVmZWVhMmM0NzkxIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyNTM0NzUyLCJwaWQiOjIxNTYzNSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjoyNSwicHQiOjQsInBrIjoidTZoMHB5czYiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6MTc5MDg4OTQ4LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjEyNDM4NiwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMTEuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL21peHJvb3Rtb2RzLmNvbS8_Z289ODhlYzdiYmU0YTI1ZGFlOWE3NjQ1ZDVjZDY0ZTl3QXBic0NhZGZFZUZsZ2lIbmlrYVUweFdWUnNlRGRxV1hwaFRDdE5RMUY2TDJaRFJDdE9WekJNTDFJMWNHZEhVM0ZXVEVSa09TOW9hejA9In19.NFbb1PLStPpD-BxWpCi2Dm6UvlU_cBS-HIMwZoj85S8
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 20 May 2023 10:51:19 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://mixrootmods.com
Access-Control-Allow-Origin: https://mixrootmods.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=d81658ae-403f-4b67-a998-f9c1cc010cfc:1:1; expires=Sat, 27 May 2023 10:51:19 GMT; secure; SameSite=None
pdhtkv=true; expires=Sun, 21 May 2023 10:51:19 GMT; secure; SameSite=None
uncs=1; expires=Sun, 21 May 2023 10:51:19 GMT; secure; SameSite=None
pdhtkv25=true; expires=Sun, 21 May 2023 10:51:19 GMT; secure; SameSite=None
uncs25=1; expires=Sun, 21 May 2023 10:51:19 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 86fb20f57099c9b07d4e0ae864fb76d9
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
dolphinabberantleaflet.com/watch.742600046828.js?key=aefd811efd7c738594511efeea2c4791&kw=%5B%22objectives%22%2C%22of%22%2C%22accounting%22%5D&refer=https%3A%2F%2Fmixrootmods.com%2F%3Fgo%3D88ec7bbe4a25dae9a7645d5cd64e9wApbsCadfEeFlgiHnikaU0xWVRseDdqWXphTCtNQ1F6L2ZDRCtOVzBML1I1cGdHU3FWTERkOS9oaz0%3D&tz=0&dev=e&res=12.2079&uuid=d81658ae-403f-4b67-a998-f9c1cc010cfc%3A1%3A1&shu=6889b226edd38696f3ff2f3c3469122924fab6a4cb56d0a9889f778394a1f60b79ee7d17a6aeed94639845ea72a4e8dc9af94d658bb6fa14b301f6ad4b318cda142b0bf39df50695cd605b55fbc272ccd5a66b&pst=1684579939&rmtc=t
192.243.59.20200 OK 2.0 kB URL GET HTTP/1.1 dolphinabberantleaflet.com/watch.742600046828.js?key=aefd811efd7c738594511efeea2c4791&kw=%5B%22objectives%22%2C%22of%22%2C%22accounting%22%5D&refer=https%3A%2F%2Fmixrootmods.com%2F%3Fgo%3D88ec7bbe4a25dae9a7645d5cd64e9wApbsCadfEeFlgiHnikaU0xWVRseDdqWXphTCtNQ1F6L2ZDRCtOVzBML1I1cGdHU3FWTERkOS9oaz0%3D&tz=0&dev=e&res=12.2079&uuid=d81658ae-403f-4b67-a998-f9c1cc010cfc%3A1%3A1&shu=6889b226edd38696f3ff2f3c3469122924fab6a4cb56d0a9889f778394a1f60b79ee7d17a6aeed94639845ea72a4e8dc9af94d658bb6fa14b301f6ad4b318cda142b0bf39df50695cd605b55fbc272ccd5a66b&pst=1684579939&rmtc=t
IP 192.243.59.20:443
ASN #39572 DataWeb Global Group B.V.
Requested by https://mixrootmods.com/?go=88ec7bbe4a25dae9a7645d5cd64e9wApbsCadfEeFlgiHnikaU0xWVRseDdqWXphTCtNQ1F6L2ZDRCtOVzBML1I1cGdHU3FWTERkOS9oaz0=
Certificate IssuerLet's Encrypt
Subjectdolphinabberantleaflet.com
Fingerprint96:DD:F7:B8:BA:04:7B:75:A4:F6:43:5C:B9:8E:6A:DE:79:0D:1E:BE
ValiditySat, 29 Apr 2023 06:15:54 GMT - Fri, 28 Jul 2023 06:15:53 GMT
File type HTML document, ASCII text, with very long lines (2459)
Hash 616705164b5cc263bb3c3b2ee8760962
381d835bdb450db7138711c8bbce1ee66c850a17
ab6cdf2cab84f60c9986f7c81490bb8b018b2f1a8ffc8e68eee1cca3f7c488c1
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.742600046828.js?key=aefd811efd7c738594511efeea2c4791&kw=%5B%22objectives%22%2C%22of%22%2C%22accounting%22%5D&refer=https%3A%2F%2Fmixrootmods.com%2F%3Fgo%3D88ec7bbe4a25dae9a7645d5cd64e9wApbsCadfEeFlgiHnikaU0xWVRseDdqWXphTCtNQ1F6L2ZDRCtOVzBML1I1cGdHU3FWTERkOS9oaz0%3D&tz=0&dev=e&res=12.2079&uuid=d81658ae-403f-4b67-a998-f9c1cc010cfc%3A1%3A1&shu=6889b226edd38696f3ff2f3c3469122924fab6a4cb56d0a9889f778394a1f60b79ee7d17a6aeed94639845ea72a4e8dc9af94d658bb6fa14b301f6ad4b318cda142b0bf39df50695cd605b55fbc272ccd5a66b&pst=1684579939&rmtc=t HTTP/1.1
Host: dolphinabberantleaflet.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mixrootmods.com
Referer: https://mixrootmods.com/
DNT: 1
Connection: keep-alive
Cookie: u_pl=19326071; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxOTMyNjA3MSwiayI6ImFlZmQ4MTFlZmQ3YzczODU5NDUxMWVmZWVhMmM0NzkxIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoyNTM0NzUyLCJwaWQiOjIxNTYzNSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoyOCwiYWlkIjoyNSwicHQiOjQsInBrIjoidTZoMHB5czYiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6MTc5MDg4OTQ4LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjEyNDM4NiwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMTEuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL21peHJvb3Rtb2RzLmNvbS8_Z289ODhlYzdiYmU0YTI1ZGFlOWE3NjQ1ZDVjZDY0ZTl3QXBic0NhZGZFZUZsZ2lIbmlrYVUweFdWUnNlRGRxV1hwaFRDdE5RMUY2TDJaRFJDdE9WekJNTDFJMWNHZEhVM0ZXVEVSa09TOW9hejA9In19.NFbb1PLStPpD-BxWpCi2Dm6UvlU_cBS-HIMwZoj85S8
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 20 May 2023 10:51:19 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://mixrootmods.com
Access-Control-Allow-Origin: https://mixrootmods.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=d81658ae-403f-4b67-a998-f9c1cc010cfc:1:1; expires=Sat, 27 May 2023 10:51:19 GMT; secure; SameSite=None
pdhtkv=true; expires=Sun, 21 May 2023 10:51:19 GMT; secure; SameSite=None
uncs=1; expires=Sun, 21 May 2023 10:51:19 GMT; secure; SameSite=None
pdhtkv25=true; expires=Sun, 21 May 2023 10:51:19 GMT; secure; SameSite=None
uncs25=1; expires=Sun, 21 May 2023 10:51:19 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 73f0d03eb0e29a78d1659a05c4e0208b
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
cdn.cloudimagesb.com/cti/7d/00/a0/7d00a008556ebc4e68d1de531274e928/1658920033.png
45.133.44.9200 OK 144 kB URL GET HTTP/2 cdn.cloudimagesb.com/cti/7d/00/a0/7d00a008556ebc4e68d1de531274e928/1658920033.png
IP 45.133.44.9:443
ASN #39572 DataWeb Global Group B.V.
Requested by https://mixrootmods.com/?go=88ec7bbe4a25dae9a7645d5cd64e9wApbsCadfEeFlgiHnikaU0xWVRseDdqWXphTCtNQ1F6L2ZDRCtOVzBML1I1cGdHU3FWTERkOS9oaz0=
Certificate IssuerLet's Encrypt
Subjectcdn.cloudimagesb.com
Fingerprint6F:9C:41:9B:BA:6A:17:A2:42:F8:28:FF:ED:09:F8:26:12:F1:4C:7B
ValidityThu, 30 Mar 2023 06:08:09 GMT - Wed, 28 Jun 2023 06:08:08 GMT
File type PNG image data, 300 x 250, 8-bit/color RGBA, non-interlaced\012- data
Size 144 kB (144379 bytes)
Hash 33c304429dc1a4408a96e6a74ffa2feb
c45fa8e65528d1bb2b46bf8a28af9eeaa1903d04
dbed482e5948ead5587d30a22306a5b611305f704de940bd22c76daf90e0a314
GET /cti/7d/00/a0/7d00a008556ebc4e68d1de531274e928/1658920033.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 20 May 2023 10:51:19 GMT
content-type: image/png
content-length: 144379
server: nginx/1.17.6
last-modified: Wed, 27 Jul 2022 11:07:21 GMT
etag: "62e11c69-233fb"
expires: Mon, 22 May 2023 10:51:19 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash ae650ba896cfedeffcd60c834deb96a8
10ead24b19f2d639dd6d7e6f1506b5f13e5012e1
b3ca7e0e6db759e4fdc259ce23f3e26187330cfb5ae323f8c86f358025934ed1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 20 May 2023 10:51:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
142.250.74.98200 OK 47 kB URL GET HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
IP 142.250.74.98:443
Requested by https://mixrootmods.com/?go=88ec7bbe4a25dae9a7645d5cd64e9wApbsCadfEeFlgiHnikaU0xWVRseDdqWXphTCtNQ1F6L2ZDRCtOVzBML1I1cGdHU3FWTERkOS9oaz0=
Certificate IssuerGoogle Trust Services LLC
Subject*.g.doubleclick.net
FingerprintFD:51:D6:58:C0:8D:80:53:41:E1:38:6F:00:65:31:B0:78:F0:65:FD
ValidityMon, 24 Apr 2023 11:56:03 GMT - Mon, 17 Jul 2023 11:56:02 GMT
File type ASCII text, with very long lines (3552)
Hash 8e73c6ba0c8e8daf1579b873e04f9dc6
dd0cadae6187312f83e26633598e4c295c77834d
f1e1fef0c84e8a3fe7028d9f65215585c94c2e99c8798d8482ff10042ea54c59
GET /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mixrootmods.com/
Origin: https://mixrootmods.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 20 May 2023 10:51:19 GMT
expires: Sat, 20 May 2023 10:51:19 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 9947417225150326563
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 47367
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.cloudimagesb.com/cti/46/10/bb/4610bb0e416463bcb8c0f2734436c856/1663334658.png
45.133.44.9200 OK 53 kB URL GET HTTP/2 cdn.cloudimagesb.com/cti/46/10/bb/4610bb0e416463bcb8c0f2734436c856/1663334658.png
IP 45.133.44.9:443
ASN #39572 DataWeb Global Group B.V.
Requested by https://mixrootmods.com/?go=88ec7bbe4a25dae9a7645d5cd64e9wApbsCadfEeFlgiHnikaU0xWVRseDdqWXphTCtNQ1F6L2ZDRCtOVzBML1I1cGdHU3FWTERkOS9oaz0=
Certificate IssuerLet's Encrypt
Subjectcdn.cloudimagesb.com
Fingerprint6F:9C:41:9B:BA:6A:17:A2:42:F8:28:FF:ED:09:F8:26:12:F1:4C:7B
ValidityThu, 30 Mar 2023 06:08:09 GMT - Wed, 28 Jun 2023 06:08:08 GMT
File type PNG image data, 160 x 600, 8-bit/color RGB, non-interlaced\012- data
Hash b8e605a6182426f9ab3b5d20d0355b95
89c5096267beda4d5cd0075c891a79e0aaa42331
8296de11e7edabab825d9ed1df3546fd1769454283f32f696bd1ea0d26836816
GET /cti/46/10/bb/4610bb0e416463bcb8c0f2734436c856/1663334658.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 20 May 2023 10:51:19 GMT
content-type: image/png
content-length: 52855
server: nginx/1.17.6
last-modified: Fri, 16 Sep 2022 13:24:26 GMT
etag: "6324790a-ce77"
expires: Mon, 22 May 2023 10:51:19 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.cloudimagesb.com/cti/46/10/bb/4610bb0e416463bcb8c0f2734436c856/1663334658.png
45.133.44.9200 OK 53 kB URL GET HTTP/2 cdn.cloudimagesb.com/cti/46/10/bb/4610bb0e416463bcb8c0f2734436c856/1663334658.png
IP 45.133.44.9:443
ASN #39572 DataWeb Global Group B.V.
Requested by https://mixrootmods.com/?go=88ec7bbe4a25dae9a7645d5cd64e9wApbsCadfEeFlgiHnikaU0xWVRseDdqWXphTCtNQ1F6L2ZDRCtOVzBML1I1cGdHU3FWTERkOS9oaz0=
Certificate IssuerLet's Encrypt
Subjectcdn.cloudimagesb.com
Fingerprint6F:9C:41:9B:BA:6A:17:A2:42:F8:28:FF:ED:09:F8:26:12:F1:4C:7B
ValidityThu, 30 Mar 2023 06:08:09 GMT - Wed, 28 Jun 2023 06:08:08 GMT
File type PNG image data, 160 x 600, 8-bit/color RGB, non-interlaced\012- data
Hash b8e605a6182426f9ab3b5d20d0355b95
89c5096267beda4d5cd0075c891a79e0aaa42331
8296de11e7edabab825d9ed1df3546fd1769454283f32f696bd1ea0d26836816
GET /cti/46/10/bb/4610bb0e416463bcb8c0f2734436c856/1663334658.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 20 May 2023 10:51:19 GMT
content-type: image/png
content-length: 52855
server: nginx/1.17.6
last-modified: Fri, 16 Sep 2022 13:24:26 GMT
etag: "6324790a-ce77"
expires: Mon, 22 May 2023 10:51:19 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 471 B IP 142.250.74.131:0
Hash ae650ba896cfedeffcd60c834deb96a8
10ead24b19f2d639dd6d7e6f1506b5f13e5012e1
b3ca7e0e6db759e4fdc259ce23f3e26187330cfb5ae323f8c86f358025934ed1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 20 May 2023 10:51:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
mixrootmods.com/cdn-cgi/challenge-platform/h/g/cv/result/7ca406012aae0b51
188.114.96.1200 OK 2 B URL POST HTTP/3 mixrootmods.com/cdn-cgi/challenge-platform/h/g/cv/result/7ca406012aae0b51
IP 188.114.96.1:443
Requested by https://mixrootmods.com/?go=88ec7bbe4a25dae9a7645d5cd64e9wApbsCadfEeFlgiHnikaU0xWVRseDdqWXphTCtNQ1F6L2ZDRCtOVzBML1I1cGdHU3FWTERkOS9oaz0=
Certificate IssuerGoogle Trust Services LLC
Subject*.mixrootmods.com
FingerprintD0:6F:CA:2D:B6:E6:5B:C3:5C:BB:96:27:B7:ED:BD:CE:C8:6A:E5:C2
ValidityThu, 06 Apr 2023 05:18:48 GMT - Wed, 05 Jul 2023 05:18:47 GMT
File type ASCII text, with no line terminators
Hash 444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
POST /cdn-cgi/challenge-platform/h/g/cv/result/7ca406012aae0b51 HTTP/1.1
Host: mixrootmods.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 12552
Origin: https://mixrootmods.com
DNT: 1
Connection: keep-alive
Referer: https://mixrootmods.com/?go=88ec7bbe4a25dae9a7645d5cd64e9wApbsCadfEeFlgiHnikaU0xWVRseDdqWXphTCtNQ1F6L2ZDRCtOVzBML1I1cGdHU3FWTERkOS9oaz0=
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 20 May 2023 10:51:17 GMT
content-type: text/plain; charset=UTF-8
set-cookie: __cf_bm=9PhEkb76V_yyRYTTSlFKgPfjy9869ecHykeS2J6.IyM-1684579877-0-AfhzFKMAL0dIIU01sTqI1jdQcmpr6yCzZHvMU2Yl1CdJ+AamHxr8q/KAXNiHhFzZjHQuWW+JuEOzY83jOJDRG9F7Bn7pCiW6hA89l8eHcIc2; path=/; expires=Sat, 20-May-23 11:21:17 GMT; domain=.mixrootmods.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BojzKMKfyQUv6tqJIiQ2PZ8NlbEY9MEm6iQxgaLTYuuE67%2FobMhAdf0goYxuoUz45qZ7y%2FyPrwAdvIvD3poaXcT3TtzSLSlHCrPVVe02R4CI2oNfKS6D%2B3IxsmKS%2FUslE34%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ca4060c1a1a0b61-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
mixrootmods.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
188.114.96.1200 OK 12 kB URL GET HTTP/3 mixrootmods.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
IP 188.114.96.1:443
Requested by https://mixrootmods.com/?go=88ec7bbe4a25dae9a7645d5cd64e9wApbsCadfEeFlgiHnikaU0xWVRseDdqWXphTCtNQ1F6L2ZDRCtOVzBML1I1cGdHU3FWTERkOS9oaz0=
Certificate IssuerGoogle Trust Services LLC
Subject*.mixrootmods.com
FingerprintD0:6F:CA:2D:B6:E6:5B:C3:5C:BB:96:27:B7:ED:BD:CE:C8:6A:E5:C2
ValidityThu, 06 Apr 2023 05:18:48 GMT - Wed, 05 Jul 2023 05:18:47 GMT
File type ASCII text, with very long lines (12331)
Hash 88a769d2fe35899fd45a332a0a032cc0
514c6c1d8475d17e412849a4c90159517d0fa10a
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
GET /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1
Host: mixrootmods.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mixrootmods.com/?go=88ec7bbe4a25dae9a7645d5cd64e9wApbsCadfEeFlgiHnikaU0xWVRseDdqWXphTCtNQ1F6L2ZDRCtOVzBML1I1cGdHU3FWTERkOS9oaz0=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 20 May 2023 10:51:17 GMT
content-type: application/javascript
last-modified: Thu, 18 May 2023 12:47:19 GMT
etag: W/"64661e57-302c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SDqnSlAaVMQ11FUOkQXaZB9crS%2FR%2FHnGnEz%2F9Qc3NxpNK40ClXMKL3zQFo0X9j56H4v1b9rm%2FKQawF7lkfrUSUdqrMSOzkITuRk%2FrVRv6JS1YD0zkMzzsdtBs1x8jLd2kZA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ca406075e3d0b61-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Mon, 22 May 2023 10:51:17 GMT
cache-control: max-age=172800, public
content-encoding: gzip
ads.holid.io/auto/prebid7.22.js
172.67.205.237200 OK 323 kB URL GET HTTP/2 ads.holid.io/auto/prebid7.22.js
IP 172.67.205.237:443
Requested by https://mixrootmods.com/?go=88ec7bbe4a25dae9a7645d5cd64e9wApbsCadfEeFlgiHnikaU0xWVRseDdqWXphTCtNQ1F6L2ZDRCtOVzBML1I1cGdHU3FWTERkOS9oaz0=
Certificate IssuerGoogle Trust Services LLC
Subject*.holid.io
FingerprintE2:B9:A8:FD:B4:D6:8B:3B:17:05:BB:A0:50:6F:5A:53:30:15:A3:9B
ValidityTue, 11 Apr 2023 02:22:54 GMT - Mon, 10 Jul 2023 02:22:53 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Size 323 kB (322706 bytes)
Hash eb764271dce6ed0f01bcc98495efb00f
f003ccaeb00122e3af7e21cfe5d30a12d60573f7
c91207f2fdaaec84469968f8bf8d7fb19ff9bfbd09d03d125f1be5487149f913
GET /auto/prebid7.22.js HTTP/1.1
Host: ads.holid.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mixrootmods.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 20 May 2023 10:51:19 GMT
content-type: application/javascript
access-control-allow-origin: *
cf-bgj: minify
cf-polished: origSize=323289
etag: W/"635a6d1a-4eed9"
last-modified: Thu, 27 Oct 2022 11:35:54 GMT
vary: Accept-Encoding
cache-control: max-age=1800
cf-cache-status: HIT
age: 3304
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MBxiH3lw2o%2BgSVYnUfhvtStwecNd47wmQUghaLR5WA2qhSLOjzCXLyOVerWqc5TCIvexPWkhck9gOIFQ8G1xAO%2BlNX%2FRw1LGDZWrgur4GnuZ8BdHUb4i5ilQFXRQLrs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ca40613a9010b49-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ads.holid.io/auto/mixrootmods.com/holid.js
172.67.205.237200 OK 38 kB URL GET HTTP/2 ads.holid.io/auto/mixrootmods.com/holid.js
IP 172.67.205.237:443
Requested by https://mixrootmods.com/?go=88ec7bbe4a25dae9a7645d5cd64e9wApbsCadfEeFlgiHnikaU0xWVRseDdqWXphTCtNQ1F6L2ZDRCtOVzBML1I1cGdHU3FWTERkOS9oaz0=
Certificate IssuerGoogle Trust Services LLC
Subject*.holid.io
FingerprintE2:B9:A8:FD:B4:D6:8B:3B:17:05:BB:A0:50:6F:5A:53:30:15:A3:9B
ValidityTue, 11 Apr 2023 02:22:54 GMT - Mon, 10 Jul 2023 02:22:53 GMT
File type ASCII text, with very long lines (27080)
Hash 5e5e72fdc6edeb2a233c8bdb8f83a7cb
e272e65b46d31cb99525724f80271f8d94981fbb
b429dddbe92eefc199c4e2d125972dd1b6725beeade02e6e0ff2fe0a953bf610
GET /auto/mixrootmods.com/holid.js HTTP/1.1
Host: ads.holid.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mixrootmods.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 20 May 2023 10:51:17 GMT
content-type: application/javascript
access-control-allow-origin: *
cf-bgj: minify
cf-polished: origSize=81188
etag: W/"6405305b-13d24"
last-modified: Mon, 06 Mar 2023 00:14:19 GMT
vary: Accept-Encoding
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hJWqH8RtKhC31c2QRwTg1by1QWFOdw2jBeKO2bll8LX44NnZ1BngyfrHB04F1xh5BTTzVMQNX%2B53s7bLCx%2FzbFgonzzvjb3fVV3E5JqInG0e%2BgIxFxiNZxxtvd%2Be7U4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ca40609b81c0b49-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
mixrootmods.com/cdn-cgi/challenge-platform/h/g/scripts/pica.js
188.114.96.1200 OK 5.7 kB URL GET HTTP/3 mixrootmods.com/cdn-cgi/challenge-platform/h/g/scripts/pica.js
IP 188.114.96.1:443
Requested by https://mixrootmods.com/?go=88ec7bbe4a25dae9a7645d5cd64e9wApbsCadfEeFlgiHnikaU0xWVRseDdqWXphTCtNQ1F6L2ZDRCtOVzBML1I1cGdHU3FWTERkOS9oaz0=
Certificate IssuerGoogle Trust Services LLC
Subject*.mixrootmods.com
FingerprintD0:6F:CA:2D:B6:E6:5B:C3:5C:BB:96:27:B7:ED:BD:CE:C8:6A:E5:C2
ValidityThu, 06 Apr 2023 05:18:48 GMT - Wed, 05 Jul 2023 05:18:47 GMT
File type ASCII text, with very long lines (5720), with no line terminators
Hash 0b86df7315cac98183bfc1138d306d11
a66ebd01e49b528f46600e96cfa52dec37a7e0b1
f32262e121cb7285d4ae2bf7fb06bea27f0acdbc7d71b4479131f6861907264e
GET /cdn-cgi/challenge-platform/h/g/scripts/pica.js HTTP/1.1
Host: mixrootmods.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mixrootmods.com/?go=88ec7bbe4a25dae9a7645d5cd64e9wApbsCadfEeFlgiHnikaU0xWVRseDdqWXphTCtNQ1F6L2ZDRCtOVzBML1I1cGdHU3FWTERkOS9oaz0=
Sec-Fetch-Dest: worker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 20 May 2023 10:51:17 GMT
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
vary: accept-encoding
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IEQ9wajCpDOG0HQuGLxh8O2hbDvtWJ6fteeyMLtaFrOBvaaTbYFle%2BvtUTaSFFZeXuI02hOoFoPt6oNGBiTn2Z4zDIzkETMdtlbItvkMaDzJ8sz9sCGS6XRpVQfBGQ%2FaGWM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ca4060a88db0b61-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
mixrootmods.com/cdn-cgi/challenge-platform/scripts/invisible.js
188.114.96.1302 Found 24 kB URL GET HTTP/3 mixrootmods.com/cdn-cgi/challenge-platform/scripts/invisible.js
IP 188.114.96.1:443
Requested by https://mixrootmods.com/?go=88ec7bbe4a25dae9a7645d5cd64e9wApbsCadfEeFlgiHnikaU0xWVRseDdqWXphTCtNQ1F6L2ZDRCtOVzBML1I1cGdHU3FWTERkOS9oaz0=
Certificate IssuerGoogle Trust Services LLC
Subject*.mixrootmods.com
FingerprintD0:6F:CA:2D:B6:E6:5B:C3:5C:BB:96:27:B7:ED:BD:CE:C8:6A:E5:C2
ValidityThu, 06 Apr 2023 05:18:48 GMT - Wed, 05 Jul 2023 05:18:47 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cdn-cgi/challenge-platform/scripts/invisible.js HTTP/1.1
Host: mixrootmods.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=9PhEkb76V_yyRYTTSlFKgPfjy9869ecHykeS2J6.IyM-1684579877-0-AfhzFKMAL0dIIU01sTqI1jdQcmpr6yCzZHvMU2Yl1CdJ+AamHxr8q/KAXNiHhFzZjHQuWW+JuEOzY83jOJDRG9F7Bn7pCiW6hA89l8eHcIc2; _ga_9RG3KFK1NE=GS1.1.1684579874.1.0.1684579874.0.0.0; _ga=GA1.1.73151785.1684579874; dom3ic8zudi28v8lr6fgphwffqoz0j6c=d81658ae-403f-4b67-a998-f9c1cc010cfc%3A1%3A1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 302 Found
date: Sat, 20 May 2023 10:51:19 GMT
vary: accept-encoding
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/7fe8adc8/invisible.js
access-control-allow-origin: *
cache-control: max-age=300, public
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F7j1ybzAphoMFsb2V9WvVu%2FnqvS%2FtvwAVXOx9R6xFfxWhEQA4Z1bY6WLSx37K2%2B%2FwyWmowoeK%2B9lvhqZMmn9N%2F5AYTpxsF%2FYhZxT8XobuYVpYTeND22Mlez2serfQumKYO0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ca40613f8f00b61-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
mixrootmods.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/7fe8adc8/invisible.js
188.114.96.1200 OK 26 kB URL GET HTTP/3 mixrootmods.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/7fe8adc8/invisible.js
IP 188.114.96.1:443
Requested by https://mixrootmods.com/?go=88ec7bbe4a25dae9a7645d5cd64e9wApbsCadfEeFlgiHnikaU0xWVRseDdqWXphTCtNQ1F6L2ZDRCtOVzBML1I1cGdHU3FWTERkOS9oaz0=
Certificate IssuerGoogle Trust Services LLC
Subject*.mixrootmods.com
FingerprintD0:6F:CA:2D:B6:E6:5B:C3:5C:BB:96:27:B7:ED:BD:CE:C8:6A:E5:C2
ValidityThu, 06 Apr 2023 05:18:48 GMT - Wed, 05 Jul 2023 05:18:47 GMT
File type ASCII text, with very long lines (26305), with no line terminators
Hash 998aaf4e19c23a86a50dafdf53b0a260
46ab208e0de211437009e91f979901e9482ac29c
fb6e69918eaa163edc427ddc5b3a760be0adf693a3bb26eef424a46e9a939c34
GET /cdn-cgi/challenge-platform/h/g/scripts/jsd/7fe8adc8/invisible.js HTTP/1.1
Host: mixrootmods.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 20 May 2023 10:51:17 GMT
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
vary: accept-encoding
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z8KbtYG4ccLYeUqSbam8%2FP4OSEBujcHG5HNjfWLrd%2BnLs6UNuSMhr7K7t8dMbz1TEN40FFoL1OKk3%2BmHWf3RV%2Fb9I3R8iI1J0MbBET20K6ygqK%2ByZaXYKOgHmHMwe9vq0g4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ca4060998140b61-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
www.googletagmanager.com/gtag/js?id=G-9RG3KFK1NE
142.250.74.168200 OK 251 kB URL GET HTTP/2 www.googletagmanager.com/gtag/js?id=G-9RG3KFK1NE
IP 142.250.74.168:443
Requested by https://mixrootmods.com/?go=88ec7bbe4a25dae9a7645d5cd64e9wApbsCadfEeFlgiHnikaU0xWVRseDdqWXphTCtNQ1F6L2ZDRCtOVzBML1I1cGdHU3FWTERkOS9oaz0=
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint55:51:32:58:36:72:A1:C8:50:5E:5A:8D:CE:A5:2F:DC:D7:1E:62:03
ValidityMon, 24 Apr 2023 11:56:06 GMT - Mon, 17 Jul 2023 11:56:05 GMT
File type ASCII text, with very long lines (4509)
Size 251 kB (251362 bytes)
Hash 03c14a49f892b6b5f2cab889da4f047b
54d0ab7d18cb0803ce9564162d272181c431eccc
40c77e4d0ba7213e6729ab88268ae26f631d04474fbff6de50f65abb4904fea4
GET /gtag/js?id=G-9RG3KFK1NE HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mixrootmods.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 20 May 2023 10:51:17 GMT
expires: Sat, 20 May 2023 10:51:17 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 85339
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
mixrootmods.com/cdn-cgi/challenge-platform/scripts/invisible.js
188.114.96.1302 Found 26 kB URL GET HTTP/3 mixrootmods.com/cdn-cgi/challenge-platform/scripts/invisible.js
IP 188.114.96.1:443
Requested by https://mixrootmods.com/?go=88ec7bbe4a25dae9a7645d5cd64e9wApbsCadfEeFlgiHnikaU0xWVRseDdqWXphTCtNQ1F6L2ZDRCtOVzBML1I1cGdHU3FWTERkOS9oaz0=
Certificate IssuerGoogle Trust Services LLC
Subject*.mixrootmods.com
FingerprintD0:6F:CA:2D:B6:E6:5B:C3:5C:BB:96:27:B7:ED:BD:CE:C8:6A:E5:C2
ValidityThu, 06 Apr 2023 05:18:48 GMT - Wed, 05 Jul 2023 05:18:47 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cdn-cgi/challenge-platform/scripts/invisible.js HTTP/1.1
Host: mixrootmods.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 302 Found
date: Sat, 20 May 2023 10:51:17 GMT
cache-control: max-age=300, public
vary: accept-encoding
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/7fe8adc8/invisible.js
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OUdSw57xY2S9NGjpH5yxTDs3eZtRHFYhOM1teQi304qUI3ZM2%2BBUXeAivsW2muhJIJIynawZFg5D%2FWPyNaNMuQv8IYWMYuEsX2A4PFsp%2F1fhpiW91hM7PxTbV%2FiwSIEHWs0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ca4060978040b61-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
fonts.googleapis.com/css2?family=Open+Sans&display=swap
142.250.74.106200 OK 3.1 kB URL GET HTTP/2 fonts.googleapis.com/css2?family=Open+Sans&display=swap
IP 142.250.74.106:443
Requested by https://mixrootmods.com/?go=88ec7bbe4a25dae9a7645d5cd64e9wApbsCadfEeFlgiHnikaU0xWVRseDdqWXphTCtNQ1F6L2ZDRCtOVzBML1I1cGdHU3FWTERkOS9oaz0=
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint9B:D0:53:C4:55:9D:41:A4:94:03:4A:2B:6A:5B:57:EB:EB:A5:F0:4A
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT
File type ASCII text, with very long lines (3151), with no line terminators
Hash 65be645896a456a2d369235c47abcd24
fcf73506c6d84d7defdcead966c668b525628c27
02008ffca5b399a0451bed22a5baab6d90da246043b89f68f7aaaef4dec15726
GET /css2?family=Open+Sans&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mixrootmods.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 20 May 2023 10:51:17 GMT
date: Sat, 20 May 2023 10:51:17 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ads.holid.io/auto/mixrootmods.com/holid.js
172.67.205.237200 OK 38 kB URL GET HTTP/2 ads.holid.io/auto/mixrootmods.com/holid.js
IP 172.67.205.237:443
Requested by https://mixrootmods.com/?go=88ec7bbe4a25dae9a7645d5cd64e9wApbsCadfEeFlgiHnikaU0xWVRseDdqWXphTCtNQ1F6L2ZDRCtOVzBML1I1cGdHU3FWTERkOS9oaz0=
Certificate IssuerGoogle Trust Services LLC
Subject*.holid.io
FingerprintE2:B9:A8:FD:B4:D6:8B:3B:17:05:BB:A0:50:6F:5A:53:30:15:A3:9B
ValidityTue, 11 Apr 2023 02:22:54 GMT - Mon, 10 Jul 2023 02:22:53 GMT
File type ASCII text, with very long lines (27080)
Hash 5e5e72fdc6edeb2a233c8bdb8f83a7cb
e272e65b46d31cb99525724f80271f8d94981fbb
b429dddbe92eefc199c4e2d125972dd1b6725beeade02e6e0ff2fe0a953bf610
GET /auto/mixrootmods.com/holid.js HTTP/1.1
Host: ads.holid.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mixrootmods.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 20 May 2023 10:51:19 GMT
content-type: application/javascript
access-control-allow-origin: *
cf-bgj: minify
cf-polished: origSize=81188
etag: W/"6405305b-13d24"
last-modified: Mon, 06 Mar 2023 00:14:19 GMT
vary: Accept-Encoding
cache-control: max-age=1800
cf-cache-status: HIT
age: 2
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I7sY%2BB3EJSs3dZgHOtO2pm%2FGXihIhfP2%2Bg4HSVEADRyh%2FM8DGhkSEYdOoVMpXpsV9Rnboz1nC6hCOhZKGxh4htCsEnUmKxgj5NjC4Apu6pHyqkSXt%2BOwBjFAoOa%2F3ZM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ca40613c9110b49-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
mixrootmods.com/cdn-cgi/challenge-platform/h/g/cv/result/7ca406012aae0b51
188.114.96.1200 OK 2 B URL POST HTTP/3 mixrootmods.com/cdn-cgi/challenge-platform/h/g/cv/result/7ca406012aae0b51
IP 188.114.96.1:443
Requested by https://mixrootmods.com/?go=88ec7bbe4a25dae9a7645d5cd64e9wApbsCadfEeFlgiHnikaU0xWVRseDdqWXphTCtNQ1F6L2ZDRCtOVzBML1I1cGdHU3FWTERkOS9oaz0=
Certificate IssuerGoogle Trust Services LLC
Subject*.mixrootmods.com
FingerprintD0:6F:CA:2D:B6:E6:5B:C3:5C:BB:96:27:B7:ED:BD:CE:C8:6A:E5:C2
ValidityThu, 06 Apr 2023 05:18:48 GMT - Wed, 05 Jul 2023 05:18:47 GMT
File type ASCII text, with no line terminators
Hash 444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
POST /cdn-cgi/challenge-platform/h/g/cv/result/7ca406012aae0b51 HTTP/1.1
Host: mixrootmods.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 12554
Origin: https://mixrootmods.com
DNT: 1
Connection: keep-alive
Referer: https://mixrootmods.com/?go=88ec7bbe4a25dae9a7645d5cd64e9wApbsCadfEeFlgiHnikaU0xWVRseDdqWXphTCtNQ1F6L2ZDRCtOVzBML1I1cGdHU3FWTERkOS9oaz0=
Cookie: __cf_bm=9PhEkb76V_yyRYTTSlFKgPfjy9869ecHykeS2J6.IyM-1684579877-0-AfhzFKMAL0dIIU01sTqI1jdQcmpr6yCzZHvMU2Yl1CdJ+AamHxr8q/KAXNiHhFzZjHQuWW+JuEOzY83jOJDRG9F7Bn7pCiW6hA89l8eHcIc2; _ga_9RG3KFK1NE=GS1.1.1684579874.1.0.1684579874.0.0.0; _ga=GA1.1.73151785.1684579874; dom3ic8zudi28v8lr6fgphwffqoz0j6c=d81658ae-403f-4b67-a998-f9c1cc010cfc%3A1%3A1; _pbjs_userid_consent_data=3524755945110770
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 20 May 2023 10:51:19 GMT
content-type: text/plain; charset=UTF-8
set-cookie: __cf_bm=E5WNnFN6zXfbDhW5p4nHveIOLw9uev82kOaxe5cFC6w-1684579879-0-AY6ESCZF/Q9p03Ai7i1zhRiV9CR8Xt95dmYUUIQ0nOfwAX8XKL6Ym3zfczmSvu33mw+AVdeSFLk5XPvNvuo6uc9tM4q19FRGmjWhMY2YepSH; path=/; expires=Sat, 20-May-23 11:21:19 GMT; domain=.mixrootmods.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g1yTVf9s4bEM%2BO%2F%2BuklTyF8m1SxWh97nC9R5LkMmU3Tk1d0NCL7q%2FctkqwzJRFlgEPYYsDuhdKHBnCAYoWd4zoKK16w%2BYIMZkFA2PJWN7yF8V3F4UMMWKegTP2NlIY3qIm0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ca406170c0c0b61-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
files.technicalatg.com/97xeVhEGr
188.114.96.1302 Found 36 kB URL User Request GET HTTP/2 files.technicalatg.com/97xeVhEGr
IP 188.114.96.1:443
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint14:16:B2:1A:D4:C5:6A:4D:D0:29:B5:7B:76:E0:BE:C1:32:AB:CB:16
ValidityThu, 02 Feb 2023 00:00:00 GMT - Thu, 01 Feb 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /97xeVhEGr HTTP/1.1
Host: files.technicalatg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Sat, 20 May 2023 10:51:15 GMT
content-type: text/html; charset=UTF-8
location: https://mixrootmods.com/?go=88ec7bbe4a25dae9a7645d5cd64e9wApbsCadfEeFlgiHnikaU0xWVRseDdqWXphTCtNQ1F6L2ZDRCtOVzBML1I1cGdHU3FWTERkOS9oaz0=
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, no-store, must-revalidate, max-age=0
x-litespeed-cache: hit
vary: User-Agent,User-Agent
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XBJGyLMB5Jxmfi9PZ39OKm344wU81cGmH9XCmmzvZ4pnc6dis0Ig9iYohV7W8Rs2bFafmsU7ls3GmjCuwANXr69odmPkZ7eS94vtD9mNXX3nbAJzUnIEUkRO4Dj%2FrN1KkLt7qD%2FlhexR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ca405fbadb2b4f4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
mixrootmods.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/7fe8adc8/invisible.js
188.114.96.1200 OK 24 kB URL GET HTTP/3 mixrootmods.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/7fe8adc8/invisible.js
IP 188.114.96.1:443
Requested by https://mixrootmods.com/?go=88ec7bbe4a25dae9a7645d5cd64e9wApbsCadfEeFlgiHnikaU0xWVRseDdqWXphTCtNQ1F6L2ZDRCtOVzBML1I1cGdHU3FWTERkOS9oaz0=
Certificate IssuerGoogle Trust Services LLC
Subject*.mixrootmods.com
FingerprintD0:6F:CA:2D:B6:E6:5B:C3:5C:BB:96:27:B7:ED:BD:CE:C8:6A:E5:C2
ValidityThu, 06 Apr 2023 05:18:48 GMT - Wed, 05 Jul 2023 05:18:47 GMT
File type ASCII text, with very long lines (23891), with no line terminators
Hash 5bca925acc93c56227104fd18b685389
66f025692932fb8afe5ac74fb3c5270beb88bbb4
0965171acfd9c91d9f0589bbf17378230027532c4d62daca50cf292c18b6e04b
GET /cdn-cgi/challenge-platform/h/g/scripts/jsd/7fe8adc8/invisible.js HTTP/1.1
Host: mixrootmods.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=9PhEkb76V_yyRYTTSlFKgPfjy9869ecHykeS2J6.IyM-1684579877-0-AfhzFKMAL0dIIU01sTqI1jdQcmpr6yCzZHvMU2Yl1CdJ+AamHxr8q/KAXNiHhFzZjHQuWW+JuEOzY83jOJDRG9F7Bn7pCiW6hA89l8eHcIc2; _ga_9RG3KFK1NE=GS1.1.1684579874.1.0.1684579874.0.0.0; _ga=GA1.1.73151785.1684579874; dom3ic8zudi28v8lr6fgphwffqoz0j6c=d81658ae-403f-4b67-a998-f9c1cc010cfc%3A1%3A1; _pbjs_userid_consent_data=3524755945110770
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 20 May 2023 10:51:19 GMT
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
vary: accept-encoding
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uzQgg093phrz%2F5AFyoRolue03WwYjfNAA35vbWwDQZVHMAUdkcJYqAnQxefkdU7jxaR%2FBPZ2jTsp5HRi4pOXCCfw2N3yWB%2BMmUpZA8RmwItHlLDj5HGNwPfqbrF3kYD6vUE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ca406153a740b61-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
mixrootmods.com/cdn-cgi/challenge-platform/h/g/scripts/pica.js
188.114.96.1200 OK 5.7 kB URL GET HTTP/3 mixrootmods.com/cdn-cgi/challenge-platform/h/g/scripts/pica.js
IP 188.114.96.1:443
Requested by https://mixrootmods.com/?go=88ec7bbe4a25dae9a7645d5cd64e9wApbsCadfEeFlgiHnikaU0xWVRseDdqWXphTCtNQ1F6L2ZDRCtOVzBML1I1cGdHU3FWTERkOS9oaz0=
Certificate IssuerGoogle Trust Services LLC
Subject*.mixrootmods.com
FingerprintD0:6F:CA:2D:B6:E6:5B:C3:5C:BB:96:27:B7:ED:BD:CE:C8:6A:E5:C2
ValidityThu, 06 Apr 2023 05:18:48 GMT - Wed, 05 Jul 2023 05:18:47 GMT
File type ASCII text, with very long lines (5682), with no line terminators
Hash 9854884284e8b39f57e9b746f7b80ed1
964c49a2ded5bde0d031dbc221a74ed194b9a30b
97c148392718ef8237181848d860251e4ee9c9dad9d04993a4cc6182824c2ee4
GET /cdn-cgi/challenge-platform/h/g/scripts/pica.js HTTP/1.1
Host: mixrootmods.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mixrootmods.com/?go=88ec7bbe4a25dae9a7645d5cd64e9wApbsCadfEeFlgiHnikaU0xWVRseDdqWXphTCtNQ1F6L2ZDRCtOVzBML1I1cGdHU3FWTERkOS9oaz0=
Cookie: __cf_bm=9PhEkb76V_yyRYTTSlFKgPfjy9869ecHykeS2J6.IyM-1684579877-0-AfhzFKMAL0dIIU01sTqI1jdQcmpr6yCzZHvMU2Yl1CdJ+AamHxr8q/KAXNiHhFzZjHQuWW+JuEOzY83jOJDRG9F7Bn7pCiW6hA89l8eHcIc2; _ga_9RG3KFK1NE=GS1.1.1684579874.1.0.1684579874.0.0.0; _ga=GA1.1.73151785.1684579874; dom3ic8zudi28v8lr6fgphwffqoz0j6c=d81658ae-403f-4b67-a998-f9c1cc010cfc%3A1%3A1; _pbjs_userid_consent_data=3524755945110770
Sec-Fetch-Dest: worker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 20 May 2023 10:51:19 GMT
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
vary: accept-encoding
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oNDM2%2BZW8DKf%2B2A2DmvMFIcRP958Nw7t0Lm8w7%2Bz1qxxz%2BNbb5o%2BeKd23cZdmfsIqudMttDCphWebiNAqBJPxVgVN9uAjVWu1%2FPfMq439aCzqETdLIXLdqJ4cC6%2BcMKu0jM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ca406157aa70b61-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
mixrootmods.com/wp-content/plugins/wp-safelink/assets/safelink-detector.js
188.114.96.1301 Moved Permanently 121 kB URL GET HTTP/3 mixrootmods.com/wp-content/plugins/wp-safelink/assets/safelink-detector.js
IP 188.114.96.1:443
Requested by https://mixrootmods.com/?go=88ec7bbe4a25dae9a7645d5cd64e9wApbsCadfEeFlgiHnikaU0xWVRseDdqWXphTCtNQ1F6L2ZDRCtOVzBML1I1cGdHU3FWTERkOS9oaz0=
Certificate IssuerGoogle Trust Services LLC
Subject*.mixrootmods.com
FingerprintD0:6F:CA:2D:B6:E6:5B:C3:5C:BB:96:27:B7:ED:BD:CE:C8:6A:E5:C2
ValidityThu, 06 Apr 2023 05:18:48 GMT - Wed, 05 Jul 2023 05:18:47 GMT
Size 121 kB (121280 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /wp-content/plugins/wp-safelink/assets/safelink-detector.js HTTP/1.1
Host: mixrootmods.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mixrootmods.com/?go=88ec7bbe4a25dae9a7645d5cd64e9wApbsCadfEeFlgiHnikaU0xWVRseDdqWXphTCtNQ1F6L2ZDRCtOVzBML1I1cGdHU3FWTERkOS9oaz0=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 301 Moved Permanently
date: Sat, 20 May 2023 10:51:18 GMT
content-type: text/html; charset=UTF-8
location: https://mixrootmods.com
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: max-age=14400, must-revalidate
x-ua-compatible: IE=edge
x-redirect-by: Rank Math
vary: User-Agent,User-Agent, Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ith2pbHrTZ4FOVh5SL8xkV9AFRq1pDqBV5Pg8JRE3kHDkAw72jsuzutuxv9XzDwRpRC%2Fo1oeYKx6md4zARdoeporXLVwqqc6kGeGij5r%2FW5sN77DWxBl6PKJ3JAVdn41w5U%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ca406093fda0b61-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
mixrootmods.com/favicon.ico
188.114.96.1404 Not Found 1.2 kB URL GET HTTP/3 mixrootmods.com/favicon.ico
IP 188.114.96.1:443
Requested by https://mixrootmods.com/?go=88ec7bbe4a25dae9a7645d5cd64e9wApbsCadfEeFlgiHnikaU0xWVRseDdqWXphTCtNQ1F6L2ZDRCtOVzBML1I1cGdHU3FWTERkOS9oaz0=
Certificate IssuerGoogle Trust Services LLC
Subject*.mixrootmods.com
FingerprintD0:6F:CA:2D:B6:E6:5B:C3:5C:BB:96:27:B7:ED:BD:CE:C8:6A:E5:C2
ValidityThu, 06 Apr 2023 05:18:48 GMT - Wed, 05 Jul 2023 05:18:47 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1261), with no line terminators
Hash e115d0eada02ecd8e3e87b1897e15677
a2f12dfb4e1b32a0b5e1054842f7ade8fa4fa7ee
0ac055079ff3c4066f1cdb86c9b47210fa130bd0e9a9d7461f5cd4104a59b6cd
GET /favicon.ico HTTP/1.1
Host: mixrootmods.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mixrootmods.com/?go=88ec7bbe4a25dae9a7645d5cd64e9wApbsCadfEeFlgiHnikaU0xWVRseDdqWXphTCtNQ1F6L2ZDRCtOVzBML1I1cGdHU3FWTERkOS9oaz0=
Cookie: __cf_bm=9PhEkb76V_yyRYTTSlFKgPfjy9869ecHykeS2J6.IyM-1684579877-0-AfhzFKMAL0dIIU01sTqI1jdQcmpr6yCzZHvMU2Yl1CdJ+AamHxr8q/KAXNiHhFzZjHQuWW+JuEOzY83jOJDRG9F7Bn7pCiW6hA89l8eHcIc2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Sat, 20 May 2023 10:51:18 GMT
content-type: text/html
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
vary: User-Agent,User-Agent, Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nUccA4aLqUAdAulmvcadgvAX%2BGM%2Fp5AaMycSBe8Bt8vLkpkGak2hb49j4f%2BiQECVpALqt4TDaNArRaI%2FDY97QoVieeTi%2BWxIPdcTgCZx8ApRpaqeeMEcO9TivofhIaCosWo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ca4060edc920b61-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
lwadm.com/ad
3.123.155.16200 OK 1.5 kB IP 3.123.155.16:443
Requested by https://mixrootmods.com/?go=88ec7bbe4a25dae9a7645d5cd64e9wApbsCadfEeFlgiHnikaU0xWVRseDdqWXphTCtNQ1F6L2ZDRCtOVzBML1I1cGdHU3FWTERkOS9oaz0=
Certificate IssuerAmazon
Subjectlwadm.com
FingerprintE9:5C:4E:33:0C:52:C9:39:BF:F3:2B:00:AA:D6:E6:7E:14:4A:EE:1C
ValidityThu, 09 Feb 2023 00:00:00 GMT - Sun, 14 Jan 2024 23:59:59 GMT
File type troff or preprocessor input, ASCII text, with very long lines (1620), with no line terminators
Hash da592f496e8bfc9b6b102421c6233baa
292807c9dcee1b4a5783deaaef3e78da42ec70b8
bae4f5c2ccbdacc16b8025faa559b850835f06a66185d1f5282f344c85c8237c
POST /ad HTTP/1.1
Host: lwadm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 2335
Origin: https://mixrootmods.com
DNT: 1
Connection: keep-alive
Referer: https://mixrootmods.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 20 May 2023 10:51:19 GMT
content-type: application/json; charset=utf-8
cache-control: no-cache,no-store,max-age=0,must-revalidate,private
content-encoding: gzip
vary: Accept-Encoding
server: Microsoft-IIS/10.0
access-control-allow-origin: https://mixrootmods.com
set-cookie: uid=9b027e4f-08b0-4d00-a206-b5807b12294a; expires=Mon, 19 Jun 2023 10:51:19 GMT; path=/; secure; samesite=none
x-powered-by: ASP.NET
access-control-allow-credentials: true
X-Firefox-Spdy: h2