datanodes.to/yux8s6yuc2qv/Pokemon-Violet.rar
31.43.191.18302 Moved 0 B URL HTTP/1.1 datanodes.to/yux8s6yuc2qv/Pokemon-Violet.rar
IP 31.43.191.18:0
ASN #210848 Telkom Internet LTD
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /yux8s6yuc2qv/Pokemon-Violet.rar HTTP/1.1
Host: datanodes.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Moved
Date: Fri, 09 Dec 2022 11:19:29 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_perl/2.0.11 Perl/v5.16.3
Set-Cookie: lang=english; domain=.datanodes.to; path=/
file_code=yux8s6yuc2qv; domain=.datanodes.to; path=/; expires=Fri, 09-Dec-2022 12:19:29 GMT
Location: https://datanodes.to/download
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash aea93551fa9deb76ae49a3b4019d64fe
e3b8862057ebe839959228e42246d7b1807fc90c
7e210f03b140418085e94ec20c1d27d6ecf7a404cbd323e16476ae5ae95d6dac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7E210F03B140418085E94EC20C1D27D6ECF7A404CBD323E16476AE5AE95D6DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15834
Expires: Fri, 09 Dec 2022 15:43:23 GMT
Date: Fri, 09 Dec 2022 11:19:29 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash f2acd891dc6eb1f09f57a2b086791781
1e2088306501a61edcca1ade62c4d54f23b3b083
51148fed95cc00d60dc3640350f135b1b2763ff0e3cfbffc40f0948317894be9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "51148FED95CC00D60DC3640350F135B1B2763FF0E3CFBFFC40F0948317894BE9"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7260
Expires: Fri, 09 Dec 2022 13:20:29 GMT
Date: Fri, 09 Dec 2022 11:19:29 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 4ee537977be9c03702f8ffe0025bf1fe
21637881c4aa34c4add703f8bff4eff573159f45
4819229fd8f502a0c68c80bd7409e104c1b4d1a98ca8a6cd9deba629b1511aea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4819229FD8F502A0C68C80BD7409E104C1B4D1A98CA8A6CD9DEBA629B1511AEA"
Last-Modified: Thu, 08 Dec 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17073
Expires: Fri, 09 Dec 2022 16:04:02 GMT
Date: Fri, 09 Dec 2022 11:19:29 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Backoff, Content-Length, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 09 Dec 2022 11:07:50 GMT
content-type: application/json
age: 699
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 42pjzk7kOcBScdXMbv6gLpjqu83Q7KeUJhQobFcsrmJQNY+30D9iTL/QT6xPpvM0chQELgwFQYvVKH0gmXNHTw==
x-amz-request-id: BJRTJEJYDV7N3GBW
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 09 Dec 2022 10:48:18 GMT
age: 1871
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 09 Dec 2022 11:19:29 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 8decc93b6361427224f089c52c5217ed
f665e7f48f2d266b966854eec23b7cd392818bd8
569e5e84323383c6f784bb8adf984877d2314cda54f879336557fc5392093054
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "569E5E84323383C6F784BB8ADF984877D2314CDA54F879336557FC5392093054"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18517
Expires: Fri, 09 Dec 2022 16:28:06 GMT
Date: Fri, 09 Dec 2022 11:19:29 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 09 Dec 2022 11:07:45 GMT
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
age: 704
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
datanodes.to/download
31.43.191.18200 OK 77 kB IP 31.43.191.18:0
ASN #210848 Telkom Internet LTD
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (62193)
Hash 63e4698add73b128f38f59d94125bd1b
e10d28afc21050123dbb94843dcb21899c7ea04c
b28a33fb416a453c5f1de1689a953890b906712012de046840cb16f1ee6474f1
GET /download HTTP/1.1
Host: datanodes.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 11:19:29 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_perl/2.0.11 Perl/v5.16.3
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Expires: Thu, 08 Dec 2022 11:19:29 GMT
Set-Cookie: lang=english; domain=.datanodes.to; path=/
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
datanodes.to/js/jquery-1.9.1.min.js
31.43.191.18200 OK 93 kB URL HTTP/1.1 datanodes.to/js/jquery-1.9.1.min.js
IP 31.43.191.18:0
ASN #210848 Telkom Internet LTD
File type ASCII text, with very long lines (32089)
Hash 397754ba49e9e0cf4e7c190da78dda05
ae49e56999d82802727455f0ba83b63acd90a22b
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
GET /js/jquery-1.9.1.min.js HTTP/1.1
Host: datanodes.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datanodes.to/download
Cookie: lang=english
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 11:19:29 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_perl/2.0.11 Perl/v5.16.3
Last-Modified: Thu, 06 Sep 2018 10:41:39 GMT
ETag: "169d5-57531892f9ec0"
Accept-Ranges: bytes
Content-Length: 92629
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 25c1a71b438dd3628ebe491222f1b414
651ec6be6391f31b7ea8f89441ffc9f58d3572f2
a9671ecd9fe7a56f470b4c16799360e71c39b48ed82ae1f7c7ba92f680da3ed9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3676
Cache-Control: max-age=161004
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 11:19:29 GMT
Etag: "6392dd51-117"
Expires: Sun, 11 Dec 2022 08:02:54 GMT
Last-Modified: Fri, 09 Dec 2022 07:01:37 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash d4507c78df6167484b39da9024efab18
72fedc57c2563ea57180ad8747bda11135bdf2bc
008d45b59c209f1be56f109f09e6366ccec8747b86d29a9ce5a07c61fd17042c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3237
Cache-Control: max-age=92479
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 11:19:29 GMT
Etag: "6391d35c-117"
Expires: Sat, 10 Dec 2022 13:00:48 GMT
Last-Modified: Thu, 08 Dec 2022 12:06:52 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash d4507c78df6167484b39da9024efab18
72fedc57c2563ea57180ad8747bda11135bdf2bc
008d45b59c209f1be56f109f09e6366ccec8747b86d29a9ce5a07c61fd17042c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3266
Cache-Control: max-age=92509
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 11:19:29 GMT
Etag: "6391d35c-117"
Expires: Sat, 10 Dec 2022 13:01:18 GMT
Last-Modified: Thu, 08 Dec 2022 12:06:52 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 25c1a71b438dd3628ebe491222f1b414
651ec6be6391f31b7ea8f89441ffc9f58d3572f2
a9671ecd9fe7a56f470b4c16799360e71c39b48ed82ae1f7c7ba92f680da3ed9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3714
Cache-Control: max-age=161042
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 11:19:29 GMT
Etag: "6392dd51-117"
Expires: Sun, 11 Dec 2022 08:03:31 GMT
Last-Modified: Fri, 09 Dec 2022 07:01:37 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 25c1a71b438dd3628ebe491222f1b414
651ec6be6391f31b7ea8f89441ffc9f58d3572f2
a9671ecd9fe7a56f470b4c16799360e71c39b48ed82ae1f7c7ba92f680da3ed9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3666
Cache-Control: max-age=160994
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 11:19:29 GMT
Etag: "6392dd51-117"
Expires: Sun, 11 Dec 2022 08:02:43 GMT
Last-Modified: Fri, 09 Dec 2022 07:01:37 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 25c1a71b438dd3628ebe491222f1b414
651ec6be6391f31b7ea8f89441ffc9f58d3572f2
a9671ecd9fe7a56f470b4c16799360e71c39b48ed82ae1f7c7ba92f680da3ed9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3676
Cache-Control: max-age=161004
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 11:19:29 GMT
Etag: "6392dd51-117"
Expires: Sun, 11 Dec 2022 08:02:54 GMT
Last-Modified: Fri, 09 Dec 2022 07:01:37 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash e6be4d2155028ffff5d01ab6e7edf6da
07172071b5cf43c4cd7d7930b4ad8518ec1e32e9
4d8a5fa2362fd0910babd6d128d850d4460829468eb23d34ee5ee6eaa42d5a38
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4025
Cache-Control: max-age=168871
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 11:19:29 GMT
Etag: "6392faaf-1d7"
Expires: Sun, 11 Dec 2022 10:14:00 GMT
Last-Modified: Fri, 09 Dec 2022 09:06:55 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash d4507c78df6167484b39da9024efab18
72fedc57c2563ea57180ad8747bda11135bdf2bc
008d45b59c209f1be56f109f09e6366ccec8747b86d29a9ce5a07c61fd17042c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3266
Cache-Control: max-age=92509
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 11:19:29 GMT
Etag: "6391d35c-117"
Expires: Sat, 10 Dec 2022 13:01:18 GMT
Last-Modified: Thu, 08 Dec 2022 12:06:52 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 279
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash b891e4d169b11db7114714e877e9d034
4323960351e0775497b1dff07b92df59262ef13f
e7adff9c67da2e70236d934bd5fceb10b2e7cb352fc20b5488a57d4c5e14293e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E7ADFF9C67DA2E70236D934BD5FCEB10B2E7CB352FC20B5488A57D4C5E14293E"
Last-Modified: Wed, 07 Dec 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15010
Expires: Fri, 09 Dec 2022 15:29:40 GMT
Date: Fri, 09 Dec 2022 11:19:30 GMT
Connection: keep-alive
talesapricot.com/1clkn/31269
23.109.248.164200 OK 26 B URL HTTP/1.1 talesapricot.com/1clkn/31269
IP 23.109.248.164:0
File type ASCII text, with no line terminators
Hash 414a242a6fee8464282857e475d3ef61
f669890350347f53aa9bd19c1a355692e8d17d2f
d4914e81dd0b4c1d8ee8e789f6b369d107b93ac886f862930e1a98580e79aafa
Analyzer Verdict Alert quad9 Sinkholed
GET /1clkn/31269 HTTP/1.1
Host: talesapricot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datanodes.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 09 Dec 2022 11:19:30 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Set-Cookie: GL_UI4=eJw9jd1OhDAYRIHy42aFOAkPsI9QVBAvvfEVvCSl%2FcC60G5KXfTtbUz07mTmTCaKoqSuEF9zBvYpWpzU1HSS9428bx9417WPgtM09s9j%2F9Q1gvc46G3wYlzIp7idyZDTcpBWUYm7UP0lZ2N3kyIbnTCqRLYGYylRjM7uG7maITViJRSv2tFkv4IhPqwDa3gbWJvAMUdit5pVBxRv2qiwrI5IGl6VeYTjZRF%2Bsm4dtMpjZLMTihC%2F4EYKT7N13ygUbWdvL4Bd1PDv%2Fx6zveHIFV21JGTWv5P7AaoaStk%3D; expires=Sat, 10-Dec-2022 11:19:30 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJxNjM0KgkAYRW0qSwrjQg%2FQC2T%2Fi7bVMnThAwxmXzFg84kz%2FdjTpwbR5nI4cK7jOGLsQ6gcw%2B0i2M6D9TJYbNZoX4khwgjDlO%2FaFqXUyY3ghlw8kxJuQVfFGmK%2BwuDLMuUzoRtG0z%2FXRIPIZDzZ1z8lOqmqt1bwav52vaprXFuZHP4uU69JzNndVi8GniYrTU50hrdPThnNDvER%2Fs82H24LfWVkXvCrrHhk1Y3erEny5WLIVqr1cMUHDLFHVQ%3D%3D; expires=Sat, 10-Dec-2022 11:19:30 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
push.services.mozilla.com/
35.82.221.194101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.82.221.194:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: H4vA/4FX53C94agJJkl7Qw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: GAtFFyqhZtmxRfgb86ImTNtpdAs=
d29dzo8owxlzou.cloudfront.net/?oozdd=966945
54.230.245.43200 OK 54 kB URL HTTP/2 d29dzo8owxlzou.cloudfront.net/?oozdd=966945
IP 54.230.245.43:0
File type Unicode text, UTF-8 text, with very long lines (15945)
Hash df8876d699c98f9fa8065455bce34c74
68325a698e91f79522947925f07f06f154e39ab9
d8faef2bf6153586131d256e447d62f0e581945e332c780488e7c228ddcaffb7
GET /?oozdd=966945 HTTP/1.1
Host: d29dzo8owxlzou.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datanodes.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 54071
date: Fri, 09 Dec 2022 11:19:30 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: hvP5uyuLOcSU_Ij7NGVckg_ZPdP6VxsDTqkGEXDsTFQuAfNqScL5pA==
X-Firefox-Spdy: h2
datanodes.to/css/bootstrap.css
31.43.191.18200 OK 144 kB URL HTTP/1.1 datanodes.to/css/bootstrap.css
IP 31.43.191.18:0
ASN #210848 Telkom Internet LTD
File type ASCII text, with very long lines (540)
Size 144 kB (144219 bytes)
Hash de29a2a7f8fdd32726d8e70fa3037379
45686004dcb4a332ffd98cca3ba7979bf1a02aa7
0dd311ba439876efdb560247faf414416adb4683c5184c817c5c4ff1137e8a9a
GET /css/bootstrap.css HTTP/1.1
Host: datanodes.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datanodes.to/download
Cookie: lang=english
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 11:19:30 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_perl/2.0.11 Perl/v5.16.3
Last-Modified: Thu, 06 Sep 2018 10:41:39 GMT
ETag: "2335b-57531892f9ec0"
Accept-Ranges: bytes
Content-Length: 144219
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
datanodes.to/css/style.css
31.43.191.18200 OK 80 kB URL HTTP/1.1 datanodes.to/css/style.css
IP 31.43.191.18:0
ASN #210848 Telkom Internet LTD
Hash 9cebf3c13f77608e83ba873f1a120a69
a1c706971d6fbbc7f235395ec8cc291f4b4d1608
02133a695d6df1746d7c48179dcffafaac5181cf6f4df59cf92aa0711c6cc6c1
GET /css/style.css HTTP/1.1
Host: datanodes.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datanodes.to/download
Cookie: lang=english
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 11:19:30 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_perl/2.0.11 Perl/v5.16.3
Last-Modified: Wed, 17 Aug 2022 09:02:08 GMT
ETag: "138d6-5e66c1e9cc400"
Accept-Ranges: bytes
Content-Length: 80086
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
datanodes.to/js/jquery.paging.js
31.43.191.18200 OK 19 kB URL HTTP/1.1 datanodes.to/js/jquery.paging.js
IP 31.43.191.18:0
ASN #210848 Telkom Internet LTD
Hash d7a2c1c7af2a004a6d68e1e55b1cfb46
7fd6daa7076c30381880519ad06ef5639b19ee28
c8ecfe747c979fbd87624913200a9237343679923b495885bced089b80fc84f6
GET /js/jquery.paging.js HTTP/1.1
Host: datanodes.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datanodes.to/download
Cookie: lang=english
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 11:19:30 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_perl/2.0.11 Perl/v5.16.3
Last-Modified: Thu, 06 Sep 2018 10:41:39 GMT
ETag: "4ba5-57531892f9ec0"
Accept-Ranges: bytes
Content-Length: 19365
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
datanodes.to/js/jquery.cookie.js
31.43.191.18200 OK 3.1 kB URL HTTP/1.1 datanodes.to/js/jquery.cookie.js
IP 31.43.191.18:0
ASN #210848 Telkom Internet LTD
Hash ff14e4812b7f512e620b1ad35542bcfc
c40c5f777e7a2f63e7b731b3cdb1fe9c806b23ae
c4fb91befcf134b81ecfa1c586e1f9d6426c8f4fc1f6c130ac1fddb49ab5df96
GET /js/jquery.cookie.js HTTP/1.1
Host: datanodes.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datanodes.to/download
Cookie: lang=english
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 11:19:30 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_perl/2.0.11 Perl/v5.16.3
Last-Modified: Thu, 06 Sep 2018 10:41:39 GMT
ETag: "c31-57531892f9ec0"
Accept-Ranges: bytes
Content-Length: 3121
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
datanodes.to/js/paging.js?r=1
31.43.191.18200 OK 1.9 kB URL HTTP/1.1 datanodes.to/js/paging.js?r=1
IP 31.43.191.18:0
ASN #210848 Telkom Internet LTD
File type HTML document, ASCII text
Hash 1608d25b37c81174c1bc9de9472499f9
d0bb079b79481ec4d33552750ea9bf5105a466ee
c2ad2c17f6392a62ed746aa7c386e25e8570bd6e97ec0bb1718ce8465219915a
GET /js/paging.js?r=1 HTTP/1.1
Host: datanodes.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datanodes.to/download
Cookie: lang=english
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 11:19:30 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_perl/2.0.11 Perl/v5.16.3
Last-Modified: Tue, 22 Oct 2019 10:59:11 GMT
ETag: "758-5957db0aafdc0"
Accept-Ranges: bytes
Content-Length: 1880
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
datanodes.to/images/ico_gp.png
31.43.191.18200 OK 1.1 kB URL HTTP/1.1 datanodes.to/images/ico_gp.png
IP 31.43.191.18:0
ASN #210848 Telkom Internet LTD
File type PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced\012- data
Hash 10e7cc1ed61cd88795a18deaacc98f51
7a654c9d4fa15ae70ad021f5d3ce47297a881855
6ce28f4a3f37a4d1151e749942a0d32a4c05e47a6f47c2856134346efddd987e
GET /images/ico_gp.png HTTP/1.1
Host: datanodes.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datanodes.to/download
Cookie: lang=english
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 11:19:31 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_perl/2.0.11 Perl/v5.16.3
Last-Modified: Thu, 06 Sep 2018 10:41:39 GMT
ETag: "45a-57531892f9ec0"
Accept-Ranges: bytes
Content-Length: 1114
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png
datanodes.to/images/logo_lgrey.png
31.43.191.18200 OK 8.1 kB URL HTTP/1.1 datanodes.to/images/logo_lgrey.png
IP 31.43.191.18:0
ASN #210848 Telkom Internet LTD
File type PNG image data, 150 x 36, 8-bit/color RGBA, non-interlaced\012- data
Hash 928aad4299a3fff5b93313d65773d2f9
fb31221414398532d569e9a94b2745649431bb68
83fb58df72070bbc4c3f97ea1c5b03fb5c3522e53c02abc46ddad4dc8fa5c89e
GET /images/logo_lgrey.png HTTP/1.1
Host: datanodes.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datanodes.to/download
Cookie: lang=english
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 11:19:31 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_perl/2.0.11 Perl/v5.16.3
Last-Modified: Wed, 24 Aug 2022 10:18:37 GMT
ETag: "1fd1-5e6fa0106f940"
Accept-Ranges: bytes
Content-Length: 8145
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png
datanodes.to/images/ico_tr.png
31.43.191.18200 OK 954 B URL HTTP/1.1 datanodes.to/images/ico_tr.png
IP 31.43.191.18:0
ASN #210848 Telkom Internet LTD
File type PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced\012- data
Hash cfdacc3270555466cfd8439601612231
98dfb7b93226ed5010b70ba7c6869f1749581f4f
fd2f4ce1a46e53289a9dd06ce82eb463668cb4299fb77da46540193db056b960
GET /images/ico_tr.png HTTP/1.1
Host: datanodes.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datanodes.to/download
Cookie: lang=english
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 11:19:31 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_perl/2.0.11 Perl/v5.16.3
Last-Modified: Thu, 06 Sep 2018 10:41:39 GMT
ETag: "3ba-57531892f9ec0"
Accept-Ranges: bytes
Content-Length: 954
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png
datanodes.to/images/ico_fb.png
31.43.191.18200 OK 953 B URL HTTP/1.1 datanodes.to/images/ico_fb.png
IP 31.43.191.18:0
ASN #210848 Telkom Internet LTD
File type PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced\012- data
Hash d0e7effca2da39383436e48cbfa76ed1
2cf16f380c0245b3e4b00f8a1bf00d4f11fed0b7
38546bc01f967331fb1f8eb430e8728d2e2db83837ede86a3d1dc11731086efe
GET /images/ico_fb.png HTTP/1.1
Host: datanodes.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datanodes.to/download
Cookie: lang=english
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 11:19:31 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_perl/2.0.11 Perl/v5.16.3
Last-Modified: Thu, 06 Sep 2018 10:41:39 GMT
ETag: "3b9-57531892f9ec0"
Accept-Ranges: bytes
Content-Length: 953
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png
datanodes.to/images/logo-grey.png
31.43.191.18200 OK 12 kB URL HTTP/1.1 datanodes.to/images/logo-grey.png
IP 31.43.191.18:0
ASN #210848 Telkom Internet LTD
File type PNG image data, 250 x 60, 8-bit/color RGBA, non-interlaced\012- data
Hash 9c71a6de65915c52fdd62374f85701ba
4b1a08219e105b8bd7400d2508b5d88d9eb10b3a
7a6dbf1c99ba50b9b84a7ff2a66ed6b767d1908e6492f4d1aa1ec1717d271cfe
GET /images/logo-grey.png HTTP/1.1
Host: datanodes.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datanodes.to/css/style.css
Cookie: lang=english
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 11:19:31 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_perl/2.0.11 Perl/v5.16.3
Last-Modified: Wed, 17 Aug 2022 08:58:50 GMT
ETag: "2e6b-5e66c12cf8680"
Accept-Ranges: bytes
Content-Length: 11883
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png
ocsp.pki.goog/s/gts1p5/PIudMIVwldY
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/PIudMIVwldY
IP 142.250.74.131:0
Hash 7fd939df625df87570e9105e5d8e794c
80c337c0d19315e6d1f0c24a502515baf17cd230
f8e5738dd8fcf9e3661333628957a2d5694228754c63de0d50af340b493da4a6
POST /s/gts1p5/PIudMIVwldY HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 11:19:31 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1p5/PIudMIVwldY
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/PIudMIVwldY
IP 142.250.74.131:0
Hash 7fd939df625df87570e9105e5d8e794c
80c337c0d19315e6d1f0c24a502515baf17cd230
f8e5738dd8fcf9e3661333628957a2d5694228754c63de0d50af340b493da4a6
POST /s/gts1p5/PIudMIVwldY HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 11:19:31 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
datanodes.to/images/flags.png
31.43.191.18200 OK 15 kB URL HTTP/1.1 datanodes.to/images/flags.png
IP 31.43.191.18:0
ASN #210848 Telkom Internet LTD
File type PNG image data, 1248 x 11, 8-bit/color RGBA, non-interlaced\012- data
Hash 0e7e0406e09ea913dc344ca9974ec94a
084fcf2d8e96661354a7e563f64801dfd13bead7
0787e30d6145bc8b8b92ed329f664bcc3012162ccba9ef943d7ada480afb74e9
GET /images/flags.png HTTP/1.1
Host: datanodes.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datanodes.to/css/style.css
Cookie: lang=english
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 11:19:31 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_perl/2.0.11 Perl/v5.16.3
Last-Modified: Thu, 06 Sep 2018 10:41:39 GMT
ETag: "3b4c-57531892f9ec0"
Accept-Ranges: bytes
Content-Length: 15180
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/png
hecherthepar.com/popunder.gif
188.114.96.1200 OK 506 B URL HTTP/2 hecherthepar.com/popunder.gif
IP 188.114.96.1:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 203d663baa4baf9a163d7b68d5d998ab
ff1c113d26f88c54659c3c484b6237d9b77198b5
bc6b83c62c205bb0d54322d8a07f2c7001fa743935e61c6e6183c4c5d74f0d74
GET /popunder.gif HTTP/1.1
Host: hecherthepar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datanodes.to/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 11:19:31 GMT
content-type: image/gif
access-control-allow-origin: *
pragma: public
cache-control: public, max-age=604800, immutable
cf-cache-status: HIT
age: 26007
last-modified: Fri, 09 Dec 2022 04:06:04 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oVviW3WsQ1ENa5F4Qq5blBL4HCJl4y57Sl9C%2FXLOzTDHMH6ntJOyPtdPTA%2Boqu48yETZGUgWdSM9GFDpUwjrAZYFbON7%2BhHv4AJPuGjNNsQ1sMrmA3l5vZUzaVOminvRR%2Bdq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 776d58a36d77b4fd-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
datanodes.to/css/font/OpenSans-Regular.woff
31.43.191.18200 OK 68 kB URL HTTP/1.1 datanodes.to/css/font/OpenSans-Regular.woff
IP 31.43.191.18:0
ASN #210848 Telkom Internet LTD
File type Web Open Font Format, TrueType, length 67528, version 1.10\012- data
Hash 33ad0b840f7ea248dbc031820adf3040
e2b8f3a755202c8557093b44bcfccdec10d3ff0a
d12fd1d8afb1c2d8cb9d59868336a6c9e357af548f36aa41bcdb12fa19158365
GET /css/font/OpenSans-Regular.woff HTTP/1.1
Host: datanodes.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://datanodes.to/css/style.css
Cookie: lang=english
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 11:19:31 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_perl/2.0.11 Perl/v5.16.3
Last-Modified: Thu, 06 Sep 2018 10:41:39 GMT
ETag: "107c8-57531892f9ec0"
Accept-Ranges: bytes
Content-Length: 67528
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/font-woff
hecherthepar.com/bXJiOWdCTQFKWjc1W3oqXCAxbi88OgBvHzUXFXMMO0MaTiZfI0RNDglPWw9RVEZXHxcEFl8IQR4GA00SHk9THw4DFA0EQRtPUxdUWVxRCElcVBcEVksGElgAUENESRMZHl8IUVpCVwFTWkVSCFZf
188.114.96.1204 No Content 0 B URL HTTP/2 hecherthepar.com/bXJiOWdCTQFKWjc1W3oqXCAxbi88OgBvHzUXFXMMO0MaTiZfI0RNDglPWw9RVEZXHxcEFl8IQR4GA00SHk9THw4DFA0EQRtPUxdUWVxRCElcVBcEVksGElgAUENESRMZHl8IUVpCVwFTWkVSCFZf
IP 188.114.96.1:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bXJiOWdCTQFKWjc1W3oqXCAxbi88OgBvHzUXFXMMO0MaTiZfI0RNDglPWw9RVEZXHxcEFl8IQR4GA00SHk9THw4DFA0EQRtPUxdUWVxRCElcVBcEVksGElgAUENESRMZHl8IUVpCVwFTWkVSCFZf HTTP/1.1
Host: hecherthepar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datanodes.to/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Fri, 09 Dec 2022 11:19:31 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zzfDsQp1FJHe0eLczOZP7fdwHHO54vptrVSfTGdiOOX1GWd845wxkgEpXhWSwQHzD83E2v2o8jYzNS9FD89F5lIIl9oyMEDNvjAfYpU5af4PYqioJUwY0GWAsRTHokh7Hn3i"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 776d58a36d76b4fd-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
datanodes.to/favicon.ico
31.43.191.18200 OK 15 kB IP 31.43.191.18:0
ASN #210848 Telkom Internet LTD
File type MS Windows icon resource - 3 icons, 48x48, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Hash bc27fdfdf935ddf54498e06458199134
9f6aaa68888c702d7832f6297206be4485d3bf5b
96e55c90f7c8a252551875d2483dd36d95eb68d893cb98f4ebaa7b558df6eb33
GET /favicon.ico HTTP/1.1
Host: datanodes.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datanodes.to/download
Cookie: lang=english
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Fri, 09 Dec 2022 11:19:31 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_perl/2.0.11 Perl/v5.16.3
Last-Modified: Thu, 01 Sep 2022 16:47:58 GMT
ETag: "3aee-5e7a0602e8b80"
Accept-Ranges: bytes
Content-Length: 15086
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/vnd.microsoft.icon
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 795e67bdfadc3c890a663080413b56b7
fdefde3befb6aceac3c337c34c8d738f5091908c
8375b55cfc13989b0cf96293b7bead2ce5811a993b3445da1776ca7015c36985
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 11:19:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 6d61d363f0f00585736abb35e1dcd6dc
9369b0eb806bd3264de91a4a3d99a10e71a5440e
7b16f38fc7c16381c9295dc3d7ec41321fe7629e1967882c051eefd049bb3ff2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 11:19:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ssl.google-analytics.com/ga.js
142.250.74.136200 OK 17 kB URL HTTP/2 ssl.google-analytics.com/ga.js
IP 142.250.74.136:0
File type ASCII text, with very long lines (1305)
Hash 01d5892e6e243b52998310c2925b9f3a
58180151b6a6ee4af73583a214b68efb9e8844d4
7e90efb4620a78e8869796d256bcddbde90b853c8c15c5cc116cb11d3d17bc4d
GET /ga.js HTTP/1.1
Host: ssl.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datanodes.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 17168
date: Fri, 09 Dec 2022 10:41:41 GMT
expires: Fri, 09 Dec 2022 12:41:41 GMT
cache-control: public, max-age=7200
age: 2270
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js
104.18.11.207200 OK 11 kB URL HTTP/2 maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js
IP 104.18.11.207:0
File type ASCII text, with very long lines (32033)
Hash c7dddaba475804be376d587e32a74b52
58b2dba9d7d30ec8a277f2a61cec9a2bdfd47585
635a324d0c7735c3179834bfa72ea14de0b56756ed41b072d9b7b2181dbae8c8
GET /bootstrap/3.3.7/js/bootstrap.min.js HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datanodes.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 11:19:29 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
last-modified: Mon, 25 Jan 2021 22:04:00 GMT
cdn-cachedat: 12/13/2021 20:18:53
cdn-edgestorageid: 755
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-proxyver: 1.02
cdn-requestid: 48135f30fbfcba704628453df5764d8f
cdn-cache: HIT
cf-cache-status: HIT
age: 16034254
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 776d589bdb0db517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 615fddb7dcff0826f0a7dd4140f370b6
06d26c99fcf20516839a656c4c5b023088eb4eaa
f561bef7be5b58a820d37e40135c8bc83511ae9298e6317bf1761f7cc24941bf
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1874
Cache-Control: max-age=106609
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 11:19:31 GMT
Etag: "63920fe2-1d7"
Expires: Sat, 10 Dec 2022 16:56:20 GMT
Last-Modified: Thu, 08 Dec 2022 16:25:06 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
142.250.74.109302 Found 393 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
IP 142.250.74.109:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (380)
Hash f8783a8b12720c0287d1e0d14be9432a
687ad2b4ea8f3f93561589448d0be8039bae6d64
c156a73c4db95b527f51116e54f43b0591cd4333d94b1afbaed3bfdaa8dc9a42
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datanodes.to/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 09 Dec 2022 11:19:31 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S1141886762%3A1670584771309013&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AeAAQh7myDyygEQbpUsf1my3P6nCuIRxWQGB4WOmKvFHzQaN8JKhf86lqjoMqn2HcHguVOJJEhpuRA
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-security-policy: script-src 'nonce-A2462OyzAG-xMfEgkMhCEA' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 393
server: GSE
set-cookie: __Host-GAPS=1:a6t6-phH1exDu-elZCh_IwKDcuFBEg:vY90IOak_-EAhp1z;Path=/;Expires=Sun, 08-Dec-2024 11:19:31 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=639195993&utmhn=datanodes.to&utmcs=UTF-8&utmsr=1280x1024&utmvp=1280x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Download&utmhid=1165313490&utmr=-&utmp=%2Fdownload&utmht=1670584770395&utmac=UA-237409240-1&utmcc=__utma%3D164827818.1813161700.1670584770.1670584770.1670584770.1%3B%2B__utmz%3D164827818.1670584770.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=80055451&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~
142.250.74.136200 OK 35 B URL HTTP/2 ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=639195993&utmhn=datanodes.to&utmcs=UTF-8&utmsr=1280x1024&utmvp=1280x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Download&utmhid=1165313490&utmr=-&utmp=%2Fdownload&utmht=1670584770395&utmac=UA-237409240-1&utmcc=__utma%3D164827818.1813161700.1670584770.1670584770.1670584770.1%3B%2B__utmz%3D164827818.1670584770.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=80055451&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~
IP 142.250.74.136:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /r/__utm.gif?utmwv=5.7.2&utms=1&utmn=639195993&utmhn=datanodes.to&utmcs=UTF-8&utmsr=1280x1024&utmvp=1280x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Download&utmhid=1165313490&utmr=-&utmp=%2Fdownload&utmht=1670584770395&utmac=UA-237409240-1&utmcc=__utma%3D164827818.1813161700.1670584770.1670584770.1670584770.1%3B%2B__utmz%3D164827818.1670584770.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=80055451&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP/1.1
Host: ssl.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datanodes.to/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
date: Fri, 09 Dec 2022 11:19:31 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
x-content-type-options: nosniff
content-type: image/gif
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 35
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 795e67bdfadc3c890a663080413b56b7
fdefde3befb6aceac3c337c34c8d738f5091908c
8375b55cfc13989b0cf96293b7bead2ce5811a993b3445da1776ca7015c36985
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 11:19:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
142.250.74.109302 Found 393 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
IP 142.250.74.109:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (383)
Hash 76c186b305a6d29453983feef2fdeb43
3285fe3b22c6a1bd96ee3ecd396b5812c24e28f9
499414bfa77f00f2222578c84b441a314493196dd1819e49d5a380dbdb1f3ec9
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datanodes.to/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 09 Dec 2022 11:19:31 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S470580199%3A1670584771336721&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AeAAQh4Dfe5auOXMAc0P1lHTYyqoO8Atx2S0HMIY2rYQBWceRr9v4LrcS4AMKzT_dMAxPLZQUCHbWA
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-apkoM8bGNUOyKj0zDCYBJQ' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 393
server: GSE
set-cookie: __Host-GAPS=1:uSBKtvxD0NzX4Ytab08gAdloSjd7Hg:cI3KfzcSfiOMpBgD;Path=/;Expires=Sun, 08-Dec-2024 11:19:31 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.33.119.27200 OK 346 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 0a7f3569daca0714122cf2c2e2145763
a286adaa66480bb99214659c2e78f26723eec5cf
24153f851e57ee0c86efdb33ee350e608e1e1eb67a8e481afca65ffaafdaada9
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "24153F851E57EE0C86EFDB33EE350E608E1E1EB67A8E481AFCA65FFAAFDAADA9"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2702
Expires: Fri, 09 Dec 2022 12:04:33 GMT
Date: Fri, 09 Dec 2022 11:19:31 GMT
Connection: keep-alive
e1.o.lencr.org/
23.33.119.27200 OK 346 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 0a7f3569daca0714122cf2c2e2145763
a286adaa66480bb99214659c2e78f26723eec5cf
24153f851e57ee0c86efdb33ee350e608e1e1eb67a8e481afca65ffaafdaada9
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "24153F851E57EE0C86EFDB33EE350E608E1E1EB67A8E481AFCA65FFAAFDAADA9"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2702
Expires: Fri, 09 Dec 2022 12:04:33 GMT
Date: Fri, 09 Dec 2022 11:19:31 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 8585fe73b51c643ee300c3df9313bfe1
c184ce0c12fbfc0f17a81ad0e0bdaad5503bceb1
807b590f961c83886bbd27c879dfbf03a3336005cdabbba42d4d63bdcb11bf51
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 11:19:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
d29dzo8owxlzou.cloudfront.net/?oozdd=966945
54.230.245.43200 OK 54 kB URL HTTP/2 d29dzo8owxlzou.cloudfront.net/?oozdd=966945
IP 54.230.245.43:0
File type Unicode text, UTF-8 text, with very long lines (15945)
Hash cd16732de384d4d5b264c14009d08230
91930fb142cab521594670a49d6fd7e30918e38e
01b7b5a951cea925c88f75a002f84869ae582f08e6ba9aebd9459e85e9939174
GET /?oozdd=966945 HTTP/1.1
Host: d29dzo8owxlzou.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://datanodes.to/
Origin: https://datanodes.to
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 54071
date: Fri, 09 Dec 2022 11:19:31 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://datanodes.to
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: RImePSltk-p9-IFx-ATx9QKivcbxPni9qNVtd_cWQ6t78pl8fvfWBg==
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.33.119.27200 OK 346 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 0a7f3569daca0714122cf2c2e2145763
a286adaa66480bb99214659c2e78f26723eec5cf
24153f851e57ee0c86efdb33ee350e608e1e1eb67a8e481afca65ffaafdaada9
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "24153F851E57EE0C86EFDB33EE350E608E1E1EB67A8E481AFCA65FFAAFDAADA9"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2702
Expires: Fri, 09 Dec 2022 12:04:33 GMT
Date: Fri, 09 Dec 2022 11:19:31 GMT
Connection: keep-alive
use.fontawesome.com/releases/v5.1.1/css/all.css
172.64.132.15200 OK 10 kB URL HTTP/2 use.fontawesome.com/releases/v5.1.1/css/all.css
IP 172.64.132.15:0
File type ASCII text, with very long lines (45538)
Hash e8ce3a0cf2d06158ff362761841db249
f9ded71f86e80c722f454dfdf441820f015820f2
489652a5142e19c1608fa4c12ea04e0b49c3bf36ae6b73db46113ee37ef97a1e
GET /releases/v5.1.1/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datanodes.to/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 11:19:29 GMT
content-type: text/css
x-amz-id-2: Wd2x0g7FfoyrOJxDMB5h45n6YkJy38/5Dn5kolyB01oHGbDajAun1ngGzoOBixwvI4Isg84JceY=
x-amz-request-id: VW6SY6HBXF2P8YHX
last-modified: Wed, 30 Jun 2021 15:30:50 GMT
etag: W/"597b70b2ce6b1483f72526c906918fe9"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 669859
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LKd1AjTIWj8ilOOUmP%2B7qsXEb%2BwMSOlDdsSCav7drOBh9zp0sZSpJmKR9Gk4fuCRyz%2BKq0819ERFYXu1d510VWW90nn3w%2FLDC7Wv31%2FqRfzS8vd%2F79S6YBvijyJzKNczY2lQUoRH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 776d589bec5d7792-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 48c90992f0837a58e0a36118a27dae6a
3d238fed35e6d247bddbba92864e6b92e6aed9b6
cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20185
Expires: Fri, 09 Dec 2022 16:55:56 GMT
Date: Fri, 09 Dec 2022 11:19:31 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe602fad-66c2-48db-acd3-371ca6dcb8f6.jpeg
34.120.237.76200 OK 7.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe602fad-66c2-48db-acd3-371ca6dcb8f6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8c3214044657f3b876d1f1848bca5684
7558222788f06623ddae6e883413e38e1146281e
e1f9c9c445bba7765f371dbb655cab43c1e12de7cbd015f8034c494118f7f708
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe602fad-66c2-48db-acd3-371ca6dcb8f6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7897
x-amzn-requestid: 032fd8ae-b7e9-4e12-8546-838191a73688
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cwVM_F51IAMFunw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63900252-345ae6cd107d207f5dbe29a8;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 03:02:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: N-zFZ8yeL7RrOZ5xfqvfBaE3zcXWecvr6Jd-93nKiUZlCXp2n2_Bgw==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 03:41:46 GMT
age: 27465
etag: "7558222788f06623ddae6e883413e38e1146281e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60d2c55a-1a85-4fbf-b256-9d812a2b5ec2.jpeg
34.120.237.76200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60d2c55a-1a85-4fbf-b256-9d812a2b5ec2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fba9a3854df65740512f96efe7442e58
8fbff7725c842d70e047c635a725723a9dc9c55a
6e639298ebc82343cee9267d2910d15735af55f910e2c3de9218266b7c6fffc9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60d2c55a-1a85-4fbf-b256-9d812a2b5ec2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5188
x-amzn-requestid: afb8cbd2-3674-4dac-9cd9-9ff83618ac0a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ck2-5G9joAMFlPA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638b6b92-2979ff216b9028aa70baef8b;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 15:30:26 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 7Dp35PIr_WYUI1bBa21AvmCMEPi0d3jnhuS8eEk3Q3CXRcGWAnkD8g==
via: 1.1 8ae6af4d17aae7471e5fe2792eb6abcc.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 17:01:04 GMT
age: 65907
etag: "8fbff7725c842d70e047c635a725723a9dc9c55a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a20bda5-6ca4-42c4-8729-6e975652e66a.jpeg
34.120.237.76200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a20bda5-6ca4-42c4-8729-6e975652e66a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8546542f00ea29ef4df6ab8d3c7c2164
5c8ffe91490006a9890188b53f875568c2b6bd8f
7fb11750ac339ac283da62fd370862c6b95a103a585ca5dd8c90038718d818a1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a20bda5-6ca4-42c4-8729-6e975652e66a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6578
x-amzn-requestid: 6392feb9-e33e-42fa-bc10-b5e31e654c9b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cw4beGG7oAMF8hA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63903aaf-2c890b7b0a16617346a0f7e7;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 07:03:11 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: H067kZXU_djWxbWO34bYMqa0xZ-WF9ntEBhZ-kV_TDoJFXQL_J1hqQ==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 03:34:27 GMT
age: 27904
etag: "5c8ffe91490006a9890188b53f875568c2b6bd8f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf3829a8-4b4d-433d-9452-46c3ffc7ea6e.jpeg
34.120.237.76200 OK 7.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf3829a8-4b4d-433d-9452-46c3ffc7ea6e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 955c6ac69b89f6cbd497df53fcb2ae1b
2506152cdd1056533116feb9350124356e570e54
fca1b303a554aa9cdd13c4769a1088e1905ef888ed703de17864fe76ff880abe
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf3829a8-4b4d-433d-9452-46c3ffc7ea6e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7217
x-amzn-requestid: be9196fc-3d43-49db-8522-8781cbf5a247
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csUEDEWpIAMFqUQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e66e6-04b24220213872ba378d3538;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:47:18 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 4QlJZW4ZiPNVhOJbcRldanR8veym3l0sIBGa1Ym-4FOTT_utMQeZQg==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 08:30:07 GMT
age: 10164
etag: "2506152cdd1056533116feb9350124356e570e54"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe7732c6-dc98-445c-86c6-d413942250ea.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe7732c6-dc98-445c-86c6-d413942250ea.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 45e0c1638ad919bde19731f7987ab064
1e492807c665e6e6b24ec6ce19035fdfc6f23b92
f0d3738ec8406958470c8fd152a02a123d7654c30f974c1df5c4977a380c2d62
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe7732c6-dc98-445c-86c6-d413942250ea.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10205
x-amzn-requestid: c5704c7a-60c4-402b-8018-5885a8dae971
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cwVM_F9BIAMF3ow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63900252-3e9573d900714e3250f43e17;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 03:02:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: mLTL7L808-OguYGrl3FUvwmFmPQjBPRj7PVfgEheFHWg4g4skoBvOg==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 00:33:39 GMT
age: 38752
etag: "1e492807c665e6e6b24ec6ce19035fdfc6f23b92"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
pogothere.xyz/asd100.bin
172.64.172.27200 OK 111 kB IP 172.64.172.27:0
Size 111 kB (110695 bytes)
Hash 3ee33e4efd689731a10072ce4028feb5
9271152029e8877ec36c1728416e6d8180fdfcde
3880e78bbf88d00259a081fd37917e75e8b271ad28edfcd655088bc39fa4ab11
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://datanodes.to/
Origin: https://datanodes.to
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 09 Dec 2022 11:19:31 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://datanodes.to
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 413
last-modified: Fri, 09 Dec 2022 11:12:38 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1ap%2F2iZM3ita6Kh2x3i1yrmZD6Zp3tcY2AWmxYxh6aVy9jJoFgtrfSuTYFyqzYQ8KvzOlvi2ee6mlwt2zoXa%2F6auPpRVtxGiMzN4H8%2BoDkn34fDMGfTCCQW5VanYVgkI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 776d58a52a4071b1-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 615fddb7dcff0826f0a7dd4140f370b6
06d26c99fcf20516839a656c4c5b023088eb4eaa
f561bef7be5b58a820d37e40135c8bc83511ae9298e6317bf1761f7cc24941bf
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1874
Cache-Control: max-age=106609
Content-Type: application/ocsp-response
Date: Fri, 09 Dec 2022 11:19:31 GMT
Etag: "63920fe2-1d7"
Expires: Sat, 10 Dec 2022 16:56:20 GMT
Last-Modified: Thu, 08 Dec 2022 16:25:06 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
eventhenherthisi.com/utx?cb=g0xXueyecDFM&top=datanodes.to&tid=966945
13.225.131.67204 No Content 0 B URL HTTP/2 eventhenherthisi.com/utx?cb=g0xXueyecDFM&top=datanodes.to&tid=966945
IP 13.225.131.67:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=g0xXueyecDFM&top=datanodes.to&tid=966945 HTTP/1.1
Host: eventhenherthisi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://datanodes.to
Connection: keep-alive
Referer: https://datanodes.to/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Fri, 09 Dec 2022 11:19:31 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://datanodes.to
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Fri, 09 Dec 2022 11:20:31 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 59869b495b9129aa7507318fac51b524.cloudfront.net (CloudFront)
x-amz-cf-pop: ICN54-C2
x-amz-cf-id: IL6Z7ncMAyUMjUbk5jqB8BeIvxzZOlTW2NfBZtRO6gKgTxI0tZs60g==
X-Firefox-Spdy: h2
eventhenherthisi.com/aE9sVzUJLQ86CglyDnFAGiNRcgcual4RUVp2CC1aUCAbL1kSIBl5VgQgGTNTGiACIxsGKhhyBy4sIgJRJQE4DWIjDCYDdj0KGRx0Dx8tZHNZDj0aYSQbVTZiLRlaHGMufAowbE19LjV9OQchL0EeGlwOcg03IhRhEQEUFWcqFSY+fzsMFBpcISM1G3cvChgCYzkGD2VFKh0AOEYLGl0FYDweAgYEBB08Pmw8Hl0FAyEZHBptKzwLAXclBy0PXgoNBBUEDg1dFW0rJAMAXi4INTkBLhgpEVwOKDkfdz8jVBJ0Pnw1OQEuHjogRQ0oKQN3DxkcFUIyAQ8PGA8eLg9RASkLAXA5fSZyBy4rLTRzCyIlEX0QDV0xcyIbOj5CAgotBU8MFxsSdw8ZXjF0ORsuZFYZFykFZCEcIhlwHywuMWQ9CytkURkeLSRwTiUfOFsYcgkzdCMOHg53Wjs7DVAbDls
13.225.131.67200 OK 1.2 kB URL HTTP/2 eventhenherthisi.com/aE9sVzUJLQ86CglyDnFAGiNRcgcual4RUVp2CC1aUCAbL1kSIBl5VgQgGTNTGiACIxsGKhhyBy4sIgJRJQE4DWIjDCYDdj0KGRx0Dx8tZHNZDj0aYSQbVTZiLRlaHGMufAowbE19LjV9OQchL0EeGlwOcg03IhRhEQEUFWcqFSY+fzsMFBpcISM1G3cvChgCYzkGD2VFKh0AOEYLGl0FYDweAgYEBB08Pmw8Hl0FAyEZHBptKzwLAXclBy0PXgoNBBUEDg1dFW0rJAMAXi4INTkBLhgpEVwOKDkfdz8jVBJ0Pnw1OQEuHjogRQ0oKQN3DxkcFUIyAQ8PGA8eLg9RASkLAXA5fSZyBy4rLTRzCyIlEX0QDV0xcyIbOj5CAgotBU8MFxsSdw8ZXjF0ORsuZFYZFykFZCEcIhlwHywuMWQ9CytkURkeLSRwTiUfOFsYcgkzdCMOHg53Wjs7DVAbDls
IP 13.225.131.67:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3051), with no line terminators
Hash 34af8dac845ad266e809d9854324fdf7
e651bf28914d67a1c4df05407c26a729834148d4
858ec0871624a9afe81b2652f32c5522b5adf31962492b5d658706a295085b2d
GET /aE9sVzUJLQ86CglyDnFAGiNRcgcual4RUVp2CC1aUCAbL1kSIBl5VgQgGTNTGiACIxsGKhhyBy4sIgJRJQE4DWIjDCYDdj0KGRx0Dx8tZHNZDj0aYSQbVTZiLRlaHGMufAowbE19LjV9OQchL0EeGlwOcg03IhRhEQEUFWcqFSY+fzsMFBpcISM1G3cvChgCYzkGD2VFKh0AOEYLGl0FYDweAgYEBB08Pmw8Hl0FAyEZHBptKzwLAXclBy0PXgoNBBUEDg1dFW0rJAMAXi4INTkBLhgpEVwOKDkfdz8jVBJ0Pnw1OQEuHjogRQ0oKQN3DxkcFUIyAQ8PGA8eLg9RASkLAXA5fSZyBy4rLTRzCyIlEX0QDV0xcyIbOj5CAgotBU8MFxsSdw8ZXjF0ORsuZFYZFykFZCEcIhlwHywuMWQ9CytkURkeLSRwTiUfOFsYcgkzdCMOHg53Wjs7DVAbDls HTTP/1.1
Host: eventhenherthisi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datanodes.to/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1199
date: Fri, 09 Dec 2022 11:19:32 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 59869b495b9129aa7507318fac51b524.cloudfront.net (CloudFront)
x-amz-cf-pop: ICN54-C2
x-amz-cf-id: jivQHKmMBP4DSZ1HpuTmSMjUk-nzaDu3clMSX_FFKmtRCOHc8m6-9w==
X-Firefox-Spdy: h2
d29dzo8owxlzou.cloudfront.net/cNUdMNTZWKCJTCUEuKAgPA3F1AQMTLT9aWEV6KVF3fgY+bHQHMxtvU0YGexNCTyNxBRBZJiJSCxMiIlYLBGEtUVQIc2pBRloscU1RUTQnQ1lRPiYTQ1R6IVpMXCsgVBMHAXkbBhB1fB1BXCkoWkFGYn4FWEFifgUHBWl8EAV3Yn4FQVwpegETBgVpBwZNcX-gQBXdifgVEQ2J/dAcFcmIFHxB1fFJTViwjEARzdXwEBgV2fAQTB3cqXERQISNNEwcBfQUDG3dqQAsE
54.230.245.43200 OK 558 B URL HTTP/2 d29dzo8owxlzou.cloudfront.net/cNUdMNTZWKCJTCUEuKAgPA3F1AQMTLT9aWEV6KVF3fgY+bHQHMxtvU0YGexNCTyNxBRBZJiJSCxMiIlYLBGEtUVQIc2pBRloscU1RUTQnQ1lRPiYTQ1R6IVpMXCsgVBMHAXkbBhB1fB1BXCkoWkFGYn4FWEFifgUHBWl8EAV3Yn4FQVwpegETBgVpBwZNcX-gQBXdifgVEQ2J/dAcFcmIFHxB1fFJTViwjEARzdXwEBgV2fAQTB3cqXERQISNNEwcBfQUDG3dqQAsE
IP 54.230.245.43:0
File type ASCII text, with very long lines (800), with no line terminators
Hash ddd27536ceaff0b0f23a1b15cd4f9a2f
0fbb1579edf42bc2c307681ffff9fd27db073829
66e9de3d311e83f3d27a1a24e911d9eb54d921db480864dbe6bf656d55ef928c
GET /cNUdMNTZWKCJTCUEuKAgPA3F1AQMTLT9aWEV6KVF3fgY+bHQHMxtvU0YGexNCTyNxBRBZJiJSCxMiIlYLBGEtUVQIc2pBRloscU1RUTQnQ1lRPiYTQ1R6IVpMXCsgVBMHAXkbBhB1fB1BXCkoWkFGYn4FWEFifgUHBWl8EAV3Yn4FQVwpegETBgVpBwZNcX-gQBXdifgVEQ2J/dAcFcmIFHxB1fFJTViwjEARzdXwEBgV2fAQTB3cqXERQISNNEwcBfQUDG3dqQAsE HTTP/1.1
Host: d29dzo8owxlzou.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eventhenherthisi.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 558
date: Fri, 09 Dec 2022 11:19:32 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: TaQpBebrgPHwHo-Tzy5DE_wCl_k9s0T125orQ_Um1PXys_TXHIuI0g==
X-Firefox-Spdy: h2
maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css
104.18.11.207200 OK 0 B URL HTTP/2 maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css
IP 104.18.11.207:0
GET /font-awesome/4.3.0/css/font-awesome.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datanodes.to/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 11:19:29 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
cdn-edgestorageid: 632, 617, 617
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-cachedat: 2021-06-08 21:08:57
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: e6a55b08fe5091f45c9e99ce9e9f98c2
cdn-status: 200
cdn-cache: HIT
cf-cache-status: HIT
age: 16026368
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 776d589bcafeb517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap-theme.min.css
104.18.11.207200 OK 0 B URL HTTP/2 maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap-theme.min.css
IP 104.18.11.207:0
GET /bootstrap/3.3.7/css/bootstrap-theme.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://datanodes.to
Connection: keep-alive
Referer: https://datanodes.to/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 11:19:29 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"ab6b02efeaf178e0247b9504051472fb"
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
cdn-cachedat: 03/10/2022 17:30:55
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 860
cdn-status: 200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-requestid: a67db063c02f54c8ab987b314fd63179
cdn-cache: HIT
cf-cache-status: HIT
age: 9155456
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 776d589bdc6ab518-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
accounts.google.com/v3/signin/identifier?dsh=S1141886762%3A1670584771309013&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AeAAQh7myDyygEQbpUsf1my3P6nCuIRxWQGB4WOmKvFHzQaN8JKhf86lqjoMqn2HcHguVOJJEhpuRA
142.250.74.109403 Forbidden 0 B URL HTTP/2 accounts.google.com/v3/signin/identifier?dsh=S1141886762%3A1670584771309013&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AeAAQh7myDyygEQbpUsf1my3P6nCuIRxWQGB4WOmKvFHzQaN8JKhf86lqjoMqn2HcHguVOJJEhpuRA
IP 142.250.74.109:0
GET /v3/signin/identifier?dsh=S1141886762%3A1670584771309013&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AeAAQh7myDyygEQbpUsf1my3P6nCuIRxWQGB4WOmKvFHzQaN8JKhf86lqjoMqn2HcHguVOJJEhpuRA HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://datanodes.to/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 09 Dec 2022 11:19:31 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-o2VPbCUJsXqqN7tr79iTMw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi/external"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
use.fontawesome.com/releases/v5.1.1/css/v4-shims.css
172.64.132.15200 OK 0 B URL HTTP/2 use.fontawesome.com/releases/v5.1.1/css/v4-shims.css
IP 172.64.132.15:0
GET /releases/v5.1.1/css/v4-shims.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datanodes.to/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 09 Dec 2022 11:19:29 GMT
content-type: text/css
x-amz-id-2: tQPiLVSx+oLr00MpAA+ZFuee3xczofSprO4e79iOpYl89ie1FuaISVOW9t0OD5OitL1m58G5Jkw=
x-amz-request-id: G18YYYK2Q80NN3R5
last-modified: Wed, 30 Jun 2021 15:30:50 GMT
etag: W/"01727b5056f65c2ac938f5db4e552b10"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 670243
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nRZiXKXyKVAEd03m%2BNW1JJbLKyxOf30SsVgPslEWREMM3t4SLt96b%2FF1MPddYdtnlKJQwMqes88927YBWwL9Rhsoq6U6zgXYpoqzD3SyWuGXhAlrkG4SNkT3aAMm8kidaCY1OmMK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 776d589bec547792-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
157.240.221.35200 OK 0 B URL HTTP/2 www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
IP 157.240.221.35:0
GET /login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://datanodes.to/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: br
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-opener-policy: same-origin-allow-popups
vary: Sec-Fetch-Site, Sec-Fetch-Mode, Accept-Encoding
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: wT629c7dy7Hkpl/Nta6za9MkJHnNVrFIxdDXP2SheHleQdZppJ8zVaSj/Nc7juut2Dt3e7wctvutlfkud6fqRQ==
date: Fri, 09 Dec 2022 11:19:31 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2