eurekaddl.cfd/
188.114.97.1301 Moved Permanently 0 B IP 188.114.97.1:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: eurekaddl.cfd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Fri, 27 Jan 2023 13:16:58 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Fri, 27 Jan 2023 14:16:58 GMT
Location: https://eurekaddl.cfd/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fvF6z95Kz9qvgnd%2FZxPv9vSCvo7G9Cb48z6YnxYwFW9MjsnNLHIDu64LcChJaoLB2WQ04diJa6jUHQ4339hn6bd4EGXGD2O5Fojd0r%2BvUuuz7M50DCBuDdG87PGT91cu"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7901c4138e7cb4fa-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5fe582397f3003b225cb9058e02c2190
68174a54a8f6c4de9247ccea2dcae3c9b76bdb9f
238a2ef5b61d56353d0a5e97ec3092b8f2792cde7cecf40e1a858f8c129d3a9d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "238A2EF5B61D56353D0A5E97EC3092B8F2792CDE7CECF40E1A858F8C129D3A9D"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20585
Expires: Fri, 27 Jan 2023 19:00:03 GMT
Date: Fri, 27 Jan 2023 13:16:58 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2405562765b49b2782ebd2e2994851d5
be7ac8e558f7875bb1fb86ab5ec674424a5ff269
422cfa907461cb7b93b9089d600052f9e94951e5e0c93d97651905002e48ad3e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "422CFA907461CB7B93B9089D600052F9E94951E5E0C93D97651905002E48AD3E"
Last-Modified: Thu, 26 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4134
Expires: Fri, 27 Jan 2023 14:25:53 GMT
Date: Fri, 27 Jan 2023 13:16:59 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 49049f3c92aad686cd7ff28ecd2a5a4f
9cc2bc9c055450dbc4fae93eabe4ef8509b3ff57
02cf421968192286bb174ff0e6c818a843c4eca61a02cd493e6f95bb58a37015
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "02CF421968192286BB174FF0E6C818A843C4ECA61A02CD493E6F95BB58A37015"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7844
Expires: Fri, 27 Jan 2023 15:27:43 GMT
Date: Fri, 27 Jan 2023 13:16:59 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Backoff, Content-Length, Alert, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 27 Jan 2023 12:35:21 GMT
content-type: application/json
age: 2498
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/HAhnDv4LsII
216.58.211.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/HAhnDv4LsII
IP 216.58.211.3:0
Hash d06e641ef603b992ed92e0985b8a2ec9
fd58e5610f016a72ac55facc944fb7da4ca82dc9
eb4c5d1abe9d43faaab604dd0ad8ed2c7388e7ad78650408039fddee8790a2f8
POST /s/gts1p5/HAhnDv4LsII HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 13:16:59 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 0x8IaKkJU2v9o+AEU6+aBSyl5JmV1senb8fOs57y44w7DuUwaS3N/+t4/11xjsXa8sqSJaw7Myo=
x-amz-request-id: VGV7Q67PV41AQYZV
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 27 Jan 2023 12:49:25 GMT
age: 1654
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 27 Jan 2023 13:16:59 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/HAhnDv4LsII
216.58.211.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/HAhnDv4LsII
IP 216.58.211.3:0
Hash d06e641ef603b992ed92e0985b8a2ec9
fd58e5610f016a72ac55facc944fb7da4ca82dc9
eb4c5d1abe9d43faaab604dd0ad8ed2c7388e7ad78650408039fddee8790a2f8
POST /s/gts1p5/HAhnDv4LsII HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 13:16:59 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 5d26c41823a6e8c5fdcf3c28efbfdd01
2415b281bb7ee36d62aec11e477e4797e8bbc10c
e7c952964c5abd9aa20b354673bedf66a9ddb64c8c9ce0075a6601fe5d28cabe
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 13:16:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 26 kB IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ddb7fcd8cea9888cd607a19f4944fe7b
a1dd4c0136c1f8dcd70d092317eed977f8c88d73
f2481816e52eed4f0182e08530e0cc0347b3c25aee145698a2400cfa62e6d7b5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "95366A3904F9473E52B17B5ED9DE41B1BCBA9E6DEAED5A69D03199799B5FB8E7"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8978
Expires: Fri, 27 Jan 2023 15:46:37 GMT
Date: Fri, 27 Jan 2023 13:16:59 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 4.1 kB IP 216.58.211.3:0
Hash 286864e42637b43e3d2ddf60ebd7983e
d5c969848c92237e5636cdaeb387131c6845b2bb
f62b8d4af51464c6388e7529213f59abc57f89436f3a8d95f5bd646baa95cf4e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 13:16:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
142.250.74.74200 OK 32 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
IP 142.250.74.74:0
Hash d6ab8886650a796cc579b3c1d5b81f62
33e1e33871230f40b7eadbc8bcf46c7b6378291d
1b57cf6e9475609441e7b377dce60557b49e2856d8f2254f6fcf6d6d867f3d10
GET /ajax/libs/jquery/3.2.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eurekaddl.cfd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30306
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 23 Jan 2023 19:02:59 GMT
expires: Tue, 23 Jan 2024 19:02:59 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
age: 324840
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=G-SFJBEH299B
142.250.74.168200 OK 80 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-SFJBEH299B
IP 142.250.74.168:0
File type ASCII text, with very long lines (25680)
Hash 71a804d81f9fcbafe2e756a705c64153
5078eb7481a6a23f2611f0e7877549ad48121876
7d552b78fa1f9e3889621928f3d90358efab381c6a8947ceaf5f562736cbda3a
GET /gtag/js?id=G-SFJBEH299B HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eurekaddl.cfd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 27 Jan 2023 13:16:59 GMT
expires: Fri, 27 Jan 2023 13:16:59 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 79890
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 1.3 kB IP 216.58.211.3:0
Hash c0d7d7a25a51212ff1cfeb7cf2935d13
c80b891f633d3a2919976380197270c2c81b6c41
39c04b2bc9705cc5e11455b409c281ebdf2beda3b8639fd4d7e3c44ef60aad0e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 13:16:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 48f87f021aa43dc85cabc3b624264811
6dcc2e3610ec6ef91768905aae267c984227f54a
0e77dc8ff90169c7db1343058490de4942217f3846ca0586bebd33d32513b305
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 13:16:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f00696b25e35dad2773a2dbcc659c75c
d8c52b5a0ec985578ec827f72c104145edda7f18
1d441e38410ad59f16f83ef09750426625d872a4528dd52075779581d63013c2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1D441E38410AD59F16F83EF09750426625D872A4528DD52075779581D63013C2"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12000
Expires: Fri, 27 Jan 2023 16:36:59 GMT
Date: Fri, 27 Jan 2023 13:16:59 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f00696b25e35dad2773a2dbcc659c75c
d8c52b5a0ec985578ec827f72c104145edda7f18
1d441e38410ad59f16f83ef09750426625d872a4528dd52075779581d63013c2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1D441E38410AD59F16F83EF09750426625D872A4528DD52075779581D63013C2"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12000
Expires: Fri, 27 Jan 2023 16:36:59 GMT
Date: Fri, 27 Jan 2023 13:16:59 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 7.6 kB IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6d5d4e4747076ac751d4eb6636332058
6aad6f0dd75cf7baece4088d07d5753d15dca075
6d877b4146e0baf2af1e4ee600783aef084d1873b778984e12cb0e57d82bd124
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0D5BD9817A08D46282FD6E26294638A23873398BEA49AAE92213C6C0E0B3EDF3"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12886
Expires: Fri, 27 Jan 2023 16:51:45 GMT
Date: Fri, 27 Jan 2023 13:16:59 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash c6c64fc014f993e296f124e4b2f0f175
68d3e62fcd25c05d19894a28f4490cf1d04a44c1
7cee6b4b9234d595e6abd78d1bc14febaf314cdab54cc18e07f92e0b24fe1e79
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 13:16:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash c6c64fc014f993e296f124e4b2f0f175
68d3e62fcd25c05d19894a28f4490cf1d04a44c1
7cee6b4b9234d595e6abd78d1bc14febaf314cdab54cc18e07f92e0b24fe1e79
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 13:16:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
216.58.207.227200 OK 55 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 216.58.207.227:0
Hash 28a61b47b4ce90144517d677aaff5668
1e7e5ac3ea32ef733216af7a713d47371fb6a59d
67f70f7daea65df2ba6a439553aeac4c92c9f4fa552152edbfb20a865f340290
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://eurekaddl.cfd
Connection: keep-alive
Referer: https://eurekaddl.cfd/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 23 Jan 2023 18:52:41 GMT
expires: Tue, 23 Jan 2024 18:52:41 GMT
cache-control: public, max-age=31536000
age: 325458
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
whoursie.com/tag.min.js
139.45.197.237200 OK 25 kB IP 139.45.197.237:0
File type ASCII text, with very long lines (6308), with no line terminators
Hash 6a5444639e0da42d75a70ba22b1d89bc
2ffc4167e9341b15a8e67060279845e67b92458f
2a0fb60abab4e0789f6637d36cd2442bda599043d14010b35a1b9d485da2d0e2
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /tag.min.js HTTP/1.1
Host: whoursie.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eurekaddl.cfd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 27 Jan 2023 13:16:59 GMT
content-type: text/javascript; charset=utf-8
content-length: 23678
content-encoding: br
x-trace-id: ef6a333ba0dfd76aba459ccf0216ff34
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
accept-ranges: bytes
last-modified: Mon, 23 Jan 2023 15:53:40 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
whoursie.com/5/5586069/?oo=1&aab=1
139.45.197.237200 OK 3.4 kB URL HTTP/2 whoursie.com/5/5586069/?oo=1&aab=1
IP 139.45.197.237:0
Hash 1ec884692cffad5d42fe49ec5014667a
1dd52bbd48002c57b3e11e78f5bdc1921b5dbda5
23f0ca1a625cced6262c31f77698e8d694e0db5a1e2e8d23b14487674de62b49
Analyzer Verdict Alert quad9 Sinkholed
GET /5/5586069/?oo=1&aab=1 HTTP/1.1
Host: whoursie.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://eurekaddl.cfd
Connection: keep-alive
Referer: https://eurekaddl.cfd/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 27 Jan 2023 13:16:59 GMT
content-type: application/json
x-trace-id: bc8a4b4a923c28d009fc2c5ac28d2d96
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: https://eurekaddl.cfd
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=a6e93944e7384f5ab275b28a8610d93e; expires=Sat, 27 Jan 2024 13:16:59 GMT; path=/; secure; SameSite=None
oaidts=1674825419; expires=Sat, 27 Jan 2024 13:16:59 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Last-Modified, Pragma, ETag, Retry-After, Content-Type, Content-Length, Expires, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 27 Jan 2023 12:49:03 GMT
age: 1676
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
arsnivyr.com/1?z=5596264
139.45.197.242200 OK 7.6 kB IP 139.45.197.242:0
Hash 0fccd39d116aac0fb9bcf1df79be74a1
2ddbaea85934cd74e878d42754d5372a2944ddb7
349cdb78f0bbde5dfd44bb548b8699624558c0a82b7b25b265999c34b18d3054
Analyzer Verdict Alert quad9 Sinkholed
GET /1?z=5596264 HTTP/1.1
Host: arsnivyr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eurekaddl.cfd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 27 Jan 2023 13:16:59 GMT
content-type: text/javascript
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID
x-trace-id: fb2562327d2a7c8859914326f48ab0c5
access-control-expose-headers: X-Sc
x-sc: ghwiCtKi1qeoAYqJR4tRzP8mr8JZWkgxOXj1svXZztaJil5fATdjarqxVRihkRfi34C80t6ylfED2SAeHxZ2_aVxFS4=
set-cookie: scm=1; expires=Sat, 27 Jan 2024 13:16:59 GMT; secure; SameSite=None
OAID=9fc54885aa644425b3fa45a0a47ed5d1; expires=Sat, 27 Jan 2024 13:16:59 GMT; secure; SameSite=None
oaidts=1674825419; expires=Sat, 27 Jan 2024 13:16:59 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
push.services.mozilla.com/
35.83.112.49101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.83.112.49:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: ALBsi5KyR3DxIy1cBLddZg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: ZL27QYeyJJOGwTqMwlbRvFgfSiI=
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2fd3b5487710791cafa87110d681647a
6f3de59c79cf8f93c3312d917e9bb225a8bb25f9
35c24aa8f70e97185a0a18761f04b283cefecdce3abcd2261ccc6377077730c5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35C24AA8F70E97185A0A18761F04B283CEFECDCE3ABCD2261CCC6377077730C5"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10123
Expires: Fri, 27 Jan 2023 16:05:43 GMT
Date: Fri, 27 Jan 2023 13:17:00 GMT
Connection: keep-alive
my.rtmark.net/gid.js
139.45.195.8200 OK 65 B IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash afd91b08b103031eae8d1269f046782a
c49b70e223e20044561f9871df1ec825deece267
0f4314ce5687994854a91bd58fd101f0a2e98e877739c3f3fa9afedb52b6abf3
GET /gid.js HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://eurekaddl.cfd
Connection: keep-alive
Referer: https://eurekaddl.cfd/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 27 Jan 2023 13:17:00 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://eurekaddl.cfd
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=cbce889d83ce452fa3b46ee962f93fef; expires=Sat, 27 Jan 2024 13:17:00 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
arsnivyr.com/9?z=5596264&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Feurekaddl.cfd%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=2&sah=1002&drf=&hil=1&ist=0&oaid=cbce889d83ce452fa3b46ee962f93fef
139.45.197.242204 No Content 0 B URL HTTP/2 arsnivyr.com/9?z=5596264&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Feurekaddl.cfd%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=2&sah=1002&drf=&hil=1&ist=0&oaid=cbce889d83ce452fa3b46ee962f93fef
IP 139.45.197.242:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
OPTIONS /9?z=5596264&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Feurekaddl.cfd%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=2&sah=1002&drf=&hil=1&ist=0&oaid=cbce889d83ce452fa3b46ee962f93fef HTTP/1.1
Host: arsnivyr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://eurekaddl.cfd/
Origin: https://eurekaddl.cfd
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Fri, 27 Jan 2023 13:17:01 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://eurekaddl.cfd
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
arsnivyr.com/11?rnd=3501637368&z=5596264&b=16536118&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=h2JFAIudjuGRSaPhSRffAPb6RBS5odzIBgekDiWIQUTwKKexrFKXtzivJ0b5NPkLG7XfsmLs96vtXzMjKYUkkpc3DIg0lOdYRCyjj-pCnv8JDlS_29LUGuXrUyJgRa-ClTJ2Hxc0yYs4H3r5x6dVU0vh2LP6JxZaKyk3FHY4Q5Tx_jQnCd7zSM8VO3pckWzYhM2MMPf6cMGMG2jCkT12N_gKHHlTbuWP1vBwjFCBI18nUAjxrhSdSHdyYcuN2mjYyokfQUpvxEbDwq13iT2tQ932f6A3LGs1bpwW6vHfZaQrnZWMq0LNsnJ78e661ZFQGOX74Q3pCdHR1CChpKvWG_G1PNfD_KFJAUqGagDWx9PYNWVGwWVvnerXm7AFT4ObNxxIP5b0EEfKKrENwZRmK6TNrRAuQd6csFq_arvLI76JLU8yRknsLVJPEBgQ_APFQ8O2FbapAwwRM1PfTVdps44TvB6HGBSGn_vGuesuG4zGEIUYVVkd8W1TP1N0yuOL89xbkCiXkWoHgiVyoxZejctCfKj8SrmhhYB0rMcDsxUCs4c5E6mwgMYpCyTUlZIpjZd6ZUa2-3OaxjIe7Jl8VhCa1j0aln_6i-uuwfogs_WlHiYgyqoPPEE5pLxtTfR6R1_8LgfWjvpPsQjTndhdzmRsNFc=&ruid=d7446153-9c16-4a68-bfd2-6c2d8f9b3bf3&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Feurekaddl.cfd%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=2&sah=1002&drf=&hil=1&ist=0&ot=187
139.45.197.242200 OK 0 B URL HTTP/2 arsnivyr.com/11?rnd=3501637368&z=5596264&b=16536118&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=h2JFAIudjuGRSaPhSRffAPb6RBS5odzIBgekDiWIQUTwKKexrFKXtzivJ0b5NPkLG7XfsmLs96vtXzMjKYUkkpc3DIg0lOdYRCyjj-pCnv8JDlS_29LUGuXrUyJgRa-ClTJ2Hxc0yYs4H3r5x6dVU0vh2LP6JxZaKyk3FHY4Q5Tx_jQnCd7zSM8VO3pckWzYhM2MMPf6cMGMG2jCkT12N_gKHHlTbuWP1vBwjFCBI18nUAjxrhSdSHdyYcuN2mjYyokfQUpvxEbDwq13iT2tQ932f6A3LGs1bpwW6vHfZaQrnZWMq0LNsnJ78e661ZFQGOX74Q3pCdHR1CChpKvWG_G1PNfD_KFJAUqGagDWx9PYNWVGwWVvnerXm7AFT4ObNxxIP5b0EEfKKrENwZRmK6TNrRAuQd6csFq_arvLI76JLU8yRknsLVJPEBgQ_APFQ8O2FbapAwwRM1PfTVdps44TvB6HGBSGn_vGuesuG4zGEIUYVVkd8W1TP1N0yuOL89xbkCiXkWoHgiVyoxZejctCfKj8SrmhhYB0rMcDsxUCs4c5E6mwgMYpCyTUlZIpjZd6ZUa2-3OaxjIe7Jl8VhCa1j0aln_6i-uuwfogs_WlHiYgyqoPPEE5pLxtTfR6R1_8LgfWjvpPsQjTndhdzmRsNFc=&ruid=d7446153-9c16-4a68-bfd2-6c2d8f9b3bf3&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Feurekaddl.cfd%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=2&sah=1002&drf=&hil=1&ist=0&ot=187
IP 139.45.197.242:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /11?rnd=3501637368&z=5596264&b=16536118&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=h2JFAIudjuGRSaPhSRffAPb6RBS5odzIBgekDiWIQUTwKKexrFKXtzivJ0b5NPkLG7XfsmLs96vtXzMjKYUkkpc3DIg0lOdYRCyjj-pCnv8JDlS_29LUGuXrUyJgRa-ClTJ2Hxc0yYs4H3r5x6dVU0vh2LP6JxZaKyk3FHY4Q5Tx_jQnCd7zSM8VO3pckWzYhM2MMPf6cMGMG2jCkT12N_gKHHlTbuWP1vBwjFCBI18nUAjxrhSdSHdyYcuN2mjYyokfQUpvxEbDwq13iT2tQ932f6A3LGs1bpwW6vHfZaQrnZWMq0LNsnJ78e661ZFQGOX74Q3pCdHR1CChpKvWG_G1PNfD_KFJAUqGagDWx9PYNWVGwWVvnerXm7AFT4ObNxxIP5b0EEfKKrENwZRmK6TNrRAuQd6csFq_arvLI76JLU8yRknsLVJPEBgQ_APFQ8O2FbapAwwRM1PfTVdps44TvB6HGBSGn_vGuesuG4zGEIUYVVkd8W1TP1N0yuOL89xbkCiXkWoHgiVyoxZejctCfKj8SrmhhYB0rMcDsxUCs4c5E6mwgMYpCyTUlZIpjZd6ZUa2-3OaxjIe7Jl8VhCa1j0aln_6i-uuwfogs_WlHiYgyqoPPEE5pLxtTfR6R1_8LgfWjvpPsQjTndhdzmRsNFc=&ruid=d7446153-9c16-4a68-bfd2-6c2d8f9b3bf3&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Feurekaddl.cfd%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=2&sah=1002&drf=&hil=1&ist=0&ot=187 HTTP/1.1
Host: arsnivyr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://eurekaddl.cfd
Connection: keep-alive
Referer: https://eurekaddl.cfd/
Cookie: scm=1; OAID=cbce889d83ce452fa3b46ee962f93fef; oaidts=1674825419
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 27 Jan 2023 13:17:01 GMT
content-type: image/jpeg
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: https://eurekaddl.cfd
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID
x-trace-id: 414038832e6a2431f2cb6ea91785919e
access-control-expose-headers: X-Sc
set-cookie: OAID=cbce889d83ce452fa3b46ee962f93fef; expires=Sat, 27 Jan 2024 13:17:01 GMT; secure; SameSite=None
oaidts=1674825419; expires=Sat, 27 Jan 2024 13:17:01 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
arsnivyr.com/9?z=5596264&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Feurekaddl.cfd%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=2&sah=1002&drf=&hil=1&ist=0&oaid=cbce889d83ce452fa3b46ee962f93fef
139.45.197.242200 OK 2.7 kB URL HTTP/2 arsnivyr.com/9?z=5596264&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Feurekaddl.cfd%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=2&sah=1002&drf=&hil=1&ist=0&oaid=cbce889d83ce452fa3b46ee962f93fef
IP 139.45.197.242:0
File type JSON data\012- , ASCII text, with very long lines (6399), with no line terminators
Hash eaae1721ea6cd280bb37a48ca1c05a04
bbf9f806554e1bae95f3f25d1a1262a23e30a17d
f6a80575db63b519969df4db27083f18cce4af5bc5b45ff7c251e787bda89f76
Analyzer Verdict Alert quad9 Sinkholed
POST /9?z=5596264&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Feurekaddl.cfd%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=2&sah=1002&drf=&hil=1&ist=0&oaid=cbce889d83ce452fa3b46ee962f93fef HTTP/1.1
Host: arsnivyr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 407
Origin: https://eurekaddl.cfd
Connection: keep-alive
Referer: https://eurekaddl.cfd/
Cookie: scm=1; OAID=9fc54885aa644425b3fa45a0a47ed5d1; oaidts=1674825419
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 27 Jan 2023 13:17:01 GMT
content-type: application/json
access-control-allow-credentials: true
access-control-allow-origin: https://eurekaddl.cfd
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID
x-trace-id: f46e462da9610d9097ae6dde7e3edb82
access-control-expose-headers: X-Sc
set-cookie: OAID=cbce889d83ce452fa3b46ee962f93fef; expires=Sat, 27 Jan 2024 13:17:01 GMT; secure; SameSite=None
oaidts=1674825419; expires=Sat, 27 Jan 2024 13:17:01 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
whoursie.com/?rb=4Ryn4f4n3aRDWVWiNWuGOB6ZbIwCa5VgJNcZCfqTF6M2pU_mAJUTKZ1N5DNgcQz2FyB6wPAPkKqJo95kpgro9Rgp4hE4TDTtI6-7jNaIa0xccFWtlyjYoPNQgsUXi7xSa6Hnr5v80fElv1T5IqyQ73czSADhUwjiozKgloGe-lBf0qzAA03ybhPeQzaNQrvUrhPnuM1_wwEjwR1cavR0LPMZ9uADPd5mE3EHXCTv1AE%3D&request_ab2=0&zoneid=5586069&js_build=iclick-v1.473.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=2&pl=https%3A%2F%2Feurekaddl.cfd%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.473.0&bs=775e4cdc-912c-49ca-ac1f-ddc9e5ceef8a&userId=cbce889d83ce452fa3b46ee962f93fef&m=link
139.45.197.237200 OK 1.9 kB URL HTTP/2 whoursie.com/?rb=4Ryn4f4n3aRDWVWiNWuGOB6ZbIwCa5VgJNcZCfqTF6M2pU_mAJUTKZ1N5DNgcQz2FyB6wPAPkKqJo95kpgro9Rgp4hE4TDTtI6-7jNaIa0xccFWtlyjYoPNQgsUXi7xSa6Hnr5v80fElv1T5IqyQ73czSADhUwjiozKgloGe-lBf0qzAA03ybhPeQzaNQrvUrhPnuM1_wwEjwR1cavR0LPMZ9uADPd5mE3EHXCTv1AE%3D&request_ab2=0&zoneid=5586069&js_build=iclick-v1.473.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=2&pl=https%3A%2F%2Feurekaddl.cfd%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.473.0&bs=775e4cdc-912c-49ca-ac1f-ddc9e5ceef8a&userId=cbce889d83ce452fa3b46ee962f93fef&m=link
IP 139.45.197.237:0
Hash fd549b1eeaddb9fd205c58aa891bfb2e
6da5ac45d64cc7a6daa815fdf49ce025af1ba18c
032d44d84bcf994c61db9ed911a416b52ef0e06afb87df7bbd5094e99e7af71d
Analyzer Verdict Alert quad9 Sinkholed
GET /?rb=4Ryn4f4n3aRDWVWiNWuGOB6ZbIwCa5VgJNcZCfqTF6M2pU_mAJUTKZ1N5DNgcQz2FyB6wPAPkKqJo95kpgro9Rgp4hE4TDTtI6-7jNaIa0xccFWtlyjYoPNQgsUXi7xSa6Hnr5v80fElv1T5IqyQ73czSADhUwjiozKgloGe-lBf0qzAA03ybhPeQzaNQrvUrhPnuM1_wwEjwR1cavR0LPMZ9uADPd5mE3EHXCTv1AE%3D&request_ab2=0&zoneid=5586069&js_build=iclick-v1.473.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=2&pl=https%3A%2F%2Feurekaddl.cfd%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.473.0&bs=775e4cdc-912c-49ca-ac1f-ddc9e5ceef8a&userId=cbce889d83ce452fa3b46ee962f93fef&m=link HTTP/1.1
Host: whoursie.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://eurekaddl.cfd/
Origin: https://eurekaddl.cfd
Connection: keep-alive
Cookie: OAID=a6e93944e7384f5ab275b28a8610d93e; oaidts=1674825419
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 27 Jan 2023 13:17:01 GMT
content-type: application/json
x-trace-id: ba6d65a33960cd7026e7ccc6a4900f37
access-control-allow-origin: https://eurekaddl.cfd
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=cbce889d83ce452fa3b46ee962f93fef; expires=Sat, 27 Jan 2024 13:17:01 GMT; path=/; secure; SameSite=None
oaidts=1674825421; expires=Sat, 27 Jan 2024 13:17:01 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Fri, 03 Feb 2023 13:17:01 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash da6d1131f8c9ad77c09853b9bc65a467
dfcde7da9dc04065f6a3bbd2457ef90c75ed01ba
ea18b3e2c606aeb6128c798d0ce25827e7a630701a73248211b7d448805d2233
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 27 Jan 2023 13:17:01 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 25 Jan 2023 15:49:39 GMT
Expires: Wed, 01 Feb 2023 15:49:38 GMT
Etag: "dfcde7da9dc04065f6a3bbd2457ef90c75ed01ba"
Cache-Control: max-age=440556,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7901c4239ad30b02-OSL
fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
139.45.195.254200 OK 12 B URL HTTP/1.1 fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
IP 139.45.195.254:0
File type JSON data\012- , ASCII text, with no line terminators
Hash adb4650bfc9d2a73d4dd69583b0ceb14
1ce399d6e936232aaf2192cd7903a279c5015f22
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed
Analyzer Verdict Alert quad9 Sinkholed
POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f HTTP/1.1
Host: fleraprt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 892
Origin: https://eurekaddl.cfd
Connection: keep-alive
Referer: https://eurekaddl.cfd/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Fri, 27 Jan 2023 13:17:28 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://eurekaddl.cfd
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 5caa2b44f546d4d16dda3b5186d20cdd
321796dceaea32633ec414701991c28e4bef7699
ee8ca883755cc12fa8f71b8ed4b70c31f2e24df59abdbd037406bc2abb4c392f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2406
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 27 Jan 2023 13:17:01 GMT
Last-Modified: Fri, 27 Jan 2023 12:36:55 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 278
offerimage.com/www/images/7d763937692f59aea0578ffe58c10ee0.jpeg
172.67.22.216200 OK 14 kB URL HTTP/2 offerimage.com/www/images/7d763937692f59aea0578ffe58c10ee0.jpeg
IP 172.67.22.216:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3\012- data
Hash 7d763937692f59aea0578ffe58c10ee0
b3a4cc4fd1a0d8319e59057e535b0b19f1a3b35b
2d7300c572db1683cbc8071be4bbaf31b00954193f6f82d453c99a7a58bd7620
GET /www/images/7d763937692f59aea0578ffe58c10ee0.jpeg HTTP/1.1
Host: offerimage.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eurekaddl.cfd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 27 Jan 2023 13:17:01 GMT
content-type: image/jpeg
content-length: 13778
cache-control: max-age=86400
cf-bgj: h2pri
etag: "63888441-35d2"
expires: Fri, 27 Jan 2023 20:36:35 GMT
last-modified: Thu, 01 Dec 2022 10:38:57 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 60026
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7901c424ace50afe-OSL
X-Firefox-Spdy: h2
interstitial-07.com/contents/s/d6/57/d0/b45c722c9203953e7fbb92fc33/01117258015882.jpeg
139.45.197.153200 OK 20 kB URL HTTP/2 interstitial-07.com/contents/s/d6/57/d0/b45c722c9203953e7fbb92fc33/01117258015882.jpeg
IP 139.45.197.153:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 256x256, components 3\012- data
Hash d657d0b45c722c9203953e7fbb92fc33
e1ff29e4b8f1ea03d163e6a3c8f4d381cae5a3e2
40785963d6afef460b6d58db44d00d3bbed11a81f88e64e6a1b91d317b220d40
GET /contents/s/d6/57/d0/b45c722c9203953e7fbb92fc33/01117258015882.jpeg HTTP/1.1
Host: interstitial-07.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://interstitial-07.com/?l=yig0C7r9tE92Gj6&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Farsnivyr.com%2F12%3Frnd%3D2422133323%26z%3D5596264%26b%3D16536118%26c%3D6560718%26var%3D%26d%3Dhttps%253A%252F%252Fsingelstodate.com%252Fbase.php%253Fc%253D1499%2526key%253D078e8e1696ef5f705a04995394169693%2526zoneid%253D%257Bzoneid%257D%2526cost%253D%257Bcost%257D%2526subid%253D%2524%257BSUBID%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3Dh2JFAIudjuGRSaPhSRffAPb6RBS5odzIBgekDiWIQUTwKKexrFKXtzivJ0b5NPkLG7XfsmLs96vtXzMjKYUkkpc3DIg0lOdYRCyjj-pCnv8JDlS_29LUGuXrUyJgRa-ClTJ2Hxc0yYs4H3r5x6dVU0vh2LP6JxZaKyk3FHY4Q5Tx_jQnCd7zSM8VO3pckWzYhM2MMPf6cMGMG2jCkT12N_gKHHlTbuWP1vBwjFCBI18nUAjxrhSdSHdyYcuN2mjYyokfQUpvxEbDwq13iT2tQ932f6A3LGs1bpwW6vHfZaQrnZWMq0LNsnJ78e661ZFQGOX74Q3pCdHR1CChpKvWG_G1PNfD_KFJAUqGagDWx9PYNWVGwWVvnerXm7AFT4ObNxxIP5b0EEfKKrENwZRmK6TNrRAuQd6csFq_arvLI76JLU8yRknsLVJPEBgQ_APFQ8O2FbapAwwRM1PfTVdps44TvB6HGBSGn_vGuesuG4zGEIUYVVkd8W1TP1N0yuOL89xbkCiXkWoHgiVyoxZejctCfKj8SrmhhYB0rMcDsxUCs4c5E6mwgMYpCyTUlZIpjZd6ZUa2-3OaxjIe7Jl8VhCa1j0aln_6i-uuwfogs_WlHiYgyqoPPEE5pLxtTfR6R1_8LgfWjvpPsQjTndhdzmRsNFc%3D%26bag%3DmtlVseJPZwq8MrL-yExcig%3D%3D%26ruid%3Dd7446153-9c16-4a68-bfd2-6c2d8f9b3bf3%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Feurekaddl.cfd%252F%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1268%26wiw%3D1280%26wih%3D939%26wfc%3D2%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 27 Jan 2023 13:17:01 GMT
content-type: image/jpeg
content-length: 19879
last-modified: Wed, 05 Oct 2022 17:04:55 GMT
vary: Accept-Encoding
etag: "633db937-4da7"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bd56ce22720c6e6072efdabae64669fd
29194390d12177fe0d88e1bd2fb4436509366a1c
c41996d83d942ca58a13e2d1adfd171cf26a84bc9b7fdbd1ca941eb0269b5404
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C41996D83D942CA58A13E2D1ADFD171CF26A84BC9B7FDBD1CA941EB0269B5404"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11061
Expires: Fri, 27 Jan 2023 16:21:22 GMT
Date: Fri, 27 Jan 2023 13:17:01 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bd56ce22720c6e6072efdabae64669fd
29194390d12177fe0d88e1bd2fb4436509366a1c
c41996d83d942ca58a13e2d1adfd171cf26a84bc9b7fdbd1ca941eb0269b5404
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C41996D83D942CA58A13E2D1ADFD171CF26A84BC9B7FDBD1CA941EB0269B5404"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11061
Expires: Fri, 27 Jan 2023 16:21:22 GMT
Date: Fri, 27 Jan 2023 13:17:01 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bd56ce22720c6e6072efdabae64669fd
29194390d12177fe0d88e1bd2fb4436509366a1c
c41996d83d942ca58a13e2d1adfd171cf26a84bc9b7fdbd1ca941eb0269b5404
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C41996D83D942CA58A13E2D1ADFD171CF26A84BC9B7FDBD1CA941EB0269B5404"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11061
Expires: Fri, 27 Jan 2023 16:21:22 GMT
Date: Fri, 27 Jan 2023 13:17:01 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bd56ce22720c6e6072efdabae64669fd
29194390d12177fe0d88e1bd2fb4436509366a1c
c41996d83d942ca58a13e2d1adfd171cf26a84bc9b7fdbd1ca941eb0269b5404
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C41996D83D942CA58A13E2D1ADFD171CF26A84BC9B7FDBD1CA941EB0269B5404"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11061
Expires: Fri, 27 Jan 2023 16:21:22 GMT
Date: Fri, 27 Jan 2023 13:17:01 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bd56ce22720c6e6072efdabae64669fd
29194390d12177fe0d88e1bd2fb4436509366a1c
c41996d83d942ca58a13e2d1adfd171cf26a84bc9b7fdbd1ca941eb0269b5404
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C41996D83D942CA58A13E2D1ADFD171CF26A84BC9B7FDBD1CA941EB0269B5404"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11061
Expires: Fri, 27 Jan 2023 16:21:22 GMT
Date: Fri, 27 Jan 2023 13:17:01 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F48b381df-c118-4c63-bd08-99ac7a51ae39.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F48b381df-c118-4c63-bd08-99ac7a51ae39.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 06130c82b0c12aabc0cc9f920114e1c5
c2137e969f6eb3790923e1bc30d4288105fd1296
70b50dc9f7e76372b557da8d5188e86b4307e3d855619c5974d7830ab187cec1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F48b381df-c118-4c63-bd08-99ac7a51ae39.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11689
x-amzn-requestid: c72f71e2-e235-4611-826b-94b55c1a6a17
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fR1YDGl8oAMF2Lw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d09c33-3e8a69900c1267e102d2c2bc;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 03:04:19 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Nsm2GhqSll0LCoSNRA6KjKZbee7frV0mgbS4z0yO9-DGrXvdZIM_2A==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 03:11:18 GMT
age: 36343
etag: "c2137e969f6eb3790923e1bc30d4288105fd1296"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
interstitial-07.com/contents/s/9b/2c/29/3f4695bb8f89f5bdc53f2634e2/01175794239723.jpeg
139.45.197.153200 OK 63 kB URL HTTP/2 interstitial-07.com/contents/s/9b/2c/29/3f4695bb8f89f5bdc53f2634e2/01175794239723.jpeg
IP 139.45.197.153:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 492x328, components 3\012- data
Hash 9b2c293f4695bb8f89f5bdc53f2634e2
fda95c173965012fa72bd0386a0f1e4f0e5220fa
f7090a9b5e00f32721b1d83183b54e836e4237f6d407186327f7835caf3c265a
GET /contents/s/9b/2c/29/3f4695bb8f89f5bdc53f2634e2/01175794239723.jpeg HTTP/1.1
Host: interstitial-07.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://interstitial-07.com/?l=yig0C7r9tE92Gj6&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Farsnivyr.com%2F12%3Frnd%3D2422133323%26z%3D5596264%26b%3D16536118%26c%3D6560718%26var%3D%26d%3Dhttps%253A%252F%252Fsingelstodate.com%252Fbase.php%253Fc%253D1499%2526key%253D078e8e1696ef5f705a04995394169693%2526zoneid%253D%257Bzoneid%257D%2526cost%253D%257Bcost%257D%2526subid%253D%2524%257BSUBID%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3Dh2JFAIudjuGRSaPhSRffAPb6RBS5odzIBgekDiWIQUTwKKexrFKXtzivJ0b5NPkLG7XfsmLs96vtXzMjKYUkkpc3DIg0lOdYRCyjj-pCnv8JDlS_29LUGuXrUyJgRa-ClTJ2Hxc0yYs4H3r5x6dVU0vh2LP6JxZaKyk3FHY4Q5Tx_jQnCd7zSM8VO3pckWzYhM2MMPf6cMGMG2jCkT12N_gKHHlTbuWP1vBwjFCBI18nUAjxrhSdSHdyYcuN2mjYyokfQUpvxEbDwq13iT2tQ932f6A3LGs1bpwW6vHfZaQrnZWMq0LNsnJ78e661ZFQGOX74Q3pCdHR1CChpKvWG_G1PNfD_KFJAUqGagDWx9PYNWVGwWVvnerXm7AFT4ObNxxIP5b0EEfKKrENwZRmK6TNrRAuQd6csFq_arvLI76JLU8yRknsLVJPEBgQ_APFQ8O2FbapAwwRM1PfTVdps44TvB6HGBSGn_vGuesuG4zGEIUYVVkd8W1TP1N0yuOL89xbkCiXkWoHgiVyoxZejctCfKj8SrmhhYB0rMcDsxUCs4c5E6mwgMYpCyTUlZIpjZd6ZUa2-3OaxjIe7Jl8VhCa1j0aln_6i-uuwfogs_WlHiYgyqoPPEE5pLxtTfR6R1_8LgfWjvpPsQjTndhdzmRsNFc%3D%26bag%3DmtlVseJPZwq8MrL-yExcig%3D%3D%26ruid%3Dd7446153-9c16-4a68-bfd2-6c2d8f9b3bf3%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Feurekaddl.cfd%252F%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1268%26wiw%3D1280%26wih%3D939%26wfc%3D2%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 27 Jan 2023 13:17:01 GMT
content-type: image/jpeg
content-length: 63121
last-modified: Wed, 05 Oct 2022 17:04:52 GMT
vary: Accept-Encoding
etag: "633db934-f691"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6418a71b-f89d-45d1-bc77-36d6312f560b.jpeg
34.120.237.76200 OK 5.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6418a71b-f89d-45d1-bc77-36d6312f560b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ba0a42dadf6a976df148f652e9cc1844
4d825b74865effa4a858ddcad1d0969671facc07
7276a38c9ba6b13a06f24ab8b802f210f98c5541df53fbcd8e879a14d2957d95
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6418a71b-f89d-45d1-bc77-36d6312f560b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5943
x-amzn-requestid: 6774f4a4-ed83-49df-868f-4517c2af914b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fUXxNF2UIAMFlYw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d1a007-75b1e8975c3f4b503e0a1c5b;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 21:32:55 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: KY05WKpINERD5g9o2QLYdsNMSuuy_YKn2Tl7Qkn7YaAOaPTDfLteeA==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 21:49:48 GMT
age: 55633
etag: "4d825b74865effa4a858ddcad1d0969671facc07"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F16430244-f45f-4aea-a8a8-2b1f37fa80ef.jpeg
34.120.237.76200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F16430244-f45f-4aea-a8a8-2b1f37fa80ef.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5e7158416f60576804ccff03307319fe
a342f94625e913fa6b8d862a59979f1e3ad80dd1
5c525df7d169cc7e033d920c11f4a0163a781c025a22b70530882b56964a9a52
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F16430244-f45f-4aea-a8a8-2b1f37fa80ef.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5737
x-amzn-requestid: 23239d1f-0228-4722-b826-40dc8c9a4af2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fVzDbEacIAMFZtA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d23215-1604c24e272fbb657b9925cc;Sampled=0
x-amzn-remapped-date: Thu, 26 Jan 2023 07:56:05 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: -_8PZoms7W6Lvw__KsoTwL_CzjfyWChzoSWDc9yCk9zCR8cTs87oNA==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 16:31:35 GMT
age: 74726
etag: "a342f94625e913fa6b8d862a59979f1e3ad80dd1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52fbb3f0-e394-4245-a542-f5d9aa7b93cc.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52fbb3f0-e394-4245-a542-f5d9aa7b93cc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dc869235086902c4acc379733b6bfdb8
0170f6aa6bd83ddeb60cf1cb65e9f0443d8d4bae
e614e29b14e69209fd4b82a688290f7a3f541909833a6558cf480aca899bab6d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52fbb3f0-e394-4245-a542-f5d9aa7b93cc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9056
x-amzn-requestid: 81cf473d-8dc6-49e7-b012-d0b7dfaec7f8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fB4COHTlIAMFtRg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ca3a0e-0848461c054db5c66fde9107;Sampled=0
x-amzn-remapped-date: Fri, 20 Jan 2023 06:51:58 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: MApUIVJ9KiOB34nLWUtMNmA8deQVoQ9xyNqSUYXlzdLlGoP9n78C5A==
via: 1.1 23206a1c229d8877bdd053c4b05f9d12.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 06:24:42 GMT
age: 24739
etag: "0170f6aa6bd83ddeb60cf1cb65e9f0443d8d4bae"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 86a25231794bbfd3f276118a68cf20f4
ee94ff69230178aa9294348bfe638acce39bda73
8aa3357c026c54209085411a849df78cd14f155d4991330fbd6ad039f8262985
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8AA3357C026C54209085411A849DF78CD14F155D4991330FBD6AD039F8262985"
Last-Modified: Thu, 26 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8809
Expires: Fri, 27 Jan 2023 15:43:50 GMT
Date: Fri, 27 Jan 2023 13:17:01 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb887e5-87fa-4855-b0ee-712d39779fa0.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb887e5-87fa-4855-b0ee-712d39779fa0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b7a0759c043594fbe85af422b59b8227
a05cfaad16078f42218dae233da38f6f5dff8487
e898d6ef1b3998fb9322a8fc190069ec5f7b3582bfe8397a2367497d84a27549
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb887e5-87fa-4855-b0ee-712d39779fa0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11568
x-amzn-requestid: 2e85f75e-ab9d-4d45-adad-7313950a9647
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fSWbxGwnoAMFejw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d0d117-68f1a9e71a07a0453311fd32;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 06:49:59 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: dbz3wXGNaetf6xvRE98rshyHy-FVfDo8co-4VDL0a4Qe3E4U8A82Og==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 18:35:59 GMT
etag: "a05cfaad16078f42218dae233da38f6f5dff8487"
content-type: image/jpeg
age: 67262
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbccadbe9-ae35-4a03-bf17-9342e0629c81.jpeg
34.120.237.76200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbccadbe9-ae35-4a03-bf17-9342e0629c81.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6e96f3ea585b5fa8ed6446ed16e2b4b2
f90c205f370a2426dffe3c21b24bfa551b385556
6967ba25887f87200fcb39a3e6f065fd27596b2ebcf0d33a2751c655d6e724f2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbccadbe9-ae35-4a03-bf17-9342e0629c81.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4272
x-amzn-requestid: e051c22b-c2ec-4e59-b29b-ba1464d8015b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fRz28G13oAMFeeQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d099c5-48b013ff34b9702a6d2fd560;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 02:53:57 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 3BquvYOvgBWY2JeuOjZH9t1bunnj5yAXmMqyqZKuD6v2xMm8BAG3lw==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 12:35:00 GMT
age: 2521
etag: "f90c205f370a2426dffe3c21b24bfa551b385556"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
region1.google-analytics.com/g/collect?v=2&tid=G-SFJBEH299B>m=2oe1p0&_p=1785837431&cid=776885837.1674825421&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1674825420&sct=1&seg=0&dl=https%3A%2F%2Feurekaddl.cfd%2F&dt=EurekaDDL%20-%20Da%20noi%20trovi%20tutto!%20Siamo%20i%20Numeri%20Uno%20in%20Italia!&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
216.239.34.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-SFJBEH299B>m=2oe1p0&_p=1785837431&cid=776885837.1674825421&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1674825420&sct=1&seg=0&dl=https%3A%2F%2Feurekaddl.cfd%2F&dt=EurekaDDL%20-%20Da%20noi%20trovi%20tutto!%20Siamo%20i%20Numeri%20Uno%20in%20Italia!&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP 216.239.34.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-SFJBEH299B>m=2oe1p0&_p=1785837431&cid=776885837.1674825421&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1674825420&sct=1&seg=0&dl=https%3A%2F%2Feurekaddl.cfd%2F&dt=EurekaDDL%20-%20Da%20noi%20trovi%20tutto!%20Siamo%20i%20Numeri%20Uno%20in%20Italia!&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://eurekaddl.cfd
Connection: keep-alive
Referer: https://eurekaddl.cfd/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://eurekaddl.cfd
date: Fri, 27 Jan 2023 13:17:01 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
unphionetor.com/vctx?t=72747
139.45.197.236204 No Content 0 B URL HTTP/2 unphionetor.com/vctx?t=72747
IP 139.45.197.236:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /vctx?t=72747 HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://interstitial-07.com
Connection: keep-alive
Referer: https://interstitial-07.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Fri, 27 Jan 2023 13:17:01 GMT
access-control-allow-origin: https://interstitial-07.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 3ad56b77f55a997b72b3323c6725bd97
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
unphionetor.com/vbl?t=72747&bid=undefined&aid=undefined
139.45.197.236204 No Content 0 B URL HTTP/2 unphionetor.com/vbl?t=72747&bid=undefined&aid=undefined
IP 139.45.197.236:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
POST /vbl?t=72747&bid=undefined&aid=undefined HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://interstitial-07.com
Connection: keep-alive
Referer: https://interstitial-07.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Fri, 27 Jan 2023 13:17:01 GMT
access-control-allow-origin: https://interstitial-07.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 35ef7e96d80d2e4410c8e60f9f67c33a
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
glizauvo.net/impression/FA9kUbMOODTq-09q98DsAZrSrSrhV8TwEwjZf3ZhOS3HhAZmK3y-cAsOXRGPZmnxImuhbM1e2eqZza-m12p0W7enWoDzT6-bJXumuXNZgMOgmo-p3NoLFQt3Fr97-jvjr8uUgiRXOPHkhg7Q01feZxVvrkVf-w9u3nvf50mYEHfl5bzl2qnvJzEOVRas-cX323t7KAhuml6RXe1qa8Gd86gVZ-fwy1bCJuuWkoLdCz_Ee3LSPzRGFqTgmIf5WHCiW9pRnAP8e_r0eaFQrBwReFAaWD8tz5OeTjJlAUrnku5NSxd-XQYgIyzCCAMwjvDPTezSKKwqet3pEiNBcNs6Wgp3ihmTMXvSn4ToBBnjrffCXssPNvO9mcgDBerrCFRsw_LlE3Ac7HXjyF2vBovuyH3S8KUBlkOs9-2i60O2YH6tIAMMBXD6goRjsmkAWd8sAeUs_2FoxTU3CPbVyjRkkRPpdOrFb0R7qu1NPP4Pv_XqsOwKanjJp6O4nxL1JRUWRnMzFKZ3KkqINEgFqAVtKxoZc-lO2xaNnm8tcXIHaYieUoh8PCq9iFoq2tZ-EMM7X88fiFAth-BOSsndXWG0oARs7rg=?_z=5586186&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&pl=https%3A%2F%2Feurekaddl.cfd%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.236200 OK 43 B URL HTTP/2 glizauvo.net/impression/FA9kUbMOODTq-09q98DsAZrSrSrhV8TwEwjZf3ZhOS3HhAZmK3y-cAsOXRGPZmnxImuhbM1e2eqZza-m12p0W7enWoDzT6-bJXumuXNZgMOgmo-p3NoLFQt3Fr97-jvjr8uUgiRXOPHkhg7Q01feZxVvrkVf-w9u3nvf50mYEHfl5bzl2qnvJzEOVRas-cX323t7KAhuml6RXe1qa8Gd86gVZ-fwy1bCJuuWkoLdCz_Ee3LSPzRGFqTgmIf5WHCiW9pRnAP8e_r0eaFQrBwReFAaWD8tz5OeTjJlAUrnku5NSxd-XQYgIyzCCAMwjvDPTezSKKwqet3pEiNBcNs6Wgp3ihmTMXvSn4ToBBnjrffCXssPNvO9mcgDBerrCFRsw_LlE3Ac7HXjyF2vBovuyH3S8KUBlkOs9-2i60O2YH6tIAMMBXD6goRjsmkAWd8sAeUs_2FoxTU3CPbVyjRkkRPpdOrFb0R7qu1NPP4Pv_XqsOwKanjJp6O4nxL1JRUWRnMzFKZ3KkqINEgFqAVtKxoZc-lO2xaNnm8tcXIHaYieUoh8PCq9iFoq2tZ-EMM7X88fiFAth-BOSsndXWG0oARs7rg=?_z=5586186&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&pl=https%3A%2F%2Feurekaddl.cfd%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.236:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Analyzer Verdict Alert quad9 Sinkholed
GET /impression/FA9kUbMOODTq-09q98DsAZrSrSrhV8TwEwjZf3ZhOS3HhAZmK3y-cAsOXRGPZmnxImuhbM1e2eqZza-m12p0W7enWoDzT6-bJXumuXNZgMOgmo-p3NoLFQt3Fr97-jvjr8uUgiRXOPHkhg7Q01feZxVvrkVf-w9u3nvf50mYEHfl5bzl2qnvJzEOVRas-cX323t7KAhuml6RXe1qa8Gd86gVZ-fwy1bCJuuWkoLdCz_Ee3LSPzRGFqTgmIf5WHCiW9pRnAP8e_r0eaFQrBwReFAaWD8tz5OeTjJlAUrnku5NSxd-XQYgIyzCCAMwjvDPTezSKKwqet3pEiNBcNs6Wgp3ihmTMXvSn4ToBBnjrffCXssPNvO9mcgDBerrCFRsw_LlE3Ac7HXjyF2vBovuyH3S8KUBlkOs9-2i60O2YH6tIAMMBXD6goRjsmkAWd8sAeUs_2FoxTU3CPbVyjRkkRPpdOrFb0R7qu1NPP4Pv_XqsOwKanjJp6O4nxL1JRUWRnMzFKZ3KkqINEgFqAVtKxoZc-lO2xaNnm8tcXIHaYieUoh8PCq9iFoq2tZ-EMM7X88fiFAth-BOSsndXWG0oARs7rg=?_z=5586186&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&pl=https%3A%2F%2Feurekaddl.cfd%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: glizauvo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eurekaddl.cfd/
Cookie: OAID=cbce889d83ce452fa3b46ee962f93fef
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 27 Jan 2023 13:17:06 GMT
content-type: image/gif
content-length: 43
x-trace-id: c32dab0a3df0b111fea3ed3ffd047440
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
interstitial-07.com/?l=yig0C7r9tE92Gj6&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Farsnivyr.com%2F12%3Frnd%3D2422133323%26z%3D5596264%26b%3D16536118%26c%3D6560718%26var%3D%26d%3Dhttps%253A%252F%252Fsingelstodate.com%252Fbase.php%253Fc%253D1499%2526key%253D078e8e1696ef5f705a04995394169693%2526zoneid%253D%257Bzoneid%257D%2526cost%253D%257Bcost%257D%2526subid%253D%2524%257BSUBID%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3Dh2JFAIudjuGRSaPhSRffAPb6RBS5odzIBgekDiWIQUTwKKexrFKXtzivJ0b5NPkLG7XfsmLs96vtXzMjKYUkkpc3DIg0lOdYRCyjj-pCnv8JDlS_29LUGuXrUyJgRa-ClTJ2Hxc0yYs4H3r5x6dVU0vh2LP6JxZaKyk3FHY4Q5Tx_jQnCd7zSM8VO3pckWzYhM2MMPf6cMGMG2jCkT12N_gKHHlTbuWP1vBwjFCBI18nUAjxrhSdSHdyYcuN2mjYyokfQUpvxEbDwq13iT2tQ932f6A3LGs1bpwW6vHfZaQrnZWMq0LNsnJ78e661ZFQGOX74Q3pCdHR1CChpKvWG_G1PNfD_KFJAUqGagDWx9PYNWVGwWVvnerXm7AFT4ObNxxIP5b0EEfKKrENwZRmK6TNrRAuQd6csFq_arvLI76JLU8yRknsLVJPEBgQ_APFQ8O2FbapAwwRM1PfTVdps44TvB6HGBSGn_vGuesuG4zGEIUYVVkd8W1TP1N0yuOL89xbkCiXkWoHgiVyoxZejctCfKj8SrmhhYB0rMcDsxUCs4c5E6mwgMYpCyTUlZIpjZd6ZUa2-3OaxjIe7Jl8VhCa1j0aln_6i-uuwfogs_WlHiYgyqoPPEE5pLxtTfR6R1_8LgfWjvpPsQjTndhdzmRsNFc%3D%26bag%3DmtlVseJPZwq8MrL-yExcig%3D%3D%26ruid%3Dd7446153-9c16-4a68-bfd2-6c2d8f9b3bf3%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Feurekaddl.cfd%252F%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1268%26wiw%3D1280%26wih%3D939%26wfc%3D2%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
139.45.197.153200 OK 18 kB URL HTTP/2 interstitial-07.com/?l=yig0C7r9tE92Gj6&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Farsnivyr.com%2F12%3Frnd%3D2422133323%26z%3D5596264%26b%3D16536118%26c%3D6560718%26var%3D%26d%3Dhttps%253A%252F%252Fsingelstodate.com%252Fbase.php%253Fc%253D1499%2526key%253D078e8e1696ef5f705a04995394169693%2526zoneid%253D%257Bzoneid%257D%2526cost%253D%257Bcost%257D%2526subid%253D%2524%257BSUBID%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3Dh2JFAIudjuGRSaPhSRffAPb6RBS5odzIBgekDiWIQUTwKKexrFKXtzivJ0b5NPkLG7XfsmLs96vtXzMjKYUkkpc3DIg0lOdYRCyjj-pCnv8JDlS_29LUGuXrUyJgRa-ClTJ2Hxc0yYs4H3r5x6dVU0vh2LP6JxZaKyk3FHY4Q5Tx_jQnCd7zSM8VO3pckWzYhM2MMPf6cMGMG2jCkT12N_gKHHlTbuWP1vBwjFCBI18nUAjxrhSdSHdyYcuN2mjYyokfQUpvxEbDwq13iT2tQ932f6A3LGs1bpwW6vHfZaQrnZWMq0LNsnJ78e661ZFQGOX74Q3pCdHR1CChpKvWG_G1PNfD_KFJAUqGagDWx9PYNWVGwWVvnerXm7AFT4ObNxxIP5b0EEfKKrENwZRmK6TNrRAuQd6csFq_arvLI76JLU8yRknsLVJPEBgQ_APFQ8O2FbapAwwRM1PfTVdps44TvB6HGBSGn_vGuesuG4zGEIUYVVkd8W1TP1N0yuOL89xbkCiXkWoHgiVyoxZejctCfKj8SrmhhYB0rMcDsxUCs4c5E6mwgMYpCyTUlZIpjZd6ZUa2-3OaxjIe7Jl8VhCa1j0aln_6i-uuwfogs_WlHiYgyqoPPEE5pLxtTfR6R1_8LgfWjvpPsQjTndhdzmRsNFc%3D%26bag%3DmtlVseJPZwq8MrL-yExcig%3D%3D%26ruid%3Dd7446153-9c16-4a68-bfd2-6c2d8f9b3bf3%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Feurekaddl.cfd%252F%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1268%26wiw%3D1280%26wih%3D939%26wfc%3D2%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
IP 139.45.197.153:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1484)
Hash 190f5654175198cfa51906874b61a46b
6cf3782bc3c018f03f9ede2acab3746471449f6e
5a0da9b9f2e1bc81d7e74bd0ef9f99f033e553ff37851b69ece9183a8d8250a5
GET /?l=yig0C7r9tE92Gj6&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Farsnivyr.com%2F12%3Frnd%3D2422133323%26z%3D5596264%26b%3D16536118%26c%3D6560718%26var%3D%26d%3Dhttps%253A%252F%252Fsingelstodate.com%252Fbase.php%253Fc%253D1499%2526key%253D078e8e1696ef5f705a04995394169693%2526zoneid%253D%257Bzoneid%257D%2526cost%253D%257Bcost%257D%2526subid%253D%2524%257BSUBID%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3Dh2JFAIudjuGRSaPhSRffAPb6RBS5odzIBgekDiWIQUTwKKexrFKXtzivJ0b5NPkLG7XfsmLs96vtXzMjKYUkkpc3DIg0lOdYRCyjj-pCnv8JDlS_29LUGuXrUyJgRa-ClTJ2Hxc0yYs4H3r5x6dVU0vh2LP6JxZaKyk3FHY4Q5Tx_jQnCd7zSM8VO3pckWzYhM2MMPf6cMGMG2jCkT12N_gKHHlTbuWP1vBwjFCBI18nUAjxrhSdSHdyYcuN2mjYyokfQUpvxEbDwq13iT2tQ932f6A3LGs1bpwW6vHfZaQrnZWMq0LNsnJ78e661ZFQGOX74Q3pCdHR1CChpKvWG_G1PNfD_KFJAUqGagDWx9PYNWVGwWVvnerXm7AFT4ObNxxIP5b0EEfKKrENwZRmK6TNrRAuQd6csFq_arvLI76JLU8yRknsLVJPEBgQ_APFQ8O2FbapAwwRM1PfTVdps44TvB6HGBSGn_vGuesuG4zGEIUYVVkd8W1TP1N0yuOL89xbkCiXkWoHgiVyoxZejctCfKj8SrmhhYB0rMcDsxUCs4c5E6mwgMYpCyTUlZIpjZd6ZUa2-3OaxjIe7Jl8VhCa1j0aln_6i-uuwfogs_WlHiYgyqoPPEE5pLxtTfR6R1_8LgfWjvpPsQjTndhdzmRsNFc%3D%26bag%3DmtlVseJPZwq8MrL-yExcig%3D%3D%26ruid%3Dd7446153-9c16-4a68-bfd2-6c2d8f9b3bf3%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Feurekaddl.cfd%252F%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1268%26wiw%3D1280%26wih%3D939%26wfc%3D2%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0 HTTP/1.1
Host: interstitial-07.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eurekaddl.cfd/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 27 Jan 2023 13:17:01 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.4.27
set-cookie: reverse=LgL_K2rG0sIMiAgyoIhg1LxpggqUqrqbDfJtZS0ySNE; expires=Fri, 27-Jan-2023 14:17:01 GMT; Max-Age=3600; path=/
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-encoding: br
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://eurekaddl.cfd
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 25 Jan 2023 19:33:54 GMT
expires: Thu, 25 Jan 2024 19:33:54 GMT
cache-control: public, max-age=31536000
age: 150192
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
arsnivyr.com/27/dae1eb9bef878cda2f3d5a0907ef4d01
139.45.197.242200 OK 0 B URL HTTP/2 arsnivyr.com/27/dae1eb9bef878cda2f3d5a0907ef4d01
IP 139.45.197.242:0
Analyzer Verdict Alert quad9 Sinkholed
GET /27/dae1eb9bef878cda2f3d5a0907ef4d01 HTTP/1.1
Host: arsnivyr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eurekaddl.cfd/
Cookie: scm=1; OAID=9fc54885aa644425b3fa45a0a47ed5d1; oaidts=1674825419
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 27 Jan 2023 13:16:59 GMT
content-type: application/javascript
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID
cache-control: max-age:290304000, public
last-modified: Fri, 27 Jan 2023 06:22:51 GMT
expires: Fri, 26 Feb 2083 06:22:51 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
glizauvo.net/401/5586186
139.45.197.236200 OK 0 B IP 139.45.197.236:0
Analyzer Verdict Alert quad9 Sinkholed
GET /401/5586186 HTTP/1.1
Host: glizauvo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eurekaddl.cfd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 27 Jan 2023 13:16:59 GMT
content-type: application/javascript
x-trace-id: 68b822637aefd6c2ea48c9f7b20b2156
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=08e8c75b061742fabf062424fc534f49; expires=Sat, 27 Jan 2024 13:16:59 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
glizauvo.net/500/5586186?excludes=&oaid=cbce889d83ce452fa3b46ee962f93fef&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=2&pl=https%3A%2F%2Feurekaddl.cfd%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.236200 OK 0 B URL HTTP/2 glizauvo.net/500/5586186?excludes=&oaid=cbce889d83ce452fa3b46ee962f93fef&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=2&pl=https%3A%2F%2Feurekaddl.cfd%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.236:0
Analyzer Verdict Alert quad9 Sinkholed
GET /500/5586186?excludes=&oaid=cbce889d83ce452fa3b46ee962f93fef&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=2&pl=https%3A%2F%2Feurekaddl.cfd%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: glizauvo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://eurekaddl.cfd
Connection: keep-alive
Referer: https://eurekaddl.cfd/
Cookie: OAID=08e8c75b061742fabf062424fc534f49
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 27 Jan 2023 13:17:01 GMT
content-type: application/javascript
x-trace-id: e65ec143e1ce3c0d2190f5ef45239b99
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
vary: Origin
access-control-allow-origin: https://eurekaddl.cfd
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=cbce889d83ce452fa3b46ee962f93fef; expires=Sat, 27 Jan 2024 13:17:01 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
unphionetor.com/fv.js?t=72747&cb=1026645499
139.45.197.236200 OK 0 B URL HTTP/2 unphionetor.com/fv.js?t=72747&cb=1026645499
IP 139.45.197.236:0
Analyzer Verdict Alert quad9 Sinkholed
GET /fv.js?t=72747&cb=1026645499 HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://interstitial-07.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 27 Jan 2023 13:17:01 GMT
content-type: text/javascript; charset=utf8
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 60b25f741a40897a4fc304811e5ad4dc
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
eurekaddl.cfd/
188.114.97.1200 OK 0 B IP 188.114.97.1:0
GET / HTTP/1.1
Host: eurekaddl.cfd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Fri, 27 Jan 2023 13:16:59 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.30
vary: Accept-Encoding,Cookie,X-Forwarded-Proto
cache-control: max-age=3, must-revalidate
x-end-server: Apache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RO9eZShD4Xfav8BNLUr3Xz5YqxGBsPBTGEuhmysrxCj5A29KvQWWcvhy6nB4ifpj%2F255cExck%2FFTI8tQg2SPGjesvKnzLGmREZ8dSIvOC4PKHYuGKWJFXaEB7n7r45VH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7901c415597ab51b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
tzegilo.com/stattag.js
172.67.141.224200 OK 0 B IP 172.67.141.224:0
GET /stattag.js HTTP/1.1
Host: tzegilo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://eurekaddl.cfd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 27 Jan 2023 13:17:00 GMT
content-type: application/javascript
last-modified: Thu, 29 Dec 2022 16:01:28 GMT
etag: W/"63adb9d8-3341"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 6253
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t%2Fk4VQUt5CZ0H6ZLTxZRihQhTgWO5r8N6OR7EmaeRmiKNPtQFcgCL2e7wlYw2j0y9MVkNbGYJW7fvLxpuD5Nmm9usmBwkmazpxjVrKKWSrpBUaa6pBFYKgmlX%2Bn6AQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7901c41d5afcb529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2