www.ofhub.xyz/2023/02/100-rare-models-pack-2tb.html
172.217.21.179301 Moved Permanently 202 B URL HTTP/1.1 www.ofhub.xyz/2023/02/100-rare-models-pack-2tb.html
IP 172.217.21.179:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash d10a9f9a386be41f001d6d6180821373
725dfee1c7b453d00747999ee01061adfc1b0b00
366bc8d5f2e0566fb1cfd1c1b8c111ef7562ece5421b973cf06688801a22021d
GET /2023/02/100-rare-models-pack-2tb.html HTTP/1.1
Host: www.ofhub.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Location: https://www.ofhub.xyz/2023/02/100-rare-models-pack-2tb.html
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Sun, 05 Feb 2023 21:49:02 GMT
Expires: Sun, 05 Feb 2023 21:49:02 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 202
Server: GSE
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c21ba65e44ac95470c314e068e49a9eb
17a13b13738993d889d4afa3d848dc63bf6eba64
9bd0795b30e84ce63b6e2a365ca91bbffc395dd955e112152066c31e63a4ab66
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9BD0795B30E84CE63B6E2A365CA91BBFFC395DD955E112152066C31E63A4AB66"
Last-Modified: Sat, 04 Feb 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14289
Expires: Mon, 06 Feb 2023 01:47:11 GMT
Date: Sun, 05 Feb 2023 21:49:02 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 507011ccb9124dcd57e84a90a0965cc4
1a6575d0ac979c7184490cc9836ac4812ad2afd1
01626c18e1e68507aa33ef7448dbc3311901ab6f29adc2f51d449409b0680dce
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "01626C18E1E68507AA33EF7448DBC3311901AB6F29ADC2F51D449409B0680DCE"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5593
Expires: Sun, 05 Feb 2023 23:22:15 GMT
Date: Sun, 05 Feb 2023 21:49:02 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Alert, Retry-After, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 05 Feb 2023 21:46:39 GMT
content-type: application/json
age: 143
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash fb7b6b46e708ad73eaaa3c21e74569ae
950663c025acad81556af5aa3022ecc9d55097fe
763f58b9fb838378c92033b59907b036f4c33081f5103d9bcc2ca2a8de500d64
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "763F58B9FB838378C92033B59907B036F4C33081F5103D9BCC2CA2A8DE500D64"
Last-Modified: Sat, 04 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2592
Expires: Sun, 05 Feb 2023 22:32:14 GMT
Date: Sun, 05 Feb 2023 21:49:02 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: uFNmAo6NYiRYX/EpTGYDyOkvYkBAkFY3VTIGQyGcUTcYV52XCfwa1gNy+dM8aPuSLkRF/UwtM6w=
x-amz-request-id: A3FY39GPNTSJGN2V
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 05 Feb 2023 20:53:26 GMT
age: 3336
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 21:49:02 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/t0mx2PoYmgY
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/t0mx2PoYmgY
IP 142.250.74.131:0
Hash 1d29e4c5bfda3ec88011870d6254bb33
9a996ba3dad29af710ae3a190553dd3f8db2b191
51a3664b7f17e177fb99955345b7d0f8b892bc4d1ba83e3574cd6af5030c22c8
POST /s/gts1d4/t0mx2PoYmgY HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 21:49:02 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Content-Type, ETag, Last-Modified, Alert, Retry-After, Content-Length, Cache-Control, Pragma, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 05 Feb 2023 21:07:20 GMT
age: 2502
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dedf9c519ac38c4bece9c5bc895787d7
4911175c3f8a435978c5301c33c7a99a5e00a1d5
bddd7e3a4939f863642a7c5348c1c8b9bc569b35c10a27f4cf5ec71f7e6b9698
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BDDD7E3A4939F863642A7C5348C1C8B9BC569B35C10A27F4CF5EC71F7E6B9698"
Last-Modified: Fri, 03 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5053
Expires: Sun, 05 Feb 2023 23:13:15 GMT
Date: Sun, 05 Feb 2023 21:49:02 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 808b9f9f33689e93232390b1e15ac840
776881e1e43b8c6e6377023d9e7001181926be19
fcee613925ae1d46b4908cf98e6a806f06924a58fa986e943330e359ed71f72b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5907
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 21:49:03 GMT
Last-Modified: Sun, 05 Feb 2023 20:10:36 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 26a15a1b880ec1026360b696b1c27074
fd35f80a1cf599da2a8e68a44477465a580440a5
a6d5caec988319523c120bc435a4ff0200b7ead114db10db19a09caeace978f7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 21:49:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.ofhub.xyz/2023/02/100-rare-models-pack-2tb.html
172.217.21.179200 OK 69 kB URL HTTP/2 www.ofhub.xyz/2023/02/100-rare-models-pack-2tb.html
IP 172.217.21.179:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2940)
Hash 3418b61af9041410fc6bcb12e95d3bb7
73768d5f61e42d25d318340bb7d963b55566c70f
4d61ee271cb6e17f1025b2fe50e695d9c88a0271b66adfd68d731e10d013b7ae
GET /2023/02/100-rare-models-pack-2tb.html HTTP/1.1
Host: www.ofhub.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
expires: Sun, 05 Feb 2023 21:49:02 GMT
date: Sun, 05 Feb 2023 21:49:02 GMT
cache-control: private, max-age=0
last-modified: Sat, 04 Feb 2023 20:00:32 GMT
etag: W/"4b1af8b983ccfcbd0be999debd66fa2715b67a37a482e9e5797fc7d409efecb4"
x-robots-tag: all,noodp
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 69084
server: GSE
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 26a15a1b880ec1026360b696b1c27074
fd35f80a1cf599da2a8e68a44477465a580440a5
a6d5caec988319523c120bc435a4ff0200b7ead114db10db19a09caeace978f7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 21:49:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 26a15a1b880ec1026360b696b1c27074
fd35f80a1cf599da2a8e68a44477465a580440a5
a6d5caec988319523c120bc435a4ff0200b7ead114db10db19a09caeace978f7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 21:49:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 6630148a03da2d4ccf19993f0fefd44c
2c747b9bc89b4240ad4340b31b993e3d947d1e5a
68c252a328d6f8dbea1935f3a4a950fb02969e70aabfff9853add357f76ecd4f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5319
Cache-Control: max-age=86681
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 21:49:03 GMT
Etag: "63debf21-117"
Expires: Mon, 06 Feb 2023 21:53:44 GMT
Last-Modified: Sat, 04 Feb 2023 20:25:05 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 279
www.ofhub.xyz/js/cookienotice.js
172.217.21.179200 OK 2.0 kB URL HTTP/2 www.ofhub.xyz/js/cookienotice.js
IP 172.217.21.179:0
Hash c4e1ed83d89245089b8a1203be20a377
f3940e1215b89300ef97d57a25993f25243b8688
afa801a129ff6fc98533118275db8a7d4a38fc91f8ab55ed4c19b864255e68d2
GET /js/cookienotice.js HTTP/1.1
Host: www.ofhub.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ofhub.xyz/2023/02/100-rare-models-pack-2tb.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 2026
date: Sun, 05 Feb 2023 21:49:03 GMT
expires: Sun, 12 Feb 2023 21:49:03 GMT
cache-control: public, max-age=604800
last-modified: Sat, 04 Feb 2023 22:55:53 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
X-Firefox-Spdy: h2
push.services.mozilla.com/
35.160.32.147101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.160.32.147:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Q1mErAB96nSMW35zNX6BgA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 9KWXd4YFpghqCNH0k431/cmH7OU=
ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
142.250.74.106200 OK 31 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js
IP 142.250.74.106:0
File type ASCII text, with very long lines (65451)
Hash 81182f4b684635f6bdcbdd907ee66f25
a1f2f151df72ede41397c8131bd47a3ce85575b3
be40946c98d9a78a3c7c9ad097d379ab12549a195bd7a4766919a1d3fd987396
GET /ajax/libs/jquery/3.4.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ofhub.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30774
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 04 Feb 2023 00:57:21 GMT
expires: Sun, 04 Feb 2024 00:57:21 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 161502
last-modified: Mon, 13 May 2019 14:37:17 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 6630148a03da2d4ccf19993f0fefd44c
2c747b9bc89b4240ad4340b31b993e3d947d1e5a
68c252a328d6f8dbea1935f3a4a950fb02969e70aabfff9853add357f76ecd4f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5319
Cache-Control: max-age=86681
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 21:49:03 GMT
Etag: "63debf21-117"
Expires: Mon, 06 Feb 2023 21:53:44 GMT
Last-Modified: Sat, 04 Feb 2023 20:25:05 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 008ec668ac16e8385e24d1ffdd321745
040bf9b4c9248e4d05da2b69bdf3ed83c3c0452d
60a69a8456882f4f9261e3fe2f10bd9d114d41784f4d997872521adcd088ae23
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 21:49:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.2/css/fontawesome.min.css
104.17.24.14200 OK 10 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.2/css/fontawesome.min.css
IP 104.17.24.14:0
File type ASCII text, with very long lines (57726)
Hash dce08b3c568799f6f6636857e8c9e044
0daaab444c5e84b1280c1aa549658e6550ad9bbf
6ff8c6cdd5d09486d20f8c1cddcc4cc7d1c952bc0680a970912e3e2b8e49cbb3
GET /ajax/libs/font-awesome/5.15.2/css/fontawesome.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ofhub.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 21:49:03 GMT
content-type: text/css; charset=utf-8
content-length: 10266
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5fff7431-e238"
last-modified: Wed, 13 Jan 2021 22:29:05 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 945598
expires: Fri, 26 Jan 2024 21:49:03 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KAATJk7G1FOlZqy5XOGkgrqebyS3U3JYUB8HNTQSDZ2bfilj19%2FXT%2Bs8m3ne%2F9gqWKFGyYY5jrtK9OVBvJj7hyuEhbSuS2VYMYVzrAhBkKLhzDTThY4E6Wwn5UvWLJTZssILS1Vi"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 794eda8f58e9b51b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.blogger.com/static/v1/jsbin/3469866930-comment_from_post_iframe.js
216.58.207.233200 OK 17 kB URL HTTP/2 www.blogger.com/static/v1/jsbin/3469866930-comment_from_post_iframe.js
IP 216.58.207.233:0
File type ASCII text, with very long lines (1441)
Hash f18def4ccec463cf908f91e7cba7f2c1
02d95f67edd84a44c82255ca7abcdbf7f4d0cee5
12b91cbf31131a10b1fc2aa05047c027caeac0d6e0ca5deadf418fff63d68082
GET /static/v1/jsbin/3469866930-comment_from_post_iframe.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ofhub.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 17447
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 31 Jan 2023 15:34:38 GMT
expires: Wed, 31 Jan 2024 15:34:38 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 30 Jan 2023 15:51:51 GMT
content-type: text/javascript
age: 454465
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js
104.17.24.14200 OK 28 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js
IP 104.17.24.14:0
File type ASCII text, with very long lines (65451)
Hash 4b5f47439b640180cc3450f7de05d0d8
5a0dc9bcab80ddc409dd35fcb00a88fe6846fee2
1f85e8b327f42c17c025d69849914068536d9aa95412fe473ae90ffb2f4ebd82
GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ofhub.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 21:49:03 GMT
content-type: application/javascript; charset=utf-8
content-length: 27958
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb09ed3-15d84"
last-modified: Mon, 04 May 2020 23:01:39 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1480202
expires: Fri, 26 Jan 2024 21:49:03 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z1Hf%2BSuwIAHw%2Fc1fsetkOSjlo8YaK%2FPKhF7xbKmYIuFWTdIWBREVAJpTQU3ZXRwUPBWNgLzIRzsq9%2F%2FsMlUxXqbIN7biCuiOB8a66PQudc34hhOotFVubLumpdST5LLJqRrUKifC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 794eda8f893ab51b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.blogger.com/static/v1/widgets/1149436903-widgets.js
216.58.207.233200 OK 57 kB URL HTTP/2 www.blogger.com/static/v1/widgets/1149436903-widgets.js
IP 216.58.207.233:0
File type ASCII text, with very long lines (2221)
Hash b78721b4cce75b522d9ec0d1fae9e007
4ceaa4752e3e81867193004fe928875abc0af5ce
e85f67824ac9f31deedecf0b1d58878b6b3993bad9f2b48e8312928154012f06
GET /static/v1/widgets/1149436903-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ofhub.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 56564
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 01 Feb 2023 02:15:05 GMT
expires: Thu, 01 Feb 2024 02:15:05 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 31 Jan 2023 23:23:14 GMT
content-type: text/javascript
age: 416038
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 26a15a1b880ec1026360b696b1c27074
fd35f80a1cf599da2a8e68a44477465a580440a5
a6d5caec988319523c120bc435a4ff0200b7ead114db10db19a09caeace978f7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 21:49:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 6630148a03da2d4ccf19993f0fefd44c
2c747b9bc89b4240ad4340b31b993e3d947d1e5a
68c252a328d6f8dbea1935f3a4a950fb02969e70aabfff9853add357f76ecd4f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5319
Cache-Control: max-age=86681
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 21:49:03 GMT
Etag: "63debf21-117"
Expires: Mon, 06 Feb 2023 21:53:44 GMT
Last-Modified: Sat, 04 Feb 2023 20:25:05 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 26a15a1b880ec1026360b696b1c27074
fd35f80a1cf599da2a8e68a44477465a580440a5
a6d5caec988319523c120bc435a4ff0200b7ead114db10db19a09caeace978f7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 21:49:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.ofhub.xyz/feeds/posts/summary?max-results=0&alt=json-in-script&callback=feelingLucky
172.217.21.179200 OK 810 B URL HTTP/2 www.ofhub.xyz/feeds/posts/summary?max-results=0&alt=json-in-script&callback=feelingLucky
IP 172.217.21.179:0
File type ASCII text, with very long lines (1591)
Hash b9e13b13d83a6af8b1ad3749904f3f0b
9706799338b6a877c3c8694987e1207d5ebb3fee
c77420e3c18c924fbdec63947e95224682f7a73e868d9c06406b5aa756457101
GET /feeds/posts/summary?max-results=0&alt=json-in-script&callback=feelingLucky HTTP/1.1
Host: www.ofhub.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ofhub.xyz/2023/02/100-rare-models-pack-2tb.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
content-encoding: gzip
etag: W/"b290b17d949edbea40f4e2dfc5c5bb774560be87c690928d33aac2dc2d2b3e8b"
date: Sun, 05 Feb 2023 21:49:03 GMT
content-type: text/javascript; charset=UTF-8
server: blogger-renderd
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
vary: Accept-Encoding
expires: Sun, 05 Feb 2023 21:49:04 GMT
x-content-type-options: nosniff
x-xss-protection: 0
last-modified: Sat, 04 Feb 2023 20:00:32 GMT
content-length: 810
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 008ec668ac16e8385e24d1ffdd321745
040bf9b4c9248e4d05da2b69bdf3ed83c3c0452d
60a69a8456882f4f9261e3fe2f10bd9d114d41784f4d997872521adcd088ae23
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 21:49:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5cd621b152e01aa3860c64b787326024
a306d80b3e0c4d828a7366cb87d4b054103be7f3
63410ee9f577da26bab2690abddebd4514a773776e3c0cfd61b63f926d7f637c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "63410EE9F577DA26BAB2690ABDDEBD4514A773776E3C0CFD61B63F926D7F637C"
Last-Modified: Sat, 04 Feb 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Mon, 06 Feb 2023 03:49:03 GMT
Date: Sun, 05 Feb 2023 21:49:03 GMT
Connection: keep-alive
underestimatedual.com/a9/62/fd/a962fdfe7a16ccb4e05f39bb7bfdc2e2.js
173.233.137.44200 OK 21 kB URL HTTP/1.1 underestimatedual.com/a9/62/fd/a962fdfe7a16ccb4e05f39bb7bfdc2e2.js
IP 173.233.137.44:0
File type HTML document, ASCII text, with very long lines (60177), with no line terminators
Hash 033dcd3b9adcfe8b2181827bfd68bc6e
32b0c5436c0cde6ec8ceb9f9c1d96665b5a8c441
630fc69c1fe66fce04f0719761c1237bef357cabe46947b56a1fbb303c28fb4a
Analyzer Verdict Alert quad9 Sinkholed
GET /a9/62/fd/a962fdfe7a16ccb4e05f39bb7bfdc2e2.js HTTP/1.1
Host: underestimatedual.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ofhub.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 05 Feb 2023 21:49:03 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 12854c1de1c6299bce01e997eef7a5cc
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 728b0e450f36f363294871aee5a68d2f
a19d5eb6fffe1b76d71ae8b1b1027897f53f2bb5
6d29f8f75af08ee1b5bea80558e9883bc69c555b53bd4f465c6ca30f4213c5c9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 21:49:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
3.bp.blogspot.com/-6k9Ba-zjDB8/YxiapcVv0iI/AAAAAAAAB7Y/wfCad_mf88IAoh-b7OwPgTuIM37U0J7tgCK4BGAYYCw/w200/Picsart_22-09-01_16-22-19-902.jpg
142.250.74.161200 OK 7.3 kB URL HTTP/2 3.bp.blogspot.com/-6k9Ba-zjDB8/YxiapcVv0iI/AAAAAAAAB7Y/wfCad_mf88IAoh-b7OwPgTuIM37U0J7tgCK4BGAYYCw/w200/Picsart_22-09-01_16-22-19-902.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 200x183, components 3\012- data
Hash 25702cf31fa99d30e02c291234289471
1cdea50123ce62330b9714775f0fe58b3cdd0637
7d334f5417895a6741a8b078d84b10f8aec01aef24dfe55dbecffd3e5956fbe0
GET /-6k9Ba-zjDB8/YxiapcVv0iI/AAAAAAAAB7Y/wfCad_mf88IAoh-b7OwPgTuIM37U0J7tgCK4BGAYYCw/w200/Picsart_22-09-01_16-22-19-902.jpg HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ofhub.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="Picsart_22-09-01_16-22-19-902.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 7306
x-xss-protection: 0
date: Sun, 05 Feb 2023 19:34:57 GMT
expires: Fri, 03 Feb 2023 09:19:07 GMT
cache-control: public, max-age=86400, no-transform
age: 8047
etag: "v7bd"
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 728b0e450f36f363294871aee5a68d2f
a19d5eb6fffe1b76d71ae8b1b1027897f53f2bb5
6d29f8f75af08ee1b5bea80558e9883bc69c555b53bd4f465c6ca30f4213c5c9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 21:49:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/webfonts/fa-solid-900.woff2
104.17.24.14200 OK 80 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/webfonts/fa-solid-900.woff2
IP 104.17.24.14:0
File type Web Open Font Format (Version 2), TrueType, length 80300, version 331.-31392\012- data
Hash 8e1ed89b6ccb8ce41faf5cb672677105
9b592048b9062b00f0b2dd782d70a95b7dc69b83
6b555920e358f8a25a422988b448615c33bcccb4f932e8331cebfc8e2a737fc7
GET /ajax/libs/font-awesome/5.15.1/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.ofhub.xyz
Connection: keep-alive
Referer: https://www.ofhub.xyz/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 21:49:04 GMT
content-type: application/octet-stream; charset=utf-8
content-length: 80300
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "5f7b5b5f-139ac"
last-modified: Mon, 05 Oct 2020 17:43:59 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 8224498
expires: Fri, 26 Jan 2024 21:49:04 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DSKe5WoBMjjtszfpCiZS5Q%2BMySFC%2F7CJONU1%2BRsiGnD3KmyHRRZy5le9O%2Bv2pbXgwn3hV5yZoOMrqfgK8SRyb30tW07eE9qIsuxI1HjmyocRsvWkn8OgIlFYHwRIjitPtQXixz8W"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 794eda953b7b1c02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 836bc62dbb011b6180fc7209d0061736
74e6f18561a7006a3afb6ab03559eec239ce4b36
90b197384670fdb210d364f91b423fd383d25838e38a494158a8185bef0061f0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 21:49:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css2?display=swap&family=Merriweather+Sans&family=Cairo&family=Noto+Sans+Arabic&family=IBM+Plex+Sans+Arabic&family=Vazirmatn&family=Roboto+Mono&family=Mukta&family=Ubuntu&family=PT+Sans&family=Rubik&family=Fira+Sans&family=Hind+Siliguri&family=Heebo&family=Lobster&family=Fjalla+One
142.250.74.106200 OK 40 kB URL HTTP/2 fonts.googleapis.com/css2?display=swap&family=Merriweather+Sans&family=Cairo&family=Noto+Sans+Arabic&family=IBM+Plex+Sans+Arabic&family=Vazirmatn&family=Roboto+Mono&family=Mukta&family=Ubuntu&family=PT+Sans&family=Rubik&family=Fira+Sans&family=Hind+Siliguri&family=Heebo&family=Lobster&family=Fjalla+One
IP 142.250.74.106:0
Hash efc95708820e0db092cb150921095480
7f32abaa4be6a44a93f01d5700fd0fb259d5837a
7404622d04296e89f4fa6b65a71ed09397f56171b4b1c282dedbd84fd50c5170
GET /css2?display=swap&family=Merriweather+Sans&family=Cairo&family=Noto+Sans+Arabic&family=IBM+Plex+Sans+Arabic&family=Vazirmatn&family=Roboto+Mono&family=Mukta&family=Ubuntu&family=PT+Sans&family=Rubik&family=Fira+Sans&family=Hind+Siliguri&family=Heebo&family=Lobster&family=Fjalla+One HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ofhub.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 05 Feb 2023 21:49:03 GMT
date: Sun, 05 Feb 2023 21:49:03 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
underestimatedual.com/8d222da1b12a53d13248d1006e146145/invoke.js
173.233.137.44200 OK 9.8 kB URL HTTP/1.1 underestimatedual.com/8d222da1b12a53d13248d1006e146145/invoke.js
IP 173.233.137.44:0
File type exported SGML document, ASCII text, with very long lines (26945), with no line terminators
Hash 1a3f818c385ff73a32f7aab38cfeb85f
8c7ba56032f6b7e23b5cc610485f4c62699803db
0473bbf8c765e8a023a112ce33f49508cf5576c43db1b26bafbf47618af438b4
Analyzer Verdict Alert quad9 Sinkholed
GET /8d222da1b12a53d13248d1006e146145/invoke.js HTTP/1.1
Host: underestimatedual.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ofhub.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 05 Feb 2023 21:49:04 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 37c3482a7e87cdb32d5b04039915c61c
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 836bc62dbb011b6180fc7209d0061736
74e6f18561a7006a3afb6ab03559eec239ce4b36
90b197384670fdb210d364f91b423fd383d25838e38a494158a8185bef0061f0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 21:49:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/webfonts/fa-regular-400.woff2
104.17.24.14200 OK 14 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/webfonts/fa-regular-400.woff2
IP 104.17.24.14:0
File type Web Open Font Format (Version 2), TrueType, length 13548, version 331.-31392\012- data
Hash 4a74738e7728e93c4394b8604081da62
fb9648469530a05fa9aac80e47d4d6960472a242
ce20ed8a323117c8a718ff1ddc6dabb997373b575a8e896f2bf02b846c082c9d
GET /ajax/libs/font-awesome/5.15.1/webfonts/fa-regular-400.woff2 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.ofhub.xyz
Connection: keep-alive
Referer: https://www.ofhub.xyz/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 21:49:04 GMT
content-type: application/octet-stream; charset=utf-8
content-length: 13548
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "5f7b5b5f-34ec"
last-modified: Mon, 05 Oct 2020 17:43:59 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 2691735
expires: Fri, 26 Jan 2024 21:49:04 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tOPf6R%2BCO8KUe%2BRVCwLIWBHIoAxk87HAYp0jlhcZ9EjboBKM39AB1xgvAP9PNx26SgqcvTmTO9v8bnDgJtG%2B%2F8mWApSIM103a6EYiXLitNQq0yoB6yMQHsrvbZ%2Fcy37NbU1aNlnj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 794eda95fc721c02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5fb1495442167a14a49ba788fefe4ce9
a16c69f4c65a9cd5749f26493d440b5dc32be878
2bff389795848a07abc28a725001d87aab31efde2356ed22ce132c9808602cea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2BFF389795848A07ABC28A725001D87AAB31EFDE2356ED22CE132C9808602CEA"
Last-Modified: Sun, 05 Feb 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4439
Expires: Sun, 05 Feb 2023 23:03:03 GMT
Date: Sun, 05 Feb 2023 21:49:04 GMT
Connection: keep-alive
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash 2b9fa7773944abe31f5a0d2c89fcf83f
dd497be3ec7fff255da6600a2d92c45d0f4b9a50
68342c1715a25165c46c7832671ce7d31cc3afeda203b110c999875bb79ba116
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 05 Feb 2023 21:49:04 GMT
Last-Modified: Sun, 05 Feb 2023 20:20:00 GMT
Server: ECS (nyb/1D10)
X-Cache: Miss from cloudfront
Via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Fnfe7z-4DXB7f0lu-Ny-RGPbXMZouhOl2G8pS0xwvioBCuns_Iixrg==
Age: 5344
fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72.woff2
216.58.207.227200 OK 35 kB URL HTTP/2 fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 34852, version 1.0\012- data
Hash 0e8eefb4549a2edf26c560cb9845952e
8d0b1718aacad934fd0043c87cbc54aa091396bf
7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a
GET /s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.ofhub.xyz
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 34852
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 30 Jan 2023 00:48:39 GMT
expires: Tue, 30 Jan 2024 00:48:39 GMT
cache-control: public, max-age=31536000
age: 594025
last-modified: Wed, 27 Apr 2022 16:31:23 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCxCvjsGyN.woff2
216.58.207.227200 OK 30 kB URL HTTP/2 fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCxCvjsGyN.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 29752, version 1.0\012- data
Hash ab1fc8621287e4ea9319a3136812cf80
fb4ed2e52e2a8d7ac50a7618a0c2ea5507a24ef3
7c00752ce82d6abaed0b9766d35b906b16675facdbe24115b410d1fab975effa
GET /s/ubuntu/v20/4iCv6KVjbNBYlgoCxCvjsGyN.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.ofhub.xyz
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 29752
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 Feb 2023 00:54:25 GMT
expires: Fri, 02 Feb 2024 00:54:25 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 27 Apr 2022 17:05:11 GMT
content-type: font/woff2
age: 334479
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
35.156.167.37200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 35.156.167.37:0
File type ASCII text, with no line terminators
Hash 682e6de25a7d7db83f12dcff38308b1f
b82c876de0f1d5979d9349d8d97e6a1eaf3b78ac
46cb3fd36749a288e85652924cf20ac3c18e560f27cd84eae231f886cf91c179
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.ofhub.xyz
Connection: keep-alive
Referer: https://www.ofhub.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 21:49:04 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.ofhub.xyz
access-control-allow-credentials: true
set-cookie: uid_id2=29ea984e-83d3-47b2-9370-de5bd90770e6:3:1; expires=Wed, 02 Feb 2033 21:49:04 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
underestimatedual.com/1df647a97d28134a7e2898d07e9dc0df/invoke.js
173.233.137.44200 OK 9.8 kB URL HTTP/1.1 underestimatedual.com/1df647a97d28134a7e2898d07e9dc0df/invoke.js
IP 173.233.137.44:0
File type exported SGML document, ASCII text, with very long lines (26953), with no line terminators
Hash c74bc9a8de6743fbc9b15ba1646e48ee
e3904c24384ad32db6c4b8b7e32c1b79fc1d029d
ab54614f0b064550d68e6c6ce86f5ed0e25b63e76f3724e72220d6e2506f62d3
Analyzer Verdict Alert quad9 Sinkholed
GET /1df647a97d28134a7e2898d07e9dc0df/invoke.js HTTP/1.1
Host: underestimatedual.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ofhub.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 05 Feb 2023 21:49:04 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 130e366ede45d67cc473e4e4f4426744
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
simplewebanalysis.com/stats
35.156.167.37200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 35.156.167.37:0
File type ASCII text, with no line terminators
Hash 2b0a7eb5f34cf55ffc46f00925438a24
2a92c2fed744f8f0fc27895148cec8966c3177de
98d607268e022fac937c4328bb871491fb037a4ee1cd835f6b7d42616fc968cd
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.ofhub.xyz
Connection: keep-alive
Referer: https://www.ofhub.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 21:49:04 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.ofhub.xyz
access-control-allow-credentials: true
set-cookie: uid_id2=f1c8e7c8-0b17-4afa-9dc0-8127c89c1e75:1:1; expires=Wed, 02 Feb 2033 21:49:04 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/webfonts/fa-brands-400.woff2
104.17.24.14200 OK 78 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/webfonts/fa-brands-400.woff2
IP 104.17.24.14:0
File type Web Open Font Format (Version 2), TrueType, length 78460, version 331.-31392\012- data
Hash f075c50f89795e4cdb4d45b51f1a6800
f726c4275bb494a045fde059175f072de06c01df
71b3ce72680f4183d28db86b184542051fd533bb1146933233e4f6a20cf98cba
GET /ajax/libs/font-awesome/5.15.1/webfonts/fa-brands-400.woff2 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.ofhub.xyz
Connection: keep-alive
Referer: https://www.ofhub.xyz/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 21:49:04 GMT
content-type: application/octet-stream; charset=utf-8
content-length: 78460
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "5f7b5b5f-1327c"
last-modified: Mon, 05 Oct 2020 17:43:59 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 170749
expires: Fri, 26 Jan 2024 21:49:04 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=81QDx6q%2B6clqDy%2Bal0AJwsewmRGvAZbUyOy008b5f%2FviZwdwnb3OSivF4ZYAdeG7HivPyH3p7yGJHxjoKaHeuEelbezAWHk4QyLXEGkyLqnsHTUkVw2folFAokOnJhPkHhNeE%2BFJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 794eda96cd8b1c02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
35.156.167.37200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 35.156.167.37:0
File type ASCII text, with no line terminators
Hash 2b0a7eb5f34cf55ffc46f00925438a24
2a92c2fed744f8f0fc27895148cec8966c3177de
98d607268e022fac937c4328bb871491fb037a4ee1cd835f6b7d42616fc968cd
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.ofhub.xyz
Connection: keep-alive
Referer: https://www.ofhub.xyz/
Cookie: uid_id2=f1c8e7c8-0b17-4afa-9dc0-8127c89c1e75:1:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 21:49:04 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.ofhub.xyz
access-control-allow-credentials: true
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1b25bf82638deaab60981e1315ee0849
e3bd912fd1a890e64ee6746a78a674db7ff77039
a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5652
Expires: Sun, 05 Feb 2023 23:23:16 GMT
Date: Sun, 05 Feb 2023 21:49:04 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1b25bf82638deaab60981e1315ee0849
e3bd912fd1a890e64ee6746a78a674db7ff77039
a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5652
Expires: Sun, 05 Feb 2023 23:23:16 GMT
Date: Sun, 05 Feb 2023 21:49:04 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1b25bf82638deaab60981e1315ee0849
e3bd912fd1a890e64ee6746a78a674db7ff77039
a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5652
Expires: Sun, 05 Feb 2023 23:23:16 GMT
Date: Sun, 05 Feb 2023 21:49:04 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1b25bf82638deaab60981e1315ee0849
e3bd912fd1a890e64ee6746a78a674db7ff77039
a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5652
Expires: Sun, 05 Feb 2023 23:23:16 GMT
Date: Sun, 05 Feb 2023 21:49:04 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6661b7263315f5eb3cd2465f671e1fcd
b7b5831c6b3ccc41d7a980b6088adc10ff8785f1
eb25507950d81db4b54a1af7fadaceee1bcff780eb28b6a04dbfb3886785f5b7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8527
x-amzn-requestid: 6a8c6487-6069-47d1-afa1-648626f85439
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyDqqGg5oAMFV-A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd7fdd-0a772cde1e6fba6d7da97435;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:42:53 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: CHWhIpyzhoPtMUplzh1430Q9FfCM1wkTc_hQsgQk6InM9tYBPGYnNg==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 22:05:45 GMT
age: 85399
etag: "b7b5831c6b3ccc41d7a980b6088adc10ff8785f1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fed9dd21c-6496-4f6e-b306-570e4802aba4.jpeg
34.120.237.76200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fed9dd21c-6496-4f6e-b306-570e4802aba4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 251f1a5d671fb797fb98e9a71754c341
335425603d9eec146a3c03422dbca91134272e53
74932f07561287e33302aabcf9c639e9df7ae0fbc4bf71f5467310aabafea208
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fed9dd21c-6496-4f6e-b306-570e4802aba4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6202
x-amzn-requestid: 01b85fcd-69a0-49da-8640-32a3ef19378a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fi3bUFEJoAMFapg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d76c48-14817e717361e09170714e9d;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 07:05:44 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 1_1mEN4j5cciWEiimz4PRjx3PNGnrSRib9oEJAdYLrrtyjqnz_zvcQ==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 11:30:31 GMT
age: 37113
etag: "335425603d9eec146a3c03422dbca91134272e53"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37422a56-a7de-4ab8-ac8a-650de9dae97c.jpeg
34.120.237.76200 OK 5.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37422a56-a7de-4ab8-ac8a-650de9dae97c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5b6c30ad03669b66bf2f63b3edd69882
e630bd132b52b965a5ade646ea8a165d1abf6d7b
f8233d879ec17fd91909655ff8881f2ebfad84272fde3ed5e5be37580378a989
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37422a56-a7de-4ab8-ac8a-650de9dae97c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5014
x-amzn-requestid: a434aae4-fe4b-4fc7-9b7e-eeb552484e8a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fi3bIE0aoAMF6YQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d76c47-5556d14757190c842bbc6b06;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 07:05:43 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: k6YqagXr3Wr-u1uDKojEnIGW0CxU5yvWPtlzNpzoIvmg9F-rJb9uFQ==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 11:24:01 GMT
age: 37503
etag: "e630bd132b52b965a5ade646ea8a165d1abf6d7b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8a9d301-2b38-4046-91c2-941ed351597a.jpeg
34.120.237.76200 OK 3.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8a9d301-2b38-4046-91c2-941ed351597a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d7a466d89c75ff3459b7328591db52cf
c3f29f9c2fbdc1fa2aef7a9e79ca796b28394afb
e73243be3d01d12a224c4e9826c4f52610cf7722eee69f62755278d7550705f1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8a9d301-2b38-4046-91c2-941ed351597a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3474
x-amzn-requestid: 5846c080-9f25-4590-863c-8af2126cdbe1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f1WXEEbnoAMFRdg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ded0f9-1bd490125feadc14366e7ca0;Sampled=0
x-amzn-remapped-date: Sat, 04 Feb 2023 21:41:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: d8aQmkW-aqLFpb79RynlJG2vY1GTDbjLNY0Qukgg_WIjdI6cmbVKFw==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 21:51:26 GMT
age: 86258
etag: "c3f29f9c2fbdc1fa2aef7a9e79ca796b28394afb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9070541c-6707-464e-b141-b6c767d8a58a.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9070541c-6707-464e-b141-b6c767d8a58a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 062e186a259eda97173695240a492c63
9b476a4ec219667f560b88199a3a4e4b0a93b579
d18570d3c4ada689b5c2a99b0783ce41c629bd125e6683cf225e01b7032f14a4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9070541c-6707-464e-b141-b6c767d8a58a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12256
x-amzn-requestid: 1b959eb9-cf69-414c-b57b-4a63277d709c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fvgx-EhgoAMF2wA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dc7b3f-2c58e8ac2aee8a8f409a93a0;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 03:10:55 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Mujn0m9G4SIcD-5qZiD5kaYHg8x3rDtx-jYus-hrWFx_UjWEMNM_Tw==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 04:43:25 GMT
age: 61539
etag: "9b476a4ec219667f560b88199a3a4e4b0a93b579"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6718344-fcb4-4366-9239-8921034a7114.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6718344-fcb4-4366-9239-8921034a7114.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8e0be7db14d930d6227443314bcd1747
4e42e2ad289dfe5bd9a55d34fd768f7532bdf71d
baedfbdb08a67f9ff4c698f7e65b08d7e4c5078d0a4233e6bff529b44812735a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6718344-fcb4-4366-9239-8921034a7114.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12967
x-amzn-requestid: 013fa296-a431-410b-b3fb-7417b3e877eb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fpIQAFCMIAMF0Sw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d9ed99-2e1daa8b75977de07c48b8fc;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 04:42:01 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: UzQGDCYe_8AuYYLaLSAWzHQhwJMpzpXWbjE5AwukevW6G6SLDxDjmA==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 03:42:59 GMT
age: 65165
etag: "4e42e2ad289dfe5bd9a55d34fd768f7532bdf71d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
subscribestormyapprobation.com/pixel/purst?dl=0&th=0&sc=0&rs=2121&rd=2121&fd=987&bv=22.10.v.9&tmpl=70
173.233.137.60200 OK 0 B URL HTTP/1.1 subscribestormyapprobation.com/pixel/purst?dl=0&th=0&sc=0&rs=2121&rd=2121&fd=987&bv=22.10.v.9&tmpl=70
IP 173.233.137.60:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/purst?dl=0&th=0&sc=0&rs=2121&rd=2121&fd=987&bv=22.10.v.9&tmpl=70 HTTP/1.1
Host: subscribestormyapprobation.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ofhub.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 05 Feb 2023 21:49:04 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
underestimatedual.com/0392bb1adc80b30da49d00652f3c0375/invoke.js
173.233.137.44200 OK 9.8 kB URL HTTP/1.1 underestimatedual.com/0392bb1adc80b30da49d00652f3c0375/invoke.js
IP 173.233.137.44:0
File type exported SGML document, ASCII text, with very long lines (26943), with no line terminators
Hash 7e8048e53ca626bf925df1736874d9fa
07b0da656cb854c6410f733a84a081a8f64001bc
993210a85bea70f3d16a941ba89bfa2695c2452d401c5245cf2eb54455c9b78d
Analyzer Verdict Alert quad9 Sinkholed
GET /0392bb1adc80b30da49d00652f3c0375/invoke.js HTTP/1.1
Host: underestimatedual.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ofhub.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 05 Feb 2023 21:49:04 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 9fe34f83ea7112b8ee60c398b05c0492
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ka-f.fontawesome.com/releases/v6.2.1/webfonts/free-fa-solid-900.woff2
172.64.168.22200 OK 150 kB URL HTTP/2 ka-f.fontawesome.com/releases/v6.2.1/webfonts/free-fa-solid-900.woff2
IP 172.64.168.22:0
File type Web Open Font Format (Version 2), TrueType, length 150500, version 770.768\012- data
Size 150 kB (150500 bytes)
Hash 69a76555beae5c43a59559396c1aeb54
7d2759002c67a66fc38a72dd0e395e2da3d41474
1494e2691e1c13a3f35cbc3e1b56c5187c10ffe220d1fdc58d99494a666244d4
GET /releases/v6.2.1/webfonts/free-fa-solid-900.woff2 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.ofhub.xyz
Connection: keep-alive
Referer: https://www.ofhub.xyz/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 21:49:04 GMT
content-type: font/woff2
content-length: 150500
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Mon, 14 Nov 2022 15:15:23 GMT
etag: "69a76555beae5c43a59559396c1aeb54"
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
x-cache: Hit from cloudfront
via: 1.1 ee8862e43d7837ef5478becfe2eb7116.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P1
x-amz-cf-id: 3VFYPK-X4OW3abLY_wzVgtoYqWK6gOJfRxAw8aky7N2xCr_EUQdsRw==
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y74HYGCv8LjIgpnN4W%2FUzI%2Fs6XM1sro6PRLgvs2KhIh4VhrkJ5xy408Ud3QOjfghwYCrHRdqUxObz88J4wEOG6jx0Xl1lD6qENc27P8jF6UmIV74H3KatBgoEix7m1UkS3A83lyxdw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 794eda982c3875c0-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.ofhub.xyz/feeds/posts/summary?max-results=0&alt=json-in-script&callback=feelingLucky
172.217.21.179304 Not Modified 0 B URL HTTP/2 www.ofhub.xyz/feeds/posts/summary?max-results=0&alt=json-in-script&callback=feelingLucky
IP 172.217.21.179:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /feeds/posts/summary?max-results=0&alt=json-in-script&callback=feelingLucky HTTP/1.1
Host: www.ofhub.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ofhub.xyz/2023/02/100-rare-models-pack-2tb.html
Cookie: dom3ic8zudi28v8lr6fgphwffqoz0j6c=f1c8e7c8-0b17-4afa-9dc0-8127c89c1e75%3A1%3A1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
If-Modified-Since: Sat, 04 Feb 2023 20:00:32 GMT
If-None-Match: W/"b290b17d949edbea40f4e2dfc5c5bb774560be87c690928d33aac2dc2d2b3e8b"
TE: trailers
HTTP/2 304 Not Modified
cross-origin-resource-policy: cross-origin
etag: W/"b290b17d949edbea40f4e2dfc5c5bb774560be87c690928d33aac2dc2d2b3e8b"
date: Sun, 05 Feb 2023 21:49:04 GMT
content-type: text/html
server: blogger-renderd
expires: Sun, 05 Feb 2023 21:49:05 GMT
cache-control: public, must-revalidate, proxy-revalidate, max-age=1
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash df5d79a02322a4a4aa23a121ee83fe87
9f1476aedabf8a1e39231bd601e5589deed806a7
188ef82dfbee931e99f772e1d1be168a55f7fed46624093877be5e7c18b8cc19
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "188EF82DFBEE931E99F772E1D1BE168A55F7FED46624093877BE5E7C18B8CC19"
Last-Modified: Sat, 04 Feb 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8248
Expires: Mon, 06 Feb 2023 00:06:32 GMT
Date: Sun, 05 Feb 2023 21:49:04 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dd1b8b25bb474958fe86b70d2c3f4f1e
5f566247079fade9c07b785c7878965f06d60f87
2562617404134600a16ab198d0f8b0be313437752ea3dd8a1c1be81fb7152dde
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2562617404134600A16AB198D0F8B0BE313437752EA3DD8A1C1BE81FB7152DDE"
Last-Modified: Sun, 05 Feb 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16830
Expires: Mon, 06 Feb 2023 02:29:34 GMT
Date: Sun, 05 Feb 2023 21:49:04 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3e4acd46b234f93b8f66bddfb049e7f1
f606219397d2684ccb9fe3daa394b00145d9ac6b
4cf65578835d4adc49e92099f07b3566d6e5f8a8406acfe7dd1fa4fc45df1033
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4CF65578835D4ADC49E92099F07B3566D6E5F8A8406ACFE7DD1FA4FC45DF1033"
Last-Modified: Fri, 03 Feb 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10970
Expires: Mon, 06 Feb 2023 00:51:54 GMT
Date: Sun, 05 Feb 2023 21:49:04 GMT
Connection: keep-alive
residentshove.com/watch.845574713736.js?key=0392bb1adc80b30da49d00652f3c0375&kw=%5B%22100%2B%22%2C%22rare%22%2C%22models%22%2C%22pack%22%2C%222tb%22%5D&refer=https%3A%2F%2Fwww.ofhub.xyz%2F2023%2F02%2F100-rare-models-pack-2tb.html&tz=0&dev=e&res=12.1055&uuid=f1c8e7c8-0b17-4afa-9dc0-8127c89c1e75%3A1%3A1
173.233.137.52307 Temporary Redirect 0 B URL HTTP/1.1 residentshove.com/watch.845574713736.js?key=0392bb1adc80b30da49d00652f3c0375&kw=%5B%22100%2B%22%2C%22rare%22%2C%22models%22%2C%22pack%22%2C%222tb%22%5D&refer=https%3A%2F%2Fwww.ofhub.xyz%2F2023%2F02%2F100-rare-models-pack-2tb.html&tz=0&dev=e&res=12.1055&uuid=f1c8e7c8-0b17-4afa-9dc0-8127c89c1e75%3A1%3A1
IP 173.233.137.52:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.845574713736.js?key=0392bb1adc80b30da49d00652f3c0375&kw=%5B%22100%2B%22%2C%22rare%22%2C%22models%22%2C%22pack%22%2C%222tb%22%5D&refer=https%3A%2F%2Fwww.ofhub.xyz%2F2023%2F02%2F100-rare-models-pack-2tb.html&tz=0&dev=e&res=12.1055&uuid=f1c8e7c8-0b17-4afa-9dc0-8127c89c1e75%3A1%3A1 HTTP/1.1
Host: residentshove.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.ofhub.xyz
Connection: keep-alive
Referer: https://www.ofhub.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Sun, 05 Feb 2023 21:49:04 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.ofhub.xyz
Access-Control-Allow-Origin: https://www.ofhub.xyz
Access-Control-Allow-Credentials: true
Location: https://residentshove.com/watch.845574713736.js?key=0392bb1adc80b30da49d00652f3c0375&kw=%5B%22100%2B%22%2C%22rare%22%2C%22models%22%2C%22pack%22%2C%222tb%22%5D&refer=https%3A%2F%2Fwww.ofhub.xyz%2F2023%2F02%2F100-rare-models-pack-2tb.html&tz=0&dev=e&res=12.1055&uuid=f1c8e7c8-0b17-4afa-9dc0-8127c89c1e75%3A1%3A1&shu=2d48f23a05a183995637174d4e8fa626f0834e290fb8c1e0ff2c3c797e4d8c2630900e9b7e027a09acb25f3249c88a4e0a7e9d446a1b6e5a628f4be17fd68632204f5323d517c1a9317275ef4022f8bef6d83f1fdba18a8090789c8e80be77&pst=1675633804&rmtc=t
Set-Cookie: u_pl=17524062; expires=Mon, 06 Feb 2023 21:49:04 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzUyNDA2MiwiayI6IjAzOTJiYjFhZGM4MGIzMGRhNDlkMDA2NTJmM2MwMzc1Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTM4MDIxLCJwaWQiOjUxMzgxOCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxNiwiYWlkIjo1LCJwdCI6NCwicGsiOiJ6bXNoeTE0NSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL3d3dy5vZmh1Yi54eXovMjAyMy8wMi8xMDAtcmFyZS1tb2RlbHMtcGFjay0ydGIuaHRtbCJ9fQ.EWIRTlCVkn672j5WZUtYB91q6xLNAcjAb-Whfsw-uNs; expires=Sun, 05 Feb 2023 21:50:04 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 81bdec5f170725f033ea74aa74a0f594
Strict-Transport-Security: max-age=0; includeSubdomains
revolveoppress.com/watch.1245181995706.js?key=8d222da1b12a53d13248d1006e146145&kw=%5B%22100%2B%22%2C%22rare%22%2C%22models%22%2C%22pack%22%2C%222tb%22%5D&refer=https%3A%2F%2Fwww.ofhub.xyz%2F2023%2F02%2F100-rare-models-pack-2tb.html&tz=0&dev=e&res=12.1055&uuid=f1c8e7c8-0b17-4afa-9dc0-8127c89c1e75%3A1%3A1
192.243.59.13307 Temporary Redirect 0 B URL HTTP/1.1 revolveoppress.com/watch.1245181995706.js?key=8d222da1b12a53d13248d1006e146145&kw=%5B%22100%2B%22%2C%22rare%22%2C%22models%22%2C%22pack%22%2C%222tb%22%5D&refer=https%3A%2F%2Fwww.ofhub.xyz%2F2023%2F02%2F100-rare-models-pack-2tb.html&tz=0&dev=e&res=12.1055&uuid=f1c8e7c8-0b17-4afa-9dc0-8127c89c1e75%3A1%3A1
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1245181995706.js?key=8d222da1b12a53d13248d1006e146145&kw=%5B%22100%2B%22%2C%22rare%22%2C%22models%22%2C%22pack%22%2C%222tb%22%5D&refer=https%3A%2F%2Fwww.ofhub.xyz%2F2023%2F02%2F100-rare-models-pack-2tb.html&tz=0&dev=e&res=12.1055&uuid=f1c8e7c8-0b17-4afa-9dc0-8127c89c1e75%3A1%3A1 HTTP/1.1
Host: revolveoppress.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.ofhub.xyz
Connection: keep-alive
Referer: https://www.ofhub.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.17.6
Date: Sun, 05 Feb 2023 21:49:04 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.ofhub.xyz
Access-Control-Allow-Origin: https://www.ofhub.xyz
Access-Control-Allow-Credentials: true
Location: https://revolveoppress.com/watch.1245181995706.js?key=8d222da1b12a53d13248d1006e146145&kw=%5B%22100%2B%22%2C%22rare%22%2C%22models%22%2C%22pack%22%2C%222tb%22%5D&refer=https%3A%2F%2Fwww.ofhub.xyz%2F2023%2F02%2F100-rare-models-pack-2tb.html&tz=0&dev=e&res=12.1055&uuid=f1c8e7c8-0b17-4afa-9dc0-8127c89c1e75%3A1%3A1&shu=372d3d1ee874ad24cf6b1c6f47ca96fb33165b080c06332bbaaee15584462a5e0cd74f02f0abae842d53f7e2a66efc229e5795068af4b70167b4b2c098afb2340a0b7cbcebfdc23cba3aae0657c25e11b275100f632187e6d2d8c0dd35b3f07278&pst=1675633804&rmtc=t
Set-Cookie: u_pl=17534480; expires=Mon, 06 Feb 2023 21:49:04 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzUzNDQ4MCwiayI6IjhkMjIyZGExYjEyYTUzZDEzMjQ4ZDEwMDZlMTQ2MTQ1Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTM4MDIxLCJwaWQiOjUxMzgxOCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxNiwiYWlkIjoyMywicHQiOjQsInBrIjoibmViY3NyZ2NnZSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL3d3dy5vZmh1Yi54eXovMjAyMy8wMi8xMDAtcmFyZS1tb2RlbHMtcGFjay0ydGIuaHRtbCJ9fQ.cX79VLUBFQLBuACfYw7Fd1dgNrTY4bflm5Do49oo5_A; expires=Sun, 05 Feb 2023 21:50:04 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a4562bc731f2da8172f11a78d7744c0c
Strict-Transport-Security: max-age=0; includeSubdomains
outdilateinterrupt.com/watch.1169828635758.js?key=1df647a97d28134a7e2898d07e9dc0df&kw=%5B%22100%2B%22%2C%22rare%22%2C%22models%22%2C%22pack%22%2C%222tb%22%5D&refer=https%3A%2F%2Fwww.ofhub.xyz%2F2023%2F02%2F100-rare-models-pack-2tb.html&tz=0&dev=e&res=12.1055&uuid=f1c8e7c8-0b17-4afa-9dc0-8127c89c1e75%3A1%3A1
192.243.59.12307 Temporary Redirect 0 B URL HTTP/1.1 outdilateinterrupt.com/watch.1169828635758.js?key=1df647a97d28134a7e2898d07e9dc0df&kw=%5B%22100%2B%22%2C%22rare%22%2C%22models%22%2C%22pack%22%2C%222tb%22%5D&refer=https%3A%2F%2Fwww.ofhub.xyz%2F2023%2F02%2F100-rare-models-pack-2tb.html&tz=0&dev=e&res=12.1055&uuid=f1c8e7c8-0b17-4afa-9dc0-8127c89c1e75%3A1%3A1
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1169828635758.js?key=1df647a97d28134a7e2898d07e9dc0df&kw=%5B%22100%2B%22%2C%22rare%22%2C%22models%22%2C%22pack%22%2C%222tb%22%5D&refer=https%3A%2F%2Fwww.ofhub.xyz%2F2023%2F02%2F100-rare-models-pack-2tb.html&tz=0&dev=e&res=12.1055&uuid=f1c8e7c8-0b17-4afa-9dc0-8127c89c1e75%3A1%3A1 HTTP/1.1
Host: outdilateinterrupt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.ofhub.xyz
Connection: keep-alive
Referer: https://www.ofhub.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.17.6
Date: Sun, 05 Feb 2023 21:49:05 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.ofhub.xyz
Access-Control-Allow-Origin: https://www.ofhub.xyz
Access-Control-Allow-Credentials: true
Location: https://outdilateinterrupt.com/watch.1169828635758.js?key=1df647a97d28134a7e2898d07e9dc0df&kw=%5B%22100%2B%22%2C%22rare%22%2C%22models%22%2C%22pack%22%2C%222tb%22%5D&refer=https%3A%2F%2Fwww.ofhub.xyz%2F2023%2F02%2F100-rare-models-pack-2tb.html&tz=0&dev=e&res=12.1055&uuid=f1c8e7c8-0b17-4afa-9dc0-8127c89c1e75%3A1%3A1&shu=8b47e75cfa3b13c6539bbee947918a9b9cfd74079e4b980f6a69e6ed4afe56c02db9e8ea79bf56385b8714a5c57b6ddc87ae38a78959315c8a86e9b47649468a86b4f4cccd42989ab7deb0d6ebd64cc51d4c3075&pst=1675633805&rmtc=t
Set-Cookie: u_pl=17525575; expires=Mon, 06 Feb 2023 21:49:05 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzUyNTU3NSwiayI6IjFkZjY0N2E5N2QyODEzNGE3ZTI4OThkMDdlOWRjMGRmIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTM4MDIxLCJwaWQiOjUxMzgxOCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxNiwiYWlkIjoyNywicHQiOjQsInBrIjoiemZyNTM3YTNtIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vd3d3Lm9maHViLnh5ei8yMDIzLzAyLzEwMC1yYXJlLW1vZGVscy1wYWNrLTJ0Yi5odG1sIn19.JHjh-6Ff3Z9KUu8p-AZhfH4OXjeSj06YdANmqadsjkw; expires=Sun, 05 Feb 2023 21:50:05 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 1c021c7394e06023d059d108002d751d
Strict-Transport-Security: max-age=0; includeSubdomains
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 040d512b73ad828b2dd7409c0c9dab49
a7b7256940377241abd22db537a864ec6348bf90
6e7f979d255eba736072b159be75a5865fd307781806c412ea66bb0f80e38aa6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 21:49:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
residentshove.com/watch.845574713736.js?key=0392bb1adc80b30da49d00652f3c0375&kw=%5B%22100%2B%22%2C%22rare%22%2C%22models%22%2C%22pack%22%2C%222tb%22%5D&refer=https%3A%2F%2Fwww.ofhub.xyz%2F2023%2F02%2F100-rare-models-pack-2tb.html&tz=0&dev=e&res=12.1055&uuid=f1c8e7c8-0b17-4afa-9dc0-8127c89c1e75%3A1%3A1&shu=2d48f23a05a183995637174d4e8fa626f0834e290fb8c1e0ff2c3c797e4d8c2630900e9b7e027a09acb25f3249c88a4e0a7e9d446a1b6e5a628f4be17fd68632204f5323d517c1a9317275ef4022f8bef6d83f1fdba18a8090789c8e80be77&pst=1675633804&rmtc=t
173.233.137.52200 OK 2.0 kB URL HTTP/1.1 residentshove.com/watch.845574713736.js?key=0392bb1adc80b30da49d00652f3c0375&kw=%5B%22100%2B%22%2C%22rare%22%2C%22models%22%2C%22pack%22%2C%222tb%22%5D&refer=https%3A%2F%2Fwww.ofhub.xyz%2F2023%2F02%2F100-rare-models-pack-2tb.html&tz=0&dev=e&res=12.1055&uuid=f1c8e7c8-0b17-4afa-9dc0-8127c89c1e75%3A1%3A1&shu=2d48f23a05a183995637174d4e8fa626f0834e290fb8c1e0ff2c3c797e4d8c2630900e9b7e027a09acb25f3249c88a4e0a7e9d446a1b6e5a628f4be17fd68632204f5323d517c1a9317275ef4022f8bef6d83f1fdba18a8090789c8e80be77&pst=1675633804&rmtc=t
IP 173.233.137.52:0
File type HTML document, ASCII text, with very long lines (2533)
Hash 2ea4bf6d2043829c730b739fe3a350a4
b204d28ca1ca74484e18ae44ba85140b19e94c4e
aaa842a926dbd338db18bb3b1d3a4aefed10999b652e1a615f5c82b5709949b9
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.845574713736.js?key=0392bb1adc80b30da49d00652f3c0375&kw=%5B%22100%2B%22%2C%22rare%22%2C%22models%22%2C%22pack%22%2C%222tb%22%5D&refer=https%3A%2F%2Fwww.ofhub.xyz%2F2023%2F02%2F100-rare-models-pack-2tb.html&tz=0&dev=e&res=12.1055&uuid=f1c8e7c8-0b17-4afa-9dc0-8127c89c1e75%3A1%3A1&shu=2d48f23a05a183995637174d4e8fa626f0834e290fb8c1e0ff2c3c797e4d8c2630900e9b7e027a09acb25f3249c88a4e0a7e9d446a1b6e5a628f4be17fd68632204f5323d517c1a9317275ef4022f8bef6d83f1fdba18a8090789c8e80be77&pst=1675633804&rmtc=t HTTP/1.1
Host: residentshove.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.ofhub.xyz
Referer: https://www.ofhub.xyz/
Connection: keep-alive
Cookie: u_pl=17524062; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzUyNDA2MiwiayI6IjAzOTJiYjFhZGM4MGIzMGRhNDlkMDA2NTJmM2MwMzc1Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTM4MDIxLCJwaWQiOjUxMzgxOCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxNiwiYWlkIjo1LCJwdCI6NCwicGsiOiJ6bXNoeTE0NSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL3d3dy5vZmh1Yi54eXovMjAyMy8wMi8xMDAtcmFyZS1tb2RlbHMtcGFjay0ydGIuaHRtbCJ9fQ.EWIRTlCVkn672j5WZUtYB91q6xLNAcjAb-Whfsw-uNs
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 05 Feb 2023 21:49:05 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.ofhub.xyz
Access-Control-Allow-Origin: https://www.ofhub.xyz
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=f1c8e7c8-0b17-4afa-9dc0-8127c89c1e75:1:1; expires=Sun, 12 Feb 2023 21:49:05 GMT; secure; SameSite=None
pdhtkv=true; expires=Mon, 06 Feb 2023 21:49:05 GMT; secure; SameSite=None
uncs=1; expires=Mon, 06 Feb 2023 21:49:05 GMT; secure; SameSite=None
pdhtkv5=true; expires=Mon, 06 Feb 2023 21:49:05 GMT; secure; SameSite=None
uncs5=1; expires=Mon, 06 Feb 2023 21:49:05 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 784c6a19886b5356d6b37b549b15121a
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
revolveoppress.com/watch.1245181995706.js?key=8d222da1b12a53d13248d1006e146145&kw=%5B%22100%2B%22%2C%22rare%22%2C%22models%22%2C%22pack%22%2C%222tb%22%5D&refer=https%3A%2F%2Fwww.ofhub.xyz%2F2023%2F02%2F100-rare-models-pack-2tb.html&tz=0&dev=e&res=12.1055&uuid=f1c8e7c8-0b17-4afa-9dc0-8127c89c1e75%3A1%3A1&shu=372d3d1ee874ad24cf6b1c6f47ca96fb33165b080c06332bbaaee15584462a5e0cd74f02f0abae842d53f7e2a66efc229e5795068af4b70167b4b2c098afb2340a0b7cbcebfdc23cba3aae0657c25e11b275100f632187e6d2d8c0dd35b3f07278&pst=1675633804&rmtc=t
192.243.59.13200 OK 634 B URL HTTP/1.1 revolveoppress.com/watch.1245181995706.js?key=8d222da1b12a53d13248d1006e146145&kw=%5B%22100%2B%22%2C%22rare%22%2C%22models%22%2C%22pack%22%2C%222tb%22%5D&refer=https%3A%2F%2Fwww.ofhub.xyz%2F2023%2F02%2F100-rare-models-pack-2tb.html&tz=0&dev=e&res=12.1055&uuid=f1c8e7c8-0b17-4afa-9dc0-8127c89c1e75%3A1%3A1&shu=372d3d1ee874ad24cf6b1c6f47ca96fb33165b080c06332bbaaee15584462a5e0cd74f02f0abae842d53f7e2a66efc229e5795068af4b70167b4b2c098afb2340a0b7cbcebfdc23cba3aae0657c25e11b275100f632187e6d2d8c0dd35b3f07278&pst=1675633804&rmtc=t
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document, ASCII text, with very long lines (581)
Hash c9633a37b86e624c45e9699c859b6e60
effe83c8d7398e621b5546b92f2e93e797f5101b
a1343798904dea4e90b923d0b54abbbfda8a121b99048692d5b7371f83ce7c2a
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1245181995706.js?key=8d222da1b12a53d13248d1006e146145&kw=%5B%22100%2B%22%2C%22rare%22%2C%22models%22%2C%22pack%22%2C%222tb%22%5D&refer=https%3A%2F%2Fwww.ofhub.xyz%2F2023%2F02%2F100-rare-models-pack-2tb.html&tz=0&dev=e&res=12.1055&uuid=f1c8e7c8-0b17-4afa-9dc0-8127c89c1e75%3A1%3A1&shu=372d3d1ee874ad24cf6b1c6f47ca96fb33165b080c06332bbaaee15584462a5e0cd74f02f0abae842d53f7e2a66efc229e5795068af4b70167b4b2c098afb2340a0b7cbcebfdc23cba3aae0657c25e11b275100f632187e6d2d8c0dd35b3f07278&pst=1675633804&rmtc=t HTTP/1.1
Host: revolveoppress.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.ofhub.xyz
Referer: https://www.ofhub.xyz/
Connection: keep-alive
Cookie: u_pl=17534480; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzUzNDQ4MCwiayI6IjhkMjIyZGExYjEyYTUzZDEzMjQ4ZDEwMDZlMTQ2MTQ1Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTM4MDIxLCJwaWQiOjUxMzgxOCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxNiwiYWlkIjoyMywicHQiOjQsInBrIjoibmViY3NyZ2NnZSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL3d3dy5vZmh1Yi54eXovMjAyMy8wMi8xMDAtcmFyZS1tb2RlbHMtcGFjay0ydGIuaHRtbCJ9fQ.cX79VLUBFQLBuACfYw7Fd1dgNrTY4bflm5Do49oo5_A
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sun, 05 Feb 2023 21:49:05 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.ofhub.xyz
Access-Control-Allow-Origin: https://www.ofhub.xyz
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=f1c8e7c8-0b17-4afa-9dc0-8127c89c1e75:1:1; expires=Sun, 12 Feb 2023 21:49:05 GMT; secure; SameSite=None
iprc0ebefb997ddcad4cfaff6d4ebd0a9552=2116936; expires=Mon, 06 Feb 2023 23:49:05 GMT; secure; SameSite=None
pdhtkv=true; expires=Mon, 06 Feb 2023 21:49:05 GMT; secure; SameSite=None
uncs=1; expires=Mon, 06 Feb 2023 21:49:05 GMT; secure; SameSite=None
pdhtkv23=true; expires=Mon, 06 Feb 2023 21:49:05 GMT; secure; SameSite=None
uncs23=1; expires=Mon, 06 Feb 2023 21:49:05 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: fba92a91a897c605a742c4a641f6afbe
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 62fee7d67016395e394bb6198ed16f20
4930912f30f06b318246f88ab2d4b0ef8310fcf6
500be9dcad6eb9ad87713914ba24532e52327cbef07393ea38cb6648ed335dc8
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 21:49:05 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 05 Feb 2023 12:04:33 GMT
Expires: Sun, 12 Feb 2023 12:04:32 GMT
Etag: "4930912f30f06b318246f88ab2d4b0ef8310fcf6"
Cache-Control: max-age=569126,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 794eda96b84cfab4-OSL
outdilateinterrupt.com/watch.1169828635758.js?key=1df647a97d28134a7e2898d07e9dc0df&kw=%5B%22100%2B%22%2C%22rare%22%2C%22models%22%2C%22pack%22%2C%222tb%22%5D&refer=https%3A%2F%2Fwww.ofhub.xyz%2F2023%2F02%2F100-rare-models-pack-2tb.html&tz=0&dev=e&res=12.1055&uuid=f1c8e7c8-0b17-4afa-9dc0-8127c89c1e75%3A1%3A1&shu=8b47e75cfa3b13c6539bbee947918a9b9cfd74079e4b980f6a69e6ed4afe56c02db9e8ea79bf56385b8714a5c57b6ddc87ae38a78959315c8a86e9b47649468a86b4f4cccd42989ab7deb0d6ebd64cc51d4c3075&pst=1675633805&rmtc=t
192.243.59.12200 OK 2.0 kB URL HTTP/1.1 outdilateinterrupt.com/watch.1169828635758.js?key=1df647a97d28134a7e2898d07e9dc0df&kw=%5B%22100%2B%22%2C%22rare%22%2C%22models%22%2C%22pack%22%2C%222tb%22%5D&refer=https%3A%2F%2Fwww.ofhub.xyz%2F2023%2F02%2F100-rare-models-pack-2tb.html&tz=0&dev=e&res=12.1055&uuid=f1c8e7c8-0b17-4afa-9dc0-8127c89c1e75%3A1%3A1&shu=8b47e75cfa3b13c6539bbee947918a9b9cfd74079e4b980f6a69e6ed4afe56c02db9e8ea79bf56385b8714a5c57b6ddc87ae38a78959315c8a86e9b47649468a86b4f4cccd42989ab7deb0d6ebd64cc51d4c3075&pst=1675633805&rmtc=t
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document, ASCII text, with very long lines (2500)
Hash 1b150b7116e19703785e3946925e7eb3
4578f54c7c827005b05bbb08d2f72b25c33f1008
99a06d477b8262b3e70f2313af8b07ea764817766bf6ed58429b67f8a3e1b6df
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1169828635758.js?key=1df647a97d28134a7e2898d07e9dc0df&kw=%5B%22100%2B%22%2C%22rare%22%2C%22models%22%2C%22pack%22%2C%222tb%22%5D&refer=https%3A%2F%2Fwww.ofhub.xyz%2F2023%2F02%2F100-rare-models-pack-2tb.html&tz=0&dev=e&res=12.1055&uuid=f1c8e7c8-0b17-4afa-9dc0-8127c89c1e75%3A1%3A1&shu=8b47e75cfa3b13c6539bbee947918a9b9cfd74079e4b980f6a69e6ed4afe56c02db9e8ea79bf56385b8714a5c57b6ddc87ae38a78959315c8a86e9b47649468a86b4f4cccd42989ab7deb0d6ebd64cc51d4c3075&pst=1675633805&rmtc=t HTTP/1.1
Host: outdilateinterrupt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.ofhub.xyz
Referer: https://www.ofhub.xyz/
Connection: keep-alive
Cookie: u_pl=17525575; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzUyNTU3NSwiayI6IjFkZjY0N2E5N2QyODEzNGE3ZTI4OThkMDdlOWRjMGRmIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxOTM4MDIxLCJwaWQiOjUxMzgxOCwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxNiwiYWlkIjoyNywicHQiOjQsInBrIjoiemZyNTM3YTNtIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vd3d3Lm9maHViLnh5ei8yMDIzLzAyLzEwMC1yYXJlLW1vZGVscy1wYWNrLTJ0Yi5odG1sIn19.JHjh-6Ff3Z9KUu8p-AZhfH4OXjeSj06YdANmqadsjkw
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sun, 05 Feb 2023 21:49:05 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.ofhub.xyz
Access-Control-Allow-Origin: https://www.ofhub.xyz
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=f1c8e7c8-0b17-4afa-9dc0-8127c89c1e75:1:1; expires=Sun, 12 Feb 2023 21:49:05 GMT; secure; SameSite=None
pdhtkv=true; expires=Mon, 06 Feb 2023 21:49:05 GMT; secure; SameSite=None
uncs=1; expires=Mon, 06 Feb 2023 21:49:05 GMT; secure; SameSite=None
pdhtkv27=true; expires=Mon, 06 Feb 2023 21:49:05 GMT; secure; SameSite=None
uncs27=1; expires=Mon, 06 Feb 2023 21:49:05 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: e4fee9d9d5a6b193434473e4af4c146e
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
6.adsco.re/
104.17.166.186200 OK 0 B IP 104.17.166.186:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: 6.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.ofhub.xyz
Connection: keep-alive
Referer: https://www.ofhub.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 21:49:05 GMT
content-type: text/plain;charset=UTF-8
content-length: 0
access-control-allow-origin: https://www.ofhub.xyz
cache-control: private, max-age=10
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-max-age: 2592000
vary: Accept-Encoding
server: cloudflare
cf-ray: 794eda9cdb1db4f9-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 62fee7d67016395e394bb6198ed16f20
4930912f30f06b318246f88ab2d4b0ef8310fcf6
500be9dcad6eb9ad87713914ba24532e52327cbef07393ea38cb6648ed335dc8
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 21:49:05 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 05 Feb 2023 12:04:33 GMT
Expires: Sun, 12 Feb 2023 12:04:32 GMT
Etag: "4930912f30f06b318246f88ab2d4b0ef8310fcf6"
Cache-Control: max-age=569126,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 794eda9bec4cfab4-OSL
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 96f7904b22bd10653bc0d4f67215f960
8cd6822ecd4e595745a92156ce72c81dafef9c07
b66e9f9073e01f210a393ee3d55ac5f381d3cc19b16728d797612ffb1bb77273
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B66E9F9073E01F210A393EE3D55AC5F381D3CC19B16728D797612FFB1BB77273"
Last-Modified: Fri, 03 Feb 2023 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3610
Expires: Sun, 05 Feb 2023 22:49:15 GMT
Date: Sun, 05 Feb 2023 21:49:05 GMT
Connection: keep-alive
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 62fee7d67016395e394bb6198ed16f20
4930912f30f06b318246f88ab2d4b0ef8310fcf6
500be9dcad6eb9ad87713914ba24532e52327cbef07393ea38cb6648ed335dc8
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 21:49:05 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 05 Feb 2023 12:04:33 GMT
Expires: Sun, 12 Feb 2023 12:04:32 GMT
Etag: "4930912f30f06b318246f88ab2d4b0ef8310fcf6"
Cache-Control: max-age=569126,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 794eda9d1f5fb521-OSL
c.adsco.re/
104.17.166.186200 OK 27 kB IP 104.17.166.186:0
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (689)
Hash f8383455bbfe3f8856071e9f8565e89f
e77e08e69964446a0925d69e77375725a21a38ab
844c0c07b4a5d90b55fe01685124e391edb3a4165f7d3eb7b97668e9ea6eb985
GET / HTTP/1.1
Host: c.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ofhub.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 21:49:05 GMT
content-type: text/html
cache-control: public, max-age=2678400
accept-ch: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
permissions-policy: ch-ua=(self "https://adsco.re"),ch-ua-mobile=(self "https://adsco.re"),ch-ua-full-version=(self "https://adsco.re"),ch-ua-platform=(self "https://adsco.re"),ch-ua-platform-version=(self "https://adsco.re"),ch-ua-arch=(self "https://adsco.re"),ch-ua-model=(self "https://adsco.re"),ch-device-memory=(self "https://adsco.re"),ch-downlink=(self "https://adsco.re"),ch-ect=(self "https://adsco.re"),ch-rtt=(self "https://adsco.re"),ch-width=(self "https://adsco.re"),ch-viewport-width=(self "https://adsco.re"),ch-dpr=(self "https://adsco.re")
link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=preconnect
expires: Wed, 08 Mar 2023 21:49:05 GMT
etag: W/"xkCBFtC0Wl/JiS60JFipuQ=="
cf-cache-status: HIT
age: 613
vary: Accept-Encoding
server: cloudflare
cf-ray: 794eda9bb8750b3d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
pi8fn1bimxur.l4.adsco.re/
185.200.118.90200 OK 0 B URL HTTP/1.1 pi8fn1bimxur.l4.adsco.re/
IP 185.200.118.90:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: pi8fn1bimxur.l4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://www.ofhub.xyz
Connection: keep-alive
Referer: https://www.ofhub.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 21:49:05 GMT
Content-Type: text/html
Content-Length: 0
Last-Modified: Tue, 31 Jul 2018 22:16:15 GMT
Connection: close
ETag: "5b60dfaf-0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Accept-Ranges: bytes
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c2c21e92eb02f73e22fedb97e669acbd
b8c4c47940973a603190ebd6a113f86ae05edb4d
bad0e25ee40e8fb6527e429f721acfa3ea793883b1343f94a1374e8582b7440f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BAD0E25EE40E8FB6527E429F721ACFA3EA793883B1343F94A1374E8582B7440F"
Last-Modified: Fri, 03 Feb 2023 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10393
Expires: Mon, 06 Feb 2023 00:42:18 GMT
Date: Sun, 05 Feb 2023 21:49:05 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 946a5ef2e5dd7032e7654d1435fd45b8
1b76eaeee4ba6615d4dda0c17027d37e5c455ba0
98a4c0fa4a73c9fa093b9ccb9db150602ea742ddf6f6a236a0d1fd0ed9d75143
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 21:49:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 946a5ef2e5dd7032e7654d1435fd45b8
1b76eaeee4ba6615d4dda0c17027d37e5c455ba0
98a4c0fa4a73c9fa093b9ccb9db150602ea742ddf6f6a236a0d1fd0ed9d75143
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 21:49:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 946a5ef2e5dd7032e7654d1435fd45b8
1b76eaeee4ba6615d4dda0c17027d37e5c455ba0
98a4c0fa4a73c9fa093b9ccb9db150602ea742ddf6f6a236a0d1fd0ed9d75143
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 21:49:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 946a5ef2e5dd7032e7654d1435fd45b8
1b76eaeee4ba6615d4dda0c17027d37e5c455ba0
98a4c0fa4a73c9fa093b9ccb9db150602ea742ddf6f6a236a0d1fd0ed9d75143
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 21:49:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 946a5ef2e5dd7032e7654d1435fd45b8
1b76eaeee4ba6615d4dda0c17027d37e5c455ba0
98a4c0fa4a73c9fa093b9ccb9db150602ea742ddf6f6a236a0d1fd0ed9d75143
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 21:49:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lh3.googleusercontent.com/blogger_img_proxy/AHs97-nS1p3lh-nvlDz8DYBkEoazXwiS3gItMnGwcvwHu3kKPhb306dnvpNFftnn-fw-9JrRcomqvwLAz2ZYmu4JeG4YB8k66azCBBbPNBj1Peyrd5qkVjUVY_TW4Ywn0JI6NM34hSU2p3pNNLgHBlY8BA=w88-h77-p-k-no-nu
216.58.211.1200 OK 3.8 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/AHs97-nS1p3lh-nvlDz8DYBkEoazXwiS3gItMnGwcvwHu3kKPhb306dnvpNFftnn-fw-9JrRcomqvwLAz2ZYmu4JeG4YB8k66azCBBbPNBj1Peyrd5qkVjUVY_TW4Ywn0JI6NM34hSU2p3pNNLgHBlY8BA=w88-h77-p-k-no-nu
IP 216.58.211.1:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 88x77, components 3\012- data
Hash 3dc57f367cffd0cd7edace8e03e10dbf
dff993458e081362417955b3f43f91ebbf74c7cf
bbf0bf1439b9cbec34d84c90c9708a1dd128a878d2422feb6453d10e319a5005
GET /blogger_img_proxy/AHs97-nS1p3lh-nvlDz8DYBkEoazXwiS3gItMnGwcvwHu3kKPhb306dnvpNFftnn-fw-9JrRcomqvwLAz2ZYmu4JeG4YB8k66azCBBbPNBj1Peyrd5qkVjUVY_TW4Ywn0JI6NM34hSU2p3pNNLgHBlY8BA=w88-h77-p-k-no-nu HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ofhub.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Mon, 06 Feb 2023 21:49:05 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Sun, 05 Feb 2023 21:49:05 GMT
server: fife
content-length: 3753
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.com/recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu
142.250.74.132200 OK 665 B URL HTTP/2 www.google.com/recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu
IP 142.250.74.132:0
File type ASCII text, with very long lines (1034), with no line terminators
Hash c7f89fdd783e35486b22625cb506da04
7a45defd22786b1ca257b21bb74d758149037426
3a695a81a72e80c5b9ce0889c960c64c9af49fc5e6c7e90a377686943020e4ad
GET /recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
expires: Sun, 05 Feb 2023 21:49:05 GMT
date: Sun, 05 Feb 2023 21:49:05 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 665
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
lh3.googleusercontent.com/blogger_img_proxy/AHs97-l9fgY2KSsbgwoXKtyWwpMZ6fddceRfG44WYdPPGu-BDZNV_2U1uW1K9X-ee-94zWFVpg7LsNsy2eVSRqkkY-Ik7W1MzjoUD7u8N6WpfL4GUL-VLQ0ew7rqeaozfv-G3lyB4jzS_O8S_K0cUFKG9MclDCq6LqrLYf_hZJY=w88-h77-p-k-no-nu
216.58.211.1200 OK 5.1 kB URL HTTP/2 lh3.googleusercontent.com/blogger_img_proxy/AHs97-l9fgY2KSsbgwoXKtyWwpMZ6fddceRfG44WYdPPGu-BDZNV_2U1uW1K9X-ee-94zWFVpg7LsNsy2eVSRqkkY-Ik7W1MzjoUD7u8N6WpfL4GUL-VLQ0ew7rqeaozfv-G3lyB4jzS_O8S_K0cUFKG9MclDCq6LqrLYf_hZJY=w88-h77-p-k-no-nu
IP 216.58.211.1:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 88x77, components 3\012- data
Hash 55294ca6bf535525d4a5357e7fb139ae
f06fdad90d4ee6a76b2971378ff43f2581bb2782
53fe4d69f20809fd4fd6b35a32d39357bda8c80a63df43355cbba264fb5830e5
GET /blogger_img_proxy/AHs97-l9fgY2KSsbgwoXKtyWwpMZ6fddceRfG44WYdPPGu-BDZNV_2U1uW1K9X-ee-94zWFVpg7LsNsy2eVSRqkkY-Ik7W1MzjoUD7u8N6WpfL4GUL-VLQ0ew7rqeaozfv-G3lyB4jzS_O8S_K0cUFKG9MclDCq6LqrLYf_hZJY=w88-h77-p-k-no-nu HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ofhub.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Mon, 06 Feb 2023 21:49:05 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Sun, 05 Feb 2023 21:49:05 GMT
server: fife
content-length: 5107
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.ofhub.xyz/favicon.ico
172.217.21.179200 OK 551 B URL HTTP/2 www.ofhub.xyz/favicon.ico
IP 172.217.21.179:0
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash e96b8e6245867b13f01b684d53697320
e77d4559ec8d4b7e61a456acb851a08230545fd8
6e6fe9b3e96f24ce50e964a6d1c908b7217148427a6db45d1109f53b1464b33f
GET /favicon.ico HTTP/1.1
Host: www.ofhub.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ofhub.xyz/2023/02/100-rare-models-pack-2tb.html
Cookie: dom3ic8zudi28v8lr6fgphwffqoz0j6c=f1c8e7c8-0b17-4afa-9dc0-8127c89c1e75%3A1%3A1; ppu_main_a962fdfe7a16ccb4e05f39bb7bfdc2e2=1; a=hUiXVDXrhOvaPvEhsRRqqSWTaT8GP9O4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/x-icon; charset=UTF-8
expires: Sun, 05 Feb 2023 21:49:05 GMT
date: Sun, 05 Feb 2023 21:49:05 GMT
cache-control: private, max-age=86400
last-modified: Sat, 04 Feb 2023 20:00:32 GMT
etag: W/"4b1af8b983ccfcbd0be999debd66fa2715b67a37a482e9e5797fc7d409efecb4"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 551
server: GSE
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 946a5ef2e5dd7032e7654d1435fd45b8
1b76eaeee4ba6615d4dda0c17027d37e5c455ba0
98a4c0fa4a73c9fa093b9ccb9db150602ea742ddf6f6a236a0d1fd0ed9d75143
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 21:49:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
pi8fn1bimxur.n4.adsco.re/
38.132.109.186200 OK 0 B URL HTTP/1.1 pi8fn1bimxur.n4.adsco.re/
IP 38.132.109.186:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: pi8fn1bimxur.n4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://www.ofhub.xyz
Connection: keep-alive
Referer: https://www.ofhub.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 21:49:05 GMT
Content-Type: text/html
Content-Length: 0
Last-Modified: Mon, 30 Jul 2018 15:32:42 GMT
Connection: close
ETag: "5b5f2f9a-0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2183fdf183ed33f2cd4342abd7bcadbe
007fe0bb01b7d77fbaaff5346fd7582041c978c8
8f0381d12ab5a76be5137b365e811e75db681eb0f6ad04d7ce28ad73101c33d5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 21:49:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__en.js
142.250.74.35200 OK 164 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__en.js
IP 142.250.74.35:0
File type ASCII text, with very long lines (633)
Size 164 kB (163841 bytes)
Hash fe98364486b3206867b17008f995646f
35a5e9aa210970f7abd718d99e629c6982a3cc02
1fd703cb16e3f6f3f7192109d19c69d6e5ac1cfa0feb5b105a86564b7970d28a
GET /recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
Origin: https://www.blogger.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 163841
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 31 Jan 2023 08:53:11 GMT
expires: Wed, 31 Jan 2024 08:53:11 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 31 Jan 2023 02:51:47 GMT
content-type: text/javascript
age: 478554
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 58c88b34c980fa136e81f2dac9563cd1
f76f7affe7fb2a0243b2da835f45025a73728a44
9e97bb4f9c31760527104c46561ce2c7dc7ece405c660b4f16660c78cc8a892f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9E97BB4F9C31760527104C46561CE2C7DC7ECE405C660B4F16660C78CC8A892F"
Last-Modified: Sat, 04 Feb 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8372
Expires: Mon, 06 Feb 2023 00:08:38 GMT
Date: Sun, 05 Feb 2023 21:49:06 GMT
Connection: keep-alive
adsco.re/p
162.252.214.5200 OK 410 B IP 162.252.214.5:0
File type ASCII text, with very long lines (487), with no line terminators
Hash 8217ad019492f973e916bfca7c4d48ce
0b1250258c7fd4bd681aeb2cbb89f9adab046067
57cc9394d42eb0dd269f06885d9e7453be6f153082a2f4cc29768aedb123c59d
POST /p HTTP/1.1
Host: adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 2455
Origin: https://www.ofhub.xyz
Connection: keep-alive
Referer: https://www.ofhub.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 21:49:06 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
AS-P-1: OK lon123
AS-P-2: OK
AS-P-3: OK
Access-Control-Max-Age: 2592000
Cache-Control: no-transform
Access-Control-Allow-Origin: https://www.ofhub.xyz
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
ocsp.godaddy.com/
192.124.249.22200 OK 1.8 kB IP 192.124.249.22:0
Hash ce9025ddb0d03269a64d76e9166d27e6
fc37eb3c6ae4d24ef9e74818f3de3ccf43696f7d
c38e0c25b3a1a160da142f5778980ee895217f7d42c42034aa027a2d44254128
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sun, 05 Feb 2023 21:49:06 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19022
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sun, 05 Feb 2023 19:51:14 GMT
Expires: Mon, 06 Feb 2023 19:51:14 GMT
ETag: "fc37eb3c6ae4d24ef9e74818f3de3ccf43696f7d"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7c28ed76a9d4ecdbe40c48de933e9859
87b1d8befe6e6a29152d9a123346c1e6ed0959d2
70d676af3a9037d091ca0145c3acb8311592ee5d5e00c94c42683d276d5d8298
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "70D676AF3A9037D091CA0145C3ACB8311592EE5D5E00C94C42683D276D5D8298"
Last-Modified: Fri, 03 Feb 2023 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4302
Expires: Sun, 05 Feb 2023 23:00:48 GMT
Date: Sun, 05 Feb 2023 21:49:06 GMT
Connection: keep-alive
banquetunarmedgrater.com/advertisers.js
192.243.59.13200 OK 0 B URL HTTP/1.1 banquetunarmedgrater.com/advertisers.js
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /advertisers.js HTTP/1.1
Host: banquetunarmedgrater.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ofhub.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sun, 05 Feb 2023 21:49:06 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: fa64372940a1ff40c69ed05cd67736f6
Strict-Transport-Security: max-age=0; includeSubdomains
blogger.googleusercontent.com/img/a/AVvXsEg9muAhHD3Jl4Jf5HitvLyLttSvAiESdPNDm4QVRVMe2zF2PocMBgMqeN0x2VKcpWVInujNJeBQU6eQlbQGGuSJwKU2W-f6hRXxXfRBDRY_1kcRcSTqHgzre7fOaAXoi6fbDtszegJWEJcCQYt9v-ElTIc9DAgdBwvbplBSMSZr3XpJ6ayuewE-HbLM=s1188
216.58.211.1200 OK 215 kB URL HTTP/2 blogger.googleusercontent.com/img/a/AVvXsEg9muAhHD3Jl4Jf5HitvLyLttSvAiESdPNDm4QVRVMe2zF2PocMBgMqeN0x2VKcpWVInujNJeBQU6eQlbQGGuSJwKU2W-f6hRXxXfRBDRY_1kcRcSTqHgzre7fOaAXoi6fbDtszegJWEJcCQYt9v-ElTIc9DAgdBwvbplBSMSZr3XpJ6ayuewE-HbLM=s1188
IP 216.58.211.1:0
File type PNG image data, 1188 x 499, 8-bit/color RGBA, non-interlaced\012- data
Size 215 kB (214953 bytes)
Hash c3f63fc3ae2fdd01a2a493b3956e3360
37a0942fadba53ce155c471304c3815eca906a99
1ce0b4fb54473e991a52436a348ee45d17d9ee48304f3936c9aa5568b272babe
GET /img/a/AVvXsEg9muAhHD3Jl4Jf5HitvLyLttSvAiESdPNDm4QVRVMe2zF2PocMBgMqeN0x2VKcpWVInujNJeBQU6eQlbQGGuSJwKU2W-f6hRXxXfRBDRY_1kcRcSTqHgzre7fOaAXoi6fbDtszegJWEJcCQYt9v-ElTIc9DAgdBwvbplBSMSZr3XpJ6ayuewE-HbLM=s1188 HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ofhub.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v6f1"
expires: Mon, 06 Feb 2023 21:49:06 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="New Project-7.png"
content-type: image/png
vary: Origin
x-content-type-options: nosniff
date: Sun, 05 Feb 2023 21:49:06 GMT
server: fife
content-length: 214953
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
telegra.ph/file/bbb6d5a49ba053413fdd4.jpg
149.154.164.13200 OK 198 kB URL HTTP/2 telegra.ph/file/bbb6d5a49ba053413fdd4.jpg
IP 149.154.164.13:0
ASN #62041 Telegram Messenger Inc
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 1037x1280, components 3\012- data
Size 198 kB (198370 bytes)
Hash 203a1182c65531379233d0c6ecde25a2
16e02863c5379c5f4f79e2c1deb0bc8904ee1220
8eb1de61c326e38b52271edf6117bc184994ce9ad2979a3803a932e804b6893f
GET /file/bbb6d5a49ba053413fdd4.jpg HTTP/1.1
Host: telegra.ph
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ofhub.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.20.1
date: Sun, 05 Feb 2023 21:49:06 GMT
content-type: image/jpeg
content-length: 198370
cache-control: max-age=2592000, public
expires: Tue, 07 Mar 2023 21:49:06 GMT
etag: "1ba381ffff713922f5636290327a725dc0e8caed"
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg6j2vo7QDtX55CkkWAyPQH3gK6LyHgmOmzCFh3TBL4Mq9DhV7-FVF5pB-Ua2ac4ARtEFy4hgUwbeMs6J9jpkQBWaVrG0-1H7KaskxhqKrNYaUXhrevWS7AOVdoGWpfc0y6JPVW13r8RCMrm-0As9G5PuxSQIFFuFk8VL3QRuABOFtcYRZ-rpiXfikT/w400-h400/IMG_20221006_145512_055.jpg
216.58.211.1200 OK 63 kB URL HTTP/2 blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg6j2vo7QDtX55CkkWAyPQH3gK6LyHgmOmzCFh3TBL4Mq9DhV7-FVF5pB-Ua2ac4ARtEFy4hgUwbeMs6J9jpkQBWaVrG0-1H7KaskxhqKrNYaUXhrevWS7AOVdoGWpfc0y6JPVW13r8RCMrm-0As9G5PuxSQIFFuFk8VL3QRuABOFtcYRZ-rpiXfikT/w400-h400/IMG_20221006_145512_055.jpg
IP 216.58.211.1:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 400x400, components 3\012- data
Hash cc8be4425e003482d3cd7a82cd27897f
ee3ada0b07c6d42dc7de77aacc485e881c9bb6af
cb78f3423ea6b2a5cae83917c95d0f429d02a878d3863c56f8917ce7a4681956
GET /img/b/R29vZ2xl/AVvXsEg6j2vo7QDtX55CkkWAyPQH3gK6LyHgmOmzCFh3TBL4Mq9DhV7-FVF5pB-Ua2ac4ARtEFy4hgUwbeMs6J9jpkQBWaVrG0-1H7KaskxhqKrNYaUXhrevWS7AOVdoGWpfc0y6JPVW13r8RCMrm-0As9G5PuxSQIFFuFk8VL3QRuABOFtcYRZ-rpiXfikT/w400-h400/IMG_20221006_145512_055.jpg HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ofhub.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v845"
expires: Mon, 06 Feb 2023 21:49:06 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="IMG_20221006_145512_055.jpg"
content-type: image/jpeg
vary: Origin
x-content-type-options: nosniff
date: Sun, 05 Feb 2023 21:49:06 GMT
server: fife
content-length: 62882
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiAf_Rz2zxQGb3ELw_wXeyGMBZYf1NqN99qeslrQDFZtUxolYNOun49Nu4CbslYoppWcurOQGXCg8J_LL0zQpFiUxsvZs3Iq6vTWC4tYcmtxAn_xVpstKkZEVQ9tclxfvSuDpi4CFWZe46zmhSmNlPUa8MCumuo1GEztaETNlN_k9W_x5BtBqNcMVCp/w308-h283-p-k-no-nu/IMG_0492.jpg=w74-h74-p-k-no-nu
216.58.211.1200 OK 25 kB URL HTTP/2 blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiAf_Rz2zxQGb3ELw_wXeyGMBZYf1NqN99qeslrQDFZtUxolYNOun49Nu4CbslYoppWcurOQGXCg8J_LL0zQpFiUxsvZs3Iq6vTWC4tYcmtxAn_xVpstKkZEVQ9tclxfvSuDpi4CFWZe46zmhSmNlPUa8MCumuo1GEztaETNlN_k9W_x5BtBqNcMVCp/w308-h283-p-k-no-nu/IMG_0492.jpg=w74-h74-p-k-no-nu
IP 216.58.211.1:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 308x283, components 3\012- data
Hash 0495ef8fc42121881f90f322ca9ef674
55aefb479f7102d4d2cc30fd8cac69ab2ecac178
81fb70f59ba155a2c25a2de22de562bcc1f978ea4cb40c91cebc00dfa1b9befc
GET /img/b/R29vZ2xl/AVvXsEiAf_Rz2zxQGb3ELw_wXeyGMBZYf1NqN99qeslrQDFZtUxolYNOun49Nu4CbslYoppWcurOQGXCg8J_LL0zQpFiUxsvZs3Iq6vTWC4tYcmtxAn_xVpstKkZEVQ9tclxfvSuDpi4CFWZe46zmhSmNlPUa8MCumuo1GEztaETNlN_k9W_x5BtBqNcMVCp/w308-h283-p-k-no-nu/IMG_0492.jpg=w74-h74-p-k-no-nu HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ofhub.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v77c"
expires: Mon, 06 Feb 2023 21:49:06 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="IMG_0492.jpg"
content-type: image/jpeg
vary: Origin
x-content-type-options: nosniff
date: Sun, 05 Feb 2023 21:49:06 GMT
server: fife
content-length: 24742
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.ofhub.xyz/2022/08/blake-blossom.html
172.217.21.179200 OK 69 kB URL HTTP/2 www.ofhub.xyz/2022/08/blake-blossom.html
IP 172.217.21.179:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2940)
Hash 89ad80f08c66a721a059c90d5c67fa17
ce4388df1c1713d3b9a8003444e3f885b687971e
b8d4d41507efcb24a0b2aaa1d3fc1db649879ca9e437967bba9a427cf8086078
GET /2022/08/blake-blossom.html HTTP/1.1
Host: www.ofhub.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.ofhub.xyz/2023/02/100-rare-models-pack-2tb.html
Cookie: dom3ic8zudi28v8lr6fgphwffqoz0j6c=f1c8e7c8-0b17-4afa-9dc0-8127c89c1e75%3A1%3A1; ppu_main_a962fdfe7a16ccb4e05f39bb7bfdc2e2=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
expires: Sun, 05 Feb 2023 21:49:06 GMT
date: Sun, 05 Feb 2023 21:49:06 GMT
cache-control: private, max-age=0
last-modified: Sat, 04 Feb 2023 20:00:32 GMT
etag: W/"4b1af8b983ccfcbd0be999debd66fa2715b67a37a482e9e5797fc7d409efecb4"
x-robots-tag: all,noodp
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 68714
server: GSE
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2183fdf183ed33f2cd4342abd7bcadbe
007fe0bb01b7d77fbaaff5346fd7582041c978c8
8f0381d12ab5a76be5137b365e811e75db681eb0f6ad04d7ce28ad73101c33d5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 21:49:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
play.google.com/log?format=json&hasfast=true
142.250.74.78200 OK 131 B URL HTTP/2 play.google.com/log?format=json&hasfast=true
IP 142.250.74.78:0
File type JSON data\012- , ASCII text, with no line terminators
Hash babb6f090aeebc6f421624475b4aefff
06079b7547949822c118224e51604f4c5ebf80c8
b2fe8b91f31edc7284cc9690e90dd4a38d985598374df68967d917590beb55dd
POST /log?format=json&hasfast=true HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
Content-Type: application/x-www-form-urlencoded;charset=utf-8
Content-Length: 1515
Origin: https://www.blogger.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.blogger.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web
content-type: text/plain; charset=UTF-8
content-encoding: gzip
date: Sun, 05 Feb 2023 21:49:06 GMT
server: Playlog
cache-control: private
content-length: 131
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: CONSENT=PENDING+999; expires=Tue, 04-Feb-2025 21:49:06 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 05 Feb 2023 21:49:06 GMT
X-Firefox-Spdy: h2
telegra.ph/file/1733d0bb2e47efd1fbbd9.jpg
149.154.164.13200 OK 34 kB URL HTTP/2 telegra.ph/file/1733d0bb2e47efd1fbbd9.jpg
IP 149.154.164.13:0
ASN #62041 Telegram Messenger Inc
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 480x640, components 3\012- data
Hash ddff0bcde560b4c913dd84caa3af1bdb
5705591b3f84d91e364dca1789e6ba165a5c2738
9b62ef4dacc211bdf4a69fcae820c1de0987881c589a5f7d40df2933586e6810
GET /file/1733d0bb2e47efd1fbbd9.jpg HTTP/1.1
Host: telegra.ph
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ofhub.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.1
date: Sun, 05 Feb 2023 21:49:06 GMT
content-type: image/jpeg
content-length: 34095
cache-control: max-age=2592000, public
expires: Tue, 07 Mar 2023 21:49:06 GMT
etag: "630d8160a909abdefb555e555b2329d8c5bf5eb8"
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
pi8fn1bimxur.s4.adsco.re/
185.200.116.90200 OK 0 B URL HTTP/1.1 pi8fn1bimxur.s4.adsco.re/
IP 185.200.116.90:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: pi8fn1bimxur.s4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://www.ofhub.xyz
Connection: keep-alive
Referer: https://www.ofhub.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 21:49:06 GMT
Content-Type: text/html
Content-Length: 0
Last-Modified: Mon, 30 Jul 2018 15:38:01 GMT
Connection: close
ETag: "5b5f30d9-0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Accept-Ranges: bytes
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 30b3c665e434edaefce099b725f6977f
ed164a57dbc0160e2cb2c0fcac41dabd840e636b
f732570e961186db3913e3366a6508007e21131d2fa937b25048128cd89a5ee7
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 21:49:06 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 04 Feb 2023 13:12:44 GMT
Expires: Sat, 11 Feb 2023 13:12:43 GMT
Etag: "ed164a57dbc0160e2cb2c0fcac41dabd840e636b"
Cache-Control: max-age=486816,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 794edaa36ac0fab4-OSL
blockadsnot.com/B.asp?_=BQFiAAAAAAAACZUAAijqTarawDwI4qhgvlEbUwt20MG56ERQM_sA4J7Qpw4GVtltyxOHP5GnL8cGUEQLAFwGKPDrv_D8qlrsusQ53vstbpDZpJxWxjTio1XTKfSxSLeAhYg7O0HicSNl4_f2VLRrnqHSXPjzSkb8luk6bIZ_oQB_JoRjZnvjC-jpuWujK3LQLFQ1xH07_dbYcnAm4Yir0ZmuAzdlkhLLqIsGD2d1_9LNie7bH9cHK6tDVEd9o1CylnwAR50UGi5BUw8WTySwRCcy3NagbvTohBqTtIeYsphGByCid0_C5eKBx2pbMS3PPbwJnKn8p6OwlbA1iBhaVCTjQm37s3yi8pBiW4F_HZhujhwR92FAKiZ5u_vrz-cfk_h3iuFrhwVS_IUxL0FpP9hps7e1JJHt3Z7yWOmkvPUd5KiNCHs8COuuMot-OzvbqkmTrlj9ya7mVWVEhKdhf5twwgvnvuvjBIvR8og&v=4&serBPwhV=4810818&minBid=&oUxAiZSf=0,0&CGXgPRNl=&vDUQpSbT=&s=1280,1024,1,1280,1024,0
208.95.112.254200 OK 44 B URL HTTP/2 blockadsnot.com/B.asp?_=BQFiAAAAAAAACZUAAijqTarawDwI4qhgvlEbUwt20MG56ERQM_sA4J7Qpw4GVtltyxOHP5GnL8cGUEQLAFwGKPDrv_D8qlrsusQ53vstbpDZpJxWxjTio1XTKfSxSLeAhYg7O0HicSNl4_f2VLRrnqHSXPjzSkb8luk6bIZ_oQB_JoRjZnvjC-jpuWujK3LQLFQ1xH07_dbYcnAm4Yir0ZmuAzdlkhLLqIsGD2d1_9LNie7bH9cHK6tDVEd9o1CylnwAR50UGi5BUw8WTySwRCcy3NagbvTohBqTtIeYsphGByCid0_C5eKBx2pbMS3PPbwJnKn8p6OwlbA1iBhaVCTjQm37s3yi8pBiW4F_HZhujhwR92FAKiZ5u_vrz-cfk_h3iuFrhwVS_IUxL0FpP9hps7e1JJHt3Z7yWOmkvPUd5KiNCHs8COuuMot-OzvbqkmTrlj9ya7mVWVEhKdhf5twwgvnvuvjBIvR8og&v=4&serBPwhV=4810818&minBid=&oUxAiZSf=0,0&CGXgPRNl=&vDUQpSbT=&s=1280,1024,1,1280,1024,0
IP 208.95.112.254:0
File type ASCII text, with no line terminators
Hash d5f0a25e4d3522d56d48ce7bc3e518fb
86794caff58f7fee6e684c2ba7195f970a8d6f4c
9d781128a8ece413b003d5612b8398bf9340ef7f5b751d12bd125ba523d3ceb5
GET /B.asp?_=BQFiAAAAAAAACZUAAijqTarawDwI4qhgvlEbUwt20MG56ERQM_sA4J7Qpw4GVtltyxOHP5GnL8cGUEQLAFwGKPDrv_D8qlrsusQ53vstbpDZpJxWxjTio1XTKfSxSLeAhYg7O0HicSNl4_f2VLRrnqHSXPjzSkb8luk6bIZ_oQB_JoRjZnvjC-jpuWujK3LQLFQ1xH07_dbYcnAm4Yir0ZmuAzdlkhLLqIsGD2d1_9LNie7bH9cHK6tDVEd9o1CylnwAR50UGi5BUw8WTySwRCcy3NagbvTohBqTtIeYsphGByCid0_C5eKBx2pbMS3PPbwJnKn8p6OwlbA1iBhaVCTjQm37s3yi8pBiW4F_HZhujhwR92FAKiZ5u_vrz-cfk_h3iuFrhwVS_IUxL0FpP9hps7e1JJHt3Z7yWOmkvPUd5KiNCHs8COuuMot-OzvbqkmTrlj9ya7mVWVEhKdhf5twwgvnvuvjBIvR8og&v=4&serBPwhV=4810818&minBid=&oUxAiZSf=0,0&CGXgPRNl=&vDUQpSbT=&s=1280,1024,1,1280,1024,0 HTTP/1.1
Host: blockadsnot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ofhub.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
asf: 9
popads-ec: ASB
content-type: text/javascript;charset=UTF-8
content-length: 44
date: Sun, 05 Feb 2023 21:49:06 GMT
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Ubuntu:regular,bold&display=swap
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Ubuntu:regular,bold&display=swap
IP 142.250.74.106:0
GET /css?family=Ubuntu:regular,bold&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ofhub.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 05 Feb 2023 21:49:03 GMT
date: Sun, 05 Feb 2023 21:49:03 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ka-f.fontawesome.com/releases/v6.2.1/css/free-v4-font-face.min.css?token=af72ef5031
172.64.168.22200 OK 0 B URL HTTP/2 ka-f.fontawesome.com/releases/v6.2.1/css/free-v4-font-face.min.css?token=af72ef5031
IP 172.64.168.22:0
GET /releases/v6.2.1/css/free-v4-font-face.min.css?token=af72ef5031 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ofhub.xyz/
Origin: https://www.ofhub.xyz
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 21:49:04 GMT
content-type: text/css
last-modified: Mon, 14 Nov 2022 15:06:07 GMT
etag: W/"075b2106ba08d32bc88fff3724503b1e"
cache-control: max-age=31556926
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-headers: fa-kit-token
access-control-max-age: 3000
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a4a80ac7ffee78c042728f52e3f729e0.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P1
x-amz-cf-id: FTpmTO3XMdtp5-FWdsJLSCwuCxsTTrxj74wDShq-7DbJH2Yd1ShrMA==
age: 428438
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GcJhaKfKJ9RdXfyPvLSQMWXWrFUIfzT6yKD8Svlp6RNmaQgjV8ggE3qo%2BwTu%2Bf37xSuoKpbL8ysCdZ6ioYOBVfWNRrnqjzrNtxlNg8QFWsAVtKvYyp9Kj8Pj6HCboAlPcmMcGvKwdw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 794eda9579c075c0-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.blockadsnot.com/pegasus.min.js
185.76.9.19200 OK 0 B URL HTTP/2 www.blockadsnot.com/pegasus.min.js
IP 185.76.9.19:0
ASN #60068 Datacamp Limited
GET /pegasus.min.js HTTP/1.1
Host: www.blockadsnot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.ofhub.xyz
Connection: keep-alive
Referer: https://www.ofhub.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 21:49:03 GMT
content-type: application/x-javascript
alt-svc: quic="185.76.9.13:443"; ma=2592000; v="44,43,39"
expires: Sun, 12 Feb 2023 12:38:16 GMT
access-control-allow-origin: *
link: <https://blockadsnot.com/>;rel=preconnect,<https://c.adsco.re/>;rel=preconnect,<https://adsco.re/>;rel=preconnect
cache-control: public, max-age=604800
x-accel-expires: @1676205496
server: CDN77-Turbo
x-77-nzt: AblMCQ3/unL/F4EAAA
x-77-nzt-ray: c0a4cc28e90ff4674f24e063319e8c0f
x-cache: HIT
x-age: 33047
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
www.ofhub.xyz/2022/08/belle-delphine-all-packs-here-30gb.html
172.217.21.179200 OK 0 B URL HTTP/2 www.ofhub.xyz/2022/08/belle-delphine-all-packs-here-30gb.html
IP 172.217.21.179:0
GET /2022/08/belle-delphine-all-packs-here-30gb.html HTTP/1.1
Host: www.ofhub.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.ofhub.xyz/2023/02/100-rare-models-pack-2tb.html
Cookie: dom3ic8zudi28v8lr6fgphwffqoz0j6c=f1c8e7c8-0b17-4afa-9dc0-8127c89c1e75%3A1%3A1; ppu_main_a962fdfe7a16ccb4e05f39bb7bfdc2e2=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
expires: Sun, 05 Feb 2023 21:49:05 GMT
date: Sun, 05 Feb 2023 21:49:05 GMT
cache-control: private, max-age=0
last-modified: Sat, 04 Feb 2023 20:00:32 GMT
etag: W/"4b1af8b983ccfcbd0be999debd66fa2715b67a37a482e9e5797fc7d409efecb4"
x-robots-tag: all,noodp
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 68707
server: GSE
X-Firefox-Spdy: h2
kit.fontawesome.com/af72ef5031.js
104.18.23.52200 OK 0 B URL HTTP/2 kit.fontawesome.com/af72ef5031.js
IP 104.18.23.52:0
GET /af72ef5031.js HTTP/1.1
Host: kit.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.ofhub.xyz
Connection: keep-alive
Referer: https://www.ofhub.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 21:49:03 GMT
content-type: text/javascript
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=60, public, must-revalidate
strict-transport-security: max-age=31536000; preload
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
x-request-id: Fz-Hm74XPizymxq0PtuC
cf-cache-status: REVALIDATED
server: cloudflare
cf-ray: 794eda8efcad0b02-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
ka-f.fontawesome.com/releases/v6.2.1/css/free-v4-shims.min.css?token=af72ef5031
172.64.168.22200 OK 0 B URL HTTP/2 ka-f.fontawesome.com/releases/v6.2.1/css/free-v4-shims.min.css?token=af72ef5031
IP 172.64.168.22:0
GET /releases/v6.2.1/css/free-v4-shims.min.css?token=af72ef5031 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ofhub.xyz/
Origin: https://www.ofhub.xyz
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 21:49:04 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Mon, 14 Nov 2022 15:06:08 GMT
etag: W/"0d00741459c51dd7330d97cd19326a7b"
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 61e6ef7711ac4efb23fc33fec6908cca.cloudfront.net (CloudFront)
x-amz-cf-pop: SYD1-C1
x-amz-cf-id: zNIhxBWT7PlnmFMaQvMy4dktwRhu1S2D-RKO1ywamEKgT-Thcqx9kg==
age: 161731
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BiHcqHf2tns3p3XRbwBV4Qxs%2FwiW%2B%2Fn1O29R2pZVWL4CxApoIhZqR6KZI1xekA12hBvC4zzvrQ7rptmr0fY%2F3a4RBTctPOlEY8pMBlwTRYnE453ecZ5AiigLT5j%2BwJ1UmnEgWpjWGA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 794eda9569b175c0-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ka-f.fontawesome.com/releases/v6.2.1/css/free.min.css?token=af72ef5031
172.64.168.22200 OK 0 B URL HTTP/2 ka-f.fontawesome.com/releases/v6.2.1/css/free.min.css?token=af72ef5031
IP 172.64.168.22:0
GET /releases/v6.2.1/css/free.min.css?token=af72ef5031 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.ofhub.xyz/
Origin: https://www.ofhub.xyz
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 21:49:04 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Mon, 14 Nov 2022 15:06:08 GMT
etag: W/"2dbe34367e935e2684b01124b0860d71"
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 17c7dca456d18c7a1217f1dd39cdf4ec.cloudfront.net (CloudFront)
x-amz-cf-pop: DUB56-P1
x-amz-cf-id: cKU2-_x3prJkXePw6zDsrV-DnX51QuRrZFnpFmseIN5eiaL5jdkY1w==
age: 292086
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fr%2FVHXyZTcU69n1eDlB0OnjmD1QNa0UMRmQnDLfr%2BfWZDv%2BoNV6894JdGOxR7HkPx36pPNWGLnSsoT3eB8yPY7x3XRynDh6roxdrkIyul62Rm3EQ6dHLGtOKtzesaFWW5qR0cIYZ1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 794eda95499b75c0-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2