firefox.settings.services.mozilla.com/v1/
143.204.55.27200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash c9df6b36bf16969ac566c1b798362e4a
e56eff34815153ae019a4bf63eb9746dd9ae2e5b
33c1175144ab2be42c9de383f7893a6e60cd1f21f282eacb413d546331db3fa0
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Retry-After, Alert, Content-Type, Backoff
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 23 Oct 2022 17:52:52 GMT
Expires: Sun, 23 Oct 2022 18:28:48 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ohMrgkFbUBmi7lsjj8S1-mFlR6tk9MIm7LoRIdZWBjzd_XlewZFBBQ==
Age: 2773
dl.kaoskrew.org/3rh
69.39.238.242301 Moved Permanently 0 B IP 69.39.238.242:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET /3rh HTTP/1.1
Host: dl.kaoskrew.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
set-cookie: FLYSESSID=204iut0gl90fsu1ngsbh0rq77b; path=/; HttpOnly; SameSite=Lax
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-powered-by: adfly
strict-transport-security: max-age=0
location: http://neexulro.net/-30251FAGX/3rh?rndad=1532635802-1666550345
content-type: text/html; charset=UTF-8
content-length: 0
date: Sun, 23 Oct 2022 18:39:05 GMT
server: LiteSpeed
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 73c4166ca864f777db2cc1cd8658a7c2
c56b66b0b7c8516d4d5bfafe0c166711c78f3d25
310c633350812c064e159275b6dbbdba6d6a5991a54ccfcc23459320c6513572
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "310C633350812C064E159275B6DBBDBA6D6A5991A54CCFCC23459320C6513572"
Last-Modified: Sat, 22 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14964
Expires: Sun, 23 Oct 2022 22:48:29 GMT
Date: Sun, 23 Oct 2022 18:39:05 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash cecd3b2e0cd07173ee1fb63b0a744119
774e0935fffd5bb39799c040098e32c3dc88702f
78c2c60f2d752f572f1711e23aa3f82d5e5bce1940064405f6f989886f6315df
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "78C2C60F2D752F572F1711E23AA3F82D5E5BCE1940064405F6F989886F6315DF"
Last-Modified: Sat, 22 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18331
Expires: Sun, 23 Oct 2022 23:44:36 GMT
Date: Sun, 23 Oct 2022 18:39:05 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: goQsG2SeDMUfCmH+NdNgRlbvzG+2cMK+JkFBfpJFQWa+dzauASdzEFTXkADuGHu2uPk3XyZqyts=
x-amz-request-id: AJD7C1GQHT2E3CY8
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 23 Oct 2022 18:08:11 GMT
age: 1854
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 23 Oct 2022 18:39:05 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
neexulro.net/-30251FAGX/3rh?rndad=1532635802-1666550345
172.67.150.219200 OK 5.4 kB URL HTTP/1.1 neexulro.net/-30251FAGX/3rh?rndad=1532635802-1666550345
IP 172.67.150.219:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (552), with CRLF, LF line terminators
Hash e97eb7646aa352f07da7a814d7ceac8e
3bc8075c803d3f1f6cee87edc02d84604063b2ba
32aa02b82a3d7f41909bd4105da5742257d22b912148632ea94411b411c7c602
GET /-30251FAGX/3rh?rndad=1532635802-1666550345 HTTP/1.1
Host: neexulro.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 18:39:05 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
set-cookie: FLYSESSID=fj667hqt9ao8843v3gi3mqu8sq; path=/; HttpOnly; SameSite=Lax
yp1=d6d3afbab59b819343f48548849260a7; expires=Mon, 24-Oct-2022 18:39:05 GMT; Max-Age=86400; path=/; domain=.neexulro.net
yp2=530aaadfbd2c81e5bb513d9e6446395b; expires=Mon, 24-Oct-2022 18:39:05 GMT; Max-Age=86400; path=/; domain=.neexulro.net
yp3=1532635802; expires=Mon, 24-Oct-2022 18:39:05 GMT; Max-Age=86400; path=/; domain=.neexulro.net
x-powered-by: adfly
strict-transport-security: max-age=0
p3p: policyref="http://adf.ly/w3c/p3p.xml", CP="ALL DSP COR CURa ADMa DEVa TAIa IVAi IVDi CONi HISi TELi OUR IND PHY ONL FIN COM NAV INT DEM GOV"
expires: Sat, 26 Jul 1997 05:00:00 GMT
last-modified: Sun, 23 Oct 2022 18:39:05 GMT
x-frame-options: DENY
referrer-policy: no-referrer-when-downgrade
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bd8d9FE%2FJURduXm9TnTYVpE45ePA%2BvbMIlOyoTktLDvuywZbe00HZLv6LrKF3fvH6Y2fULgnja1GXX4WQw5QIA%2FG%2FseI3YkgfDk6P%2BEkLutfxftTC1Il6xKuMw0j3AQ%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 75ec97ec2dccb4f7-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
cdn.neexulro.net/static/css/adfly_7.css
172.67.150.219200 OK 875 B URL HTTP/1.1 cdn.neexulro.net/static/css/adfly_7.css
IP 172.67.150.219:0
File type ASCII text, with very long lines (2735), with no line terminators
Hash f8c8a9d49e010a2cf10a44dacf35e661
5a069859544758f32b5d09e89c3631c8257c64e1
2cdcaf6a39f9cd39a37dfacfeec2461813fb5557e071d96756c129d17e84cb7a
GET /static/css/adfly_7.css HTTP/1.1
Host: cdn.neexulro.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://neexulro.net/-30251FAGX/3rh?rndad=1532635802-1666550345
Connection: keep-alive
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802
HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 18:39:05 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Cf-Bgj: minify
Cf-Polished: origSize=3778
cache-control: public, max-age=604800
etag: W/"ec2-60467027-6a5aa4acec833b9;gz"
expires: Sun, 30 Oct 2022 18:01:50 GMT
last-modified: Mon, 08 Mar 2021 18:42:47 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 2235
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PrwlHe4bmM6%2B0Y7Zyq8jZa6F%2F0YAdrQw9JqpuTTI%2F8beUVdLaVbnOjqJJWjDGdWrJHXyf37ZcDc%2Fxf1nwCBPWmPmpJHvNUQrJAFW9JbahrR471XjkbY1FcFH33RB0i40D9s9"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 75ec97ee68af0b65-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
cdn.neexulro.net/static/js/amvn.js
172.67.150.219200 OK 84 kB URL HTTP/1.1 cdn.neexulro.net/static/js/amvn.js
IP 172.67.150.219:0
File type Unicode text, UTF-8 text, with very long lines (15945)
Hash da0502531addcda08a84d98de934c117
5aa0551a07af4a1a903fef05770171fc199fd59a
e7e73e39fad5ee342ea506fe394fc8a0fd762cb8b3bb68da155877fcbec5fe11
GET /static/js/amvn.js HTTP/1.1
Host: cdn.neexulro.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://neexulro.net/-30251FAGX/3rh?rndad=1532635802-1666550345
Connection: keep-alive
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802
HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 18:39:05 GMT
Content-Type: application/x-javascript
Content-Length: 84153
Connection: keep-alive
cache-control: public, max-age=604800
expires: Sun, 30 Oct 2022 18:01:56 GMT
last-modified: Sun, 23 Oct 2022 12:20:02 GMT
etag: "3f14d-63553172-e7e250ac3323b0c4;gz"
content-encoding: gzip
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 2225
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zhp1aPZ2VeH3iBLKppYerNiUINT0u46NOhVp47mne6QhMqzBQa154IVfXjDIMEQoycTPytuAMR5vnOezWGFB6GpzTJozWnwPBt1uPLbl4X61Z02FUd1qOWmMmOXCL76bJTBP"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 75ec97ee68b10b65-OSL
alt-svc: h2=":443"; ma=60
cdn.neexulro.net/static/js/view118_bidshow.js
172.67.150.219200 OK 4.0 kB URL HTTP/1.1 cdn.neexulro.net/static/js/view118_bidshow.js
IP 172.67.150.219:0
File type ASCII text, with very long lines (10991), with no line terminators
Hash 966f84aff8b7893cbf2b87da5a27f8a9
695e0fcb64fc820db2ca76e808136a3762ea3673
25c6680edff77f84bc5606fdd9f06116ec800f29173528135cb74d564f2732f9
GET /static/js/view118_bidshow.js HTTP/1.1
Host: cdn.neexulro.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://neexulro.net/-30251FAGX/3rh?rndad=1532635802-1666550345
Connection: keep-alive
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802
HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 18:39:05 GMT
Content-Type: application/x-javascript
Content-Length: 4024
Connection: keep-alive
cache-control: public, max-age=604800
expires: Sun, 30 Oct 2022 18:02:00 GMT
last-modified: Wed, 24 Aug 2022 10:51:38 GMT
etag: "2aef-630602ba-3bacd69da000f03;gz"
content-encoding: gzip
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 2225
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7m3Vfy8RSiTscnU053vxHudz2B8zOupCW93cc9B4fMY%2B4atT3NbHA96fUFZ%2B1MAaAqCF8Ih410EqYM%2BzPpIDK4Ze%2B7jWbMotBiS9D9gYTT2%2B%2BCFpNID0oNCJ2lWDuaeWGX1W"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 75ec97ee6ef3fac8-OSL
alt-svc: h2=":443"; ma=60
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.27200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Sun, 23 Oct 2022 17:43:40 GMT
Expires: Sun, 23 Oct 2022 18:41:23 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 6SDUuUIhYJ-olda2Wmi4GuTleNyITDzhHgX15DPSxrG9vuUb7y8bCw==
Age: 3326
cdn.neexulro.net/static/js/main.js?v=2022052901
172.67.150.219200 OK 705 B URL HTTP/1.1 cdn.neexulro.net/static/js/main.js?v=2022052901
IP 172.67.150.219:0
Hash 5d2f026c4af9cf86a2ecb368dc1533d6
376ce5a73144b00dd162aa8524ac856b8db7a33e
0fd907185fe7d7610498d8d487449707fe4949c5c89a1028da380d2e5e862c3d
GET /static/js/main.js?v=2022052901 HTTP/1.1
Host: cdn.neexulro.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://neexulro.net/-30251FAGX/3rh?rndad=1532635802-1666550345
Connection: keep-alive
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802
HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 18:39:06 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: public, max-age=604800
expires: Sun, 30 Oct 2022 18:39:06 GMT
last-modified: Sun, 29 May 2022 07:10:19 GMT
etag: "7a0-62931c5b-8cbcca2019146215;gz"
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pbpiXTWp6VpTSE%2Bl9DpAhpk7ERgtmBzjBqLfziOtGJzuZELehBUf%2FwbaoXv5kS9sHr4Y1OwBJXg855HyMMA%2FJdxitfIWzzECZsRQmt%2BevHOcf%2FIubUgDOJlFWlWVOlmwXcjA"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 75ec97ee6b90b4f9-OSL
alt-svc: h2=":443"; ma=60
d1a3jb5hjny5s4.cloudfront.net/?hbjad=709056
54.230.245.112200 OK 36 kB URL HTTP/1.1 d1a3jb5hjny5s4.cloudfront.net/?hbjad=709056
IP 54.230.245.112:0
File type Unicode text, UTF-8 text, with very long lines (15478)
Hash 52108366ae7ca6a00b2fa80251b26378
a658f368d213672b5366830fe76385d7f1174503
85fab7f8099283bb90ed90bec7cacb43e25b3fa9b671e81e8bce8c0f251e068f
GET /?hbjad=709056 HTTP/1.1
Host: d1a3jb5hjny5s4.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neexulro.net/
HTTP/1.1 200 OK
Content-Length: 36035
Connection: keep-alive
Date: Sun, 23 Oct 2022 18:39:06 GMT
access-control-allow-origin: *
Cache-Control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
Content-Encoding: gzip
Pragma: no-cache
X-Cache: Miss from cloudfront
Via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: _BePu4WGDxNS4gs0BHrQSR_L0ocQMsvY9NZXtlhXF8zcBrnuG9S4GA==
cdn.neexulro.net/static/image/logo_fb2.png
172.67.150.219200 OK 6.3 kB URL HTTP/1.1 cdn.neexulro.net/static/image/logo_fb2.png
IP 172.67.150.219:0
File type PNG image data, 193 x 98, 8-bit colormap, non-interlaced\012- data
Hash 84a673a878949a7a8410199f5f8ea220
49cbc367cd9e0943df6d6e2180bb9a5771dbb208
042313bf805bd8d9a1c6b2a88c90e15407004fcc6e9c5d5974c87c85c20796f3
GET /static/image/logo_fb2.png HTTP/1.1
Host: cdn.neexulro.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://neexulro.net/-30251FAGX/3rh?rndad=1532635802-1666550345
Connection: keep-alive
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802
HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 18:39:06 GMT
Content-Type: image/png
Content-Length: 6283
Connection: keep-alive
cache-control: public, max-age=604800
expires: Sun, 30 Oct 2022 18:02:00 GMT
last-modified: Tue, 10 Nov 2020 09:44:06 GMT
etag: "188b-5faa60e6-48354ceeda0c07b3;;;"
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 2226
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jnAZjPdxIHvBgtVF%2FxE2v8rQaNMBdGXeCCocllgxg7LOC2eAVFf5Awl%2BPK92Tl%2Bwua8E6o5ufIDQcPwWZxf%2BN4EKGcARoTv3BpmYXOlvLeFyo%2FNV8LE2BMYa3Z4wclEzKDa6"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75ec97f00841fac8-OSL
alt-svc: h2=":443"; ma=60
cdn.neexulro.net/static/image/ahl6532.gif
172.67.150.219200 OK 3.2 kB URL HTTP/1.1 cdn.neexulro.net/static/image/ahl6532.gif
IP 172.67.150.219:0
File type GIF image data, version 89a, 166 x 58\012- data
Hash 48d26bd889d62fc9c72d33138f409c15
3bd2657ee1ba4843f266cda7217a8d0a2b725ea3
13cad7fb56a878cd12d9456a8754cf13433ac6741338371f87776b4373411b15
GET /static/image/ahl6532.gif HTTP/1.1
Host: cdn.neexulro.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://neexulro.net/-30251FAGX/3rh?rndad=1532635802-1666550345
Connection: keep-alive
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802
HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 18:39:06 GMT
Content-Type: image/gif
Content-Length: 3229
Connection: keep-alive
cache-control: public, max-age=604800
expires: Sun, 30 Oct 2022 18:01:52 GMT
last-modified: Tue, 10 Nov 2020 09:44:06 GMT
etag: "c9d-5faa60e6-b4353aef5660bc5;;;"
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 2234
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TGRLsVJ4QWsREpWDuE4XjlwJ59BY%2B%2BjbauqDEBbUQwZYSxCjXxRmePMfCHNI%2BW6otqNimVOfNZgJ2uWOAnQrwlj60XB3jGyaDs2bp5tgUJRtYLf%2FlBvfpCEUWbrswMGFQELk"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75ec97f00a6f0b65-OSL
alt-svc: h2=":443"; ma=60
cdn.neexulro.net/static/image/skip_ad/en_tran.png
172.67.150.219200 OK 5.1 kB URL HTTP/1.1 cdn.neexulro.net/static/image/skip_ad/en_tran.png
IP 172.67.150.219:0
File type PNG image data, 155 x 41, 8-bit/color RGBA, non-interlaced\012- data
Hash a58f5ea6f1f6bb35658c351f876f1ba9
47fa621b845faf7df13e4021dcffd6f4c73c1018
ef8721967f0cca2539ee60f9cad0e8c1ef89f18a53964a4e6101033d23a4ba29
GET /static/image/skip_ad/en_tran.png HTTP/1.1
Host: cdn.neexulro.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://neexulro.net/-30251FAGX/3rh?rndad=1532635802-1666550345
Connection: keep-alive
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802
HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 18:39:06 GMT
Content-Type: image/png
Content-Length: 5076
Connection: keep-alive
cache-control: public, max-age=604800
expires: Sun, 30 Oct 2022 18:02:04 GMT
last-modified: Tue, 10 Nov 2020 09:44:06 GMT
etag: "13d4-5faa60e6-d082b40bd28384ce;;;"
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 2222
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XYPkah4pyMILzYgBDRwicqQhyoT7kBQColrBEE%2Bze%2FR4wLSkiK8op2WcNVglvU8gIS5zBLLOLHEQsE8pl6QQn7dhtEaUyzyzGU08gNrOCyWyXION6EOi391BCjZ05NWkLSNo"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75ec97f00de5b4f9-OSL
alt-svc: h2=":443"; ma=60
cdn.neexulro.net/static/image/delete2.png
172.67.150.219200 OK 577 B URL HTTP/1.1 cdn.neexulro.net/static/image/delete2.png
IP 172.67.150.219:0
File type PNG image data, 12 x 12, 8-bit/color RGBA, non-interlaced\012- data
Hash 3a612b41ba5d1cad10ae4c6660d8fda4
4006ab2bfe338d2d1f060c0486bad8e1b589ba44
2fa2ba143aaedc6b6169e9b024d4f12df4acfc5995950dce175fd97644dd0c43
GET /static/image/delete2.png HTTP/1.1
Host: cdn.neexulro.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://neexulro.net/-30251FAGX/3rh?rndad=1532635802-1666550345
Connection: keep-alive
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802
HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 18:39:06 GMT
Content-Type: image/png
Content-Length: 577
Connection: keep-alive
cache-control: public, max-age=604800
expires: Sun, 30 Oct 2022 18:01:52 GMT
last-modified: Tue, 10 Nov 2020 09:44:06 GMT
etag: "241-5faa60e6-a0c39838649de106;;;"
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 2234
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=prYPz3B5c3YixH7QreHE2xasY%2BDfOjC7%2FyQF8bHBxotJQA4gjEun0XLl7g9xpTfrOvLkRBS1cV6%2BpfAspImxBchipk1DOz5ID7zJ1HSxBIOQZVBhkk9vPCrg9Bae%2Fe8TyLgv"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75ec97f00a08b506-OSL
alt-svc: h2=":443"; ma=60
cdn.neexulro.net/static/image/spinner.gif
172.67.150.219200 OK 36 kB URL HTTP/1.1 cdn.neexulro.net/static/image/spinner.gif
IP 172.67.150.219:0
File type GIF image data, version 89a, 39 x 39\012- data
Hash 2055f195780b3e4c71b97c95fa97eab0
36c1138bdcccf116f1b9ee9effa3e5d13f1e6161
0a607f27600e85addcfd1415ee611a370a30dce3f53ac200d3e0e25d2bdc5157
GET /static/image/spinner.gif HTTP/1.1
Host: cdn.neexulro.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://neexulro.net/-30251FAGX/3rh?rndad=1532635802-1666550345
Connection: keep-alive
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802
HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 18:39:06 GMT
Content-Type: image/gif
Content-Length: 35453
Connection: keep-alive
cache-control: public, max-age=604800
expires: Sun, 30 Oct 2022 18:01:52 GMT
last-modified: Tue, 10 Nov 2020 09:44:06 GMT
etag: "8a7d-5faa60e6-abbbac75116acc85;;;"
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 2234
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pR1yFKYrahUxH5NnrwAZ46VOaleaYWTPyiJPWPkzD2D4hRXsSXQAXaC9fP1S3q7znbprfLhfaU2s8Jg%2FV1ucAaI2cY2K%2FbtTS3vK2W8%2BLckfu%2FJsENT04opTGSGRtolkPENU"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75ec97f00b1ab517-OSL
alt-svc: h2=":443"; ma=60
neexulro.net/js/display.js
172.67.150.219200 OK 5.8 kB URL HTTP/1.1 neexulro.net/js/display.js
IP 172.67.150.219:0
File type ASCII text, with very long lines (15999)
Hash e149217d65efcf53cc382af7c60f461c
6de97c3f773cf9b21e4373097f5f5cddf37d872e
4d30ac5f2c0ab10e25b4c39eb646e9cb86d66394775d77ba7b88a34720f85b27
GET /js/display.js HTTP/1.1
Host: neexulro.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://neexulro.net/-30251FAGX/3rh?rndad=1532635802-1666550345
Connection: keep-alive
Cookie: FLYSESSID=fj667hqt9ao8843v3gi3mqu8sq; yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802
HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 18:39:06 GMT
Content-Type: application/x-javascript
Content-Length: 5775
Connection: keep-alive
cache-control: public, max-age=604800
expires: Sun, 30 Oct 2022 18:01:59 GMT
last-modified: Thu, 29 Jul 2021 14:08:58 GMT
etag: "3e81-6102b67a-b080f0a7a094466b;gz"
content-encoding: gzip
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 2226
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pRHBc%2F%2BIvATXTbG0mqheK8KlffS%2BNh12DSijbzLVCtYKjP4XN86gr%2FmNJAwyz1bIr%2BnpOJPTiptz0fOTekA%2BxYI4YmhwtYFjeeeFabkgZBvoLd9gKCNpkUtbcbRzcxY%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 75ec97f06c4fb4f7-OSL
alt-svc: h2=":443"; ma=60
loddingtoto.one/popunder.gif
172.67.139.248200 OK 58 B URL HTTP/1.1 loddingtoto.one/popunder.gif
IP 172.67.139.248:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 79c15b369d32d2f0f17c116f541b6df3
3039289d4d1f5bc7385a81621deb2614423b769b
e3a3c6b90f511e80a77636fdd4c6047336d4ed5b2c86adf74318a08142649e08
GET /popunder.gif HTTP/1.1
Host: loddingtoto.one
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neexulro.net/
HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 18:39:06 GMT
Content-Type: image/gif
Content-Length: 58
Connection: keep-alive
access-control-allow-origin: *
Pragma: public
cache-control: public, max-age=604800, immutable
content-encoding: gzip
CF-Cache-Status: HIT
Age: 5391
Last-Modified: Sun, 23 Oct 2022 17:09:15 GMT
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i1hXpWNVBsTKDWNedphoG8g4Bpj9MHR3BfrSJy2uuPGjwidKNQovbhovMsBDy5LLPaAx8w8XJXRExYRp5XvYPbG6Jbs5ZtK3yJkw16XuLM%2FSqYvl0LkPLtCJvDUJEEKNKEM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75ec97f07eef0b59-OSL
alt-svc: h2=":443"; ma=60
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash dc31d9e4ce293ed7104bc59ea32e351f
e4e624bffd2d5e3fbb4c1adb17719b005933d9db
a90b3b0df60b91cf047eb3befc1227fcd57fb02febf9807c792b42f91a3c237a
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "A90B3B0DF60B91CF047EB3BEFC1227FCD57FB02FEBF9807C792B42F91A3C237A"
Last-Modified: Sun, 23 Oct 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16214
Expires: Sun, 23 Oct 2022 23:09:20 GMT
Date: Sun, 23 Oct 2022 18:39:06 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6ae3513df6daf6bf9d1f07e6313c00b3
9af3df2505d9921082b2f3ea0b832cb5b376613c
8e37481bc35224f596980307038a3b1d1e4091cb591f2ddfbc5489140b72ed0b
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "8E37481BC35224F596980307038A3B1D1E4091CB591F2DDFBC5489140B72ED0B"
Last-Modified: Sat, 22 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6829
Expires: Sun, 23 Oct 2022 20:32:55 GMT
Date: Sun, 23 Oct 2022 18:39:06 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 344 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash da84fc26ca098586112be27770c613f4
be991e13740e32a1215dce2c11eb502db246ca27
97aded9adac8774c1d863797c324a2a2ea33dfefdf6ec3d21daf36c395a93849
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "97ADED9ADAC8774C1D863797C324A2A2EA33DFEFDF6EC3D21DAF36C395A93849"
Last-Modified: Fri, 21 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6311
Expires: Sun, 23 Oct 2022 20:24:17 GMT
Date: Sun, 23 Oct 2022 18:39:06 GMT
Connection: keep-alive
cdn.neexulro.net/static/image/d_top_bg.png
172.67.150.219200 OK 156 B URL HTTP/1.1 cdn.neexulro.net/static/image/d_top_bg.png
IP 172.67.150.219:0
File type PNG image data, 1 x 59, 8-bit/color RGB, non-interlaced\012- data
Hash 106113dd42dd001363d6e2c920dba647
ebb71cf1a44a45852fff4d4fc0971f299b8b8c4c
938632fb472382061e62d8f1d033da03cbc84f150236e4251c8ece12241405ae
GET /static/image/d_top_bg.png HTTP/1.1
Host: cdn.neexulro.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cdn.neexulro.net/static/css/adfly_7.css
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802
HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 18:39:06 GMT
Content-Type: image/png
Content-Length: 156
Connection: keep-alive
cache-control: public, max-age=604800
expires: Sun, 30 Oct 2022 18:02:00 GMT
last-modified: Tue, 10 Nov 2020 09:44:06 GMT
etag: "9c-5faa60e6-4968c22d9bbfac4c;;;"
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 2226
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AoQJ4d3QzKWz%2FbVylHh5K%2Fr2o1HulS1ydgZElG4P58SCnCsAKNqRLepvP8l%2BQ0JzW7wFcS5EdWRol6GHNETqOij%2BcbR2CSv%2BOJb7D7ePGiWtBo3qMXZnBqXcA5t7YfROkln6"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75ec97f10b860b65-OSL
alt-svc: h2=":443"; ma=60
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e18fa8d5d825795bfc7d1240db3c5159
27e1a059c78be7388e601902086b9688039ef88f
748f6516a6e1cdbfca9aab014f3b8944fdbad6fac410b2d2b822dcae0a9669fe
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "748F6516A6E1CDBFCA9AAB014F3B8944FDBAD6FAC410B2D2B822DCAE0A9669FE"
Last-Modified: Sun, 23 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13409
Expires: Sun, 23 Oct 2022 22:22:35 GMT
Date: Sun, 23 Oct 2022 18:39:06 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 60d5d7cce6c32a6bdaf0d4c92ec93a1a
cd29edee660366b41749cfd206bdc08fb421449c
fb90c4cc44b32e4ca4a7d1533bbf4a2fd5c482dda5d232f1be2334f3cefbbb0e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5272
Cache-Control: max-age=140129
Content-Type: application/ocsp-response
Date: Sun, 23 Oct 2022 18:39:06 GMT
Etag: "6354f613-1d7"
Expires: Tue, 25 Oct 2022 09:34:35 GMT
Last-Modified: Sun, 23 Oct 2022 08:06:43 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
cdn.neexulro.net/static/image/d_bottom_bg2.png
172.67.150.219200 OK 2.8 kB URL HTTP/1.1 cdn.neexulro.net/static/image/d_bottom_bg2.png
IP 172.67.150.219:0
File type PNG image data, 1 x 28, 8-bit/color RGB, non-interlaced\012- data
Hash 765bb01e93fec22bee832ea0219871d0
2059131c55ef4c9b171fff20fc692839686761b7
27ab7efdb31ee6b311557cb2296d9bdb4c5038a230bcb4f9bc1a2409bb73863a
GET /static/image/d_bottom_bg2.png HTTP/1.1
Host: cdn.neexulro.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cdn.neexulro.net/static/css/adfly_7.css
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802
HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 18:39:06 GMT
Content-Type: image/png
Content-Length: 2829
Connection: keep-alive
cache-control: public, max-age=604800
expires: Sun, 30 Oct 2022 18:01:56 GMT
last-modified: Tue, 10 Nov 2020 09:44:06 GMT
etag: "b0d-5faa60e6-47ec8d363413ae2c;;;"
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 2230
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SVTT7pO0UgyfhE11DCyAbjjIiZo6Rcxm8ocMvd2rlNn0Fyc7POXZ5vTHroLi89nQ39yWMbYUNIzHhrhcWTtmyIhPv1DUXfggMzXn0NKlteDxrzB4KgdYWCksNpQOhZn6iLAT"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75ec97f12d4db517-OSL
alt-svc: h2=":443"; ma=60
e1.o.lencr.org/
23.36.77.32200 OK 344 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash da84fc26ca098586112be27770c613f4
be991e13740e32a1215dce2c11eb502db246ca27
97aded9adac8774c1d863797c324a2a2ea33dfefdf6ec3d21daf36c395a93849
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "97ADED9ADAC8774C1D863797C324A2A2EA33DFEFDF6EC3D21DAF36C395A93849"
Last-Modified: Fri, 21 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6311
Expires: Sun, 23 Oct 2022 20:24:17 GMT
Date: Sun, 23 Oct 2022 18:39:06 GMT
Connection: keep-alive
loddingtoto.one/ajl5azRFBhoYCTxhHRhjBwAVOlg4TCEscihvLlpSCHxMD1UsSl8fXQ4ETlsNWgxPTUQDXURZDUxKDQpAH0pEWhIDVx8ECUxPRFoaWhdPWxpaHwxWBUxNCQpTVwhfG0AeVURaAlwPTF4EWQ1PWAZa
172.67.139.248204 No Content 0 B URL HTTP/2 loddingtoto.one/ajl5azRFBhoYCTxhHRhjBwAVOlg4TCEscihvLlpSCHxMD1UsSl8fXQ4ETlsNWgxPTUQDXURZDUxKDQpAH0pEWhIDVx8ECUxPRFoaWhdPWxpaHwxWBUxNCQpTVwhfG0AeVURaAlwPTF4EWQ1PWAZa
IP 172.67.139.248:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ajl5azRFBhoYCTxhHRhjBwAVOlg4TCEscihvLlpSCHxMD1UsSl8fXQ4ETlsNWgxPTUQDXURZDUxKDQpAH0pEWhIDVx8ECUxPRFoaWhdPWxpaHwxWBUxNCQpTVwhfG0AeVURaAlwPTF4EWQ1PWAZa HTTP/1.1
Host: loddingtoto.one
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://neexulro.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sun, 23 Oct 2022 18:39:06 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qhfYCc%2Fz%2Bzwa5pSCJVqKRmJvL1Mv8BjmlJ21jngPDQcQTOj4L3gmXT3%2Fu8FZdWpS7IRqYQxo%2B60O%2Ffp9gOQ%2B1b6TaRnrEStcNSw0caS6QdQDSjHaYoQXgrdizZQhhvEHRQM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75ec97f0ab78fab4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
othandhadb.xyz/dVdSejcUNTEXCBRqMFxCBztvXwUzcmA8U0Y4Oh9SR2I6EkQbbzhUVBk4Jx5RBzg8DhkbMiZfBTMtMRZxMAY+I2UlPj0RViQOZjN/TDADF2FGMxUwYjotMQ54NB0hN3UkYBdIYjM0O0JUMxAbSHs3DSEecCRhFwAPHzFhO28lLjZfBTMNYytAPBQQCGUbNCU3XR4NMD5AEhkQHUc5LjlMcTEZOzRNEQcCOURBBypODj8ANhF5MgUjGVk7FgstQEMNYjQHESAQAGYyEj0xTRIfGS1xAg01CkcWP2MdZRsFYTt/OxYLLm5FNGI/ZhMPAE5mGz86GXAsARw5GhYnHSxTHxY8OFokZRRKVEcNFh5/Ly4fOEQfHgErAjY5AEh1Mm4XHAQnPBtKDhJxOAlYGydvDmEYNmY7Bww5Fw
54.230.111.27200 OK 1.2 kB URL HTTP/1.1 othandhadb.xyz/dVdSejcUNTEXCBRqMFxCBztvXwUzcmA8U0Y4Oh9SR2I6EkQbbzhUVBk4Jx5RBzg8DhkbMiZfBTMtMRZxMAY+I2UlPj0RViQOZjN/TDADF2FGMxUwYjotMQ54NB0hN3UkYBdIYjM0O0JUMxAbSHs3DSEecCRhFwAPHzFhO28lLjZfBTMNYytAPBQQCGUbNCU3XR4NMD5AEhkQHUc5LjlMcTEZOzRNEQcCOURBBypODj8ANhF5MgUjGVk7FgstQEMNYjQHESAQAGYyEj0xTRIfGS1xAg01CkcWP2MdZRsFYTt/OxYLLm5FNGI/ZhMPAE5mGz86GXAsARw5GhYnHSxTHxY8OFokZRRKVEcNFh5/Ly4fOEQfHgErAjY5AEh1Mm4XHAQnPBtKDhJxOAlYGydvDmEYNmY7Bww5Fw
IP 54.230.111.27:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3013), with no line terminators
Hash a0a244a6eea55848cb18dfda290d2897
0e77fb42f8aab0499d5e1428c462ce9a8baba079
2908e68828e3789b919aa4cac17256cfafb75628273ef68c0ae68f76b7636ae1
GET /dVdSejcUNTEXCBRqMFxCBztvXwUzcmA8U0Y4Oh9SR2I6EkQbbzhUVBk4Jx5RBzg8DhkbMiZfBTMtMRZxMAY+I2UlPj0RViQOZjN/TDADF2FGMxUwYjotMQ54NB0hN3UkYBdIYjM0O0JUMxAbSHs3DSEecCRhFwAPHzFhO28lLjZfBTMNYytAPBQQCGUbNCU3XR4NMD5AEhkQHUc5LjlMcTEZOzRNEQcCOURBBypODj8ANhF5MgUjGVk7FgstQEMNYjQHESAQAGYyEj0xTRIfGS1xAg01CkcWP2MdZRsFYTt/OxYLLm5FNGI/ZhMPAE5mGz86GXAsARw5GhYnHSxTHxY8OFokZRRKVEcNFh5/Ly4fOEQfHgErAjY5AEh1Mm4XHAQnPBtKDhJxOAlYGydvDmEYNmY7Bww5Fw HTTP/1.1
Host: othandhadb.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neexulro.net/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html
Content-Length: 1171
Connection: keep-alive
Date: Sun, 23 Oct 2022 18:39:06 GMT
Server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
Pragma: no-cache
P3P: CP="NID DSP ALL COR"
content-encoding: gzip
Accept-CH: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
X-Cache: Miss from cloudfront
Via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: WD6QQTP4ToMhF0Vf1fBZZ87n-4-9_MNCObk9-aOynROyNJDCNTycYQ==
e1.o.lencr.org/
23.36.77.32200 OK 344 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash da84fc26ca098586112be27770c613f4
be991e13740e32a1215dce2c11eb502db246ca27
97aded9adac8774c1d863797c324a2a2ea33dfefdf6ec3d21daf36c395a93849
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "97ADED9ADAC8774C1D863797C324A2A2EA33DFEFDF6EC3D21DAF36C395A93849"
Last-Modified: Fri, 21 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6311
Expires: Sun, 23 Oct 2022 20:24:17 GMT
Date: Sun, 23 Oct 2022 18:39:06 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash dc31d9e4ce293ed7104bc59ea32e351f
e4e624bffd2d5e3fbb4c1adb17719b005933d9db
a90b3b0df60b91cf047eb3befc1227fcd57fb02febf9807c792b42f91a3c237a
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "A90B3B0DF60B91CF047EB3BEFC1227FCD57FB02FEBF9807C792B42F91A3C237A"
Last-Modified: Sun, 23 Oct 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16214
Expires: Sun, 23 Oct 2022 23:09:20 GMT
Date: Sun, 23 Oct 2022 18:39:06 GMT
Connection: keep-alive
cdn.neexulro.net/static/image/ad_top_bg2.png?&ad_box_=1
172.67.150.219200 OK 156 B URL HTTP/1.1 cdn.neexulro.net/static/image/ad_top_bg2.png?&ad_box_=1
IP 172.67.150.219:0
File type PNG image data, 1 x 59, 8-bit/color RGB, non-interlaced\012- data
Hash 106113dd42dd001363d6e2c920dba647
ebb71cf1a44a45852fff4d4fc0971f299b8b8c4c
938632fb472382061e62d8f1d033da03cbc84f150236e4251c8ece12241405ae
GET /static/image/ad_top_bg2.png?&ad_box_=1 HTTP/1.1
Host: cdn.neexulro.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://neexulro.net/-30251FAGX/3rh?rndad=1532635802-1666550345
Connection: keep-alive
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802
HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 18:39:06 GMT
Content-Type: image/png
Content-Length: 156
Connection: keep-alive
cache-control: public, max-age=604800
expires: Sun, 30 Oct 2022 18:39:06 GMT
last-modified: Tue, 10 Nov 2020 09:44:06 GMT
etag: "9c-5faa60e6-616091c58406c4e2;;;"
accept-ranges: bytes
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ulZaebR%2BrkYh4EgfauWu4n9zcN%2B410DaxmDghAqD7aciFC0BHlvP%2B5Fj9igxxovpshyigm38i%2Bt3W0xwrCoRr0SX9kJjW%2BNCtbsiYu1bY8qtUiCn1z7y9KXgN79euzfulGtp"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75ec97f00a700b65-OSL
alt-svc: h2=":443"; ma=60
neexulro.net/2market_bidshow.php?user_id=2744562&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&ref_url=eyJ1cmwiOm51bGwsImRvbWFpbiI6bnVsbH0%3D&url=https%3A%2F%2Ftusfiles.com%2Fo9qf3rfhv2o9&url_id=7099736855&t=82e9e3a73ce4ab2c14e26d0777d98fdf&w=47401910a9fe749a5a445a202f12d2e4
172.67.150.219200 OK 148 B URL HTTP/1.1 neexulro.net/2market_bidshow.php?user_id=2744562&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&ref_url=eyJ1cmwiOm51bGwsImRvbWFpbiI6bnVsbH0%3D&url=https%3A%2F%2Ftusfiles.com%2Fo9qf3rfhv2o9&url_id=7099736855&t=82e9e3a73ce4ab2c14e26d0777d98fdf&w=47401910a9fe749a5a445a202f12d2e4
IP 172.67.150.219:0
File type JSON data\012- , ASCII text, with no line terminators
Hash c350c98ed91d9d04220c09b7fc63b2d3
993ea8710e2dedd9c4eb900a2d33d3822463189d
8ad5d7d1a0e503fe43b8e777dbfb2603c4a7a2a7fd2f55614f06c91adcebb751
GET /2market_bidshow.php?user_id=2744562&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&ref_url=eyJ1cmwiOm51bGwsImRvbWFpbiI6bnVsbH0%3D&url=https%3A%2F%2Ftusfiles.com%2Fo9qf3rfhv2o9&url_id=7099736855&t=82e9e3a73ce4ab2c14e26d0777d98fdf&w=47401910a9fe749a5a445a202f12d2e4 HTTP/1.1
Host: neexulro.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://neexulro.net/-30251FAGX/3rh?rndad=1532635802-1666550345
Connection: keep-alive
Cookie: FLYSESSID=fj667hqt9ao8843v3gi3mqu8sq; yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802
HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 18:39:06 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
x-powered-by: PHP/7.3.27
set-cookie: adfly_ad_report=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0
adfly_1185049=4237273; expires=Mon, 24-Oct-2022 18:39:06 GMT; Max-Age=86400; path=/; domain=adf.ly
market_1185049=4237273; expires=Sun, 23-Oct-2022 18:40:06 GMT; Max-Age=60; path=/
adfly_ad_report=1185049_4237273; expires=Sun, 23-Oct-2022 18:49:06 GMT; Max-Age=600
p3p: policyref="http://adf.ly/w3c/p3p.xml", CP="ALL DSP COR CURa ADMa DEVa TAIa IVAi IVDi CONi HISi TELi OUR IND PHY ONL FIN COM NAV INT DEM GOV"
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R4%2FZw8YNqiKV3GTA0SoP087pNmrOYXDqzEuQSDu6xvEriU46VbcNqWy5RkEC2CfQadQgFYgd%2Bt63gHZdbsdf%2F3XpJr%2ByypdaPN9fSToDnR2GaAE%2Ff8hwYw0zcQ7LAuE%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 75ec97f0dcf5b4f7-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
othandhadb.xyz/utx?cb=bDpaEopVnVGU&top=neexulro.net&tid=604364
54.230.111.27204 No Content 0 B URL HTTP/2 othandhadb.xyz/utx?cb=bDpaEopVnVGU&top=neexulro.net&tid=604364
IP 54.230.111.27:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=bDpaEopVnVGU&top=neexulro.net&tid=604364 HTTP/1.1
Host: othandhadb.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://neexulro.net
Connection: keep-alive
Referer: http://neexulro.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sun, 23 Oct 2022 18:39:06 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: http://neexulro.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Sun, 23 Oct 2022 18:40:06 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: MR1DqFchi8Hcrax1vedd6PW_bmljL0GSLZ53mb61ieKHJlRGxOR63g==
X-Firefox-Spdy: h2
othandhadb.xyz/utx?cb=fyOLhz2giezX&top=neexulro.net&tid=709056
54.230.111.27204 No Content 0 B URL HTTP/2 othandhadb.xyz/utx?cb=fyOLhz2giezX&top=neexulro.net&tid=709056
IP 54.230.111.27:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=fyOLhz2giezX&top=neexulro.net&tid=709056 HTTP/1.1
Host: othandhadb.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://neexulro.net
Connection: keep-alive
Referer: http://neexulro.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sun, 23 Oct 2022 18:39:06 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: http://neexulro.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Sun, 23 Oct 2022 18:40:06 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: sNlZp8iJ2vQ0Kmebet2KJ9xPh8mn2JEjKUUvsJByP5YcZ591ADzgdQ==
X-Firefox-Spdy: h2
shoecamep.one/UlJMd0h9bS8EdRwVdTUdPDUOLyYcOBg2eTAxISEKEwQoRxEHamoDITZvekd8YWR4UTg7NnFGbiEmLQM9IW99USE8NCNKbiRvfVl7Znx+TmZidDlKeXQmPBYvb2NqBzwmPnFGfmRkeUJ4YWZ6RH9h
104.21.19.168204 No Content 0 B URL HTTP/2 shoecamep.one/UlJMd0h9bS8EdRwVdTUdPDUOLyYcOBg2eTAxISEKEwQoRxEHamoDITZvekd8YWR4UTg7NnFGbiEmLQM9IW99USE8NCNKbiRvfVl7Znx+TmZidDlKeXQmPBYvb2NqBzwmPnFGfmRkeUJ4YWZ6RH9h
IP 104.21.19.168:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /UlJMd0h9bS8EdRwVdTUdPDUOLyYcOBg2eTAxISEKEwQoRxEHamoDITZvekd8YWR4UTg7NnFGbiEmLQM9IW99USE8NCNKbiRvfVl7Znx+TmZidDlKeXQmPBYvb2NqBzwmPnFGfmRkeUJ4YWZ6RH9h HTTP/1.1
Host: shoecamep.one
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://neexulro.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sun, 23 Oct 2022 18:39:06 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KEOlElK4%2B4VMCJoTYdc7gmMiogiqVubTsxor7ei8wqPP2j2AO3KhI%2F7Wy6oFR9OyG26aDT3O%2BTwtVUl1cCLCHsviFhg7oEqfp3rJtGGypQg5LXSy3GQveH7VGzL4SZ4F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75ec97f13bc2b50b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e18fa8d5d825795bfc7d1240db3c5159
27e1a059c78be7388e601902086b9688039ef88f
748f6516a6e1cdbfca9aab014f3b8944fdbad6fac410b2d2b822dcae0a9669fe
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "748F6516A6E1CDBFCA9AAB014F3B8944FDBAD6FAC410B2D2B822DCAE0A9669FE"
Last-Modified: Sun, 23 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13409
Expires: Sun, 23 Oct 2022 22:22:35 GMT
Date: Sun, 23 Oct 2022 18:39:06 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6ae3513df6daf6bf9d1f07e6313c00b3
9af3df2505d9921082b2f3ea0b832cb5b376613c
8e37481bc35224f596980307038a3b1d1e4091cb591f2ddfbc5489140b72ed0b
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "8E37481BC35224F596980307038A3B1D1E4091CB591F2DDFBC5489140B72ED0B"
Last-Modified: Sat, 22 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6829
Expires: Sun, 23 Oct 2022 20:32:55 GMT
Date: Sun, 23 Oct 2022 18:39:06 GMT
Connection: keep-alive
push.services.mozilla.com/
52.43.253.52101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.43.253.52:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: sH7cUzvFdjElnRRoWqjzrg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: UDKoOXHq6T1mLNJLRWfyx9p9lGY=
cdn.neexulro.net/static/image/favicon.ico
172.67.150.219200 OK 766 B URL HTTP/1.1 cdn.neexulro.net/static/image/favicon.ico
IP 172.67.150.219:0
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 1e28765e56393f673da97ce5913cdf10
8af9d66ac98f4689ba1d04acbd17df40dd83dbde
30aa2a7dd1b96d852108bf4f4213b0d749ae2faedd112f0c03006209e5e6c98a
GET /static/image/favicon.ico HTTP/1.1
Host: cdn.neexulro.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://neexulro.net/-30251FAGX/3rh?rndad=1532635802-1666550345
Connection: keep-alive
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802
HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 18:39:06 GMT
Content-Type: image/vnd.microsoft.icon
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: public, max-age=604800
expires: Sun, 30 Oct 2022 18:02:00 GMT
last-modified: Tue, 10 Nov 2020 09:44:06 GMT
etag: W/"47e-5faa60e6-ae87f5cbe4d6cff3;;;"
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 2225
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PMPyL0PelLwULhmfJobJQ86H78VduWPulG%2B1KWauSxEwHETsvT6VMLD88armvlv1N%2B6Mv6gf%2BZKeugJIZwc1Rk2Qnd0q5qTCLXdYJYGGzpJaQRjwBfWtSaSqDBt4tXj7qRuI"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75ec97f2fffcb517-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.google-analytics.com/ga.js
142.250.74.174200 OK 17 kB URL HTTP/1.1 www.google-analytics.com/ga.js
IP 142.250.74.174:0
Hash 490d513e676a92eea3c1821ecc1ac3f8
b5f009868a927fbb820e0ff6d382b4f5d600a05d
97932a42c2b20cc7ace56648349259281143736b1e584cab47319fdb583435b7
GET /ga.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neexulro.net/
HTTP/1.1 200 OK
Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 17168
Date: Sun, 23 Oct 2022 17:05:31 GMT
Expires: Sun, 23 Oct 2022 19:05:31 GMT
Cache-Control: public, max-age=7200
Age: 5615
Last-Modified: Tue, 27 Sep 2022 22:01:05 GMT
Content-Type: text/javascript
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 9df9c34575c03ec530ea084651414b91
a2a6e155555b2b2239226cc8993bfbcc307a4f9e
c78f3bf432378384fa6666fd8840bd7f44bdd944893976e24fb03b5b99c89e31
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 880
Cache-Control: max-age=108733
Content-Type: application/ocsp-response
Date: Sun, 23 Oct 2022 18:39:06 GMT
Etag: "63548c97-1d7"
Expires: Tue, 25 Oct 2022 00:51:19 GMT
Last-Modified: Sun, 23 Oct 2022 00:36:39 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1110403091&utmhn=neexulro.net&utme=8(User)9(2744562)&utmcs=UTF-8&utmsr=1280x1024&utmvp=1280x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Shrink%20your%20URLs%20and%20get%20paid!&utmhid=1417425264&utmr=-&utmp=%2F-30251FAGX%2F3rh%3Frndad%3D1532635802-1666550345&utmht=1666550346791&utmac=UA-6469700-9&utmcc=__utma%3D218196230.427417259.1666550347.1666550347.1666550347.1%3B%2B__utmz%3D218196230.1666550347.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1049521086&utmredir=1&utmu=qQAAAAAAAAAAAAAAAAAAAAAE~
142.250.74.174302 Found 369 B URL HTTP/1.1 www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1110403091&utmhn=neexulro.net&utme=8(User)9(2744562)&utmcs=UTF-8&utmsr=1280x1024&utmvp=1280x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Shrink%20your%20URLs%20and%20get%20paid!&utmhid=1417425264&utmr=-&utmp=%2F-30251FAGX%2F3rh%3Frndad%3D1532635802-1666550345&utmht=1666550346791&utmac=UA-6469700-9&utmcc=__utma%3D218196230.427417259.1666550347.1666550347.1666550347.1%3B%2B__utmz%3D218196230.1666550347.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1049521086&utmredir=1&utmu=qQAAAAAAAAAAAAAAAAAAAAAE~
IP 142.250.74.174:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 4c87501d1d37426b7b5a46afed7b2166
30ec358863ce3ba14c9b9fbd97dbbd4e93bfc4b8
d815363ba8cc149f768e46e93fcdb5facbf55ddee18bd1d1f4e22ea21a2cd6c8
GET /r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1110403091&utmhn=neexulro.net&utme=8(User)9(2744562)&utmcs=UTF-8&utmsr=1280x1024&utmvp=1280x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Shrink%20your%20URLs%20and%20get%20paid!&utmhid=1417425264&utmr=-&utmp=%2F-30251FAGX%2F3rh%3Frndad%3D1532635802-1666550345&utmht=1666550346791&utmac=UA-6469700-9&utmcc=__utma%3D218196230.427417259.1666550347.1666550347.1666550347.1%3B%2B__utmz%3D218196230.1666550347.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1049521086&utmredir=1&utmu=qQAAAAAAAAAAAAAAAAAAAAAE~ HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neexulro.net/
HTTP/1.1 302 Found
Location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-6469700-9&cid=427417259.1666550347&jid=1049521086&_v=5.7.2&z=1110403091
Access-Control-Allow-Origin: *
Date: Sun, 23 Oct 2022 18:39:06 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Last-Modified: Sun, 17 May 1998 03:00:00 GMT
Cross-Origin-Resource-Policy: cross-origin
Content-Type: text/html; charset=UTF-8
Server: Golfe2
Content-Length: 369
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 103 kB IP 142.250.74.35:0
Size 103 kB (102872 bytes)
Hash 0396dc53ecfa28fe394852b2dc6effdd
e1bbfb93e862800eba5a43efc4a7bf5b78a5a306
d4536f2023396c6a3d4ac6064066208bdd2d957d9febf0f9e1d4ec2e7c7f5138
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 23 Oct 2022 18:39:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 4472f11753642d42ee0b48acaa21f595
98b892ab10c08dc3ef46c4d38e9df07fffb51489
495d9a65e08bf39b76803df8091db038087c9c0cc6fab7c0d6e4396024292ba2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 23 Oct 2022 18:39:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=2&utmn=280446317&utmhn=neexulro.net&utmcs=UTF-8&utmsr=1280x1024&utmvp=1280x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Shrink%20your%20URLs%20and%20get%20paid!&utmhid=1417425264&utmr=-&utmp=%2F-30251FAGX%2F3rh%3Frndad%3D1532635802-1666550345&utmht=1666550346795&utmac=UA-36753711-1&utmcc=__utma%3D218196230.427417259.1666550347.1666550347.1666550347.1%3B%2B__utmz%3D218196230.1666550347.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=601597746&utmredir=1&utmmt=1&utmu=qQAgAAAAAAAAAAAAAAAAAAAE~
142.250.74.174200 OK 35 B URL HTTP/1.1 www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=2&utmn=280446317&utmhn=neexulro.net&utmcs=UTF-8&utmsr=1280x1024&utmvp=1280x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Shrink%20your%20URLs%20and%20get%20paid!&utmhid=1417425264&utmr=-&utmp=%2F-30251FAGX%2F3rh%3Frndad%3D1532635802-1666550345&utmht=1666550346795&utmac=UA-36753711-1&utmcc=__utma%3D218196230.427417259.1666550347.1666550347.1666550347.1%3B%2B__utmz%3D218196230.1666550347.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=601597746&utmredir=1&utmmt=1&utmu=qQAgAAAAAAAAAAAAAAAAAAAE~
IP 142.250.74.174:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /r/__utm.gif?utmwv=5.7.2&utms=2&utmn=280446317&utmhn=neexulro.net&utmcs=UTF-8&utmsr=1280x1024&utmvp=1280x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Shrink%20your%20URLs%20and%20get%20paid!&utmhid=1417425264&utmr=-&utmp=%2F-30251FAGX%2F3rh%3Frndad%3D1532635802-1666550345&utmht=1666550346795&utmac=UA-36753711-1&utmcc=__utma%3D218196230.427417259.1666550347.1666550347.1666550347.1%3B%2B__utmz%3D218196230.1666550347.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=601597746&utmredir=1&utmmt=1&utmu=qQAgAAAAAAAAAAAAAAAAAAAE~ HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neexulro.net/
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Date: Sun, 23 Oct 2022 18:39:06 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Last-Modified: Sun, 17 May 1998 03:00:00 GMT
X-Content-Type-Options: nosniff
Content-Type: image/gif
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 35
d3ohee25hhsn8j.cloudfront.net/zclFEQlYRPiokaQY4IH9gQmV3dGJUOzctOAJsMBQ7E2UFci8cFGI2LBZsdGQ6Ez8jf3AXPyd/Z1QwICBrRncwMjkZbDwgNBgpLyk6FDNiNzdPPCs4Px49JWdkNGRqcnNAYWw6Z0N0dwBzQGEoKzgHKWFwZgppch1gRnR3AHNAYTY0c0EQfXR4QnhhcGYVNC-cpOVdjAnBmQ2F0c2ZDdHZyMBsjISQ5CnR2BG9Ef3RkI09g
143.204.42.3200 OK 527 B URL HTTP/1.1 d3ohee25hhsn8j.cloudfront.net/zclFEQlYRPiokaQY4IH9gQmV3dGJUOzctOAJsMBQ7E2UFci8cFGI2LBZsdGQ6Ez8jf3AXPyd/Z1QwICBrRncwMjkZbDwgNBgpLyk6FDNiNzdPPCs4Px49JWdkNGRqcnNAYWw6Z0N0dwBzQGEoKzgHKWFwZgppch1gRnR3AHNAYTY0c0EQfXR4QnhhcGYVNC-cpOVdjAnBmQ2F0c2ZDdHZyMBsjISQ5CnR2BG9Ef3RkI09g
IP 143.204.42.3:0
File type ASCII text, with very long lines (718), with no line terminators
Hash 5481ef8cb857c98928204d7743ab96de
fa8d96bd5d2f3a988ac3154977d4a64ceb153076
0956fef8da4e6bf90383f7c88866592e4ce45f682198b6d6e35292bd010e51d1
GET /zclFEQlYRPiokaQY4IH9gQmV3dGJUOzctOAJsMBQ7E2UFci8cFGI2LBZsdGQ6Ez8jf3AXPyd/Z1QwICBrRncwMjkZbDwgNBgpLyk6FDNiNzdPPCs4Px49JWdkNGRqcnNAYWw6Z0N0dwBzQGEoKzgHKWFwZgppch1gRnR3AHNAYTY0c0EQfXR4QnhhcGYVNC-cpOVdjAnBmQ2F0c2ZDdHZyMBsjISQ5CnR2BG9Ef3RkI09g HTTP/1.1
Host: d3ohee25hhsn8j.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://othandhadb.xyz/
HTTP/1.1 200 OK
Content-Length: 527
Connection: keep-alive
Date: Sun, 23 Oct 2022 18:39:06 GMT
access-control-allow-origin: *
Cache-Control: max-age=31556926
Content-Encoding: gzip
X-Cache: Miss from cloudfront
Via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: BjJ6sBNlY12VzlfnEggVh5iJ2qf85WT_1Vi-90t1FaTfUe4RPlrSuw==
neexulro.net/rtb/validate/9f4b7b26c905aee09359cf91e6e11ee1/?type=1&p_id=2305&user_id=2744562&tmp=0&k=397534&c=1
172.67.150.219200 OK 8.8 kB URL HTTP/1.1 neexulro.net/rtb/validate/9f4b7b26c905aee09359cf91e6e11ee1/?type=1&p_id=2305&user_id=2744562&tmp=0&k=397534&c=1
IP 172.67.150.219:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (26584)
Hash 1d8a40cc4c59448ef117321cf716bc41
aea078fee8032205b9241aac6ffa37ba51fdcf9c
3df47fbc7f2c76194cf56a8ac53e4a5cbff45860f1a7e3f9f8ea6c1e6373f090
GET /rtb/validate/9f4b7b26c905aee09359cf91e6e11ee1/?type=1&p_id=2305&user_id=2744562&tmp=0&k=397534&c=1 HTTP/1.1
Host: neexulro.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: FLYSESSID=fj667hqt9ao8843v3gi3mqu8sq; yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802; market_1185049=4237273; adfly_ad_report=1185049_4237273
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 18:39:06 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
x-powered-by: PHP/7.3.27
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aEF7yskcWojuMTRVX7RbIEXTHknowHgnQu4aq4HW3r9HZqqhfCU4xVzgR7AAQ9ZXiu698vbmwGDfk6jsFTU39ilMT%2FHQzBGNYw6cIvtT6U2KrMXE%2BJ7%2BVmke8Nm5Zc8%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 75ec97f2af2bb4f7-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
neexulro.net/static/js/encoding.js
172.67.150.219200 OK 2.9 kB URL HTTP/1.1 neexulro.net/static/js/encoding.js
IP 172.67.150.219:0
File type ISO-8859 text, with very long lines (3561)
Hash 23401727e01779448e558f45d0199435
c150bcefd1ff63554f9e471d649e01ccf4a72d77
f0d288bfb114d4519ce9264885b1686c67d2c1427a48160f9baf852c9bd7a6da
GET /static/js/encoding.js HTTP/1.1
Host: neexulro.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neexulro.net/rtb/validate/9f4b7b26c905aee09359cf91e6e11ee1/?type=1&p_id=2305&user_id=2744562&tmp=0&k=397534&c=1
Cookie: FLYSESSID=fj667hqt9ao8843v3gi3mqu8sq; yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802; market_1185049=4237273; adfly_ad_report=1185049_4237273; __utma=218196230.427417259.1666550347.1666550347.1666550347.1; __utmb=218196230.2.10.1666550347; __utmc=218196230; __utmz=218196230.1666550347.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmt_t2=1
HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 18:39:06 GMT
Content-Type: application/x-javascript
Content-Length: 2869
Connection: keep-alive
cache-control: public, max-age=604800
expires: Sun, 30 Oct 2022 18:02:01 GMT
last-modified: Wed, 21 Jul 2021 19:37:10 GMT
etag: "240a-60f87766-1adea7f727beb226;gz"
content-encoding: gzip
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 2225
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dJ5Cgjd7YvL6k4Ob0GlXLM8p7Zc9bcx2ccCzAISTnTR%2FJ%2BCQC0OgJgdgmDp3QeL5Qst6Ls1Hn6%2BabiMC43i3A%2F7r5otNZo1y9gA5GZsb4oc60QqyIWIlupCv%2B11JE1A%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 75ec97f39862b4f7-OSL
alt-svc: h2=":443"; ma=60
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
216.58.207.237302 Found 391 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
IP 216.58.207.237:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (379)
Hash 8890e42f5f88cef603a37f038ad7f3f0
152d295ae70d582bdd33613bbfa8e4dd42477881
fae017214f2153b5e968df03dc949fdbb66bf55e781a93814973baeb253e9643
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://neexulro.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 23 Oct 2022 18:39:06 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S856426614%3A1666550346822070&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWpovzd4_0i7In9dvYvP0cUmyP8oO6sAmNNl4CwWEflAOL5M1jeLUbpFUhHvkmO2FpLhua8ndw
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-2YdJo8zP5kOwBefuY2lSsg' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 391
server: GSE
set-cookie: __Host-GAPS=1:6-XErbdxA6X7uF0FVvOH-5QH97jH1A:j6hmz5UwsJki0SDs;Path=/;Expires=Tue, 22-Oct-2024 18:39:06 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 03d42e3245268a9d8f602cacf5a4404e
59b42c91ab2ec67086f549de3d47d45560b91fc7
6e88b2d135f33b12b5c8e244ea0ba75dc6acef16aeb0069a87141e49dd4b7ec9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 23 Oct 2022 18:39:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-6469700-9&cid=427417259.1666550347&jid=1049521086&_v=5.7.2&z=1110403091
173.194.222.156200 OK 35 B URL HTTP/2 stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-6469700-9&cid=427417259.1666550347&jid=1049521086&_v=5.7.2&z=1110403091
IP 173.194.222.156:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-6469700-9&cid=427417259.1666550347&jid=1049521086&_v=5.7.2&z=1110403091 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://neexulro.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 23 Oct 2022 18:39:06 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
x-content-type-options: nosniff
content-type: image/gif
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 35
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ofthecathedral.xyz/utx?cb=O3sdTWHgVfJZ&top=neexulro.net&tid=709056
143.204.55.22204 No Content 0 B URL HTTP/2 ofthecathedral.xyz/utx?cb=O3sdTWHgVfJZ&top=neexulro.net&tid=709056
IP 143.204.55.22:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=O3sdTWHgVfJZ&top=neexulro.net&tid=709056 HTTP/1.1
Host: ofthecathedral.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://neexulro.net
Connection: keep-alive
Referer: http://neexulro.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sun, 23 Oct 2022 18:39:06 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: http://neexulro.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Sun, 23 Oct 2022 18:40:06 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: YFBVGb6_LAUuTBGNHKG6W5gkUN3X7Ct26KSxyhElk7-sy7MDO5fdKw==
X-Firefox-Spdy: h2
ofthecathedral.xyz/multi?cs=Vkd6UDlmckJkCmJxQ2cJb35LYg0&abt=0&red=1&sm=76&k=shrink%20your%20urls%20paid&v=1.0.60.0&sts=0&prn=0&emb=0&tid=709056&rxy=1280_1024&fs=1&ref=http%3A%2F%2Fneexulro.net%2F-30251FAGX%2F3rh%3Frndad%3D1532635802-1666550345&jst=0&enr=0&lcua=mozilla%2F5.0%20(x11%3B%20linux%20x86_64%3B%20rv%3A96.0)%20gecko%2F20100101%20firefox%2F96.0&tzd=0&uloc=&if=0&_ALUI=1666550346419&crc=1
143.204.55.22200 OK 1.5 kB URL HTTP/2 ofthecathedral.xyz/multi?cs=Vkd6UDlmckJkCmJxQ2cJb35LYg0&abt=0&red=1&sm=76&k=shrink%20your%20urls%20paid&v=1.0.60.0&sts=0&prn=0&emb=0&tid=709056&rxy=1280_1024&fs=1&ref=http%3A%2F%2Fneexulro.net%2F-30251FAGX%2F3rh%3Frndad%3D1532635802-1666550345&jst=0&enr=0&lcua=mozilla%2F5.0%20(x11%3B%20linux%20x86_64%3B%20rv%3A96.0)%20gecko%2F20100101%20firefox%2F96.0&tzd=0&uloc=&if=0&_ALUI=1666550346419&crc=1
IP 143.204.55.22:0
File type ASCII text, with very long lines (3235), with no line terminators
Hash 83a9e1c9b22c3d858035df09aeac7682
415a2aefe527668be709360fd8976047d86028eb
640d9e912a2455ae89048177d118a516821e460428e03e85adf36a0ad81b1b62
GET /multi?cs=Vkd6UDlmckJkCmJxQ2cJb35LYg0&abt=0&red=1&sm=76&k=shrink%20your%20urls%20paid&v=1.0.60.0&sts=0&prn=0&emb=0&tid=709056&rxy=1280_1024&fs=1&ref=http%3A%2F%2Fneexulro.net%2F-30251FAGX%2F3rh%3Frndad%3D1532635802-1666550345&jst=0&enr=0&lcua=mozilla%2F5.0%20(x11%3B%20linux%20x86_64%3B%20rv%3A96.0)%20gecko%2F20100101%20firefox%2F96.0&tzd=0&uloc=&if=0&_ALUI=1666550346419&crc=1 HTTP/1.1
Host: ofthecathedral.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://neexulro.net
Connection: keep-alive
Referer: http://neexulro.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
content-length: 1524
date: Sun, 23 Oct 2022 18:39:06 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: http://neexulro.net
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: csu=ef57d20c-ed67-45c2-9508-0dedaebc24a8
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 1zBIw0BMSpr3zrC9TmdJnbNGv6POlt0Pp4rc-9sRJwXVosnGGZKBzw==
X-Firefox-Spdy: h2
d1a3jb5hjny5s4.cloudfront.net/CNlY3WDJVOVk+DUI/U2UFBm8HbQQQPEQ3XEZrRhl/Q2ZDGkNzYXhsYV1wQyJWC2YRNFNYMQp+V1g1CmkUVzJVZQIQIkc3WQs8Ti5YUCNTN1VQcEI5D1s5TTFeWjcSanQDeAd9AAZ+T2kDE2V1fQAGOl42R05zBWhKDmBobgYTZXV9AAYkQX0Bd28BdgIfcw-VoVVM1XDcXBBAFaAMGZgZoAxNkBz5bRDNRN0oTZHFhBBhmES0PBw
54.230.245.112200 OK 458 B URL HTTP/1.1 d1a3jb5hjny5s4.cloudfront.net/CNlY3WDJVOVk+DUI/U2UFBm8HbQQQPEQ3XEZrRhl/Q2ZDGkNzYXhsYV1wQyJWC2YRNFNYMQp+V1g1CmkUVzJVZQIQIkc3WQs8Ti5YUCNTN1VQcEI5D1s5TTFeWjcSanQDeAd9AAZ+T2kDE2V1fQAGOl42R05zBWhKDmBobgYTZXV9AAYkQX0Bd28BdgIfcw-VoVVM1XDcXBBAFaAMGZgZoAxNkBz5bRDNRN0oTZHFhBBhmES0PBw
IP 54.230.245.112:0
File type ASCII text, with very long lines (594), with no line terminators
Hash 805fe2406e8c940a12408aa7e0f3b8f5
d7a78d1e66bcb07e117b232f9c5c5c05ba5957b8
40b240df06d66b5224cd9635e1a22630aa6c0568102825f43c4a632233d160f5
GET /CNlY3WDJVOVk+DUI/U2UFBm8HbQQQPEQ3XEZrRhl/Q2ZDGkNzYXhsYV1wQyJWC2YRNFNYMQp+V1g1CmkUVzJVZQIQIkc3WQs8Ti5YUCNTN1VQcEI5D1s5TTFeWjcSanQDeAd9AAZ+T2kDE2V1fQAGOl42R05zBWhKDmBobgYTZXV9AAYkQX0Bd28BdgIfcw-VoVVM1XDcXBBAFaAMGZgZoAxNkBz5bRDNRN0oTZHFhBBhmES0PBw HTTP/1.1
Host: d1a3jb5hjny5s4.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neexulro.net/
HTTP/1.1 200 OK
Content-Length: 458
Connection: keep-alive
Date: Sun, 23 Oct 2022 18:39:06 GMT
access-control-allow-origin: *
Cache-Control: max-age=31556926
Content-Encoding: gzip
X-Cache: Miss from cloudfront
Via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: O4uuUPV3KdlxdRVXOlhmcCl3l97tTL9B3z91UquXf_b38i35OLkkgg==
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
216.58.207.237302 Found 401 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
IP 216.58.207.237:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (384)
Hash eff88a9695d0920e10c5001737514276
47c099ab56e0e5025caeb8429035e1ec5535978e
ce76b14b97ebbb888cdb6b7e7ab1255aa1139d8d65ed876ff84b5c04f5024d18
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://neexulro.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 23 Oct 2022 18:39:06 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S1326071384%3A1666550346865908&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWqJV6RLYEXevjZyA1B5z9OsDAWXTLiFrpj1dB-e_i97q3N2rn_XGRlEsDqgkOzI6iJ6dP0F_Q
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-SvWlPX-Kb6eajvftotSF9A' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 401
server: GSE
set-cookie: __Host-GAPS=1:wMhFRklg-B8FgyDrHE3yAqOLRAA6Ig:FkkmMvEZwSG5xSYB;Path=/;Expires=Tue, 22-Oct-2024 18:39:06 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 7dbe328751574db3465bc8c4f745a487
661ca1463bea33b14bec8f6669dacb2f1ffb78c1
95b3e76c084b00b1d5ca6e02551a48d645b0eae239313b46cfb3468d62b08193
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 23 Oct 2022 18:39:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
accounts.google.com/v3/signin/identifier?dsh=S856426614%3A1666550346822070&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWpovzd4_0i7In9dvYvP0cUmyP8oO6sAmNNl4CwWEflAOL5M1jeLUbpFUhHvkmO2FpLhua8ndw
216.58.207.237403 Forbidden 1.3 kB URL HTTP/2 accounts.google.com/v3/signin/identifier?dsh=S856426614%3A1666550346822070&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWpovzd4_0i7In9dvYvP0cUmyP8oO6sAmNNl4CwWEflAOL5M1jeLUbpFUhHvkmO2FpLhua8ndw
IP 216.58.207.237:0
Hash 548f6cac7fe014d01c4b43997425c2a5
e772dcb738c1f832af958dbd1f55620f5b37490d
3debc22fba65a3e97d58011d3476c46c75381f72c204a19df82673b2420dfd29
GET /v3/signin/identifier?dsh=S856426614%3A1666550346822070&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWpovzd4_0i7In9dvYvP0cUmyP8oO6sAmNNl4CwWEflAOL5M1jeLUbpFUhHvkmO2FpLhua8ndw HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://neexulro.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 23 Oct 2022 18:39:06 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
content-security-policy: script-src 'nonce-hKVPcKmVH3IXEUkQVlub3g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi/external"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 9df9c34575c03ec530ea084651414b91
a2a6e155555b2b2239226cc8993bfbcc307a4f9e
c78f3bf432378384fa6666fd8840bd7f44bdd944893976e24fb03b5b99c89e31
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 880
Cache-Control: max-age=108733
Content-Type: application/ocsp-response
Date: Sun, 23 Oct 2022 18:39:06 GMT
Etag: "63548c97-1d7"
Expires: Tue, 25 Oct 2022 00:51:19 GMT
Last-Modified: Sun, 23 Oct 2022 00:36:39 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
cdn.neexulro.net/static/image/apple-touch-icon.png
172.67.150.219403 Forbidden 436 B URL HTTP/1.1 cdn.neexulro.net/static/image/apple-touch-icon.png
IP 172.67.150.219:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash b112c984fdf3ae98cbf4bc84066cf619
e68cf1400ca02fc1b472c6f3a2cbb9c2234073c5
233729c945d3c6dc5a81cbf30abedd598a9927d141eda2e369aecd13a790938a
GET /static/image/apple-touch-icon.png HTTP/1.1
Host: cdn.neexulro.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://neexulro.net/-30251FAGX/3rh?rndad=1532635802-1666550345
Connection: keep-alive
Cookie: yp1=d6d3afbab59b819343f48548849260a7; yp2=530aaadfbd2c81e5bb513d9e6446395b; yp3=1532635802
HTTP/1.1 403 Forbidden
Date: Sun, 23 Oct 2022 18:39:06 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: BYPASS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4kgyBil%2BWg2Ljh3QvJwW8YSt4gGCFwAwxWgVkIGME%2FuPrvToKZ%2FwSnt231W3i4AvL5OYmVTQCWy%2FOH4xmuZ2cjz%2FCFv66qvUDjy7X2P0MK3i2Tmc%2FRRUramymy5IzLpALDap"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75ec97f2ede80b65-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
shoecamep.one/popunder.gif
104.21.19.168200 OK 58 B URL HTTP/1.1 shoecamep.one/popunder.gif
IP 104.21.19.168:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 79c15b369d32d2f0f17c116f541b6df3
3039289d4d1f5bc7385a81621deb2614423b769b
e3a3c6b90f511e80a77636fdd4c6047336d4ed5b2c86adf74318a08142649e08
GET /popunder.gif HTTP/1.1
Host: shoecamep.one
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neexulro.net/
HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 18:39:07 GMT
Content-Type: image/gif
Content-Length: 58
Connection: keep-alive
access-control-allow-origin: *
Pragma: public
cache-control: public, max-age=604800, immutable
content-encoding: gzip
CF-Cache-Status: HIT
Age: 85996
Last-Modified: Sat, 22 Oct 2022 18:45:51 GMT
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CfaTsArq7LVSGVQT9LI%2BVo3wJyUU9XbsgGh%2FNUiUNYsgp68Ymzh0ftyt4wCq%2B6DTjh%2BeSkJzzuV2ErugzGGnArbRSqElrdJkEizhi7Uxkzp%2BXjbZsJsfRcRwSayo4CNM"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75ec97f4e8780b61-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d985c1dcee7ae30e74713b63290a44df
dc4c902bc84447ea48d73c4d6215306493568b13
2ebd87e67d4300d174549935048dcebf7bd53ce7f486b21dac6c8db796977e7b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2EBD87E67D4300D174549935048DCEBF7BD53CE7F486B21DAC6C8DB796977E7B"
Last-Modified: Sat, 22 Oct 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7898
Expires: Sun, 23 Oct 2022 20:50:45 GMT
Date: Sun, 23 Oct 2022 18:39:07 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f1b833a135e4d839859e4994f349bb6c
399b607015c4d9200df20084c7396591007dc995
28db09a2a0e821b37dc1cfb710bf896c438755bfc992eb775f41128b0e52e5d1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "28DB09A2A0E821B37DC1CFB710BF896C438755BFC992EB775F41128B0E52E5D1"
Last-Modified: Fri, 21 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4557
Expires: Sun, 23 Oct 2022 19:55:04 GMT
Date: Sun, 23 Oct 2022 18:39:07 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f1b833a135e4d839859e4994f349bb6c
399b607015c4d9200df20084c7396591007dc995
28db09a2a0e821b37dc1cfb710bf896c438755bfc992eb775f41128b0e52e5d1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "28DB09A2A0E821B37DC1CFB710BF896C438755BFC992EB775F41128B0E52E5D1"
Last-Modified: Fri, 21 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4557
Expires: Sun, 23 Oct 2022 19:55:04 GMT
Date: Sun, 23 Oct 2022 18:39:07 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f1b833a135e4d839859e4994f349bb6c
399b607015c4d9200df20084c7396591007dc995
28db09a2a0e821b37dc1cfb710bf896c438755bfc992eb775f41128b0e52e5d1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "28DB09A2A0E821B37DC1CFB710BF896C438755BFC992EB775F41128B0E52E5D1"
Last-Modified: Fri, 21 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4557
Expires: Sun, 23 Oct 2022 19:55:04 GMT
Date: Sun, 23 Oct 2022 18:39:07 GMT
Connection: keep-alive
pogothere.xyz/asd100.bin
104.21.86.231200 OK 110 kB IP 104.21.86.231:0
Size 110 kB (109772 bytes)
Hash 74007bf855cc903b297464de82fb54dd
cb6c0d7e05976f5afe1761037ac7ad0fa3cb547b
81175532a7874732da9ae08369236e2a713eb18c725dc4145d503d94f1226890
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://neexulro.net
Connection: keep-alive
Referer: http://neexulro.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 23 Oct 2022 18:39:06 GMT
content-type: binary/octet-stream
access-control-allow-origin: http://neexulro.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 1249
last-modified: Sun, 23 Oct 2022 18:18:17 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z9v3AJVhnX2ZEckNbKz2pGWC5ZeehUWuvT%2FHnmE24gkT1zm1pgktsAMRluv79ZUvSLLneFgQmXrNQnp95iSn%2B21dUm5T6ThK55e1SzgnlEuPbXNOxktO8Z2pwIPB5WNH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75ec97f14c8d1c06-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0856e94c-65e7-489a-95b5-cc37407bf90f.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0856e94c-65e7-489a-95b5-cc37407bf90f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 208445a6f07a7259b8a420c062a81998
50d9f1642c3c47504fb2d4086a40ae8fb9479b50
607a81c5d0210faaa103d09fba1e0b9dde333c5142969272b0b5351a779acfa4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0856e94c-65e7-489a-95b5-cc37407bf90f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12031
x-amzn-requestid: b15d6e4e-4880-4686-80c1-ba49f705631c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aFgJtHZHoAMFsMA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634bad71-3ef572702125f3b32ceece12;Sampled=0
x-amzn-remapped-date: Sun, 16 Oct 2022 07:06:25 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: lH9TBIbvcDBvZlMi2a8yZ2iRcGCwJ7P0QoVvLVAjkCsVExNMi_UlRw==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Sun, 23 Oct 2022 10:35:08 GMT
age: 29039
etag: "50d9f1642c3c47504fb2d4086a40ae8fb9479b50"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5d8d38b3-8921-46db-bc13-1c6dc633ac65.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5d8d38b3-8921-46db-bc13-1c6dc633ac65.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e3c188b6071e2e3725d0eafc38e0a97a
894517b00535a08a4750510a8c74cd7bff5ce3a6
2b06cd431d93eb12fccc7061bd5a5be4e50b47c4410762034937584d8a8d06a5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5d8d38b3-8921-46db-bc13-1c6dc633ac65.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11582
x-amzn-requestid: 20307063-f434-4fb9-8cf8-d8c93b8fc3c5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Z-WYqFmeoAMF5EA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6348d104-76156e37226bff5674a219e9;Sampled=0
x-amzn-remapped-date: Fri, 14 Oct 2022 03:01:24 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 0OASx0-8m9BjBgQg3qRgFFV-kZ7e3L5qi8CD-gw-6K6nhSNo9zYizQ==
via: 1.1 174acb08636ac7d9e9a778bbf1bcbc52.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Sat, 22 Oct 2022 21:50:52 GMT
age: 74895
etag: "894517b00535a08a4750510a8c74cd7bff5ce3a6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa75f7b18-e0d1-4cfe-b763-83c991def199.webp
34.120.237.76200 OK 4.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa75f7b18-e0d1-4cfe-b763-83c991def199.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash bed49abb7a64c9f0717ac283b30bff8b
0f9e4ab8e7ceff21752ea83a243431fc4c78a4e3
ddb5ed6e7b818593ac9819be0a8d376e26ef3b45b417f00ce1d7dbee47465bec
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa75f7b18-e0d1-4cfe-b763-83c991def199.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4746
x-amzn-requestid: fa85cf46-7cea-439e-92d5-db3875ff4479
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aIQpNFk5IAMF16Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634cc7d4-245cdd691d0c415d508421ce;Sampled=0
x-amzn-remapped-date: Mon, 17 Oct 2022 03:11:16 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 9HA91S_J8H29VveOfTAUu_c3fXBOdHzbdpISQ23yhzbEof4gc2_lAw==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Sat, 22 Oct 2022 21:50:13 GMT
age: 74934
etag: "0f9e4ab8e7ceff21752ea83a243431fc4c78a4e3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd337e0f9-4135-4fa1-9843-c609356020a9.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd337e0f9-4135-4fa1-9843-c609356020a9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash bcadefe69587d4ab5bf5ff9e71eb5cab
066fb94a6ae38e57d67001cc319eea17f837d511
45b175a2cecee90b2d0efc16c4139686ffcf34bfac9084fe9e5e1c926dc1330c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd337e0f9-4135-4fa1-9843-c609356020a9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10036
x-amzn-requestid: b1f0e0b9-6fc6-4b7c-a9b0-55845cdfd2d9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: abR9aEvjIAMF22Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63546388-72742b3a1279d76e2e842930;Sampled=0
x-amzn-remapped-date: Sat, 22 Oct 2022 21:41:28 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 90q23XmFTygl90mCmT8p2Qi7BY2K2gjg3apZpTreMxYFpgT-716CDg==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Sat, 22 Oct 2022 21:50:45 GMT
age: 74902
etag: "066fb94a6ae38e57d67001cc319eea17f837d511"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50afa8fe-bd4e-4951-bc9f-b9a25aa28c7b.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50afa8fe-bd4e-4951-bc9f-b9a25aa28c7b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 319c9a70bded148097c378aee2e5e7e3
9815cabee697f91758b3d6049b33b6e6372fc69e
511dfb789ee7031302e0b18761854b93b47a7113d7a6a1a8ee16b3f1e425786b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50afa8fe-bd4e-4951-bc9f-b9a25aa28c7b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8344
x-amzn-requestid: 563c255f-62bf-4038-92e0-ffb869de9acd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: abRkFHUUIAMFY3A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635462e6-34b76ac446e96214580e6fe6;Sampled=0
x-amzn-remapped-date: Sat, 22 Oct 2022 21:38:46 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: jEgYZgPYRT7XLaHtOjKcUYoNBp8osPH3uepsei63L90Rp0VUj5CoBA==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Sat, 22 Oct 2022 21:42:53 GMT
etag: "9815cabee697f91758b3d6049b33b6e6372fc69e"
content-type: image/jpeg
age: 75374
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 05ee461624e2ec37f65e859afe6543ba
b99dcb558535d3d35d140e730aeeb41587622b30
576b3bf619d0a152889cc44165a229ad0100ccc319cf4d9044b2f26d4b676658
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 23 Oct 2022 18:39:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash ea20460028066b7fba2f10b51d883192
a73b8263a4477aceeda349c7beff7050de9df38b
f933a7ff2c6ec9189ba29fdf09da9125ac59d9c03b4a14e14e9f1b5fa5322b1c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 23 Oct 2022 18:39:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 05ee461624e2ec37f65e859afe6543ba
b99dcb558535d3d35d140e730aeeb41587622b30
576b3bf619d0a152889cc44165a229ad0100ccc319cf4d9044b2f26d4b676658
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 23 Oct 2022 18:39:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=AW-992914365
142.250.74.168200 OK 53 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=AW-992914365
IP 142.250.74.168:0
File type ASCII text, with very long lines (1588)
Hash 171d4613069bb288319b64ed5d6fb4d6
8b4e363276e9f1c6ecd98d88a74116dbafbb75ac
cbb62c51b4942deae85a2f164b31384f7c6df805719a774d855305c4b12aad6d
GET /gtag/js?id=AW-992914365 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rapshirts.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 23 Oct 2022 18:39:08 GMT
expires: Sun, 23 Oct 2022 18:39:08 GMT
cache-control: private, max-age=900
last-modified: Sun, 23 Oct 2022 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 52819
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-NL9SZS4
142.250.74.168200 OK 53 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-NL9SZS4
IP 142.250.74.168:0
File type ASCII text, with very long lines (1588)
Hash 891f1a5e947f213bbfd7308ff2f2855e
de34101e34fd9692abc720ab28849ff14f182835
b91e221ea2c84d6a74b43d8d7e9815c26e86f87c5db0b2401f588280d7693a71
GET /gtm.js?id=GTM-NL9SZS4 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rapshirts.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 23 Oct 2022 18:39:08 GMT
expires: Sun, 23 Oct 2022 18:39:08 GMT
cache-control: private, max-age=900
last-modified: Sun, 23 Oct 2022 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 53272
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=33862148
142.250.74.168200 OK 37 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=33862148
IP 142.250.74.168:0
File type ASCII text, with very long lines (1705)
Hash 7276b396f1ae32a5cc4b2ba045123718
f461c4bc9c03aad58c5dd876ea9add71b93d0872
25ddd223c336945618b6951e93770b7c6b86c03738da2d5b265380f610600fb6
GET /gtag/js?id=33862148 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rapshirts.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 23 Oct 2022 18:39:08 GMT
expires: Sun, 23 Oct 2022 18:39:08 GMT
cache-control: private, max-age=900
last-modified: Sun, 23 Oct 2022 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 37429
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
rapshirts.org/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=8.5.1
192.185.236.198200 OK 3.0 kB URL HTTP/2 rapshirts.org/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=8.5.1
IP 192.185.236.198:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (10435), with no line terminators
Hash a6099ee677b6d930b6b878cf0cb08422
a2eb69454196d4250d624d25aaec587e97686642
755acd6dc98e63baff6d8b105b1bcaf63b79f935381fb3f32a79dace7faae0ac
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-vendors-style.css?ver=8.5.1 HTTP/1.1
Host: rapshirts.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rapshirts.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 20 Oct 2022 02:58:13 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 2985
content-type: text/css
date: Sun, 23 Oct 2022 18:39:08 GMT
server: Apache
X-Firefox-Spdy: h2
rapshirts.org/wp-content/plugins/load-more-products-for-woocommerce/berocket/assets/css/font-awesome.min.css?ver=6.0.3
192.185.236.198200 OK 7.1 kB URL HTTP/2 rapshirts.org/wp-content/plugins/load-more-products-for-woocommerce/berocket/assets/css/font-awesome.min.css?ver=6.0.3
IP 192.185.236.198:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (30621), with CRLF line terminators
Hash 771452b3c3339ca935ae771ef1222225
840330bb51bc7563e595686b6580f93f245d0994
9b08aa55595025a6ddc07671c0beca94153f1f74ef78b14e6118a217387580fa
GET /wp-content/plugins/load-more-products-for-woocommerce/berocket/assets/css/font-awesome.min.css?ver=6.0.3 HTTP/1.1
Host: rapshirts.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rapshirts.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 20 Oct 2022 02:58:21 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 7073
content-type: text/css
date: Sun, 23 Oct 2022 18:39:08 GMT
server: Apache
X-Firefox-Spdy: h2
rapshirts.org/wp-content/plugins/woo-product-rss-feed-widget/style.css?ver=6.0.3
192.185.236.198200 OK 322 B URL HTTP/2 rapshirts.org/wp-content/plugins/woo-product-rss-feed-widget/style.css?ver=6.0.3
IP 192.185.236.198:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 8f17e756fe62a4e72cae34960903d85a
8c489cc35e12ec3ca939cdffc06baedae9277bc7
37617663960fb30b3901574574c726210fd98d8bbede427f3a05c6cddc7bff77
GET /wp-content/plugins/woo-product-rss-feed-widget/style.css?ver=6.0.3 HTTP/1.1
Host: rapshirts.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rapshirts.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 07 Mar 2017 18:54:01 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 322
content-type: text/css
date: Sun, 23 Oct 2022 18:39:08 GMT
server: Apache
X-Firefox-Spdy: h2
rapshirts.org/wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=7.0.0
192.185.236.198200 OK 3.1 kB URL HTTP/2 rapshirts.org/wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=7.0.0
IP 192.185.236.198:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (17809), with no line terminators
Hash 97f3e7860b3e0d99f3c0327b0045363a
885af5049143e765b7fd0f3a0a860613b05d12d1
ff05d291dd422f8bee80e816eb1480c67fb3e0d6071bebd8f04c86de87a70080
GET /wp-content/plugins/woocommerce/assets/css/woocommerce-layout.css?ver=7.0.0 HTTP/1.1
Host: rapshirts.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rapshirts.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 20 Oct 2022 02:58:13 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 3086
content-type: text/css
date: Sun, 23 Oct 2022 18:39:08 GMT
server: Apache
X-Firefox-Spdy: h2
rapshirts.org/wp-content/plugins/woo-product-rss-feed-widget/jquery.bxslider.css?ver=6.0.3
192.185.236.198200 OK 1.4 kB URL HTTP/2 rapshirts.org/wp-content/plugins/woo-product-rss-feed-widget/jquery.bxslider.css?ver=6.0.3
IP 192.185.236.198:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash af6c7170a5b096aaf799a6c18fc0b842
47475b99439071fa72849badc23960c7ebd37986
252db48b82e3b5d8e5db302f311a75ddc65c132ed8a776b796e57c6cae8b78a2
GET /wp-content/plugins/woo-product-rss-feed-widget/jquery.bxslider.css?ver=6.0.3 HTTP/1.1
Host: rapshirts.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rapshirts.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 07 Mar 2017 18:54:01 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 1406
content-type: text/css
date: Sun, 23 Oct 2022 18:39:08 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 05ee461624e2ec37f65e859afe6543ba
b99dcb558535d3d35d140e730aeeb41587622b30
576b3bf619d0a152889cc44165a229ad0100ccc319cf4d9044b2f26d4b676658
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 23 Oct 2022 18:39:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash ea20460028066b7fba2f10b51d883192
a73b8263a4477aceeda349c7beff7050de9df38b
f933a7ff2c6ec9189ba29fdf09da9125ac59d9c03b4a14e14e9f1b5fa5322b1c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 23 Oct 2022 18:39:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
s7.addthis.com/js/300/addthis_widget.js
23.38.200.123200 OK 116 kB URL HTTP/2 s7.addthis.com/js/300/addthis_widget.js
IP 23.38.200.123:0
File type ASCII text, with very long lines (54602)
Size 116 kB (116407 bytes)
Hash cec24297d904962676565e2331a1fcf0
6a623098f3d1551aaab973f3466bdd105d1bcd58
a1a721830c09ebade7d2b93158c443abc29098373d8b08ba6f5a2778425fda65
GET /js/300/addthis_widget.js HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rapshirts.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.15.8
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: "5f971164-5834c"
cache-control: public, max-age=600
strict-transport-security: max-age=15724800; includeSubDomains
content-type: application/javascript
content-encoding: gzip
content-length: 116407
date: Sun, 23 Oct 2022 18:39:08 GMT
vary: Accept-Encoding
x-distribution: 99
x-host: s7.addthis.com
X-Firefox-Spdy: h2
rapshirts.org/wp-includes/css/dist/block-library/style.min.css?ver=6.0.3
192.185.236.198200 OK 17 kB URL HTTP/2 rapshirts.org/wp-includes/css/dist/block-library/style.min.css?ver=6.0.3
IP 192.185.236.198:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (43771)
Hash 2a67a4888baa44de739f3fe56203ce07
da175eae57f26b655747d79f055477e3fee1abb9
3a4d7627476a0099ca4bcc101685f27de04cb49dd66ef842d72c6cda270599dd
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.0.3 HTTP/1.1
Host: rapshirts.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rapshirts.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 12 Jul 2022 23:43:41 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 16594
content-type: text/css
date: Sun, 23 Oct 2022 18:39:08 GMT
server: Apache
X-Firefox-Spdy: h2
rapshirts.org/wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=7.0.0
192.185.236.198200 OK 13 kB URL HTTP/2 rapshirts.org/wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=7.0.0
IP 192.185.236.198:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (62753), with no line terminators
Hash ebad0134e03078f66fa63f2a89d17d81
bccc743a9a5d015e06c7f622b4687142b2cd2fe5
42e7dbb97a0b72fa2bc44035d713982a7ff653cb63c0a7ef09e1fd4fe69c4d14
GET /wp-content/plugins/woocommerce/assets/css/woocommerce.css?ver=7.0.0 HTTP/1.1
Host: rapshirts.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rapshirts.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 20 Oct 2022 02:58:13 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 13255
content-type: text/css
date: Sun, 23 Oct 2022 18:39:08 GMT
server: Apache
X-Firefox-Spdy: h2
pogothere.xyz/asd100.bin
104.21.86.231200 OK 103 kB IP 104.21.86.231:0
Size 103 kB (102979 bytes)
Hash be468211c167837008698a84954c8af2
8823af36403ee266289001ae7cc2ce1335d279c3
3dbfb5749b8007413f130cfd6a9e7fb404fe3284469652c44202542bdfe71089
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://neexulro.net
Connection: keep-alive
Referer: http://neexulro.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 23 Oct 2022 18:39:06 GMT
content-type: binary/octet-stream
access-control-allow-origin: http://neexulro.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 1249
last-modified: Sun, 23 Oct 2022 18:18:17 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xsyeRSnFXP07%2BauQZRlcDJV2V%2B60lQAy6gt6WArjMoTF5QO2708X0RVMatVJJD29GjZ2K%2FTbaemWfGztHREi5mOdKJbz4Tzsn1618TXtk%2Fz1%2Bg%2FJe5xo5E%2FeEuAfVs4r"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75ec97f14c9c1c06-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ga.getresponse.com/script/16cfd23c-ec93-4307-a2b7-c976054846a7/ga.js
178.16.117.14200 OK 763 B URL HTTP/2 ga.getresponse.com/script/16cfd23c-ec93-4307-a2b7-c976054846a7/ga.js
IP 178.16.117.14:0
ASN #198881 GETRESPONSE Sp.z o.o.
File type ASCII text, with very long lines (763), with no line terminators
Hash f557f3e32c153c8265e88491d3d2937f
8d20356b22fc07599358d3abf01af34fa758206d
d80a448a65cb86aaddf7c09936848403bbcbcfe688f4bc1d4775a8d68e744681
GET /script/16cfd23c-ec93-4307-a2b7-c976054846a7/ga.js HTTP/1.1
Host: ga.getresponse.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://rapshirts.org
Connection: keep-alive
Referer: https://rapshirts.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-origin: https://rapshirts.org
content-length: 763
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
content-type: application/javascript; charset=utf-8
date: Sun, 23 Oct 2022 18:39:08 GMT
etag: W/"2fb-jSA1ayL8B1mTWNOr8BrzT6dYIG0"
expect-ct: max-age=0
referrer-policy: no-referrer
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-response-id: 7a67df53-9e39-463c-8dbf-d6a1c7e5217e
x-xss-protection: 0
X-Firefox-Spdy: h2
us-an.gr-cdn.com/v2.1.21.0.umd.js
205.185.216.42200 OK 5.9 kB URL HTTP/2 us-an.gr-cdn.com/v2.1.21.0.umd.js
IP 205.185.216.42:0
File type Unicode text, UTF-8 text, with very long lines (18124)
Hash dbe40066e8b908a1d21838771f2a7580
7477cc9892434b845634dee41ec84e56618e423a
a20c8eaf384076e49d18566f1e92468ffc5b88db87d6e6f792f90f124e9f9175
GET /v2.1.21.0.umd.js HTTP/1.1
Host: us-an.gr-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rapshirts.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 23 Oct 2022 18:39:08 GMT
cache-control: max-age=30724186
content-encoding: gzip
content-length: 5932
content-type: application/javascript
last-modified: Fri, 14 Oct 2022 09:06:09 GMT
accept-ranges: bytes
x-amz-id-2: dABoWlAC7/cwICI/UjrVtxZCvRRHVgKnzoNz7u4S4idcPBYSqEPQntQYUAauJ9wxHZSRvLVrOUo=
x-amz-request-id: B9G4V80W6CFYFTBY
etag: "3bc10ff96b2d3f4f8089459b8e8d29cb"
server: AmazonS3
x-hw: 1666550348.dop215.sk1.t,1666550348.cds264.sk1.hn,1666550348.cds211.sk1.c
access-control-allow-origin: *
X-Firefox-Spdy: h2
us-an.gr-cdn.com/wp.1.21.0.umd.js
205.185.216.42200 OK 6.0 kB URL HTTP/2 us-an.gr-cdn.com/wp.1.21.0.umd.js
IP 205.185.216.42:0
File type C source, Unicode text, UTF-8 text, with very long lines (17469)
Hash b97701fa69096a5d3d4fa194bbb96c01
51405c2f0bff5d374360bd9bb3064d3c311e1112
597cd55c508968fd7a8054cc7386004f1db4b9b8aa2d09d9f07fcc1d472bef6b
GET /wp.1.21.0.umd.js HTTP/1.1
Host: us-an.gr-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rapshirts.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 23 Oct 2022 18:39:08 GMT
cache-control: max-age=30724189
content-encoding: gzip
content-length: 6035
content-type: application/javascript
last-modified: Fri, 14 Oct 2022 09:06:09 GMT
accept-ranges: bytes
x-amz-id-2: QI4yC2B6CTA0LXn2UEldz1QOaMPJRPCsf0795OzPY6bRdU3wmb0zQOPuWJ75uww0Lm7DMCXlBX8=
x-amz-request-id: JVN9NR8GCC8TEEVZ
etag: "208efd60d96e5a10157b56c94473f4b6"
server: AmazonS3
x-hw: 1666550348.dop215.sk1.t,1666550348.cds264.sk1.hn,1666550348.cds209.sk1.c
access-control-allow-origin: *
X-Firefox-Spdy: h2
rapshirts.org/wp-content/plugins/load-more-products-for-woocommerce/css/load_products.css?ver=1.1.9.6
192.185.236.198200 OK 626 B URL HTTP/2 rapshirts.org/wp-content/plugins/load-more-products-for-woocommerce/css/load_products.css?ver=1.1.9.6
IP 192.185.236.198:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with CRLF line terminators
Hash 3e40f944f2d4870c51116a6ac743e9ef
5a11c416bfdd214436795aca7630ded07c78476b
2b6f16389d7e6a2db35b230faa91e6acdf94755b5bb440718aad654e7c1553ce
GET /wp-content/plugins/load-more-products-for-woocommerce/css/load_products.css?ver=1.1.9.6 HTTP/1.1
Host: rapshirts.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rapshirts.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 20 Oct 2022 02:58:21 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 626
content-type: text/css
date: Sun, 23 Oct 2022 18:39:08 GMT
server: Apache
X-Firefox-Spdy: h2
rapshirts.org/wp-content/uploads/2022/03/audioProtestLogoScreen.png
192.185.236.198200 OK 50 kB URL HTTP/2 rapshirts.org/wp-content/uploads/2022/03/audioProtestLogoScreen.png
IP 192.185.236.198:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 600 x 228, 8-bit colormap, non-interlaced\012- data
Hash 9f7c506a83ba4d0b272dba824065b183
71cb25a0ec606ecb4e39c27b2c244041e0f24131
3abdd59457b85c83b0002b653b2b382b272efd8f572a0d79d03671d58f6f866b
GET /wp-content/uploads/2022/03/audioProtestLogoScreen.png HTTP/1.1
Host: rapshirts.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rapshirts.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 23 Mar 2022 03:38:53 GMT
accept-ranges: bytes
content-length: 49690
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/png
date: Sun, 23 Oct 2022 18:39:08 GMT
server: Apache
X-Firefox-Spdy: h2
rapshirts.org/wp-content/uploads/2017/03/cropped-logofinal-3.png
192.185.236.198200 OK 10 kB URL HTTP/2 rapshirts.org/wp-content/uploads/2017/03/cropped-logofinal-3.png
IP 192.185.236.198:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 275 x 77, 8-bit colormap, non-interlaced\012- data
Hash 9f10ddc7c15d7d4d2becde2f905f8de5
cb7c7b4565c9df3edfc21bb1f2844c5751d07060
5ab07c83f6b481313587b12ed585d303d255647f9116297a7364c471ed2bbbe0
GET /wp-content/uploads/2017/03/cropped-logofinal-3.png HTTP/1.1
Host: rapshirts.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rapshirts.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 23 Mar 2022 02:03:41 GMT
accept-ranges: bytes
content-length: 10012
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/png
date: Sun, 23 Oct 2022 18:39:08 GMT
server: Apache
X-Firefox-Spdy: h2
ga2.getresponse.com/index.php?ver=3&urlRef=http%3A%2F%2Fneexulro.net%2F&url=https%3A%2F%2Frapshirts.org%2F&uid=%7B%22uuid%22%3A%220b1f9b35-9e74-4a24-86f1-71ec50ad558c%22%2C%22email%22%3A%22%22%2C%22xsid%22%3A%22%22%2C%22list_token%22%3A%22%22%2C%22gr_x%22%3A%22%22%2C%22gr_s%22%3A%22%22%2C%22gr_m%22%3A%22%22%2C%22valuable%22%3A0%2C%22domain%22%3A%22rapshirts.org%22%7D&_cvar=%7B%221%22%3A%5B%22grid%22%2Cnull%5D%2C%222%22%3A%5B%22aid%22%2C%2216cfd23c-ec93-4307-a2b7-c976054846a7%22%5D%7D&h=18&m=39&s=8&res=1280x1024>_ms=1354
178.16.117.14204 No Content 0 B URL HTTP/2 ga2.getresponse.com/index.php?ver=3&urlRef=http%3A%2F%2Fneexulro.net%2F&url=https%3A%2F%2Frapshirts.org%2F&uid=%7B%22uuid%22%3A%220b1f9b35-9e74-4a24-86f1-71ec50ad558c%22%2C%22email%22%3A%22%22%2C%22xsid%22%3A%22%22%2C%22list_token%22%3A%22%22%2C%22gr_x%22%3A%22%22%2C%22gr_s%22%3A%22%22%2C%22gr_m%22%3A%22%22%2C%22valuable%22%3A0%2C%22domain%22%3A%22rapshirts.org%22%7D&_cvar=%7B%221%22%3A%5B%22grid%22%2Cnull%5D%2C%222%22%3A%5B%22aid%22%2C%2216cfd23c-ec93-4307-a2b7-c976054846a7%22%5D%7D&h=18&m=39&s=8&res=1280x1024>_ms=1354
IP 178.16.117.14:0
ASN #198881 GETRESPONSE Sp.z o.o.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /index.php?ver=3&urlRef=http%3A%2F%2Fneexulro.net%2F&url=https%3A%2F%2Frapshirts.org%2F&uid=%7B%22uuid%22%3A%220b1f9b35-9e74-4a24-86f1-71ec50ad558c%22%2C%22email%22%3A%22%22%2C%22xsid%22%3A%22%22%2C%22list_token%22%3A%22%22%2C%22gr_x%22%3A%22%22%2C%22gr_s%22%3A%22%22%2C%22gr_m%22%3A%22%22%2C%22valuable%22%3A0%2C%22domain%22%3A%22rapshirts.org%22%7D&_cvar=%7B%221%22%3A%5B%22grid%22%2Cnull%5D%2C%222%22%3A%5B%22aid%22%2C%2216cfd23c-ec93-4307-a2b7-c976054846a7%22%5D%7D&h=18&m=39&s=8&res=1280x1024>_ms=1354 HTTP/1.1
Host: ga2.getresponse.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rapshirts.org/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
date: Sun, 23 Oct 2022 18:39:08 GMT
expect-ct: max-age=0
referrer-policy: no-referrer
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-response-id: ff5e8911-326f-409b-88c0-c5dced7bd120
x-xss-protection: 0
X-Firefox-Spdy: h2
rapshirts.org/wp-content/uploads/2022/03/transparent-minimal-universal-theme-icon-supermarket-icon-shop-5db899200449f9.7144605415723789120176.png
192.185.236.198200 OK 79 kB URL HTTP/2 rapshirts.org/wp-content/uploads/2022/03/transparent-minimal-universal-theme-icon-supermarket-icon-shop-5db899200449f9.7144605415723789120176.png
IP 192.185.236.198:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 1238 x 1080, 8-bit colormap, non-interlaced\012- data
Hash 0dc6ea83901ad41aa665584bb090e364
5c41bf2306c3d4adfe24cb0e224921387fb2d8c8
869b9a99a4fa7033ce5737d176c6b2cbbe9b1051bd661291fda9d99aed9b4dd9
GET /wp-content/uploads/2022/03/transparent-minimal-universal-theme-icon-supermarket-icon-shop-5db899200449f9.7144605415723789120176.png HTTP/1.1
Host: rapshirts.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rapshirts.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 25 Mar 2022 01:41:54 GMT
accept-ranges: bytes
content-length: 79326
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/png
date: Sun, 23 Oct 2022 18:39:08 GMT
server: Apache
X-Firefox-Spdy: h2
rapshirts.org/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=7.0.0
192.185.236.198200 OK 792 B URL HTTP/2 rapshirts.org/wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=7.0.0
IP 192.185.236.198:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (2139), with no line terminators
Hash 1ca3f41c13e0027acc45f0601f8b640f
cced34af0c6a59e9cee4229faa66ab39c7031506
d3bc5eaf4c6be9473dbba690825cce9a1a6f4accb6721dae7875efef54942f41
GET /wp-content/plugins/woocommerce/assets/js/frontend/woocommerce.min.js?ver=7.0.0 HTTP/1.1
Host: rapshirts.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rapshirts.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 20 Oct 2022 02:58:13 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 792
content-type: application/javascript
date: Sun, 23 Oct 2022 18:39:08 GMT
server: Apache
X-Firefox-Spdy: h2
rapshirts.org/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.7.0.0
192.185.236.198200 OK 4.0 kB URL HTTP/2 rapshirts.org/wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.7.0.0
IP 192.185.236.198:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (9115)
Hash 30e4855ccd2fde73cd01838d073b8d4b
aa39e03ffb6e39bf82b6a04d72e3f7cf7509f778
cbcfd79d48b4735b59e17b77cb3930f8a51fcdcb3d4675718a45af6077469636
GET /wp-content/plugins/woocommerce/assets/js/jquery-blockui/jquery.blockUI.min.js?ver=2.7.0-wc.7.0.0 HTTP/1.1
Host: rapshirts.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rapshirts.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 20 Oct 2022 02:58:13 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 3955
content-type: application/javascript
date: Sun, 23 Oct 2022 18:39:08 GMT
server: Apache
X-Firefox-Spdy: h2
rapshirts.org/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3
192.185.236.198200 OK 5.3 kB URL HTTP/2 rapshirts.org/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3
IP 192.185.236.198:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (15660)
Hash 710f8b142ea44c0682dc2c30f318f065
49144e9b3a76d3d383b1d4359cf7a25e947f4233
708bb5819879a2a2c7670abc20a58cca68a415ffd621011cbc4c3c9d82dddc50
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.0.3 HTTP/1.1
Host: rapshirts.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rapshirts.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 25 May 2022 04:46:22 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 5321
content-type: application/javascript
date: Sun, 23 Oct 2022 18:39:08 GMT
server: Apache
X-Firefox-Spdy: h2
rapshirts.org/wp-content/uploads/2022/03/paybtnpaypal-1.png
192.185.236.198200 OK 6.4 kB URL HTTP/2 rapshirts.org/wp-content/uploads/2022/03/paybtnpaypal-1.png
IP 192.185.236.198:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 701 x 136, 8-bit colormap, non-interlaced\012- data
Hash 01263104f8cfa68292e255d1ff8d6d40
5d0ba739a7e1230b3a745d798b51cf28f7800613
db766e42cd85b7b85940cf49925a92dbd2feb163b2a98c02c2a1c0670f24e127
GET /wp-content/uploads/2022/03/paybtnpaypal-1.png HTTP/1.1
Host: rapshirts.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rapshirts.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 25 Mar 2022 02:05:31 GMT
accept-ranges: bytes
content-length: 6422
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: image/png
date: Sun, 23 Oct 2022 18:39:08 GMT
server: Apache
X-Firefox-Spdy: h2
rapshirts.org/wp-content/themes/foliopress/js/skip-link-focus-fix.js?ver=20151215
192.185.236.198200 OK 417 B URL HTTP/2 rapshirts.org/wp-content/themes/foliopress/js/skip-link-focus-fix.js?ver=20151215
IP 192.185.236.198:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 73f7704398d8f6be9748d30791950984
3231f3786c364c7665cd7123d8fae0f42bbfd836
c1d9b23aff05fb52e5d6e68aff86d808097185c6dbaac6c3fc3ec6e5bea31ef4
GET /wp-content/themes/foliopress/js/skip-link-focus-fix.js?ver=20151215 HTTP/1.1
Host: rapshirts.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rapshirts.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 29 Mar 2019 18:46:39 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 417
content-type: application/javascript
date: Sun, 23 Oct 2022 18:39:08 GMT
server: Apache
X-Firefox-Spdy: h2
rapshirts.org/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=7.0.0
192.185.236.198200 OK 1.1 kB URL HTTP/2 rapshirts.org/wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=7.0.0
IP 192.185.236.198:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (2938), with no line terminators
Hash 769e9d3f7fc383ec1a02024e39730474
4f5a5edf28ed19b48c5e40747ec6896f0df8f09e
4636689d57889e984a7a1a1c6e2516b7a2d951407ca826aaf505c50002e2b486
GET /wp-content/plugins/woocommerce/assets/js/frontend/cart-fragments.min.js?ver=7.0.0 HTTP/1.1
Host: rapshirts.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rapshirts.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 20 Oct 2022 02:58:13 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 1093
content-type: application/javascript
date: Sun, 23 Oct 2022 18:39:08 GMT
server: Apache
X-Firefox-Spdy: h2
rapshirts.org/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=7.0.0
192.185.236.198200 OK 1.2 kB URL HTTP/2 rapshirts.org/wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=7.0.0
IP 192.185.236.198:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with very long lines (3037), with no line terminators
Hash 267e8958dbad03e5b8e684648aa15aa2
fb81c3ab32d537817004715e011c33f2f7efaa81
8d2937738bf3b55c9ec65b0f2429361d4a2b0679f52ef2b9700192ae20acb03e
GET /wp-content/plugins/woocommerce/assets/js/frontend/add-to-cart.min.js?ver=7.0.0 HTTP/1.1
Host: rapshirts.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rapshirts.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 20 Oct 2022 02:58:13 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 1202
content-type: application/javascript
date: Sun, 23 Oct 2022 18:39:08 GMT
server: Apache
X-Firefox-Spdy: h2
rapshirts.org/wp-content/plugins/woo-product-rss-feed-widget/functions.js?ver=6.0.3
192.185.236.198200 OK 214 B URL HTTP/2 rapshirts.org/wp-content/plugins/woo-product-rss-feed-widget/functions.js?ver=6.0.3
IP 192.185.236.198:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with CRLF line terminators
Hash 64fa02a7c0ff51568bebab5dcc225f1c
840ca3c3c9c5bbb99619b90375652f283b5ca4c1
52c5eb18ff79b2db66050798931d2bbf9dcb6873a6e4c6cf2f5b1f0e3ac795e2
GET /wp-content/plugins/woo-product-rss-feed-widget/functions.js?ver=6.0.3 HTTP/1.1
Host: rapshirts.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rapshirts.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 07 Mar 2017 18:54:01 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 214
content-type: application/javascript
date: Sun, 23 Oct 2022 18:39:08 GMT
server: Apache
X-Firefox-Spdy: h2
rapshirts.org/wp-content/plugins/mailchimp-for-woocommerce/public/js/mailchimp-woocommerce-public.min.js?ver=2.7.5.01
192.185.236.198200 OK 2.5 kB URL HTTP/2 rapshirts.org/wp-content/plugins/mailchimp-for-woocommerce/public/js/mailchimp-woocommerce-public.min.js?ver=2.7.5.01
IP 192.185.236.198:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (6854), with no line terminators
Hash f62dc514edd67b648e627c0c34dc6a5e
127fa228af8b68d062f4f194e65433271f79ddba
5622698ac97e755ba520fdfead5904e15333ddf8a93f247fabac0782d9b8f011
GET /wp-content/plugins/mailchimp-for-woocommerce/public/js/mailchimp-woocommerce-public.min.js?ver=2.7.5.01 HTTP/1.1
Host: rapshirts.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rapshirts.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 20 Oct 2022 02:56:57 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 2534
content-type: application/javascript
date: Sun, 23 Oct 2022 18:39:08 GMT
server: Apache
X-Firefox-Spdy: h2
rapshirts.org/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.7.0.0
192.185.236.198200 OK 1.0 kB URL HTTP/2 rapshirts.org/wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.7.0.0
IP 192.185.236.198:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1668)
Hash 0bebfb5722cbc8ac04e62aa40698be49
3bc5e4f29cb19a2d80d46dee242dabf7e42c0fd3
70d02eabbadbe176455a2bb53d8d567feca69847c067a5274987a8bdc65e3c05
GET /wp-content/plugins/woocommerce/assets/js/js-cookie/js.cookie.min.js?ver=2.1.4-wc.7.0.0 HTTP/1.1
Host: rapshirts.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rapshirts.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 20 Oct 2022 02:58:13 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 1000
content-type: application/javascript
date: Sun, 23 Oct 2022 18:39:08 GMT
server: Apache
X-Firefox-Spdy: h2
rapshirts.org/wp-content/plugins/subscriptions-for-woocommerce/public/js/subscriptions-for-woocommerce-public.js?ver=1.4.5
192.185.236.198200 OK 478 B URL HTTP/2 rapshirts.org/wp-content/plugins/subscriptions-for-woocommerce/public/js/subscriptions-for-woocommerce-public.js?ver=1.4.5
IP 192.185.236.198:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 59a83fd3d1addddece8421bb596ab728
e4a9ec1519ec609e9c74ac5f32a5c90e2e5f402d
47a7efd981e20c5618a82e06623ff5697a32bc6442d782033607698ad9068a2e
GET /wp-content/plugins/subscriptions-for-woocommerce/public/js/subscriptions-for-woocommerce-public.js?ver=1.4.5 HTTP/1.1
Host: rapshirts.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rapshirts.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 21 Oct 2022 03:20:52 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 478
content-type: application/javascript
date: Sun, 23 Oct 2022 18:39:08 GMT
server: Apache
X-Firefox-Spdy: h2
rapshirts.org/wp-content/plugins/load-more-products-for-woocommerce/js/load_products.js?ver=1.1.9.6
192.185.236.198200 OK 7.2 kB URL HTTP/2 rapshirts.org/wp-content/plugins/load-more-products-for-woocommerce/js/load_products.js?ver=1.1.9.6
IP 192.185.236.198:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with CRLF line terminators
Hash ecf541a5dc5d9d0c445be84e25804d34
d3fe3c4f5d394426b439d4e4fa0831f7a44d3255
3ad32994c89e3ec6e35b80a4011fafef40c297c88bcd80cfac68cf3798e94a27
GET /wp-content/plugins/load-more-products-for-woocommerce/js/load_products.js?ver=1.1.9.6 HTTP/1.1
Host: rapshirts.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rapshirts.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 20 Oct 2022 02:58:21 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 7234
content-type: application/javascript
date: Sun, 23 Oct 2022 18:39:08 GMT
server: Apache
X-Firefox-Spdy: h2
rapshirts.org/wp-content/plugins/woo-product-rss-feed-widget/jquery.bxslider.js?ver=6.0.3
192.185.236.198200 OK 16 kB URL HTTP/2 rapshirts.org/wp-content/plugins/woo-product-rss-feed-widget/jquery.bxslider.js?ver=6.0.3
IP 192.185.236.198:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with CRLF line terminators
Hash a52bd07107f34f0f3c1aa552f5f0eae1
899a9ec478f20f782b983c271e2c3755b2066f30
b86c160c3ca4305c1f44ddb4812f403f3ea39bd820a4f232f3ddf0b6378d389e
GET /wp-content/plugins/woo-product-rss-feed-widget/jquery.bxslider.js?ver=6.0.3 HTTP/1.1
Host: rapshirts.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rapshirts.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 07 Mar 2017 18:54:01 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 16488
content-type: application/javascript
date: Sun, 23 Oct 2022 18:39:08 GMT
server: Apache
X-Firefox-Spdy: h2
rapshirts.org/wp-content/themes/foliopress/font-awesome/css/font-awesome.css?ver=6.0.3
192.185.236.198200 OK 7.5 kB URL HTTP/2 rapshirts.org/wp-content/themes/foliopress/font-awesome/css/font-awesome.css?ver=6.0.3
IP 192.185.236.198:0
ASN #46606 UNIFIEDLAYER-AS-1
File type troff or preprocessor input, ASCII text, with very long lines (372)
Hash 425b9c5bb524774d7f30160c36771785
af60c1059fb990e6e86ff744f9c286e78f9966e8
a1dfafaf50ffe1e3996576f74f6e0e9dccee46d19aaf562fbe6e5575171b8062
GET /wp-content/themes/foliopress/font-awesome/css/font-awesome.css?ver=6.0.3 HTTP/1.1
Host: rapshirts.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rapshirts.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 29 Mar 2019 18:46:39 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 7524
content-type: text/css
date: Sun, 23 Oct 2022 18:39:08 GMT
server: Apache
X-Firefox-Spdy: h2
rapshirts.org/wp-content/themes/foliopress/js/scripts.js?ver=6.0.3
192.185.236.198200 OK 799 B URL HTTP/2 rapshirts.org/wp-content/themes/foliopress/js/scripts.js?ver=6.0.3
IP 192.185.236.198:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 992a3f12bb921dbc44cb9765496b6182
834d2ebb54e8b0bc0477e44d3bc91580a5382f99
fedbfe243c4382762bd8f9d79d031422d973803b315582ab761e2d66cf6ce31c
GET /wp-content/themes/foliopress/js/scripts.js?ver=6.0.3 HTTP/1.1
Host: rapshirts.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rapshirts.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 29 Mar 2019 18:46:39 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 799
content-type: application/javascript
date: Sun, 23 Oct 2022 18:39:08 GMT
server: Apache
X-Firefox-Spdy: h2
pogothere.xyz/
104.21.86.231200 OK 4.6 kB IP 104.21.86.231:0
File type ASCII text, with no line terminators
Hash 73471e8ee6581a4ac3cc821dd067de9e
4fada1e3079687b2104c04fd1c45346eca455f1a
948cb8d9036d3078609f5952dbb38736c153a13adac98b1ad41df26a14f5a4a9
GET / HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://neexulro.net
Connection: keep-alive
Referer: http://neexulro.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 23 Oct 2022 18:39:06 GMT
content-type: text/plain
set-cookie: csu=1078988179649024@1@1666550346; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: http://neexulro.net
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4Cyq6R38gtmmKp2uYt9hNxoO%2FvIrSpd7m7tDOfzZlFTtZrI15Jppv5qmSB50EecNUlGN8OQmhv%2F7Ivcz1Je4LH%2FEfQKyPVMN5FZjXKjAh%2FuUKvEBZuTr7c4HJibKpL15"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75ec97f14c8b1c06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rapshirts.org/wp-content/themes/foliopress/style.css?ver=6.0.3
192.185.236.198200 OK 13 kB URL HTTP/2 rapshirts.org/wp-content/themes/foliopress/style.css?ver=6.0.3
IP 192.185.236.198:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (689)
Hash 9d8045053ae3ec84acf6ffecf51d999c
41edac5912f5eb29b5de99215d6a70154c416ad0
63f16e54b29cf4fa20bdf50cacc4b64748a924d8f24761919f752a4cdaed9d87
GET /wp-content/themes/foliopress/style.css?ver=6.0.3 HTTP/1.1
Host: rapshirts.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rapshirts.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 09 Mar 2022 00:55:37 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 13404
content-type: text/css
date: Sun, 23 Oct 2022 18:39:08 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash b37f6a0d5386ea377aaa898a12d94556
891d658015a5b84248f2e59c4d6eab139f3e4bf0
de156fa39f200285ddbcfd4fa17927f027610b09465410d2135809371b1ff441
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2109
Cache-Control: max-age=93070
Content-Type: application/ocsp-response
Date: Sun, 23 Oct 2022 18:39:09 GMT
Etag: "63544a9e-116"
Expires: Mon, 24 Oct 2022 20:30:19 GMT
Last-Modified: Sat, 22 Oct 2022 19:55:10 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 278
chimpstatic.com/mcjs-connected/js/users/c45862805da44912691c26e72/c735b6997b2d0b64189bec60f.js
96.6.17.210200 OK 1.7 kB URL HTTP/1.1 chimpstatic.com/mcjs-connected/js/users/c45862805da44912691c26e72/c735b6997b2d0b64189bec60f.js
IP 96.6.17.210:0
File type ASCII text, with very long lines (2819)
Hash 0ed9fbb102dfb5c5ccf3d91428095af7
67701e7e660d3ad230b9ca88c562454b26c2c7a3
40f814a94c52725aa06296524b6a26a45ad74a3a09eccaec57fb3be983b62211
GET /mcjs-connected/js/users/c45862805da44912691c26e72/c735b6997b2d0b64189bec60f.js HTTP/1.1
Host: chimpstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rapshirts.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: LZMBHiVEE7B7jMfEQF3xPH/Ipxc4LBL9CKyK5R/iMaYvXGPpgkOpWhsuEBkn9nbkrAPV8FCYI+I=
x-amz-request-id: 7FBRBN5CD0XB88BM
Last-Modified: Mon, 07 Feb 2022 15:31:11 GMT
ETag: "f1d994436d2be7f46a3bbfe2f3f3f0cb"
Accept-Ranges: bytes
Content-Type: application/javascript
Server: AmazonS3
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=607
Expires: Sun, 23 Oct 2022 18:49:16 GMT
Date: Sun, 23 Oct 2022 18:39:09 GMT
Content-Length: 1684
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash b37f6a0d5386ea377aaa898a12d94556
891d658015a5b84248f2e59c4d6eab139f3e4bf0
de156fa39f200285ddbcfd4fa17927f027610b09465410d2135809371b1ff441
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2109
Cache-Control: max-age=93070
Content-Type: application/ocsp-response
Date: Sun, 23 Oct 2022 18:39:09 GMT
Etag: "63544a9e-116"
Expires: Mon, 24 Oct 2022 20:30:19 GMT
Last-Modified: Sat, 22 Oct 2022 19:55:10 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 278
rapshirts.org/wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=7.0.0
192.185.236.198200 OK 1.3 kB URL HTTP/2 rapshirts.org/wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=7.0.0
IP 192.185.236.198:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (7043), with no line terminators
Hash 23030da399d26bb36e2effda3c58d488
2480e4b14c65a29b6013515cea8a55a6646aa85a
026d41f0bbec9c4116e05c06d43d3bbae4e9ec0975f84140565760431eaa88d7
GET /wp-content/plugins/woocommerce/assets/css/woocommerce-smallscreen.css?ver=7.0.0 HTTP/1.1
Host: rapshirts.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rapshirts.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 20 Oct 2022 02:58:13 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 1294
content-type: text/css
date: Sun, 23 Oct 2022 18:39:09 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 9f84a11cd39c014fffc187f2a8b0d8df
1875e117dec3fc707db902e87df9ec691b2cc763
bf0c0ac413147f09128a7af625499402eea897c3efad12828347efaba9b9d3a1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 23 Oct 2022 18:39:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 9f84a11cd39c014fffc187f2a8b0d8df
1875e117dec3fc707db902e87df9ec691b2cc763
bf0c0ac413147f09128a7af625499402eea897c3efad12828347efaba9b9d3a1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 23 Oct 2022 18:39:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
rapshirts.org/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=8.5.1
192.185.236.198200 OK 49 kB URL HTTP/2 rapshirts.org/wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=8.5.1
IP 192.185.236.198:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 1b7da62121983d7ec36c18e51746ee2e
844c2abc6d9c9cbecf70c1906649b8b2e8e32873
aa56b5f0ea8e23a4d913ca1b55a61d869b33f97618ab8cd389e7b27a4be76cd1
GET /wp-content/plugins/woocommerce/packages/woocommerce-blocks/build/wc-blocks-style.css?ver=8.5.1 HTTP/1.1
Host: rapshirts.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rapshirts.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 20 Oct 2022 02:58:13 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: text/css
date: Sun, 23 Oct 2022 18:39:08 GMT
server: Apache
X-Firefox-Spdy: h2
s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
23.38.200.123200 OK 26 kB URL HTTP/2 s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
IP 23.38.200.123:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (63757)
Hash 707317ccaabe08d32d1bd781754e6871
bb82dcd3e044c960e0861c2ce878f5504e628f78
d0a164ece41c61aec26517fb645646f5ba91f72ea5448eff1ee6c393b7c53051
GET /static/sh.f48a1a04fe8dbf021b4cda1d.html HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rapshirts.org/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: text/html
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-11adc"
timing-allow-origin: *
cache-control: public, max-age=86313600
p3p: CP="NON ADM OUR DEV IND COM STA"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 26421
date: Sun, 23 Oct 2022 18:39:09 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2
s.w.org/images/core/emoji/14.0.0/svg/1f53b.svg
192.0.77.48200 OK 214 B URL HTTP/2 s.w.org/images/core/emoji/14.0.0/svg/1f53b.svg
IP 192.0.77.48:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with no line terminators
Hash b8630468b0aed7fa65976ef23ceaa8c3
0bcf5ffc82ecd386643b27f520066444981d5033
61b58f32f399a725bb0ab431b917c7ecde74676bf4f6ddd36f7113335c5f5d09
GET /images/core/emoji/14.0.0/svg/1f53b.svg HTTP/1.1
Host: s.w.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rapshirts.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 23 Oct 2022 18:39:09 GMT
content-type: image/svg+xml
content-length: 214
last-modified: Tue, 12 Apr 2022 03:53:43 GMT
x-frame-options: SAMEORIGIN
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn 2
x-content-type-options: nosniff
accept-ranges: bytes
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
216.58.207.195200 OK 7.9 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 7884, version 1.0\012- data
Hash 9212f6f9860f9fc6c69b02fedf6db8c3
ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
GET /s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rapshirts.org
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 19 Oct 2022 21:48:50 GMT
expires: Thu, 19 Oct 2023 21:48:50 GMT
cache-control: public, max-age=31536000
age: 334219
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
216.58.207.195200 OK 7.7 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 7748, version 1.0\012- data
Hash a09f2fccfee35b7247b08a1a266f0328
0da2d17e738f46d2a09e6fb7969da451719a9820
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
GET /s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rapshirts.org
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7748
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 19 Oct 2022 19:31:00 GMT
expires: Thu, 19 Oct 2023 19:31:00 GMT
cache-control: public, max-age=31536000
age: 342489
last-modified: Wed, 27 Apr 2022 16:21:30 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
diffuser-cdn.app-us1.com/diffuser/diffuser.js
104.17.145.91200 OK 13 kB URL HTTP/2 diffuser-cdn.app-us1.com/diffuser/diffuser.js
IP 104.17.145.91:0
Hash 7c098034977fc874f915bd7cdcf8ab79
a7687ae6ee2a05840f55caa3ac20d69a4a102e93
b911c048a29f42ff64af9e7ad69c0cdda6b8b18353f39b5455cef17a4bcef312
GET /diffuser/diffuser.js HTTP/1.1
Host: diffuser-cdn.app-us1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rapshirts.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 23 Oct 2022 18:39:09 GMT
content-type: application/javascript
last-modified: Thu, 21 Oct 2021 17:42:06 GMT
etag: W/"4d482a43613d3966f353ec9d97452e0c"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=300
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 059f85e5e664bc876c915622803d9e28.cloudfront.net (CloudFront)
x-amz-cf-pop: CPH50-C2
x-amz-cf-id: LYgb7O-05A19YisedsHdW7Gqa3Bw46pjlPKvIkZSVBpaULKohYEzzQ==
cf-cache-status: HIT
age: 216
server: cloudflare
cf-ray: 75ec98024bf61c0e-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash ffbfbd6d5d1e91af3c02313339eed0d0
df6457b655ac278fe32f3015bba4cff22dae5b2d
1991ca3e854e53f89b92ce93e01e6094f815b1d2c7c31e664481760211ac200a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 23 Oct 2022 18:39:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
rapshirts.org/wp-content/themes/foliopress/bootstrap/js/bootstrap.min.js?ver=4.0.0
192.185.236.198200 OK 99 kB URL HTTP/2 rapshirts.org/wp-content/themes/foliopress/bootstrap/js/bootstrap.min.js?ver=4.0.0
IP 192.185.236.198:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash e212e72540016e3ae53899d1d835a44b
19603a386252c5a4d03297aa4eac5ad920507090
32f19191d696ee314e3093efe39e3ae110c58e23928c2d4064d0b97906b960e9
GET /wp-content/themes/foliopress/bootstrap/js/bootstrap.min.js?ver=4.0.0 HTTP/1.1
Host: rapshirts.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rapshirts.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 29 Mar 2019 18:46:39 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: application/javascript
date: Sun, 23 Oct 2022 18:39:08 GMT
server: Apache
X-Firefox-Spdy: h2
us-as.gr-cdn.com//javascripts/core/webforms/dist/manifest.35779c62dedb17e0486d.js
205.185.216.42200 OK 744 B URL HTTP/2 us-as.gr-cdn.com//javascripts/core/webforms/dist/manifest.35779c62dedb17e0486d.js
IP 205.185.216.42:0
File type ASCII text, with very long lines (1524), with no line terminators
Hash ed35a142e8e052ea890638490c8861cc
f6f1e6b993739eb26fd270386a00326b4e030cde
96fcbc55c5b5205163897e33d97a501c5768b91586c44151bed3f01564f8a3bc
GET //javascripts/core/webforms/dist/manifest.35779c62dedb17e0486d.js HTTP/1.1
Host: us-as.gr-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://app.getresponse.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 23 Oct 2022 18:39:09 GMT
content-encoding: gzip
content-length: 744
content-type: application/javascript
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
accept-ranges: bytes
etag: "1dc09d84-5f4"
cache-control: max-age=31536000, public
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains
x-hw: 1666550349.dop215.sk1.t,1666550349.cds264.sk1.hn,1666550349.cds221.sk1.c
X-Firefox-Spdy: h2
app.getresponse.com/site2/5f668714fe0c84b1c05bc99972172b70/?u=MSngN&webforms_id=hflNl&v=0
104.160.64.9200 OK 8.9 kB URL HTTP/2 app.getresponse.com/site2/5f668714fe0c84b1c05bc99972172b70/?u=MSngN&webforms_id=hflNl&v=0
IP 104.160.64.9:0
ASN #46469 GETRESPONSE-IMPLIX
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (28294)
Hash f67f37ca4b5a09e4f53b00f60b4a12cf
1c570356466d64105e8552b7460a77888519c152
f902b4f2b5eb6bb13274628cc0cc3174f6ff9630865efba2aabff395b43b94a2
GET /site2/5f668714fe0c84b1c05bc99972172b70/?u=MSngN&webforms_id=hflNl&v=0 HTTP/1.1
Host: app.getresponse.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rapshirts.org/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 23 Oct 2022 18:39:09 GMT
content-type: text/html;charset=UTF-8
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
feature-policy: accelerometer *; ambient-light-sensor *; autoplay *; camera *; encrypted-media *; fullscreen *; geolocation *; gyroscope *; magnetometer *; microphone *; midi *; payment *; picture-in-picture *; speaker *; sync-xhr *; usb *; vr *
set-cookie: timeout=logout_43200; expires=Mon, 24-Oct-2022 06:39:09 GMT; Max-Age=43200; path=/; domain=getresponse.com
gr83p_59db3877322f17e6c0092c106bdf75dd=true; expires=Thu, 22-Dec-2022 18:39:09 GMT; Max-Age=5184000; path=/; domain=.getresponse.com
webformv2_opened_52746705=0; expires=Tue, 21-Feb-2023 18:39:09 GMT; Max-Age=10454400; path=/
content-security-policy-report-only: default-src https: wss: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data: blob:; frame-src https:; font-src https: data:; report-uri https://index-log.getresponse.com/index/marketing_csp?source=app-gr
content-encoding: gzip
X-Firefox-Spdy: h2
us-as.gr-cdn.com//javascripts/core/webforms/dist/webforms_entry.chunk.88825abbaf24f26299d7.js
205.185.216.42200 OK 10 kB URL HTTP/2 us-as.gr-cdn.com//javascripts/core/webforms/dist/webforms_entry.chunk.88825abbaf24f26299d7.js
IP 205.185.216.42:0
File type ASCII text, with very long lines (32376)
Hash 87b8e74031f8b5c76421913ecd8fd345
18d3903892f55f4a6792038cc120b73239d36e99
bc917783adc3825637c10be746fcd23d37bfe05341b970cd2e2b3a94cf1c3077
GET //javascripts/core/webforms/dist/webforms_entry.chunk.88825abbaf24f26299d7.js HTTP/1.1
Host: us-as.gr-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://app.getresponse.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 23 Oct 2022 18:39:09 GMT
content-encoding: gzip
content-length: 10132
content-type: application/javascript
last-modified: Wed, 05 Oct 2022 13:49:14 GMT
accept-ranges: bytes
server: nginx
etag: W/"633d8b5a-7edb"
cache-control: max-age=31536000, public
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains
x-hw: 1666550349.dop215.sk1.t,1666550349.cds264.sk1.hn,1666550349.cds066.sk1.c
X-Firefox-Spdy: h2
us-as.gr-cdn.com//javascripts/core/webforms/dist/show_webform_shared.chunk.e51c6b112972dd577bf9.js
205.185.216.42200 OK 88 kB URL HTTP/2 us-as.gr-cdn.com//javascripts/core/webforms/dist/show_webform_shared.chunk.e51c6b112972dd577bf9.js
IP 205.185.216.42:0
File type Unicode text, UTF-8 text, with very long lines (65232)
Hash b9ffcf2506d95091ec2d2dd1101cbdd1
c3f08b1e4f91ad0ffdc8985a339dd1241617cccb
e7cbdf3eb602c2fe47e405f41cf7f50fed01020318b6e6893869fd4a0645a903
GET //javascripts/core/webforms/dist/show_webform_shared.chunk.e51c6b112972dd577bf9.js HTTP/1.1
Host: us-as.gr-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://app.getresponse.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 23 Oct 2022 18:39:09 GMT
content-encoding: gzip
content-length: 87876
content-type: application/javascript
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
accept-ranges: bytes
etag: W/"1dc09d84-47f3c"
cache-control: max-age=31536000, public
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains
x-hw: 1666550349.dop215.sk1.t,1666550349.cds264.sk1.hn,1666550349.cds264.sk1.c
X-Firefox-Spdy: h2
us-as.gr-cdn.com//javascripts/core/webforms/dist/show.chunk.687c11980651d69638fc.js
205.185.216.42200 OK 415 B URL HTTP/2 us-as.gr-cdn.com//javascripts/core/webforms/dist/show.chunk.687c11980651d69638fc.js
IP 205.185.216.42:0
File type ASCII text, with very long lines (747), with no line terminators
Hash c17ad4d605c3f36cff89841eead09370
32ca6025c29ca386e4f6f3c6648cae4f00828c74
35cf414826d2595a2176ba6ced1fcf0c0b828bfcb727170d44353bea53de9225
GET //javascripts/core/webforms/dist/show.chunk.687c11980651d69638fc.js HTTP/1.1
Host: us-as.gr-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://app.getresponse.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 23 Oct 2022 18:39:09 GMT
content-encoding: gzip
content-length: 415
content-type: application/javascript
last-modified: Fri, 26 Aug 2022 14:47:03 GMT
accept-ranges: bytes
server: nginx
etag: "6308dce7-2eb"
cache-control: max-age=31536000, public
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains
x-hw: 1666550349.dop215.sk1.t,1666550349.cds264.sk1.hn,1666550349.cds235.sk1.c
X-Firefox-Spdy: h2
widget.sndcdn.com/widget-4-b941de79a58a.js
54.230.111.6200 OK 540 B URL HTTP/2 widget.sndcdn.com/widget-4-b941de79a58a.js
IP 54.230.111.6:0
File type ASCII text, with very long lines (464)
Hash ede250fa54d9ffac76afc0baf0f73801
2b469cdd13a9746515026c746c3f45a6b9323abd
c40727b24ceb626347bd5b82859ecc9d5c32eb93d811e6d56f688c471031b179
GET /widget-4-b941de79a58a.js HTTP/1.1
Host: widget.sndcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://w.soundcloud.com
Connection: keep-alive
Referer: https://w.soundcloud.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
content-length: 540
date: Sun, 21 Aug 2022 03:15:31 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Wed, 10 Aug 2022 09:11:43 GMT
etag: "ede250fa54d9ffac76afc0baf0f73801"
cache-control: public, max-age=31536000, immutable
x-amz-version-id: AOGfVEA2svqzQ41HXCR.3_V7aMZcxqi3
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 5EjoE7HILWwZjlL8hmlU7vrAqmEVR8tAZsAHICZFgRaDNcCm6Idh1Q==
age: 5498619
X-Firefox-Spdy: h2
widget.sndcdn.com/assets/images/logo-200x120-3190df52.png
54.230.111.6200 OK 3.7 kB URL HTTP/2 widget.sndcdn.com/assets/images/logo-200x120-3190df52.png
IP 54.230.111.6:0
File type PNG image data, 200 x 120, 8-bit gray+alpha, non-interlaced\012- data
Hash a1591e5274b36cfbae3e167dffe49970
ad535777f813aae6727b416f821d727c854646e6
a9e23dcec7b7d492b11006586bea4e4fe7de01f647f89c6aa84e186567b9da50
GET /assets/images/logo-200x120-3190df52.png HTTP/1.1
Host: widget.sndcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://w.soundcloud.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 3745
date: Wed, 24 Aug 2022 01:47:09 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Mon, 22 Aug 2022 10:28:14 GMT
etag: "a1591e5274b36cfbae3e167dffe49970"
cache-control: public, max-age=31536000, immutable
x-amz-version-id: VldNYlm7gvRHU.GTTyDBB4UbN9JtUUnV
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: q6onOInBUTBJkypb4c0a3pN0G1bETe5H9A9XQpwXfa-GPyUEZFBgTg==
age: 5244721
X-Firefox-Spdy: h2
trackcmp.net/t_prism_sitemessages.php?trackid=253408599&prismid=37a6c16f-7304-4737-8d5b-da3932e05a38&url=https%3A%2F%2Frapshirts.org%2F
104.18.42.105200 OK 0 B URL HTTP/2 trackcmp.net/t_prism_sitemessages.php?trackid=253408599&prismid=37a6c16f-7304-4737-8d5b-da3932e05a38&url=https%3A%2F%2Frapshirts.org%2F
IP 104.18.42.105:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /t_prism_sitemessages.php?trackid=253408599&prismid=37a6c16f-7304-4737-8d5b-da3932e05a38&url=https%3A%2F%2Frapshirts.org%2F HTTP/1.1
Host: trackcmp.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rapshirts.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 23 Oct 2022 18:39:09 GMT
content-type: text/javascript;charset=UTF-8
content-length: 0
x-powered-by: PHP/7.1.33
cache-control: no-cache, private
p3p: CP="NON BUS INT NAV COM ADM CON CUR IVA IVD OTP PSA PSD TEL SAM"
x-privacy-policy: You can find our privacy policy here: https://www.activecampaign.com/help/privacy-policy/
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 75ec9805dd68b4ed-OSL
X-Firefox-Spdy: h2
rapshirts.org/?wc-ajax=get_refreshed_fragments
192.185.236.198200 OK 359 B URL HTTP/2 rapshirts.org/?wc-ajax=get_refreshed_fragments
IP 192.185.236.198:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JSON data\012- HTML document, ASCII text, with very long lines (736), with no line terminators
Hash e5720bdd8056dc7ebb7b347b61cc1354
197072c172da8c0f3ef0f6227b85ee4302f8eaa9
66e11c3eeae7e0e86d1f967f646e23bfaad457932a9f70475ec48716a4c471e7
POST /?wc-ajax=get_refreshed_fragments HTTP/1.1
Host: rapshirts.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 18
Origin: https://rapshirts.org
Connection: keep-alive
Referer: https://rapshirts.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding,Cookie
access-control-allow-origin: https://rapshirts.org
access-control-allow-credentials: true
x-content-type-options: nosniff
x-robots-tag: noindex
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-length: 359
content-type: application/json; charset=UTF-8
date: Sun, 23 Oct 2022 18:39:09 GMT
server: Apache
X-Firefox-Spdy: h2
api-widget.soundcloud.com/assignments/736504-264856-85893-609399?layers=widget_listening&format=json&client_id=LBCcHmRB8XSStWL6wKH2HPACspQlXg2P&app_version=1665987510
54.230.110.40200 OK 178 B URL HTTP/1.1 api-widget.soundcloud.com/assignments/736504-264856-85893-609399?layers=widget_listening&format=json&client_id=LBCcHmRB8XSStWL6wKH2HPACspQlXg2P&app_version=1665987510
IP 54.230.110.40:0
File type JSON data\012- , ASCII text, with very long lines (648), with no line terminators
Hash b6df5d701ffc78a8f78712190395e824
36dcccf04a4681f2641f660c20790e57f90d3ddf
d979798c25f543130fd1844821b120be01c8893034a0b6e0fbe50b782ffbe929
GET /assignments/736504-264856-85893-609399?layers=widget_listening&format=json&client_id=LBCcHmRB8XSStWL6wKH2HPACspQlXg2P&app_version=1665987510 HTTP/1.1
Host: api-widget.soundcloud.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://w.soundcloud.com
Connection: keep-alive
Referer: https://w.soundcloud.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
Content-Length: 178
Connection: keep-alive
Date: Sun, 23 Oct 2022 18:39:09 GMT
x-robots-tag: noindex
Cache-Control: private, max-age=0
referrer-policy: no-referrer
x-frame-options: DENY
access-control-max-age: 1728000
x-content-type-options: nosniff
access-control-allow-origin: https://w.soundcloud.com
access-control-allow-headers: Authorization, Content-Type, Device-Locale, X-CSRF-Token
access-control-allow-methods: DELETE, GET, PATCH, POST, PUT
access-control-expose-headers: Date
access-control-allow-credentials: true
Content-Encoding: gzip
strict-transport-security: max-age=63072000
Server: am/2
Vary: Origin
X-Cache: Miss from cloudfront
Via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: hVBxZpxO0GtvwQWoGUn6uR38F4MQmj2dzXb8O9vi4gcsFDNVZJpPUg==
app.getresponse.com/view_webform_v2.js?u=MSngN&webforms_id=hflNl
104.160.64.9200 OK 11 kB URL HTTP/2 app.getresponse.com/view_webform_v2.js?u=MSngN&webforms_id=hflNl
IP 104.160.64.9:0
ASN #46469 GETRESPONSE-IMPLIX
File type ASCII text, with very long lines (32000)
Hash 09c7e067a806d89646343af61ce01049
f9262f55202cc91789afc9f5ec6437f788442016
1e8292d93344460369a2098521c7a6bdbd1bd09d8ec591bacaf191a5ac1d54d7
GET /view_webform_v2.js?u=MSngN&webforms_id=hflNl HTTP/1.1
Host: app.getresponse.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rapshirts.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 23 Oct 2022 18:39:08 GMT
content-type: application/x-javascript
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
x-frame-options: sameorigin
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
feature-policy: accelerometer *; ambient-light-sensor *; autoplay *; camera *; encrypted-media *; fullscreen *; geolocation *; gyroscope *; magnetometer *; microphone *; midi *; payment *; picture-in-picture *; speaker *; sync-xhr *; usb *; vr *
content-security-policy-report-only: default-src https: wss: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data: blob:; frame-src https:; font-src https: data:; report-uri https://index-log.getresponse.com/index/marketing_csp?source=app-gr
content-encoding: gzip
X-Firefox-Spdy: h2
z.moatads.com/addthismoatframe568911941483/moatframe.js
23.38.201.146200 OK 948 B URL HTTP/2 z.moatads.com/addthismoatframe568911941483/moatframe.js
IP 23.38.201.146:0
File type ASCII text, with very long lines (523)
Hash f14b4e1f799b14f798a195f43cf58376
b6fd3b3d407fb4c0a00fb8a31862235e2a6e0a86
92ed3e9fda5fa4d738ff4d9023846b56633617363dda6a750cacb4fba53241ac
GET /addthismoatframe568911941483/moatframe.js HTTP/1.1
Host: z.moatads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rapshirts.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: e0HboiVQpjIDEK8WTxqU5+8G8wOtu9bNCFY72alTHLP0/Yb+qoiTOxu6fad89ebRofzHxENxOOg=
x-amz-request-id: 61EC92F13BB22DD4
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
etag: "f14b4e1f799b14f798a195f43cf58376"
content-encoding: gzip
accept-ranges: bytes
content-type: application/x-javascript
content-length: 948
server: AmazonS3
vary: Accept-Encoding
cache-control: max-age=49390
date: Sun, 23 Oct 2022 18:39:10 GMT
X-Firefox-Spdy: h2
s.adroll.com/j/VW6PELNLDZDPTKXFB35ONT/roundtrip.js
143.204.55.84200 OK 30 kB URL HTTP/1.1 s.adroll.com/j/VW6PELNLDZDPTKXFB35ONT/roundtrip.js
IP 143.204.55.84:0
File type ASCII text, with very long lines (1326)
Hash d79ba4535963dd60e66a9fc0984b0562
9970dc44b977b60b0a5a2cc66a50dd9f7e6dc7ae
522de16595a75e9bb1826908a6be6b8b14e8caa453c222c4cc746aaaab6cb57b
GET /j/VW6PELNLDZDPTKXFB35ONT/roundtrip.js HTTP/1.1
Host: s.adroll.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rapshirts.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 19 Oct 2022 01:38:17 GMT
X-Amz-Server-Side-Encryption: AES256
X-Amz-Version-Id: MsOtz5noa6RXJMHnDhw.Bbf45HjZ6rPl
Server: AmazonS3
Content-Encoding: gzip
Date: Sun, 23 Oct 2022 18:14:06 GMT
Cache-Control: max-age=3600, must-revalidate
Etag: W/"2a866f608d7c57286902ff35a3d74e7c"
Vary: Accept-Encoding
Via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
Age: 1505
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Access-Control-Allow-Headers: *
X-Cache: Hit from cloudfront
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: tSdia_Qvg2e_1PSETzB5PMvQKJejuEnTMiclPVK2YpK6Y-RIrys0nw==
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rapshirts.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Sun, 23 Oct 2022 16:41:09 GMT
expires: Sun, 23 Oct 2022 18:41:09 GMT
cache-control: public, max-age=7200
age: 7081
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/992914365/?random=1666550348506&cv=11&fst=1666550348506&bg=ffffff&guid=ON&async=1>m=2oaaj0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=2&url=https%3A%2F%2Frapshirts.org%2F&ref=http%3A%2F%2Fneexulro.net%2F&tiba=Hand%20Printed%20Streetwear%20by%20%40indegenius_%20%E2%80%93%20A%20Hip%20Hop%20Hustler%27s%20Experience&data=event%3Dgtag.config&rfmt=3&fmt=4
142.250.74.34200 OK 1.0 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/992914365/?random=1666550348506&cv=11&fst=1666550348506&bg=ffffff&guid=ON&async=1>m=2oaaj0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=2&url=https%3A%2F%2Frapshirts.org%2F&ref=http%3A%2F%2Fneexulro.net%2F&tiba=Hand%20Printed%20Streetwear%20by%20%40indegenius_%20%E2%80%93%20A%20Hip%20Hop%20Hustler%27s%20Experience&data=event%3Dgtag.config&rfmt=3&fmt=4
IP 142.250.74.34:0
File type ASCII text, with very long lines (2124), with no line terminators
Hash a1c4e4a418b3df0c22608c37e35ec32b
0614eb2e4104c68d2bdcbb188cab5a98256ec70c
cb04a416f29b69d7194e62acd2f9a2cdc9508b51f20711f7c62a4bd2707da6da
GET /pagead/viewthroughconversion/992914365/?random=1666550348506&cv=11&fst=1666550348506&bg=ffffff&guid=ON&async=1>m=2oaaj0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=2&url=https%3A%2F%2Frapshirts.org%2F&ref=http%3A%2F%2Fneexulro.net%2F&tiba=Hand%20Printed%20Streetwear%20by%20%40indegenius_%20%E2%80%93%20A%20Hip%20Hop%20Hustler%27s%20Experience&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rapshirts.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 23 Oct 2022 18:39:10 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 1030
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 23-Oct-2022 18:54:10 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.taboola.com/libtrc/unip/1473087/tfa.js
151.101.85.44200 OK 18 kB URL HTTP/2 cdn.taboola.com/libtrc/unip/1473087/tfa.js
IP 151.101.85.44:0
File type ASCII text, with very long lines (58510)
Hash f321afa646d571b82f5bbf5970ff4a85
55b0faa685a53864f7f25243f1a0e0f9b037650d
9b01bd795e49b9d71704e52c1ab6e4022e1443bd4f20035eafcfc1aae57af303
GET /libtrc/unip/1473087/tfa.js HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rapshirts.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: AABa52nmuODEe5xgYT6ZeHY6kSucKdJmOtxNqDN8A5rW0OPhMBhP8LX/mtO5jViby+vC64GJ0rnvLP8iiDZfNg==
x-amz-request-id: TRJHKFEEKF03Z1GM
x-amz-replication-status: COMPLETED
last-modified: Sun, 23 Oct 2022 11:04:58 GMT
etag: "a68494f80dccc22b7f25d38151bbcad4"
x-amz-version-id: qIKB9IyD6NX5Qok51I15YBO35_MQl15U
content-type: application/javascript; charset=utf-8
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Sun, 23 Oct 2022 18:39:10 GMT
via: 1.1 varnish
age: 26998
x-served-by: cache-bma1675-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1666550350.087338,VS0,VE1
cache-control: private,max-age=14401
vary: Accept-Encoding
abp: 90
content-length: 17962
X-Firefox-Spdy: h2
fonts.gstatic.com/s/arvo/v20/tDbD2oWUg0MKqScQ7Z7o_vo.woff2
216.58.207.195200 OK 11 kB URL HTTP/2 fonts.gstatic.com/s/arvo/v20/tDbD2oWUg0MKqScQ7Z7o_vo.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 10632, version 1.0\012- data
Hash 235a9e95823e49744e35aaea0bb293aa
81945b78e158167e88dc40746a8418a4fcd1e7b8
62dd1591b85ac94338ebf05423aaf78e49e4a9c26ce929d2286c648c67f22686
GET /s/arvo/v20/tDbD2oWUg0MKqScQ7Z7o_vo.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://app.getresponse.com/
Origin: https://app.getresponse.com
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 10632
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 18 Oct 2022 22:35:37 GMT
expires: Wed, 18 Oct 2023 22:35:37 GMT
cache-control: public, max-age=31536000
age: 417813
last-modified: Tue, 19 Apr 2022 18:52:20 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
216.58.207.195200 OK 11 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 11028, version 1.0\012- data
Hash 1f6d3cf6d38f25d83d95f5a800b8cac3
279f300ca2cbbdf9f5036ef2f438607fbf377daa
796de064b8d80eba7ccacb8ba67d77fdbcdf4b385c844645d452c24537b3108f
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://app.getresponse.com/
Origin: https://app.getresponse.com
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11028
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 20 Oct 2022 17:24:34 GMT
expires: Fri, 20 Oct 2023 17:24:34 GMT
cache-control: public, max-age=31536000
age: 263676
last-modified: Wed, 11 May 2022 19:24:50 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
contextual.media.net/dmedianet.js?cid=8CU3OS4OZ
23.38.200.22200 OK 66 kB URL HTTP/2 contextual.media.net/dmedianet.js?cid=8CU3OS4OZ
IP 23.38.200.22:0
Hash f8f68d4641bb44147ba374ad692953ab
93d88d877300a47762f5f801ba8169f3b8ab93f9
5a03fb30a41a665a8d30eb6cb865bf362a97469dd456ee8409ce714f336cc2d9
GET /dmedianet.js?cid=8CU3OS4OZ HTTP/1.1
Host: contextual.media.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rapshirts.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Apache
content-type: text/javascript; charset=utf-8
x-mnt-h: 8-16
x-mnt-w: 8-19
etag: "b936a90fabed7a36be0bc1edad291ecf"
strict-transport-security: max-age=31536000
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=300
expires: Sun, 23 Oct 2022 18:44:10 GMT
date: Sun, 23 Oct 2022 18:39:10 GMT
X-Firefox-Spdy: h2
fonts.gstatic.com/s/lobster/v28/neILzCirqoswsqX9zoKmM4MwWJU.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/lobster/v28/neILzCirqoswsqX9zoKmM4MwWJU.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 16436, version 1.0\012- data
Hash 8b9ed68add1f0f4f93a60936b5caabfc
5144caa4cfffb1b0459cc344ee8d0c97c49fe748
263f1815a716181a09a7b19087cbbd4a916ef7c7e90d9b78282d3c3b1bf6901d
GET /s/lobster/v28/neILzCirqoswsqX9zoKmM4MwWJU.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://app.getresponse.com/
Origin: https://app.getresponse.com
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16436
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 18 Oct 2022 17:25:11 GMT
expires: Wed, 18 Oct 2023 17:25:11 GMT
cache-control: public, max-age=31536000
age: 436439
last-modified: Tue, 26 Apr 2022 15:01:12 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/hanalei/v23/E21n_dD8iufIjBRHbz8sVgVSAuo.woff2
216.58.207.195200 OK 49 kB URL HTTP/2 fonts.gstatic.com/s/hanalei/v23/E21n_dD8iufIjBRHbz8sVgVSAuo.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 49068, version 1.0\012- data
Hash 0a3e1039d1a0949ba70a4f627b80725c
1ebdb23c3bade2cb2ae8aebb57f6385b5970345d
8d9f5815a9e68ed19cc48fbf61620b528719064d0c210f5c9aa8f87d37c6e8a0
GET /s/hanalei/v23/E21n_dD8iufIjBRHbz8sVgVSAuo.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://app.getresponse.com/
Origin: https://app.getresponse.com
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 49068
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 21 Oct 2022 06:23:27 GMT
expires: Sat, 21 Oct 2023 06:23:27 GMT
cache-control: public, max-age=31536000
age: 216943
last-modified: Thu, 21 Apr 2022 16:41:20 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
app.getresponse.com/get_file_from_url.html?url=https%3A%2F%2Ffonts.googleapis.com%2Fcss%3Ffamily%3DArvo%3A400%2C400i%2C700%2C700i%3Alatin%7CRoboto%3A100%2C100i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C700%2C700i%2C900%2C900i%3Alatin%2Clatin-ext%7CRoboto%2BSlab%3A100%2C300%2C400%2C700%3Alatin%2Clatin-ext%2Ccyrillic%2Ccyrillic-ext%2Cvietnamese%2Cgreek%2Cgreek-ext%7CRoboto%2BCondensed%3A300%2C300i%2C400%2C400i%2C700%2C700i%3Alatin%2Clatin-ext%2Ccyrillic%2Ccyrillic-ext%2Cvietnamese%2Cgreek%2Cgreek-ext%7CGrand%2BHotel%3A400%3Alatin%2Clatin-ext%7CMonoton%3A400%3Alatin%7CHanalei%3A400%3Alatin%2Clatin-ext%7CLobster%3A400%3Alatin%2Clatin-ext%2Ccyrillic%2Cvietnamese%7CLobster%2BTwo%3A400%2C400i%2C700%2C700i%3Alatin%7CChanga%2BOne%3A400%2C400i%3Alatin%2Clatin-ext%7CSpecial%2BElite%3A400%3Alatin%7CChewy%3A400%3Alatin%7CLuckiest%2BGuy%3A400%3Alatin%7CFredoka%2BOne%3A400%3Alatin%7CFugaz%2BOne%3A400%3Alatin%7CSansita%2BOne%3A400%3Alatin%7CPacifico%3A400%3Alatin%7CMerienda%2BOne%3A400%3Alatin%7CLato%3A100%2C100i%2C300%2C300i%2C400%2C400i%2C700%2C700i%2C900%2C900i%3Alatin%2Clatin-ext%7CSource%2BSans%2BPro%3A200%2C200i%2C300%2C300i%2C400%2C400i%2C600%2C600i%2C700%2C700i%2C900%2C900i%3Alatin%2Clatin-ext%2Cvietnamese%7CAmatic%2BSC%3A400%2C700%3Alatin%2Clatin-ext%7CArchivo%2BBlack%3A400%3Alatin%2Clatin-ext%7CAlfa%2BSlab%2BOne%3A400%3Alatin%7CBad%2BScript%3A400%3Alatin%2Ccyrillic%7CBevan%3A400%3Alatin%7CCabin%3A400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%3Alatin%7CCrete%2BRound%3A400%2C400i%3Alatin%2Clatin-ext%7CDosis%3A200%2C300%2C400%2C500%2C600%2C700%2C800%3Alatin%2Clatin-ext
104.160.64.9200 OK 22 kB URL HTTP/2 app.getresponse.com/get_file_from_url.html?url=https%3A%2F%2Ffonts.googleapis.com%2Fcss%3Ffamily%3DArvo%3A400%2C400i%2C700%2C700i%3Alatin%7CRoboto%3A100%2C100i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C700%2C700i%2C900%2C900i%3Alatin%2Clatin-ext%7CRoboto%2BSlab%3A100%2C300%2C400%2C700%3Alatin%2Clatin-ext%2Ccyrillic%2Ccyrillic-ext%2Cvietnamese%2Cgreek%2Cgreek-ext%7CRoboto%2BCondensed%3A300%2C300i%2C400%2C400i%2C700%2C700i%3Alatin%2Clatin-ext%2Ccyrillic%2Ccyrillic-ext%2Cvietnamese%2Cgreek%2Cgreek-ext%7CGrand%2BHotel%3A400%3Alatin%2Clatin-ext%7CMonoton%3A400%3Alatin%7CHanalei%3A400%3Alatin%2Clatin-ext%7CLobster%3A400%3Alatin%2Clatin-ext%2Ccyrillic%2Cvietnamese%7CLobster%2BTwo%3A400%2C400i%2C700%2C700i%3Alatin%7CChanga%2BOne%3A400%2C400i%3Alatin%2Clatin-ext%7CSpecial%2BElite%3A400%3Alatin%7CChewy%3A400%3Alatin%7CLuckiest%2BGuy%3A400%3Alatin%7CFredoka%2BOne%3A400%3Alatin%7CFugaz%2BOne%3A400%3Alatin%7CSansita%2BOne%3A400%3Alatin%7CPacifico%3A400%3Alatin%7CMerienda%2BOne%3A400%3Alatin%7CLato%3A100%2C100i%2C300%2C300i%2C400%2C400i%2C700%2C700i%2C900%2C900i%3Alatin%2Clatin-ext%7CSource%2BSans%2BPro%3A200%2C200i%2C300%2C300i%2C400%2C400i%2C600%2C600i%2C700%2C700i%2C900%2C900i%3Alatin%2Clatin-ext%2Cvietnamese%7CAmatic%2BSC%3A400%2C700%3Alatin%2Clatin-ext%7CArchivo%2BBlack%3A400%3Alatin%2Clatin-ext%7CAlfa%2BSlab%2BOne%3A400%3Alatin%7CBad%2BScript%3A400%3Alatin%2Ccyrillic%7CBevan%3A400%3Alatin%7CCabin%3A400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%3Alatin%7CCrete%2BRound%3A400%2C400i%3Alatin%2Clatin-ext%7CDosis%3A200%2C300%2C400%2C500%2C600%2C700%2C800%3Alatin%2Clatin-ext
IP 104.160.64.9:0
ASN #46469 GETRESPONSE-IMPLIX
Hash 9ecf332179c0c33d9ee460d3d5a16791
94933f2e977ad054628da1cdc2be3fca974fb87a
bc2a75f862c58fa213b664d4a8b9a9e4d5a74629085b166e008731f3b5c5b643
GET /get_file_from_url.html?url=https%3A%2F%2Ffonts.googleapis.com%2Fcss%3Ffamily%3DArvo%3A400%2C400i%2C700%2C700i%3Alatin%7CRoboto%3A100%2C100i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C700%2C700i%2C900%2C900i%3Alatin%2Clatin-ext%7CRoboto%2BSlab%3A100%2C300%2C400%2C700%3Alatin%2Clatin-ext%2Ccyrillic%2Ccyrillic-ext%2Cvietnamese%2Cgreek%2Cgreek-ext%7CRoboto%2BCondensed%3A300%2C300i%2C400%2C400i%2C700%2C700i%3Alatin%2Clatin-ext%2Ccyrillic%2Ccyrillic-ext%2Cvietnamese%2Cgreek%2Cgreek-ext%7CGrand%2BHotel%3A400%3Alatin%2Clatin-ext%7CMonoton%3A400%3Alatin%7CHanalei%3A400%3Alatin%2Clatin-ext%7CLobster%3A400%3Alatin%2Clatin-ext%2Ccyrillic%2Cvietnamese%7CLobster%2BTwo%3A400%2C400i%2C700%2C700i%3Alatin%7CChanga%2BOne%3A400%2C400i%3Alatin%2Clatin-ext%7CSpecial%2BElite%3A400%3Alatin%7CChewy%3A400%3Alatin%7CLuckiest%2BGuy%3A400%3Alatin%7CFredoka%2BOne%3A400%3Alatin%7CFugaz%2BOne%3A400%3Alatin%7CSansita%2BOne%3A400%3Alatin%7CPacifico%3A400%3Alatin%7CMerienda%2BOne%3A400%3Alatin%7CLato%3A100%2C100i%2C300%2C300i%2C400%2C400i%2C700%2C700i%2C900%2C900i%3Alatin%2Clatin-ext%7CSource%2BSans%2BPro%3A200%2C200i%2C300%2C300i%2C400%2C400i%2C600%2C600i%2C700%2C700i%2C900%2C900i%3Alatin%2Clatin-ext%2Cvietnamese%7CAmatic%2BSC%3A400%2C700%3Alatin%2Clatin-ext%7CArchivo%2BBlack%3A400%3Alatin%2Clatin-ext%7CAlfa%2BSlab%2BOne%3A400%3Alatin%7CBad%2BScript%3A400%3Alatin%2Ccyrillic%7CBevan%3A400%3Alatin%7CCabin%3A400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%3Alatin%7CCrete%2BRound%3A400%2C400i%3Alatin%2Clatin-ext%7CDosis%3A200%2C300%2C400%2C500%2C600%2C700%2C800%3Alatin%2Clatin-ext HTTP/1.1
Host: app.getresponse.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://app.getresponse.com/site2/5f668714fe0c84b1c05bc99972172b70/?u=MSngN&webforms_id=hflNl&v=0
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 23 Oct 2022 18:39:10 GMT
content-type: text/css; charset=utf-8
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
x-frame-options: sameorigin
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
feature-policy: accelerometer *; ambient-light-sensor *; autoplay *; camera *; encrypted-media *; fullscreen *; geolocation *; gyroscope *; magnetometer *; microphone *; midi *; payment *; picture-in-picture *; speaker *; sync-xhr *; usb *; vr *
content-security-policy-report-only: default-src https: wss: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data: blob:; frame-src https:; font-src https: data:; report-uri https://index-log.getresponse.com/index/marketing_csp?source=app-gr
content-encoding: gzip
X-Firefox-Spdy: h2
fonts.gstatic.com/s/pacifico/v22/FwZY7-Qmy14u9lezJ-6H6MmBp0u-.woff2
216.58.207.195200 OK 21 kB URL HTTP/2 fonts.gstatic.com/s/pacifico/v22/FwZY7-Qmy14u9lezJ-6H6MmBp0u-.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 21028, version 1.0\012- data
Hash e253ab00a4ae4563e11649db12bf94ed
59eded41d8fca07c5e530ebf604a43d8f26419bc
1b370fdd128795c5a76b8b3e306120d13d5a70fc6f31c5db83870a7a37f7c27e
GET /s/pacifico/v22/FwZY7-Qmy14u9lezJ-6H6MmBp0u-.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://app.getresponse.com/
Origin: https://app.getresponse.com
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 21028
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 17 Oct 2022 21:07:41 GMT
expires: Tue, 17 Oct 2023 21:07:41 GMT
cache-control: public, max-age=31536000
age: 509489
last-modified: Mon, 09 May 2022 18:31:58 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXiWtFCc.woff2
216.58.207.195200 OK 14 kB URL HTTP/2 fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXiWtFCc.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 13976, version 1.0\012- data
Hash e7e52c955aa33e618baf437a16539524
13ecb55bb760d6980a1b1331085630ef5ed84e9f
07c94892c3e0ac93d2bcb3a9cb88aa67ea47b3d1aa89bc39dfcc2b025dcd8988
GET /s/lato/v23/S6uyw4BMUTPHjx4wXiWtFCc.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://app.getresponse.com/
Origin: https://app.getresponse.com
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13976
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 20 Oct 2022 16:54:12 GMT
expires: Fri, 20 Oct 2023 16:54:12 GMT
cache-control: public, max-age=31536000
age: 265498
last-modified: Tue, 26 Apr 2022 15:50:23 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/cabin/v26/u-4i0qWljRw-PfU81xCKCpdpbgZJl6XvqdnsF3-OAw.woff2
216.58.207.195200 OK 26 kB URL HTTP/2 fonts.gstatic.com/s/cabin/v26/u-4i0qWljRw-PfU81xCKCpdpbgZJl6XvqdnsF3-OAw.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 26164, version 1.0\012- data
Hash 51d32f8359cec5ff01790682835a703d
8294ecfdb017a15dc22514e883511b89468042eb
cad56ee9af0bbd528a31fef21f16bb7499dd00438f4c9fcf861383c7e64982d4
GET /s/cabin/v26/u-4i0qWljRw-PfU81xCKCpdpbgZJl6XvqdnsF3-OAw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://app.getresponse.com/
Origin: https://app.getresponse.com
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 26164
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 22 Oct 2022 04:57:06 GMT
expires: Sun, 22 Oct 2023 04:57:06 GMT
cache-control: public, max-age=31536000
age: 135724
last-modified: Fri, 24 Jun 2022 18:42:03 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/bevan/v20/4iCj6KZ0a9NXjG8dWCvZtUSI.woff2
216.58.207.195200 OK 12 kB URL HTTP/2 fonts.gstatic.com/s/bevan/v20/4iCj6KZ0a9NXjG8dWCvZtUSI.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 12520, version 1.0\012- data
Hash cc5eed8a933cc7621747a1e412278788
99b17da547a182ee9e4e1e51cd882776180eb437
bed6c3d97f758064b3b1b77b837972c1939d22c06c1a875e2c53382b47466181
GET /s/bevan/v20/4iCj6KZ0a9NXjG8dWCvZtUSI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://app.getresponse.com/
Origin: https://app.getresponse.com
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12520
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 20 Oct 2022 17:09:10 GMT
expires: Fri, 20 Oct 2023 17:09:10 GMT
cache-control: public, max-age=31536000
age: 264600
last-modified: Tue, 19 Apr 2022 19:12:57 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/dosis/v27/HhyaU5sn9vOmLzloC_WoEoZK.woff2
216.58.207.195200 OK 29 kB URL HTTP/2 fonts.gstatic.com/s/dosis/v27/HhyaU5sn9vOmLzloC_WoEoZK.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 29448, version 1.0\012- data
Hash e27d5ac8c6b65ef044382651394fae47
86c82324e68383a3489f49e8df639d1ec106e04b
97851eef36494add9813e74e64c29aacd125f298bee582af057da8b11be153e4
GET /s/dosis/v27/HhyaU5sn9vOmLzloC_WoEoZK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://app.getresponse.com/
Origin: https://app.getresponse.com
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 29448
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 21 Oct 2022 15:47:19 GMT
expires: Sat, 21 Oct 2023 15:47:19 GMT
cache-control: public, max-age=31536000
age: 183111
last-modified: Mon, 11 Jul 2022 21:20:46 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
widget.sndcdn.com/widget-8-700e741844f8.js
54.230.111.6200 OK 27 kB URL HTTP/2 widget.sndcdn.com/widget-8-700e741844f8.js
IP 54.230.111.6:0
Hash 570af9abea41ea66232998e8a4024cea
0bac9f8e1f1757044198fb0f8e654ba6dbe6d479
cf10cfa6df7d86412b72b88899b90f5d97300dc3293ced9ff29e175d8c546ee5
GET /widget-8-700e741844f8.js HTTP/1.1
Host: widget.sndcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://w.soundcloud.com
Connection: keep-alive
Referer: https://w.soundcloud.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Mon, 17 Oct 2022 06:23:40 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Mon, 17 Oct 2022 06:18:51 GMT
etag: W/"f8b963e5798d0ee503a4e8ce0374d5d4"
cache-control: public, max-age=31536000, immutable
x-amz-version-id: FCGG2AM44L5307YF8ZvjCfS3i1ysoj7s
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: P1bygwrz1iB1uMg5tuUTKV2wJ3M1YuxCI4BxK63q4mTXYeOV1d4Kmg==
age: 562530
X-Firefox-Spdy: h2
fonts.gstatic.com/s/glegoo/v14/_Xmt-HQyrTKWaw25jKOY.woff2
216.58.207.195200 OK 18 kB URL HTTP/2 fonts.gstatic.com/s/glegoo/v14/_Xmt-HQyrTKWaw25jKOY.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 17604, version 1.0\012- data
Hash 62c81a99d75b94f68162af8e1bd0dba4
d4eb7798a843838f5782b0fe263524fbcc886dc2
f51cb0f5f4008a03c2432bd3656c09a4be658311e9849e423b1591f52f414f71
GET /s/glegoo/v14/_Xmt-HQyrTKWaw25jKOY.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://app.getresponse.com/
Origin: https://app.getresponse.com
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17604
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 17 Oct 2022 20:12:06 GMT
expires: Tue, 17 Oct 2023 20:12:06 GMT
cache-control: public, max-age=31536000
age: 512824
last-modified: Thu, 21 Apr 2022 17:07:33 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2
216.58.207.195200 OK 46 kB URL HTTP/2 fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 46524, version 1.0\012- data
Hash c1fd378f54921c75e4ae1821e7b8fff6
2ce96e97783b2f154d07f4464ca6f8eb2469f2c1
405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826
GET /s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://app.getresponse.com/
Origin: https://app.getresponse.com
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 46524
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 17 Oct 2022 21:13:13 GMT
expires: Tue, 17 Oct 2023 21:13:13 GMT
cache-control: public, max-age=31536000
age: 509157
last-modified: Mon, 18 Jul 2022 19:58:01 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Poppins%3A400%2C400i%2C500%2C500i%2C700%2C700i&ver=6.0.3
142.250.74.10200 OK 36 kB URL HTTP/2 fonts.googleapis.com/css?family=Poppins%3A400%2C400i%2C500%2C500i%2C700%2C700i&ver=6.0.3
IP 142.250.74.10:0
Hash 2455a0fbc5d4cbc3e3648d9b43dae200
d36d22e13768507aeb9344e2983e4bb8415d0316
75dc1ff9624fff8e242fd31493485b663591f161e241e0af95d49096a33e2a54
GET /css?family=Poppins%3A400%2C400i%2C500%2C500i%2C700%2C700i&ver=6.0.3 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rapshirts.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 23 Oct 2022 18:39:08 GMT
date: Sun, 23 Oct 2022 18:39:08 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/oregano/v13/If2IXTPxciS3H4S2oZDVPg.woff2
216.58.207.195200 OK 30 kB URL HTTP/2 fonts.gstatic.com/s/oregano/v13/If2IXTPxciS3H4S2oZDVPg.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 29640, version 1.0\012- data
Hash 5b1a73c63f74c6dc943b6d0f9000c8de
b5d6d0b06adac0c9f0457ad52c63ee8967224d4e
f1a89febb2897c1c138bfbd55d807120c516f1d65c17a4e393692f4e56fefe13
GET /s/oregano/v13/If2IXTPxciS3H4S2oZDVPg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://app.getresponse.com/
Origin: https://app.getresponse.com
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 29640
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 18 Oct 2022 09:00:08 GMT
expires: Wed, 18 Oct 2023 09:00:08 GMT
cache-control: public, max-age=31536000
age: 466742
last-modified: Mon, 09 May 2022 19:03:31 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/amaranth/v18/KtkuALODe433f0j1zMnFHdA.woff2
216.58.207.195200 OK 26 kB URL HTTP/2 fonts.gstatic.com/s/amaranth/v18/KtkuALODe433f0j1zMnFHdA.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 26272, version 1.0\012- data
Hash acd820577f3bb34ce8625c9483bb1b91
ad95db0c1e705f0f602117a8dd669b4009b17e41
aae85c7c0ef572290bd44015db5d748cddbf34a5e53a14fb72f37e0a90243fd6
GET /s/amaranth/v18/KtkuALODe433f0j1zMnFHdA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://app.getresponse.com/
Origin: https://app.getresponse.com
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 26272
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 21 Oct 2022 16:08:49 GMT
expires: Sat, 21 Oct 2023 16:08:49 GMT
cache-control: public, max-age=31536000
age: 181821
last-modified: Tue, 19 Apr 2022 19:39:04 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/quicksand/v30/6xKtdSZaM9iE8KbpRA_hK1QN.woff2
216.58.207.195200 OK 26 kB URL HTTP/2 fonts.gstatic.com/s/quicksand/v30/6xKtdSZaM9iE8KbpRA_hK1QN.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 25672, version 1.0\012- data
Hash fe3e5be2baa0126122ba9367ebab73c8
40bec99106dfab5f3721ed725483eb618a9016cd
8b166007d6f54c33b3ea10ea23572bc3166f55f365840d3cbd6ef7b5dcf6674e
GET /s/quicksand/v30/6xKtdSZaM9iE8KbpRA_hK1QN.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://app.getresponse.com/
Origin: https://app.getresponse.com
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 25672
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 17 Oct 2022 21:16:06 GMT
expires: Tue, 17 Oct 2023 21:16:06 GMT
cache-control: public, max-age=31536000
age: 508984
last-modified: Mon, 18 Jul 2022 19:12:08 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/englebert/v17/xn7iYH8w2XGrC8AR4HSBSP3Z.woff2
216.58.207.195200 OK 18 kB URL HTTP/2 fonts.gstatic.com/s/englebert/v17/xn7iYH8w2XGrC8AR4HSBSP3Z.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 17516, version 1.0\012- data
Hash a2ad679fd8dd0da86b2d29c842ffc50a
954bdc5b43b4539248b8b7e5cdeb7262053ec4a8
66f0a1b8298079c558668362cb6e4ee1fcaae51366fdb31ba877e04602dbf04b
GET /s/englebert/v17/xn7iYH8w2XGrC8AR4HSBSP3Z.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://app.getresponse.com/
Origin: https://app.getresponse.com
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17516
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 21 Oct 2022 06:24:54 GMT
expires: Sat, 21 Oct 2023 06:24:54 GMT
cache-control: public, max-age=31536000
age: 216856
last-modified: Thu, 21 Apr 2022 16:20:26 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/gabriela/v14/qkBWXvsO6sreR8E-b8m5xLs.woff2
216.58.207.195200 OK 18 kB URL HTTP/2 fonts.gstatic.com/s/gabriela/v14/qkBWXvsO6sreR8E-b8m5xLs.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 17660, version 1.0\012- data
Hash bb7cf0b4cf252fe87cc24256d2817019
312e7f73e96d8392012afad15317f704ec975d0c
fcb8bf13be32e8ae104a1c33660482c4dae9da0407bc7e1f13e1aba2d0713429
GET /s/gabriela/v14/qkBWXvsO6sreR8E-b8m5xLs.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://app.getresponse.com/
Origin: https://app.getresponse.com
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 17660
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 19 Oct 2022 14:09:09 GMT
expires: Thu, 19 Oct 2023 14:09:09 GMT
cache-control: public, max-age=31536000
age: 361801
last-modified: Thu, 21 Apr 2022 17:32:58 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
s.adroll.com/j/exp/VW6PELNLDZDPTKXFB35ONT/index.js
143.204.55.84302 Moved Temporarily 0 B URL HTTP/1.1 s.adroll.com/j/exp/VW6PELNLDZDPTKXFB35ONT/index.js
IP 143.204.55.84:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /j/exp/VW6PELNLDZDPTKXFB35ONT/index.js HTTP/1.1
Host: s.adroll.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rapshirts.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Content-Type: application/xml
Content-Length: 0
Connection: keep-alive
Date: Sun, 23 Oct 2022 03:07:41 GMT
Server: AmazonS3
Location: https://s.adroll.com/j/exp/index.js
Via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
Age: 55888
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Access-Control-Allow-Headers: *
X-Cache: Hit from cloudfront
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: nfBQGwx2MI_GlEbgQ3ig-EKdA3tN-ELWgDt4108GJCXOarDbVOqFVw==
fonts.gstatic.com/s/yesteryear/v14/dg4g_p78rroaKl8kRKo1n7sNTg.woff2
216.58.207.195200 OK 23 kB URL HTTP/2 fonts.gstatic.com/s/yesteryear/v14/dg4g_p78rroaKl8kRKo1n7sNTg.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 23008, version 1.0\012- data
Hash b64b6cced1da99a3d6ff0664ccce8370
18b66fedd6b71f998dabaa28ec9a522a41a917b0
ea748f41ef04b5eb7f6547c8265c0711fa8a7d4218a7bfb734cdfea16bb624a2
GET /s/yesteryear/v14/dg4g_p78rroaKl8kRKo1n7sNTg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://app.getresponse.com/
Origin: https://app.getresponse.com
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23008
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 20 Oct 2022 02:48:29 GMT
expires: Fri, 20 Oct 2023 02:48:29 GMT
cache-control: public, max-age=31536000
age: 316241
last-modified: Wed, 27 Apr 2022 16:16:06 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/neuton/v18/UMBTrPtMoH62xUZCz4g6.woff2
216.58.207.195200 OK 20 kB URL HTTP/2 fonts.gstatic.com/s/neuton/v18/UMBTrPtMoH62xUZCz4g6.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 19588, version 1.0\012- data
Hash 01f86f068598f2135c20acdf1fd66590
bcf09b8aa4751223c2c57e42746b33b3543f2ffa
d97646ec089cdee0f1e36036408bf8175ef69aea3348203a03095165b6ff5428
GET /s/neuton/v18/UMBTrPtMoH62xUZCz4g6.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://app.getresponse.com/
Origin: https://app.getresponse.com
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 19588
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 18 Oct 2022 04:44:44 GMT
expires: Wed, 18 Oct 2023 04:44:44 GMT
cache-control: public, max-age=31536000
age: 482066
last-modified: Mon, 09 May 2022 18:37:59 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/nunito/v25/XRXV3I6Li01BKofINeaB.woff2
216.58.207.195200 OK 36 kB URL HTTP/2 fonts.gstatic.com/s/nunito/v25/XRXV3I6Li01BKofINeaB.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 35904, version 1.0\012- data
Hash c26b97e7f5bb7a34d190703522d75e16
69d9e5aea0544dbaf9b78c1b65139c03eceece8f
96217f1d27fb909f92b4a6b35a0d3d6775f2f0b4d136d27aee88547d3ed87357
GET /s/nunito/v25/XRXV3I6Li01BKofINeaB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://app.getresponse.com/
Origin: https://app.getresponse.com
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 35904
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 17 Oct 2022 21:11:05 GMT
expires: Tue, 17 Oct 2023 21:11:05 GMT
cache-control: public, max-age=31536000
age: 509285
last-modified: Mon, 18 Jul 2022 19:34:47 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/varela/v16/DPEtYwqExx0AWHX5Ax4E.woff2
216.58.207.195200 OK 19 kB URL HTTP/2 fonts.gstatic.com/s/varela/v16/DPEtYwqExx0AWHX5Ax4E.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 18940, version 1.0\012- data
Hash 6a0d6dc61a1082b2f11610c276478635
b5bc496cfbf3ef5677cb5809e4fbb4d2c927bae9
b113dc88c313c4beefc0c00d42ffc7e8c4124154e55a00c2b3f9e9273dd1dba8
GET /s/varela/v16/DPEtYwqExx0AWHX5Ax4E.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://app.getresponse.com/
Origin: https://app.getresponse.com
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 18940
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 20 Oct 2022 00:15:36 GMT
expires: Fri, 20 Oct 2023 00:15:36 GMT
cache-control: public, max-age=31536000
age: 325414
last-modified: Wed, 27 Apr 2022 16:06:38 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
rapshirts.org/wp-content/themes/foliopress/bootstrap/css/bootstrap.min.css?ver=4.0.0
192.185.236.198200 OK 349 kB URL HTTP/2 rapshirts.org/wp-content/themes/foliopress/bootstrap/css/bootstrap.min.css?ver=4.0.0
IP 192.185.236.198:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (65325)
Size 349 kB (349172 bytes)
Hash a1ac3ce7a0557dc777eff08fc69de4d7
19fffd9d3918396e22ab8c49c9d4184fe2e6391e
a403bce2afeddd7e619723565a2bf918fd2519ef23652ac804b4eaa66b136fa7
GET /wp-content/themes/foliopress/bootstrap/css/bootstrap.min.css?ver=4.0.0 HTTP/1.1
Host: rapshirts.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rapshirts.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 29 Mar 2019 18:46:39 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: text/css
date: Sun, 23 Oct 2022 18:39:08 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 32b18cf6617f4e930872c1470af05703
4c07ce8749baf89e9812de6bb45deb0a3fc5013e
23481ba8ebf19debe4a6119d605ad31c0589a08bbc253a6428938ac9a84d5b22
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 23 Oct 2022 18:39:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
s.adroll.com/j/exp/index.js
143.204.55.84200 OK 28 B URL HTTP/1.1 s.adroll.com/j/exp/index.js
IP 143.204.55.84:0
File type ASCII text, with no line terminators
Hash 5816cced8568d223aa09d889f300692b
95cab5e474d7391762c3da5c7dc50fcf05df529f
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52
GET /j/exp/index.js HTTP/1.1
Host: s.adroll.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rapshirts.org/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 28
Connection: keep-alive
Last-Modified: Fri, 02 Sep 2022 17:25:28 GMT
X-Amz-Server-Side-Encryption: AES256
X-Amz-Version-Id: VS8aSrwndm.MeiNnyJ10ruHH56v74CIF
Accept-Ranges: bytes
Server: AmazonS3
Date: Sun, 23 Oct 2022 00:28:40 GMT
Etag: "5816cced8568d223aa09d889f300692b"
Vary: Accept-Encoding
Via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
Age: 65431
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Access-Control-Allow-Headers: *
X-Cache: Hit from cloudfront
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: CkGGva-d9FBNFQQBicIFNZGmsRThrD6EQFYuFd_VrWg7uZoCBS5Elg==
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash aaa80dd51eaef47c83770b112b9e286c
bfd081a3ad2267e522a20b45695cd8a0860b4ad3
049ff9ce34cf51144dd1c80c0155d98ef0fa3c50234431de3c3c691624f840bd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 23 Oct 2022 18:39:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js
23.38.200.123200 OK 78 kB URL HTTP/2 s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js
IP 23.38.200.123:0
File type Unicode text, UTF-8 text, with very long lines (65533), with no line terminators
Hash 9a77dff666eebb6cf4bbc4c67c7b563b
9e98d7824a7b4e34665c2690d6f52caddad1fe4b
6cdf8e597f3cbe759531153fd926d51aeaebd836a1c9bc1436e079645bfd3ad7
GET /static/layers.fa6cd1947ce26e890d3d.js HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rapshirts.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/javascript
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-41cf5"
timing-allow-origin: *
cache-control: public, max-age=86313600
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 77672
date: Sun, 23 Oct 2022 18:39:10 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 32b18cf6617f4e930872c1470af05703
4c07ce8749baf89e9812de6bb45deb0a3fc5013e
23481ba8ebf19debe4a6119d605ad31c0589a08bbc253a6428938ac9a84d5b22
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 23 Oct 2022 18:39:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash aaa80dd51eaef47c83770b112b9e286c
bfd081a3ad2267e522a20b45695cd8a0860b4ad3
049ff9ce34cf51144dd1c80c0155d98ef0fa3c50234431de3c3c691624f840bd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 23 Oct 2022 18:39:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/pagead/1p-user-list/992914365/?random=1666550348506&cv=11&fst=1666548000000&bg=ffffff&guid=ON&async=1>m=2oaaj0&u_w=1280&u_h=1024&frm=2&url=https%3A%2F%2Frapshirts.org%2F&ref=http%3A%2F%2Fneexulro.net%2F&tiba=Hand%20Printed%20Streetwear%20by%20%40indegenius_%20%E2%80%93%20A%20Hip%20Hop%20Hustler%27s%20Experience&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3266521445&rmt_tld=1&ipr=y
142.250.74.35200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/992914365/?random=1666550348506&cv=11&fst=1666548000000&bg=ffffff&guid=ON&async=1>m=2oaaj0&u_w=1280&u_h=1024&frm=2&url=https%3A%2F%2Frapshirts.org%2F&ref=http%3A%2F%2Fneexulro.net%2F&tiba=Hand%20Printed%20Streetwear%20by%20%40indegenius_%20%E2%80%93%20A%20Hip%20Hop%20Hustler%27s%20Experience&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3266521445&rmt_tld=1&ipr=y
IP 142.250.74.35:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/992914365/?random=1666550348506&cv=11&fst=1666548000000&bg=ffffff&guid=ON&async=1>m=2oaaj0&u_w=1280&u_h=1024&frm=2&url=https%3A%2F%2Frapshirts.org%2F&ref=http%3A%2F%2Fneexulro.net%2F&tiba=Hand%20Printed%20Streetwear%20by%20%40indegenius_%20%E2%80%93%20A%20Hip%20Hop%20Hustler%27s%20Experience&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3266521445&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rapshirts.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 23 Oct 2022 18:39:10 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/pagead/1p-user-list/992914365/?random=1666550348506&cv=11&fst=1666548000000&bg=ffffff&guid=ON&async=1>m=2oaaj0&u_w=1280&u_h=1024&frm=2&url=https%3A%2F%2Frapshirts.org%2F&ref=http%3A%2F%2Fneexulro.net%2F&tiba=Hand%20Printed%20Streetwear%20by%20%40indegenius_%20%E2%80%93%20A%20Hip%20Hop%20Hustler%27s%20Experience&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3266521445&rmt_tld=0&ipr=y
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/992914365/?random=1666550348506&cv=11&fst=1666548000000&bg=ffffff&guid=ON&async=1>m=2oaaj0&u_w=1280&u_h=1024&frm=2&url=https%3A%2F%2Frapshirts.org%2F&ref=http%3A%2F%2Fneexulro.net%2F&tiba=Hand%20Printed%20Streetwear%20by%20%40indegenius_%20%E2%80%93%20A%20Hip%20Hop%20Hustler%27s%20Experience&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3266521445&rmt_tld=0&ipr=y
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/992914365/?random=1666550348506&cv=11&fst=1666548000000&bg=ffffff&guid=ON&async=1>m=2oaaj0&u_w=1280&u_h=1024&frm=2&url=https%3A%2F%2Frapshirts.org%2F&ref=http%3A%2F%2Fneexulro.net%2F&tiba=Hand%20Printed%20Streetwear%20by%20%40indegenius_%20%E2%80%93%20A%20Hip%20Hop%20Hustler%27s%20Experience&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3266521445&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rapshirts.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 23 Oct 2022 18:39:10 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/https:/?random=1666550348518&cv=11&fst=1666548000000&bg=ffffff&guid=ON&async=1>m=2wgaj0&u_w=1280&u_h=1024&label=%2Frapshirts.org%2F%2Fhttps%3A%2F%2Frapshirts.org%2F&frm=2&url=https%3A%2F%2Frapshirts.org%2F&ref=http%3A%2F%2Fneexulro.net%2F&tiba=Hand%20Printed%20Streetwear%20by%20%40indegenius_%20%E2%80%93%20A%20Hip%20Hop%20Hustler%27s%20Experience&fmt=3&is_vtc=1&random=3162538299&rmt_tld=1&ipr=y
142.250.74.35200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/https:/?random=1666550348518&cv=11&fst=1666548000000&bg=ffffff&guid=ON&async=1>m=2wgaj0&u_w=1280&u_h=1024&label=%2Frapshirts.org%2F%2Fhttps%3A%2F%2Frapshirts.org%2F&frm=2&url=https%3A%2F%2Frapshirts.org%2F&ref=http%3A%2F%2Fneexulro.net%2F&tiba=Hand%20Printed%20Streetwear%20by%20%40indegenius_%20%E2%80%93%20A%20Hip%20Hop%20Hustler%27s%20Experience&fmt=3&is_vtc=1&random=3162538299&rmt_tld=1&ipr=y
IP 142.250.74.35:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/https:/?random=1666550348518&cv=11&fst=1666548000000&bg=ffffff&guid=ON&async=1>m=2wgaj0&u_w=1280&u_h=1024&label=%2Frapshirts.org%2F%2Fhttps%3A%2F%2Frapshirts.org%2F&frm=2&url=https%3A%2F%2Frapshirts.org%2F&ref=http%3A%2F%2Fneexulro.net%2F&tiba=Hand%20Printed%20Streetwear%20by%20%40indegenius_%20%E2%80%93%20A%20Hip%20Hop%20Hustler%27s%20Experience&fmt=3&is_vtc=1&random=3162538299&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rapshirts.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 23 Oct 2022 18:39:10 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/pagead/1p-user-list/https:/?random=1666550348518&cv=11&fst=1666548000000&bg=ffffff&guid=ON&async=1>m=2wgaj0&u_w=1280&u_h=1024&label=%2Frapshirts.org%2F%2Fhttps%3A%2F%2Frapshirts.org%2F&frm=2&url=https%3A%2F%2Frapshirts.org%2F&ref=http%3A%2F%2Fneexulro.net%2F&tiba=Hand%20Printed%20Streetwear%20by%20%40indegenius_%20%E2%80%93%20A%20Hip%20Hop%20Hustler%27s%20Experience&fmt=3&is_vtc=1&random=3162538299&rmt_tld=0&ipr=y
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/https:/?random=1666550348518&cv=11&fst=1666548000000&bg=ffffff&guid=ON&async=1>m=2wgaj0&u_w=1280&u_h=1024&label=%2Frapshirts.org%2F%2Fhttps%3A%2F%2Frapshirts.org%2F&frm=2&url=https%3A%2F%2Frapshirts.org%2F&ref=http%3A%2F%2Fneexulro.net%2F&tiba=Hand%20Printed%20Streetwear%20by%20%40indegenius_%20%E2%80%93%20A%20Hip%20Hop%20Hustler%27s%20Experience&fmt=3&is_vtc=1&random=3162538299&rmt_tld=0&ipr=y
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/https:/?random=1666550348518&cv=11&fst=1666548000000&bg=ffffff&guid=ON&async=1>m=2wgaj0&u_w=1280&u_h=1024&label=%2Frapshirts.org%2F%2Fhttps%3A%2F%2Frapshirts.org%2F&frm=2&url=https%3A%2F%2Frapshirts.org%2F&ref=http%3A%2F%2Fneexulro.net%2F&tiba=Hand%20Printed%20Streetwear%20by%20%40indegenius_%20%E2%80%93%20A%20Hip%20Hop%20Hustler%27s%20Experience&fmt=3&is_vtc=1&random=3162538299&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rapshirts.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 23 Oct 2022 18:39:10 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 32b18cf6617f4e930872c1470af05703
4c07ce8749baf89e9812de6bb45deb0a3fc5013e
23481ba8ebf19debe4a6119d605ad31c0589a08bbc253a6428938ac9a84d5b22
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 23 Oct 2022 18:39:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
prism.app-us1.com/?a=253408599&u=https%3A%2F%2Frapshirts.org%2F&r=http%3A%2F%2Fneexulro.net%2F
104.17.145.91200 OK 254 B URL HTTP/2 prism.app-us1.com/?a=253408599&u=https%3A%2F%2Frapshirts.org%2F&r=http%3A%2F%2Fneexulro.net%2F
IP 104.17.145.91:0
Hash 72783fbce7def864ddc810df8a2041fc
f9b5eb1776668c34b6825371e1dd6c9fdc8b353e
918ae8045713f5e8e46f66ec74ee37a43acdaec35c0ce85e02ca02ac0010cc66
GET /?a=253408599&u=https%3A%2F%2Frapshirts.org%2F&r=http%3A%2F%2Fneexulro.net%2F HTTP/1.1
Host: prism.app-us1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rapshirts.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 23 Oct 2022 18:39:09 GMT
content-type: application/javascript
cache-control: no-cache, private
set-cookie: prism_253408599=37a6c16f-7304-4737-8d5b-da3932e05a38; expires=Tue, 22-Nov-2022 18:39:09 GMT; Max-Age=2592000; path=/; secure; httponly; samesite=none
x-envoy-upstream-service-time: 57
x-powered-by: PHP/7.4.30
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 75ec98047e871c0e-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash cdad599189f6887759a62506e7853d1f
7805a796400d646a5e045560dadbddc3100ef9ad
6d8f4d6f2c07842e3e4184ea93a661b184273a916ca3744d7a55dd1ebd20fe1d
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=170760
Date: Sun, 23 Oct 2022 18:39:10 GMT
Etag: "63557613-1d7"
Expires: Tue, 25 Oct 2022 18:05:10 GMT
Last-Modified: Sun, 23 Oct 2022 17:12:51 GMT
Server: ECS (nyb/1D25)
X-Cache: Miss from cloudfront
Via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: hD_2yeCkihhcLhHfDVU3gRVtkVyuOBArblKuOAVG7tdJwEPPCj9qiw==
Age: 3139
api-widget.soundcloud.com/playlists/1406476630?representation=full&format=json&client_id=LBCcHmRB8XSStWL6wKH2HPACspQlXg2P&app_version=1665987510
54.230.110.40200 OK 3.5 kB URL HTTP/1.1 api-widget.soundcloud.com/playlists/1406476630?representation=full&format=json&client_id=LBCcHmRB8XSStWL6wKH2HPACspQlXg2P&app_version=1665987510
IP 54.230.110.40:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (20084), with no line terminators
Hash 02b6d63da66171c9c985d16f9e03d1ca
3ffb6d07f0faae70882e624f6759f0710d83f8e2
8731392d8d1cc06d72ea522865e90d74d7a5833e1f0923879caffda7d901f0c7
GET /playlists/1406476630?representation=full&format=json&client_id=LBCcHmRB8XSStWL6wKH2HPACspQlXg2P&app_version=1665987510 HTTP/1.1
Host: api-widget.soundcloud.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://w.soundcloud.com
Connection: keep-alive
Referer: https://w.soundcloud.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
Content-Length: 3509
Connection: keep-alive
Date: Sun, 23 Oct 2022 18:39:10 GMT
x-robots-tag: noindex
Cache-Control: private, max-age=0
referrer-policy: no-referrer
x-frame-options: DENY
access-control-max-age: 1728000
x-content-type-options: nosniff
access-control-allow-origin: https://w.soundcloud.com
access-control-allow-headers: Authorization, Content-Type, Device-Locale, X-CSRF-Token
access-control-allow-methods: DELETE, GET, PATCH, POST, PUT
access-control-expose-headers: Date
access-control-allow-credentials: true
Content-Encoding: gzip
strict-transport-security: max-age=63072000
Server: am/2
Vary: Origin
X-Cache: Miss from cloudfront
Via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: FTX44nmwatnvhTvQjalPLgkun_dAgytKkYKqu6R1AVt5ev_E0KxlcA==
d.adroll.com/consent/check/VW6PELNLDZDPTKXFB35ONT?arrfrr=https%3A%2F%2Frapshirts.org%2F&_s=132a83579d6d17ef136e120d4cda147a&_b=2
54.155.61.131200 OK 437 B URL HTTP/2 d.adroll.com/consent/check/VW6PELNLDZDPTKXFB35ONT?arrfrr=https%3A%2F%2Frapshirts.org%2F&_s=132a83579d6d17ef136e120d4cda147a&_b=2
IP 54.155.61.131:0
File type ASCII text, with very long lines (437), with no line terminators
Hash 1d64d93ce9a343ef64aff65c309b1f76
594e17b80ff3ddd995a2e32e5adf6cce2a7297c8
959cca4ef591ff2d95e49c194333dc5f6701c5ef113b21dd708ca444e61ea031
GET /consent/check/VW6PELNLDZDPTKXFB35ONT?arrfrr=https%3A%2F%2Frapshirts.org%2F&_s=132a83579d6d17ef136e120d4cda147a&_b=2 HTTP/1.1
Host: d.adroll.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rapshirts.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 23 Oct 2022 18:39:10 GMT
content-type: application/javascript
content-length: 437
server: nginx/1.20.0
X-Firefox-Spdy: h2
i1.sndcdn.com/artworks-0oYSGbZyK1UVUxqY-pI4ywQ-tiny.jpg
54.230.111.117200 OK 647 B URL HTTP/2 i1.sndcdn.com/artworks-0oYSGbZyK1UVUxqY-pI4ywQ-tiny.jpg
IP 54.230.111.117:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 20x20, components 3\012- data
Hash e9625fca6e753e101aa25b68439a0459
4f8e4a1b733782aa32f82285772fdac2621a96f6
8a6267fea853059876166e912c7751c614450be354aaa9dd16999cd3416cd819
GET /artworks-0oYSGbZyK1UVUxqY-pI4ywQ-tiny.jpg HTTP/1.1
Host: i1.sndcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://w.soundcloud.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/jpeg
content-length: 647
access-control-allow-headers: Accept, Accept-Encoding, Authorization, Content-Type, Origin
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: public,max-age=3628800
date: Thu, 20 Oct 2022 02:49:50 GMT
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: c81vD4Iw6YHq8i9PMGS_DWGQUlSnY6t0KBcc1EqDc1gpEcg6r5nobw==
age: 316160
X-Firefox-Spdy: h2
trc.taboola.com/1473087/trc/3/json?tim=1666550350234&data=%7B%22id%22%3A418%2C%22ii%22%3A%22%2F%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1666550350230%2C%22cv%22%3A%2220221023-7-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Frapshirts.org%2F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dtaboolaaccount-indieurbanmusictvgmailcom%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1666550350233%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Frapshirts.org%2F%22%2C%22tos%22%3A2%2C%22ssd%22%3A1%2C%22scd%22%3A58%2C%22ler%22%3A%22other%22%2C%22supv%22%3Atrue%7D%7D&pubit=i
151.101.85.44200 OK 2.0 kB URL HTTP/2 trc.taboola.com/1473087/trc/3/json?tim=1666550350234&data=%7B%22id%22%3A418%2C%22ii%22%3A%22%2F%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1666550350230%2C%22cv%22%3A%2220221023-7-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Frapshirts.org%2F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dtaboolaaccount-indieurbanmusictvgmailcom%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1666550350233%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Frapshirts.org%2F%22%2C%22tos%22%3A2%2C%22ssd%22%3A1%2C%22scd%22%3A58%2C%22ler%22%3A%22other%22%2C%22supv%22%3Atrue%7D%7D&pubit=i
IP 151.101.85.44:0
Hash c58a19b74116b04450afb7364a59dbc5
8a602694bb157df095c80be919306fc45e84d023
5d1d1a0a8cc6665056e129d85758dc06dbbc8889af54ed3edbd1712c6376a985
GET /1473087/trc/3/json?tim=1666550350234&data=%7B%22id%22%3A418%2C%22ii%22%3A%22%2F%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1666550350230%2C%22cv%22%3A%2220221023-7-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Frapshirts.org%2F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dtaboolaaccount-indieurbanmusictvgmailcom%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1666550350233%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Frapshirts.org%2F%22%2C%22tos%22%3A2%2C%22ssd%22%3A1%2C%22scd%22%3A58%2C%22ler%22%3A%22other%22%2C%22supv%22%3Atrue%7D%7D&pubit=i HTTP/1.1
Host: trc.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rapshirts.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
access-control-allow-credentials: true
content-encoding: gzip
accept-ranges: bytes
date: Sun, 23 Oct 2022 18:39:10 GMT
via: 1.1 varnish
x-served-by: cache-bma1675-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1666550350.271122,VS0,VE99
vary: Accept-Encoding
x-vcl-time-ms: 99
X-Firefox-Spdy: h2
i1.sndcdn.com/artworks-8r2iZwyh8QB9hxCe-vs9tKQ-tiny.jpg
54.230.111.117200 OK 716 B URL HTTP/2 i1.sndcdn.com/artworks-8r2iZwyh8QB9hxCe-vs9tKQ-tiny.jpg
IP 54.230.111.117:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 20x20, components 3\012- data
Hash 6b9a5bb785db678f887cb15a5d904c15
9085d37804bc4b67b488b6ddb7123d591cd9b714
a614480fc27af8751bf3dc99772cf86408d589f9428bb048fe2357c47b179788
GET /artworks-8r2iZwyh8QB9hxCe-vs9tKQ-tiny.jpg HTTP/1.1
Host: i1.sndcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://w.soundcloud.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/jpeg
content-length: 716
access-control-allow-headers: Accept, Accept-Encoding, Authorization, Content-Type, Origin
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: public,max-age=3628800
date: Thu, 20 Oct 2022 02:49:50 GMT
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ubwtCmWne95408PRhOic445uwhxR97K_DvIp_Uakz5QPSk0MhZnDrg==
age: 316160
X-Firefox-Spdy: h2
i1.sndcdn.com/artworks-CJRjRTcSkolQrzys-TfU6Cw-tiny.jpg
54.230.111.117200 OK 575 B URL HTTP/2 i1.sndcdn.com/artworks-CJRjRTcSkolQrzys-TfU6Cw-tiny.jpg
IP 54.230.111.117:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 20x20, components 3\012- data
Hash e8adcdad746e167af47c0d0c32354266
6f9f8ed2986e677d38b108304048045f2a720c27
6d5466490f8fc91f0247dafdc5c96d4d9152a4a975e68d141e75c2661426b990
GET /artworks-CJRjRTcSkolQrzys-TfU6Cw-tiny.jpg HTTP/1.1
Host: i1.sndcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://w.soundcloud.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/jpeg
content-length: 575
access-control-allow-headers: Accept, Accept-Encoding, Authorization, Content-Type, Origin
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: public,max-age=3628800
date: Thu, 20 Oct 2022 02:49:50 GMT
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: AysuTe7I3_-OEySKiy_tVE3m64QTdFw0HNTT_TChhRUBSqHxsa95YA==
age: 316160
X-Firefox-Spdy: h2
i1.sndcdn.com/artworks-tvcCDFNDJU3s5TBC-7YbJCA-tiny.jpg
54.230.111.117200 OK 679 B URL HTTP/2 i1.sndcdn.com/artworks-tvcCDFNDJU3s5TBC-7YbJCA-tiny.jpg
IP 54.230.111.117:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 20x20, components 3\012- data
Hash 628a88c8109da94aa132f7359357527a
927b06a8b3ceb739c7bbe33408bf0f2f5e4930d4
4067243116c98535b988259ed58f3daa37e8c119cc01aae7cd43ac2771aa4f52
GET /artworks-tvcCDFNDJU3s5TBC-7YbJCA-tiny.jpg HTTP/1.1
Host: i1.sndcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://w.soundcloud.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/jpeg
content-length: 679
access-control-allow-headers: Accept, Accept-Encoding, Authorization, Content-Type, Origin
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: public,max-age=3628800
date: Thu, 20 Oct 2022 02:49:50 GMT
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 59gnVe_CqV_UIBoWcySjfLLRTXMHG_cr_T8rycN3AZPZyvbu9_TuYA==
age: 316160
X-Firefox-Spdy: h2
i1.sndcdn.com/artworks-gJxSjOC8zLfGGDIQ-xrlgxA-t50x50.jpg
54.230.111.117200 OK 2.4 kB URL HTTP/2 i1.sndcdn.com/artworks-gJxSjOC8zLfGGDIQ-xrlgxA-t50x50.jpg
IP 54.230.111.117:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 50x50, components 3\012- data
Hash 97dd7b0bbe8c6dcb393cf6c72e81c401
3a270939aabd7e85ffe457922e05bb16e3aff672
3bf07163a084482f69e1edfc9dbb4d25ab197947bf49e83a076b267c79548005
GET /artworks-gJxSjOC8zLfGGDIQ-xrlgxA-t50x50.jpg HTTP/1.1
Host: i1.sndcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://w.soundcloud.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 2363
access-control-allow-headers: Accept, Accept-Encoding, Authorization, Content-Type, Origin
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: public,max-age=3628800
date: Thu, 20 Oct 2022 02:49:50 GMT
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: rbd5cum5ToQHo4FT96B0rx2B6D0WH3yREj5xr8GBzgdSDkNw84a_BQ==
age: 316160
X-Firefox-Spdy: h2
i1.sndcdn.com/artworks-0oYSGbZyK1UVUxqY-pI4ywQ-t200x200.jpg
54.230.111.117200 OK 10 kB URL HTTP/2 i1.sndcdn.com/artworks-0oYSGbZyK1UVUxqY-pI4ywQ-t200x200.jpg
IP 54.230.111.117:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 200x200, components 3\012- data
Hash 0f7ee00be674a21d2ca224d243de20ac
25999c13dce629c6142487f8126319fc692e8d85
044876578fe84ef70b2c8d69bfd9a3f236da37407348652457965a74d691ef30
GET /artworks-0oYSGbZyK1UVUxqY-pI4ywQ-t200x200.jpg HTTP/1.1
Host: i1.sndcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://w.soundcloud.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 10196
access-control-allow-headers: Accept, Accept-Encoding, Authorization, Content-Type, Origin
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: public,max-age=3628800
date: Thu, 20 Oct 2022 02:49:51 GMT
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: KK3akEpMNGz_GNHSz0ioM11NgYDp4fS3mTTCCcpkA8SUl7jbnmgc1A==
age: 316159
X-Firefox-Spdy: h2
wave.sndcdn.com/wYQNLiH3oDoV_m.json
143.204.55.72200 OK 2.0 kB URL HTTP/1.1 wave.sndcdn.com/wYQNLiH3oDoV_m.json
IP 143.204.55.72:0
File type JSON data\012- , ASCII text, with very long lines (7129)
Hash 07adff8d24bedfb15cef89c92de75cc6
9065faa6a5a24e2eb773f937923571d0791ce320
1b24efbb27f337b06bc8bf53b65892081a4dcd880d1c9cbb076763745ec086e5
GET /wYQNLiH3oDoV_m.json HTTP/1.1
Host: wave.sndcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://w.soundcloud.com
Connection: keep-alive
Referer: https://w.soundcloud.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 1968
Connection: keep-alive
access-control-allow-headers: Accept, Accept-Encoding, Authorization, Content-Type, Origin
access-control-allow-methods: GET
access-control-allow-origin: *
Cache-Control: public, max-age=155520000
Content-Encoding: gzip
Date: Thu, 20 Oct 2022 02:49:51 GMT
Server: am/2
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: SfEof8Ru3b75QHC0N_l1FfaxUwbSVfZA6WkbsVEW3twxyI0CBAkErg==
Age: 316159
app.getresponse.com/get_file_from_url.html?url=https%3A%2F%2Ffonts.googleapis.com%2Fcss%3Ffamily%3DDancing%2BScript%3A400%2C700%3Alatin%7CDroid%2BSans%3A400%2C700%3Alatin%7COpen%2BSans%3A300%2C300i%2C400%2C400i%2C600%2C600i%2C700%2C700i%2C800%2C800i%3Alatin%2Clatin-ext%2Ccyrillic%2Ccyrillic-ext%2Cvietnamese%2Cgreek%2Cgreek-ext%7COswald%3A300%2C400%2C700%3Alatin%2Clatin-ext%7CRaleway%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%3Alatin%7CGlegoo%3A400%2C700%3Alatin%2Clatin-ext%2Cdevanagari%7CGreat%2BVibes%3A400%3Alatin%2Clatin-ext%7CTenor%2BSans%3A400%3Alatin%2Clatin-ext%2Ccyrillic%7CTitillium%2BWeb%3A200%2C200i%2C300%2C300i%2C400%2C400i%2C600%2C600i%2C700%2C700i%2C900%3Alatin%2Clatin-ext%7CLora%3A400%2C400i%2C700%2C700i%3Alatin%2Clatin-ext%2Ccyrillic%7CAmaranth%3A400%2C400i%2C700%2C700i%3Alatin%2Clatin-ext%7COregano%3A400%2C400i%3Alatin%2Clatin-ext%7CQuicksand%3A300%2C400%2C700%3Alatin%7CExo%2B2%3A100%2C100i%2C200%2C200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C900%2C900i%3Alatin%2Clatin-ext%2Ccyrillic%7CEnglebert%3A400%3Alatin%2Clatin-ext%7CGabriela%3A400%3Alatin%2Clatin-ext%7CYesteryear%3A400%3Alatin%7CJulius%2BSans%2BOne%3A400%3Alatin%2Clatin-ext%7CNeuton%3A200%2C300%2C400%2C400i%2C700%2C800%3Alatin%2Clatin-ext%7CNunito%3A300%2C400%2C700%3Alatin%7CMedula%2BOne%3A400%3Alatin%7CVarela%3A400%3Alatin%2Clatin-ext%7CPT%2BSans%3A400%2C400i%2C700%2C700i%3Alatin%2Ccyrillic%2Ccyrillic-ext%7CWalter%2BTurncoat%3A400%3Alatin
104.160.64.9200 OK 4.6 kB URL HTTP/2 app.getresponse.com/get_file_from_url.html?url=https%3A%2F%2Ffonts.googleapis.com%2Fcss%3Ffamily%3DDancing%2BScript%3A400%2C700%3Alatin%7CDroid%2BSans%3A400%2C700%3Alatin%7COpen%2BSans%3A300%2C300i%2C400%2C400i%2C600%2C600i%2C700%2C700i%2C800%2C800i%3Alatin%2Clatin-ext%2Ccyrillic%2Ccyrillic-ext%2Cvietnamese%2Cgreek%2Cgreek-ext%7COswald%3A300%2C400%2C700%3Alatin%2Clatin-ext%7CRaleway%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%3Alatin%7CGlegoo%3A400%2C700%3Alatin%2Clatin-ext%2Cdevanagari%7CGreat%2BVibes%3A400%3Alatin%2Clatin-ext%7CTenor%2BSans%3A400%3Alatin%2Clatin-ext%2Ccyrillic%7CTitillium%2BWeb%3A200%2C200i%2C300%2C300i%2C400%2C400i%2C600%2C600i%2C700%2C700i%2C900%3Alatin%2Clatin-ext%7CLora%3A400%2C400i%2C700%2C700i%3Alatin%2Clatin-ext%2Ccyrillic%7CAmaranth%3A400%2C400i%2C700%2C700i%3Alatin%2Clatin-ext%7COregano%3A400%2C400i%3Alatin%2Clatin-ext%7CQuicksand%3A300%2C400%2C700%3Alatin%7CExo%2B2%3A100%2C100i%2C200%2C200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C900%2C900i%3Alatin%2Clatin-ext%2Ccyrillic%7CEnglebert%3A400%3Alatin%2Clatin-ext%7CGabriela%3A400%3Alatin%2Clatin-ext%7CYesteryear%3A400%3Alatin%7CJulius%2BSans%2BOne%3A400%3Alatin%2Clatin-ext%7CNeuton%3A200%2C300%2C400%2C400i%2C700%2C800%3Alatin%2Clatin-ext%7CNunito%3A300%2C400%2C700%3Alatin%7CMedula%2BOne%3A400%3Alatin%7CVarela%3A400%3Alatin%2Clatin-ext%7CPT%2BSans%3A400%2C400i%2C700%2C700i%3Alatin%2Ccyrillic%2Ccyrillic-ext%7CWalter%2BTurncoat%3A400%3Alatin
IP 104.160.64.9:0
ASN #46469 GETRESPONSE-IMPLIX
Hash 4c6bd1dc7b9387dbe23a4d7f293f0533
9c8c3894d3201dee5c79a223d357a029d241143d
9e2528442173bca7753388dab87c0182776ebd9b15c3771564570d09585beceb
GET /get_file_from_url.html?url=https%3A%2F%2Ffonts.googleapis.com%2Fcss%3Ffamily%3DDancing%2BScript%3A400%2C700%3Alatin%7CDroid%2BSans%3A400%2C700%3Alatin%7COpen%2BSans%3A300%2C300i%2C400%2C400i%2C600%2C600i%2C700%2C700i%2C800%2C800i%3Alatin%2Clatin-ext%2Ccyrillic%2Ccyrillic-ext%2Cvietnamese%2Cgreek%2Cgreek-ext%7COswald%3A300%2C400%2C700%3Alatin%2Clatin-ext%7CRaleway%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%3Alatin%7CGlegoo%3A400%2C700%3Alatin%2Clatin-ext%2Cdevanagari%7CGreat%2BVibes%3A400%3Alatin%2Clatin-ext%7CTenor%2BSans%3A400%3Alatin%2Clatin-ext%2Ccyrillic%7CTitillium%2BWeb%3A200%2C200i%2C300%2C300i%2C400%2C400i%2C600%2C600i%2C700%2C700i%2C900%3Alatin%2Clatin-ext%7CLora%3A400%2C400i%2C700%2C700i%3Alatin%2Clatin-ext%2Ccyrillic%7CAmaranth%3A400%2C400i%2C700%2C700i%3Alatin%2Clatin-ext%7COregano%3A400%2C400i%3Alatin%2Clatin-ext%7CQuicksand%3A300%2C400%2C700%3Alatin%7CExo%2B2%3A100%2C100i%2C200%2C200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C900%2C900i%3Alatin%2Clatin-ext%2Ccyrillic%7CEnglebert%3A400%3Alatin%2Clatin-ext%7CGabriela%3A400%3Alatin%2Clatin-ext%7CYesteryear%3A400%3Alatin%7CJulius%2BSans%2BOne%3A400%3Alatin%2Clatin-ext%7CNeuton%3A200%2C300%2C400%2C400i%2C700%2C800%3Alatin%2Clatin-ext%7CNunito%3A300%2C400%2C700%3Alatin%7CMedula%2BOne%3A400%3Alatin%7CVarela%3A400%3Alatin%2Clatin-ext%7CPT%2BSans%3A400%2C400i%2C700%2C700i%3Alatin%2Ccyrillic%2Ccyrillic-ext%7CWalter%2BTurncoat%3A400%3Alatin HTTP/1.1
Host: app.getresponse.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://app.getresponse.com/site2/5f668714fe0c84b1c05bc99972172b70/?u=MSngN&webforms_id=hflNl&v=0
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 23 Oct 2022 18:39:10 GMT
content-type: text/css; charset=utf-8
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
x-frame-options: sameorigin
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
feature-policy: accelerometer *; ambient-light-sensor *; autoplay *; camera *; encrypted-media *; fullscreen *; geolocation *; gyroscope *; magnetometer *; microphone *; midi *; payment *; picture-in-picture *; speaker *; sync-xhr *; usb *; vr *
content-security-policy-report-only: default-src https: wss: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data: blob:; frame-src https:; font-src https: data:; report-uri https://index-log.getresponse.com/index/marketing_csp?source=app-gr
content-encoding: gzip
X-Firefox-Spdy: h2
s.adroll.com/j/consent_tcfv2.js
143.204.55.84200 OK 55 kB URL HTTP/1.1 s.adroll.com/j/consent_tcfv2.js
IP 143.204.55.84:0
File type ASCII text, with very long lines (1672)
Hash 3d12119ba403cf5eefcf7a5b3d7ddda9
1897dacffc56c2d2f0331978530f0d4aa0234392
f520d0fdf1c4924f5da9f4bd51da6f6690d4b81599226ff706239269a4bc9772
GET /j/consent_tcfv2.js HTTP/1.1
Host: s.adroll.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rapshirts.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 04 May 2022 19:41:48 GMT
X-Amz-Server-Side-Encryption: AES256
X-Amz-Version-Id: 44sIT20LqRj70wQHqyIoOw7etYYdjkbK
Server: AmazonS3
Content-Encoding: gzip
Date: Sun, 23 Oct 2022 18:37:19 GMT
Cache-Control: max-age=300, must-revalidate
Etag: W/"0a7d0ea8d7d31b07e925fe340acf431b"
Vary: Accept-Encoding
Via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
Age: 112
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Access-Control-Allow-Headers: *
X-Cache: Hit from cloudfront
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 3Hs6p6uQg5kHhGWw6gGq9M6IGYWwEOyU9b2aHL6g7QBIK-PC46ncIg==
api-widget.soundcloud.com/tracks?ids=1237707628%2C1241994226%2C1246405282%2C1250282704%2C1255042975%2C1258934260%2C1263140173%2C1267358995%2C1276606714%2C1280228794%2C1284623977%2C1288956628%2C1294136905%2C1298318725%2C1302607780&playlistId=1406476630&playlistSecretToken&format=json&client_id=LBCcHmRB8XSStWL6wKH2HPACspQlXg2P&app_version=1665987510
54.230.110.40200 OK 0 B URL HTTP/1.1 api-widget.soundcloud.com/tracks?ids=1237707628%2C1241994226%2C1246405282%2C1250282704%2C1255042975%2C1258934260%2C1263140173%2C1267358995%2C1276606714%2C1280228794%2C1284623977%2C1288956628%2C1294136905%2C1298318725%2C1302607780&playlistId=1406476630&playlistSecretToken&format=json&client_id=LBCcHmRB8XSStWL6wKH2HPACspQlXg2P&app_version=1665987510
IP 54.230.110.40:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /tracks?ids=1237707628%2C1241994226%2C1246405282%2C1250282704%2C1255042975%2C1258934260%2C1263140173%2C1267358995%2C1276606714%2C1280228794%2C1284623977%2C1288956628%2C1294136905%2C1298318725%2C1302607780&playlistId=1406476630&playlistSecretToken&format=json&client_id=LBCcHmRB8XSStWL6wKH2HPACspQlXg2P&app_version=1665987510 HTTP/1.1
Host: api-widget.soundcloud.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://w.soundcloud.com/
Origin: https://w.soundcloud.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Content-Length: 0
Connection: keep-alive
Date: Sun, 23 Oct 2022 18:39:10 GMT
x-robots-tag: noindex
Cache-Control: public, max-age=3600
referrer-policy: no-referrer
x-frame-options: DENY
access-control-max-age: 1728000
x-content-type-options: nosniff
access-control-allow-origin: https://w.soundcloud.com
access-control-allow-headers: Authorization, Content-Type, Device-Locale, X-CSRF-Token
access-control-allow-methods: DELETE, GET, PATCH, POST, PUT
access-control-expose-headers: Date
access-control-allow-credentials: true
strict-transport-security: max-age=63072000
Server: am/2
Vary: Origin
X-Cache: Miss from cloudfront
Via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: kJ-A5cmNtJxmcmXfvEk_3_FZxQI_1bUPjmroaY02IsAcc2s6Ol_j1A==
api-widget.soundcloud.com/tracks/1318899934/comments?filter_replies=1&threaded=0&limit=100&offset=0&linked_partitioning=1&format=json&client_id=LBCcHmRB8XSStWL6wKH2HPACspQlXg2P&app_version=1665987510
54.230.110.40200 OK 73 B URL HTTP/1.1 api-widget.soundcloud.com/tracks/1318899934/comments?filter_replies=1&threaded=0&limit=100&offset=0&linked_partitioning=1&format=json&client_id=LBCcHmRB8XSStWL6wKH2HPACspQlXg2P&app_version=1665987510
IP 54.230.110.40:0
File type JSON data\012- , ASCII text, with no line terminators
Hash e1749856880b8ec0697525b699df09b4
47f1428570f9417136aaea576de46339030e0db2
46eeeec2a4e21c9912ddb687ceb62e3e323e915fe9b4777027a80bc7ca8f1042
GET /tracks/1318899934/comments?filter_replies=1&threaded=0&limit=100&offset=0&linked_partitioning=1&format=json&client_id=LBCcHmRB8XSStWL6wKH2HPACspQlXg2P&app_version=1665987510 HTTP/1.1
Host: api-widget.soundcloud.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://w.soundcloud.com
Connection: keep-alive
Referer: https://w.soundcloud.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
Content-Length: 73
Connection: keep-alive
Date: Sun, 23 Oct 2022 18:39:11 GMT
x-robots-tag: noindex
Cache-Control: private, max-age=0
referrer-policy: no-referrer
x-frame-options: DENY
access-control-max-age: 1728000
x-content-type-options: nosniff
access-control-allow-origin: https://w.soundcloud.com
access-control-allow-headers: Authorization, Content-Type, Device-Locale, X-CSRF-Token
access-control-allow-methods: DELETE, GET, PATCH, POST, PUT
access-control-expose-headers: Date
access-control-allow-credentials: true
Content-Encoding: gzip
strict-transport-security: max-age=63072000
Server: am/2
Vary: Origin
X-Cache: Miss from cloudfront
Via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 5994aaF-Kj5HSDUWL1R5RMY11iohArQVIPW7RB4hEW_39eqmPFeB5A==
api-widget.soundcloud.com/media/soundcloud:tracks:1318899934/921d7d0e-ba81-46a5-aa02-b24cd842726f/stream/hls?client_id=LBCcHmRB8XSStWL6wKH2HPACspQlXg2P
54.230.110.40200 OK 587 B URL HTTP/1.1 api-widget.soundcloud.com/media/soundcloud:tracks:1318899934/921d7d0e-ba81-46a5-aa02-b24cd842726f/stream/hls?client_id=LBCcHmRB8XSStWL6wKH2HPACspQlXg2P
IP 54.230.110.40:0
File type JSON data\012- , ASCII text, with very long lines (697), with no line terminators
Hash 360287f8f1533e82df92a65cf2b3c1dd
fd3b445998d3417c30c87e673a4b14308f822b2e
db07566d5190e528fc800b0c5501af5591ef1aa1a7b6892775cf381e8fe96db3
GET /media/soundcloud:tracks:1318899934/921d7d0e-ba81-46a5-aa02-b24cd842726f/stream/hls?client_id=LBCcHmRB8XSStWL6wKH2HPACspQlXg2P HTTP/1.1
Host: api-widget.soundcloud.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://w.soundcloud.com
Connection: keep-alive
Referer: https://w.soundcloud.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
Content-Length: 587
Connection: keep-alive
Date: Sun, 23 Oct 2022 18:39:11 GMT
x-robots-tag: noindex
Cache-Control: private, max-age=0
referrer-policy: no-referrer
x-frame-options: DENY
access-control-max-age: 1728000
x-content-type-options: nosniff
access-control-allow-origin: https://w.soundcloud.com
access-control-allow-headers: Authorization, Content-Type, Device-Locale, X-CSRF-Token
access-control-allow-methods: DELETE, GET, PATCH, POST, PUT
access-control-expose-headers: Date
access-control-allow-credentials: true
Content-Encoding: gzip
strict-transport-security: max-age=63072000
Server: am/2
Vary: Origin
X-Cache: Miss from cloudfront
Via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: UYe2Y3L1pkTl_ky8HRdV83At0axzcRL0rorQYgU1QeOpaYfBht2Cog==
api-widget.soundcloud.com/media/soundcloud:tracks:1318899934/921d7d0e-ba81-46a5-aa02-b24cd842726f/stream/progressive?client_id=LBCcHmRB8XSStWL6wKH2HPACspQlXg2P
54.230.110.40200 OK 548 B URL HTTP/1.1 api-widget.soundcloud.com/media/soundcloud:tracks:1318899934/921d7d0e-ba81-46a5-aa02-b24cd842726f/stream/progressive?client_id=LBCcHmRB8XSStWL6wKH2HPACspQlXg2P
IP 54.230.110.40:0
File type JSON data\012- , ASCII text, with very long lines (634), with no line terminators
Hash b237ea99fb8bf2b8b6a0a2f0e60f2ec7
cfbc1a58bf418459211c5f607a40e17f8082b32a
9022062bdf37df7c1f0c31be6d6325c69f340f67a6df2e67a27215d61e63c0a0
GET /media/soundcloud:tracks:1318899934/921d7d0e-ba81-46a5-aa02-b24cd842726f/stream/progressive?client_id=LBCcHmRB8XSStWL6wKH2HPACspQlXg2P HTTP/1.1
Host: api-widget.soundcloud.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://w.soundcloud.com
Connection: keep-alive
Referer: https://w.soundcloud.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
Content-Length: 548
Connection: keep-alive
Date: Sun, 23 Oct 2022 18:39:11 GMT
x-robots-tag: noindex
Cache-Control: private, max-age=0
referrer-policy: no-referrer
x-frame-options: DENY
access-control-max-age: 1728000
x-content-type-options: nosniff
access-control-allow-origin: https://w.soundcloud.com
access-control-allow-headers: Authorization, Content-Type, Device-Locale, X-CSRF-Token
access-control-allow-methods: DELETE, GET, PATCH, POST, PUT
access-control-expose-headers: Date
access-control-allow-credentials: true
Content-Encoding: gzip
strict-transport-security: max-age=63072000
Server: am/2
Vary: Origin
X-Cache: Miss from cloudfront
Via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: T0gr-TPVuvNg5FvdXN8Efm3gN3HCveQY56UEPdWNuytt08zlALr6cg==
api-widget.soundcloud.com/tracks?ids=1237707628%2C1241994226%2C1246405282%2C1250282704%2C1255042975%2C1258934260%2C1263140173%2C1267358995%2C1276606714%2C1280228794%2C1284623977%2C1288956628%2C1294136905%2C1298318725%2C1302607780&playlistId=1406476630&playlistSecretToken&format=json&client_id=LBCcHmRB8XSStWL6wKH2HPACspQlXg2P&app_version=1665987510
54.230.110.40200 OK 8.9 kB URL HTTP/1.1 api-widget.soundcloud.com/tracks?ids=1237707628%2C1241994226%2C1246405282%2C1250282704%2C1255042975%2C1258934260%2C1263140173%2C1267358995%2C1276606714%2C1280228794%2C1284623977%2C1288956628%2C1294136905%2C1298318725%2C1302607780&playlistId=1406476630&playlistSecretToken&format=json&client_id=LBCcHmRB8XSStWL6wKH2HPACspQlXg2P&app_version=1665987510
IP 54.230.110.40:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (56734), with no line terminators
Hash 0e7016920e464f05cc5ac59f45f38668
1ee30c0a3c825b6c9f2a20d02a841defb19b731d
e2ed815be7aaf64f21cf2ffd3d046dd87df83d8590875b302bfb0a44cac6869f
GET /tracks?ids=1237707628%2C1241994226%2C1246405282%2C1250282704%2C1255042975%2C1258934260%2C1263140173%2C1267358995%2C1276606714%2C1280228794%2C1284623977%2C1288956628%2C1294136905%2C1298318725%2C1302607780&playlistId=1406476630&playlistSecretToken&format=json&client_id=LBCcHmRB8XSStWL6wKH2HPACspQlXg2P&app_version=1665987510 HTTP/1.1
Host: api-widget.soundcloud.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://w.soundcloud.com
Connection: keep-alive
Referer: https://w.soundcloud.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
Content-Length: 8916
Connection: keep-alive
Date: Sun, 23 Oct 2022 18:39:11 GMT
x-robots-tag: noindex
Cache-Control: private, max-age=0
referrer-policy: no-referrer
x-frame-options: DENY
access-control-max-age: 1728000
x-content-type-options: nosniff
access-control-allow-origin: https://w.soundcloud.com
access-control-allow-headers: Authorization, Content-Type, Device-Locale, X-CSRF-Token
access-control-allow-methods: DELETE, GET, PATCH, POST, PUT
access-control-expose-headers: Date
access-control-allow-credentials: true
Content-Encoding: gzip
strict-transport-security: max-age=63072000
Server: am/2
Vary: Origin
X-Cache: Miss from cloudfront
Via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: VCCmgjhEjg_yo5KpOgrHV1zhqRama2u8CGADFexxsYmi0tbkg2k-TQ==
i1.sndcdn.com/artworks-d8my6h4igQB1dLGZ-W44vWg-tiny.jpg
54.230.111.117200 OK 682 B URL HTTP/2 i1.sndcdn.com/artworks-d8my6h4igQB1dLGZ-W44vWg-tiny.jpg
IP 54.230.111.117:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 20x20, components 3\012- data
Hash 2bb33e1f91a4fb063f0133a411791ecf
325b55e9d64718526b4bdf1e5de7c6933b1c116a
ca6b69435065eede5d6805f7be97528f9c76777787308eb20f6466123562de68
GET /artworks-d8my6h4igQB1dLGZ-W44vWg-tiny.jpg HTTP/1.1
Host: i1.sndcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://w.soundcloud.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 682
access-control-allow-headers: Accept, Accept-Encoding, Authorization, Content-Type, Origin
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: public,max-age=3628800
date: Thu, 20 Oct 2022 02:49:51 GMT
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Jyj0oJr4VxpuUYgeWu8w4W9zWaT_8-3uUVQcCOjAntpzQB17h_o6kw==
age: 316160
X-Firefox-Spdy: h2
i1.sndcdn.com/artworks-HBeaUIgZunbaOPEl-9S6XuA-tiny.jpg
54.230.111.117200 OK 541 B URL HTTP/2 i1.sndcdn.com/artworks-HBeaUIgZunbaOPEl-9S6XuA-tiny.jpg
IP 54.230.111.117:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 20x20, components 3\012- data
Hash 2a75fa95a04adf7eaa21cf86f805df11
6433fceb39354035ebe7dede2f59d9dbb6e60878
5b1491f0302a0119e3cc57dbec277264d78d41ffd9cd905c629080fe2e90e539
GET /artworks-HBeaUIgZunbaOPEl-9S6XuA-tiny.jpg HTTP/1.1
Host: i1.sndcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://w.soundcloud.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 541
access-control-allow-headers: Accept, Accept-Encoding, Authorization, Content-Type, Origin
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: public,max-age=3628800
date: Thu, 20 Oct 2022 02:49:51 GMT
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 9gyTUOr0mN-SGvLQ1OuUCoodxDZOutfzFNk8MH6uPb-oRkvykeSRGQ==
age: 316160
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js
142.250.74.138200 OK 715 B URL HTTP/1.1 ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js
IP 142.250.74.138:0
Hash 7232efab88c3d728b8f62f94698175a3
85fdd33867650b4f1f7a00331ae3a1282122a555
d3a401f1190c5c45ca0c62cfc189d98fc5531df04e20886a02116fa2c17afca0
GET /ajax/libs/jquery/1.7.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neexulro.net/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="hosted-libraries-pushers"
Report-To: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Timing-Allow-Origin: *
Content-Length: 33333
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Sun, 23 Oct 2022 07:07:27 GMT
Expires: Mon, 23 Oct 2023 07:07:27 GMT
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
Content-Type: text/javascript; charset=UTF-8
Age: 41498
i1.sndcdn.com/artworks-svYevGlN7f3R6iAz-X4GKcQ-tiny.jpg
54.230.111.117200 OK 569 B URL HTTP/2 i1.sndcdn.com/artworks-svYevGlN7f3R6iAz-X4GKcQ-tiny.jpg
IP 54.230.111.117:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 20x20, components 3\012- data
Hash 41413ee6c8ee346eddf0369ed3634606
8b00914908c8420c56ac2c06d128097e752c197b
c6fe1510d782c6031583ba2393f92ab51444751d4af6925aa54464af05bd1338
GET /artworks-svYevGlN7f3R6iAz-X4GKcQ-tiny.jpg HTTP/1.1
Host: i1.sndcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://w.soundcloud.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 569
access-control-allow-headers: Accept, Accept-Encoding, Authorization, Content-Type, Origin
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: public,max-age=3628800
date: Thu, 20 Oct 2022 02:49:51 GMT
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 8SZyNk7moKNYGoeY18iQPvZNKW0coKOmfuhac3gJMO2bnCw3QMFSBQ==
age: 316160
X-Firefox-Spdy: h2
rapshirts.org/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
192.185.236.198200 OK 40 kB URL HTTP/2 rapshirts.org/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP 192.185.236.198:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash f24b4612ab7012b95474313f5071b101
659e88036f243cc15440da128ddf8a037fee5b6a
353bb6cd3463813b54c85b2086be82b8a0fa9f50e8796f2d33f712a384dc3b60
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: rapshirts.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rapshirts.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 21 Jul 2021 02:09:37 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
content-type: application/javascript
date: Sun, 23 Oct 2022 18:39:08 GMT
server: Apache
X-Firefox-Spdy: h2
i1.sndcdn.com/artworks-okPf74QLEGzmXYMw-xhHWmA-tiny.jpg
54.230.111.117200 OK 656 B URL HTTP/2 i1.sndcdn.com/artworks-okPf74QLEGzmXYMw-xhHWmA-tiny.jpg
IP 54.230.111.117:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 20x20, components 3\012- data
Hash 3e2a6ec4b7f33a029d2eff37e93c2782
150d189ff7b3ab1a581412db04b0ca402d8f4f7f
839b8d23a295f38cff005c11fef30111d3b71bdf4f80eda12468ac3e51d819e9
GET /artworks-okPf74QLEGzmXYMw-xhHWmA-tiny.jpg HTTP/1.1
Host: i1.sndcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://w.soundcloud.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 656
access-control-allow-headers: Accept, Accept-Encoding, Authorization, Content-Type, Origin
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: public,max-age=3628800
date: Thu, 20 Oct 2022 02:49:51 GMT
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Va2kUsqWNIM4QvcjPMIIbg4hEoI39RetVGVNYChQuG4dXoVCzzADDQ==
age: 316160
X-Firefox-Spdy: h2
i1.sndcdn.com/artworks-foFcveoRsZg25SM2-bJtJtQ-tiny.jpg
54.230.111.117200 OK 602 B URL HTTP/2 i1.sndcdn.com/artworks-foFcveoRsZg25SM2-bJtJtQ-tiny.jpg
IP 54.230.111.117:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 20x20, components 3\012- data
Hash c4e95506de8fc444f7227907d2401047
e01261df373bf04e9d5693d686697079ba91d173
5bfba68f7c7155862e79dcf982519c29dcbb10a3bd91e07931cfc21b20bb75cf
GET /artworks-foFcveoRsZg25SM2-bJtJtQ-tiny.jpg HTTP/1.1
Host: i1.sndcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://w.soundcloud.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 602
access-control-allow-headers: Accept, Accept-Encoding, Authorization, Content-Type, Origin
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: public,max-age=3628800
date: Thu, 20 Oct 2022 02:49:51 GMT
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 12v-NW1T3hK8bYNC1e4MfiQTqMcewo0b7km8n89r0_IFgQKHst3Msg==
age: 316160
X-Firefox-Spdy: h2
i1.sndcdn.com/artworks-vNOTEmKvQdNZ6S9Y-tMaTPw-tiny.jpg
54.230.111.117200 OK 523 B URL HTTP/2 i1.sndcdn.com/artworks-vNOTEmKvQdNZ6S9Y-tMaTPw-tiny.jpg
IP 54.230.111.117:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 20x20, components 1\012- data
Hash a9c97f8179e205122692fc9064b2f991
6f8c2a926ba3485c410302c0c1c7c98e25fb10a1
e2ccc65e1b6e31118e9d027bab71a787acaa88779ed70d657c2d8f7f0ca54d5d
GET /artworks-vNOTEmKvQdNZ6S9Y-tMaTPw-tiny.jpg HTTP/1.1
Host: i1.sndcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://w.soundcloud.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 523
access-control-allow-headers: Accept, Accept-Encoding, Authorization, Content-Type, Origin
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: public,max-age=3628800
date: Thu, 20 Oct 2022 02:49:51 GMT
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ANdnf7uxUNiL5R1f4CpwwDVLGzPygnI35Vj0cdb8bc--qaDzoWuNSA==
age: 316160
X-Firefox-Spdy: h2
i1.sndcdn.com/artworks-BWOTvivdLTykNGSs-WKKWGA-tiny.jpg
54.230.111.117200 OK 605 B URL HTTP/2 i1.sndcdn.com/artworks-BWOTvivdLTykNGSs-WKKWGA-tiny.jpg
IP 54.230.111.117:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 20x20, components 3\012- data
Hash f3ea62ead2d04a58b1fcf49eb4c35906
2490bb3b1765d445b469377e9e3f97c118278459
18ab973379e731dc128da68d390570176d95d593c15f8d6e3e646a7bc03e493b
GET /artworks-BWOTvivdLTykNGSs-WKKWGA-tiny.jpg HTTP/1.1
Host: i1.sndcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://w.soundcloud.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 605
access-control-allow-headers: Accept, Accept-Encoding, Authorization, Content-Type, Origin
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: public,max-age=3628800
date: Thu, 20 Oct 2022 02:49:51 GMT
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: UtnaAIfozCohto8Txo2N0Ibd4LlxLcigPrQeNVWkBG19BC_J29dcYw==
age: 316160
X-Firefox-Spdy: h2
i1.sndcdn.com/artworks-9mKMjeFkCUG0F5hh-ProKlg-tiny.jpg
54.230.111.117200 OK 630 B URL HTTP/2 i1.sndcdn.com/artworks-9mKMjeFkCUG0F5hh-ProKlg-tiny.jpg
IP 54.230.111.117:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 20x20, components 3\012- data
Hash fe721f27ce15705737e950c06d9cb69c
2507841e5cc53901feea05af8ddb7784efb84cc1
4270dcf924d2cc2fd3681c72fbd3d41444d73f50f90b89faeb43d8687a68f364
GET /artworks-9mKMjeFkCUG0F5hh-ProKlg-tiny.jpg HTTP/1.1
Host: i1.sndcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://w.soundcloud.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 630
access-control-allow-headers: Accept, Accept-Encoding, Authorization, Content-Type, Origin
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: public,max-age=3628800
date: Thu, 20 Oct 2022 02:49:51 GMT
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: p0h_tLHgxVlkNR9bJ1uwqzkEOM9BYrNbk79btRIKaP01RRqZQ-jSxw==
age: 316160
X-Firefox-Spdy: h2
i1.sndcdn.com/artworks-GOcMHsBZLkKD0yIM-bqyUyQ-tiny.jpg
54.230.111.117200 OK 674 B URL HTTP/2 i1.sndcdn.com/artworks-GOcMHsBZLkKD0yIM-bqyUyQ-tiny.jpg
IP 54.230.111.117:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 20x20, components 3\012- data
Hash 8eed4e347a5d035a749a5145547d5d4f
4183ebbe8ea9842e63790d6d2c94e5b823a58f73
a1ede9719b70a9f2378e573c329225e37b572286abb67a6d175d47124bfc4ec1
GET /artworks-GOcMHsBZLkKD0yIM-bqyUyQ-tiny.jpg HTTP/1.1
Host: i1.sndcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://w.soundcloud.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 674
access-control-allow-headers: Accept, Accept-Encoding, Authorization, Content-Type, Origin
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: public,max-age=3628800
date: Thu, 20 Oct 2022 02:49:51 GMT
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: CFyPIEOKx5TtsEWHC0S8rl1cbmwlwmC6x6vGxxuucfFiCBIekh_G6g==
age: 316160
X-Firefox-Spdy: h2
i1.sndcdn.com/artworks-iKywOc0e3600IKaR-BL1uKA-tiny.jpg
54.230.111.117200 OK 643 B URL HTTP/2 i1.sndcdn.com/artworks-iKywOc0e3600IKaR-BL1uKA-tiny.jpg
IP 54.230.111.117:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 20x20, components 3\012- data
Hash cd3cf516ec39999f0379449e080eb931
07b2c8143184ef1ef3a03b8a8b88336fa20198bd
d5db4b15c976edd3f9eb92826d1308d0e4e7a635fe0cf95e45165feedc924f08
GET /artworks-iKywOc0e3600IKaR-BL1uKA-tiny.jpg HTTP/1.1
Host: i1.sndcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://w.soundcloud.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 643
access-control-allow-headers: Accept, Accept-Encoding, Authorization, Content-Type, Origin
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: public,max-age=3628800
date: Thu, 20 Oct 2022 02:49:51 GMT
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: D8poxM59Y1OvDr-hEQ2e82CmAKLOPKu9Er_EzncpxgZAtj1FVSHVHQ==
age: 316160
X-Firefox-Spdy: h2
i1.sndcdn.com/artworks-p2z1JS5nKAKGLtSH-agI5zA-tiny.jpg
54.230.111.117200 OK 583 B URL HTTP/2 i1.sndcdn.com/artworks-p2z1JS5nKAKGLtSH-agI5zA-tiny.jpg
IP 54.230.111.117:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 20x20, components 3\012- data
Hash 8188669227face9eab72797e777dab67
f5e16ecc769561326dc8ec0a1c89ac6e76ce7c5d
cc11f9fa6caa51eb8c952be75a63c16be4e15dfb0b18267e04466ac2e69be355
GET /artworks-p2z1JS5nKAKGLtSH-agI5zA-tiny.jpg HTTP/1.1
Host: i1.sndcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://w.soundcloud.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 583
access-control-allow-headers: Accept, Accept-Encoding, Authorization, Content-Type, Origin
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: public,max-age=3628800
date: Thu, 20 Oct 2022 02:49:51 GMT
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: IFffkQUthOvALkBF04Yx6dr3pPe2HPVifswHTHR9226hI_dTjtBG_Q==
age: 316160
X-Firefox-Spdy: h2
i1.sndcdn.com/artworks-orDbCI2vydgUEinY-2aPB4A-tiny.jpg
54.230.111.117200 OK 676 B URL HTTP/2 i1.sndcdn.com/artworks-orDbCI2vydgUEinY-2aPB4A-tiny.jpg
IP 54.230.111.117:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 20x20, components 3\012- data
Hash 7b1cccc92fc16eeab2057da12f433943
93f48dea26e7f31e536febd7802d1cebcc9486aa
35125fff1941f1086a29485097598f57c8be643a3756e42a3479ff3043cb28a3
GET /artworks-orDbCI2vydgUEinY-2aPB4A-tiny.jpg HTTP/1.1
Host: i1.sndcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://w.soundcloud.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 676
access-control-allow-headers: Accept, Accept-Encoding, Authorization, Content-Type, Origin
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: public,max-age=3628800
date: Thu, 20 Oct 2022 02:49:51 GMT
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: IXzDs-Sq2Qf9Ev7TRnhcbK7BaJKzgWvfRQ7b-TXEGoqAqPMlLfnrAA==
age: 316160
X-Firefox-Spdy: h2
i1.sndcdn.com/artworks-12jmycX4IRKytDIO-a1LRWQ-tiny.jpg
54.230.111.117200 OK 536 B URL HTTP/2 i1.sndcdn.com/artworks-12jmycX4IRKytDIO-a1LRWQ-tiny.jpg
IP 54.230.111.117:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 20x20, components 3\012- data
Hash b114abab0fca269474dd737fddbc7f91
e6f9b45e4c813f199ca6ba8e58db1c888bfd4497
a3390d37140003e25378bd63d1c9da8005a19835585b1b2ae4de38a2734fc6be
GET /artworks-12jmycX4IRKytDIO-a1LRWQ-tiny.jpg HTTP/1.1
Host: i1.sndcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://w.soundcloud.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 536
access-control-allow-headers: Accept, Accept-Encoding, Authorization, Content-Type, Origin
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: public,max-age=3628800
date: Thu, 20 Oct 2022 02:49:51 GMT
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: JKGwwcxT2hLS_dnDNirrAtXHaZtYD3VvZjc7XYeSvZNgJWqFkCfZiw==
age: 316160
X-Firefox-Spdy: h2
www.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=3&utmn=100099381&utmhn=neexulro.net&utmt=event&utme=5(Ad*Paid*Success)(1)8(User)9(2744562)&utmcs=UTF-8&utmsr=1280x1024&utmvp=1280x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Shrink%20your%20URLs%20and%20get%20paid!&utmhid=1417425264&utmr=-&utmp=%2F-30251FAGX%2F3rh%3Frndad%3D1532635802-1666550345&utmht=1666550351370&utmac=UA-6469700-9&utmcc=__utma%3D218196230.427417259.1666550347.1666550347.1666550347.1%3B%2B__utmz%3D218196230.1666550347.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmmt=1&utmu=6QAgAAAAAAAAAAAAAAAAAAAE~
142.250.74.174200 OK 35 B URL HTTP/1.1 www.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=3&utmn=100099381&utmhn=neexulro.net&utmt=event&utme=5(Ad*Paid*Success)(1)8(User)9(2744562)&utmcs=UTF-8&utmsr=1280x1024&utmvp=1280x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Shrink%20your%20URLs%20and%20get%20paid!&utmhid=1417425264&utmr=-&utmp=%2F-30251FAGX%2F3rh%3Frndad%3D1532635802-1666550345&utmht=1666550351370&utmac=UA-6469700-9&utmcc=__utma%3D218196230.427417259.1666550347.1666550347.1666550347.1%3B%2B__utmz%3D218196230.1666550347.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmmt=1&utmu=6QAgAAAAAAAAAAAAAAAAAAAE~
IP 142.250.74.174:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /__utm.gif?utmwv=5.7.2&utms=3&utmn=100099381&utmhn=neexulro.net&utmt=event&utme=5(Ad*Paid*Success)(1)8(User)9(2744562)&utmcs=UTF-8&utmsr=1280x1024&utmvp=1280x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Shrink%20your%20URLs%20and%20get%20paid!&utmhid=1417425264&utmr=-&utmp=%2F-30251FAGX%2F3rh%3Frndad%3D1532635802-1666550345&utmht=1666550351370&utmac=UA-6469700-9&utmcc=__utma%3D218196230.427417259.1666550347.1666550347.1666550347.1%3B%2B__utmz%3D218196230.1666550347.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmmt=1&utmu=6QAgAAAAAAAAAAAAAAAAAAAE~ HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://neexulro.net/
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Pragma: no-cache
X-Content-Type-Options: nosniff
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 35
Date: Sun, 23 Oct 2022 17:47:48 GMT
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Age: 3083
Last-Modified: Sun, 17 May 1998 03:00:00 GMT
Content-Type: image/gif
trc-events.taboola.com/1473087/log/3/unip?en=pre_d_eng_tb&tos=1560&scd=58&ssd=1&est=1666550350231&ver=35&isls=true&src=i&invt=1500&rv=1&tim=1666550351791&vi=1666550350230&ri=bce7e05621eccf2ddb7be0adf147f233&ref=null&cv=20221023-7-RELEASE&item-url=https%3A%2F%2Frapshirts.org%2F&ler=other
141.226.228.48204 No Content 0 B URL HTTP/2 trc-events.taboola.com/1473087/log/3/unip?en=pre_d_eng_tb&tos=1560&scd=58&ssd=1&est=1666550350231&ver=35&isls=true&src=i&invt=1500&rv=1&tim=1666550351791&vi=1666550350230&ri=bce7e05621eccf2ddb7be0adf147f233&ref=null&cv=20221023-7-RELEASE&item-url=https%3A%2F%2Frapshirts.org%2F&ler=other
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1473087/log/3/unip?en=pre_d_eng_tb&tos=1560&scd=58&ssd=1&est=1666550350231&ver=35&isls=true&src=i&invt=1500&rv=1&tim=1666550351791&vi=1666550350230&ri=bce7e05621eccf2ddb7be0adf147f233&ref=null&cv=20221023-7-RELEASE&item-url=https%3A%2F%2Frapshirts.org%2F&ler=other HTTP/1.1
Host: trc-events.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://rapshirts.org
Connection: keep-alive
Referer: https://rapshirts.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Sun, 23 Oct 2022 18:39:11 GMT
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://rapshirts.org
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
X-Firefox-Spdy: h2
widget.sndcdn.com/widget-1-7dd4f06cce6d.js
54.230.111.6200 OK 0 B URL HTTP/2 widget.sndcdn.com/widget-1-7dd4f06cce6d.js
IP 54.230.111.6:0
GET /widget-1-7dd4f06cce6d.js HTTP/1.1
Host: widget.sndcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://w.soundcloud.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Tue, 30 Aug 2022 04:42:39 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Mon, 22 Aug 2022 10:28:09 GMT
etag: W/"cbc8cd45c617155bd027e3ded04ea941"
cache-control: public, max-age=31536000, immutable
x-amz-version-id: 0drvTSqG9y2ykarvmpQwJhUfQUKDX0fT
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 6HWoOywnhSCkhUkcwJthV6hrFPWT7OKE5edW9qNvfXaevzvWaPKdEQ==
age: 4715791
X-Firefox-Spdy: h2
app.getresponse.com/images/common/templates/webform/49/5/style.css
104.160.64.9200 OK 0 B URL HTTP/2 app.getresponse.com/images/common/templates/webform/49/5/style.css
IP 104.160.64.9:0
ASN #46469 GETRESPONSE-IMPLIX
GET /images/common/templates/webform/49/5/style.css HTTP/1.1
Host: app.getresponse.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://app.getresponse.com/site2/5f668714fe0c84b1c05bc99972172b70/?u=MSngN&webforms_id=hflNl&v=0
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 23 Oct 2022 18:39:09 GMT
content-type: text/css
last-modified: Mon, 05 Sep 2022 12:39:27 GMT
etag: W/"6315edff-1409"
expires: Mon, 24 Oct 2022 18:39:09 GMT
cache-control: max-age=86400
content-security-policy-report-only: default-src https: wss: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data: blob:; frame-src https:; font-src https: data:; report-uri https://index-log.getresponse.com/index/marketing_csp?source=app-gr
content-encoding: gzip
X-Firefox-Spdy: h2
cf-media.sndcdn.com/wYQNLiH3oDoV.128.mp3?Policy=eyJTdGF0ZW1lbnQiOlt7IlJlc291cmNlIjoiKjovL2NmLW1lZGlhLnNuZGNkbi5jb20vd1lRTkxpSDNvRG9WLjEyOC5tcDMqIiwiQ29uZGl0aW9uIjp7IkRhdGVMZXNzVGhhbiI6eyJBV1M6RXBvY2hUaW1lIjoxNjY2NTUwNjcwfX19XX0_&Signature=b~ugNW1LPy0LwZn4ndVInd9QEngxNiSvJ-UARK99tKFu9OeIH52ZqU0sHPQm3pLEOeLg02aO2WAqNsq66JbRmNTAE~~Iw1MDGVljs5RgalSvBk6ZymXoBsPXV124OdDfZMJeuMeFXlYlbRsOpt6oaSs8h2iSbjvZNev9YwTZgJfR3dHzbJYYGS6dy7i6wEPw0rnKSqcjcuXKT9I-27GPyLtk-F3D~BVB9nz3wzjvUaT2nJ8de9AnL-6250czV2Jh-X2cHE7FwJgDhfUKiD2qSmoW4GyZ1jRcYRBsDkcmjVFGh6I1jKJIdxLRGhHu2uxeeYNKTTPASLMk~sRv~irf3g__&Key-Pair-Id=APKAI6TU7MMXM5DG6EPQ
54.230.111.83206 Partial Content 0 B URL HTTP/2 cf-media.sndcdn.com/wYQNLiH3oDoV.128.mp3?Policy=eyJTdGF0ZW1lbnQiOlt7IlJlc291cmNlIjoiKjovL2NmLW1lZGlhLnNuZGNkbi5jb20vd1lRTkxpSDNvRG9WLjEyOC5tcDMqIiwiQ29uZGl0aW9uIjp7IkRhdGVMZXNzVGhhbiI6eyJBV1M6RXBvY2hUaW1lIjoxNjY2NTUwNjcwfX19XX0_&Signature=b~ugNW1LPy0LwZn4ndVInd9QEngxNiSvJ-UARK99tKFu9OeIH52ZqU0sHPQm3pLEOeLg02aO2WAqNsq66JbRmNTAE~~Iw1MDGVljs5RgalSvBk6ZymXoBsPXV124OdDfZMJeuMeFXlYlbRsOpt6oaSs8h2iSbjvZNev9YwTZgJfR3dHzbJYYGS6dy7i6wEPw0rnKSqcjcuXKT9I-27GPyLtk-F3D~BVB9nz3wzjvUaT2nJ8de9AnL-6250czV2Jh-X2cHE7FwJgDhfUKiD2qSmoW4GyZ1jRcYRBsDkcmjVFGh6I1jKJIdxLRGhHu2uxeeYNKTTPASLMk~sRv~irf3g__&Key-Pair-Id=APKAI6TU7MMXM5DG6EPQ
IP 54.230.111.83:0
GET /wYQNLiH3oDoV.128.mp3?Policy=eyJTdGF0ZW1lbnQiOlt7IlJlc291cmNlIjoiKjovL2NmLW1lZGlhLnNuZGNkbi5jb20vd1lRTkxpSDNvRG9WLjEyOC5tcDMqIiwiQ29uZGl0aW9uIjp7IkRhdGVMZXNzVGhhbiI6eyJBV1M6RXBvY2hUaW1lIjoxNjY2NTUwNjcwfX19XX0_&Signature=b~ugNW1LPy0LwZn4ndVInd9QEngxNiSvJ-UARK99tKFu9OeIH52ZqU0sHPQm3pLEOeLg02aO2WAqNsq66JbRmNTAE~~Iw1MDGVljs5RgalSvBk6ZymXoBsPXV124OdDfZMJeuMeFXlYlbRsOpt6oaSs8h2iSbjvZNev9YwTZgJfR3dHzbJYYGS6dy7i6wEPw0rnKSqcjcuXKT9I-27GPyLtk-F3D~BVB9nz3wzjvUaT2nJ8de9AnL-6250czV2Jh-X2cHE7FwJgDhfUKiD2qSmoW4GyZ1jRcYRBsDkcmjVFGh6I1jKJIdxLRGhHu2uxeeYNKTTPASLMk~sRv~irf3g__&Key-Pair-Id=APKAI6TU7MMXM5DG6EPQ HTTP/1.1
Host: cf-media.sndcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://w.soundcloud.com/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 206 Partial Content
content-type: audio/mpeg
content-length: 3195297
date: Thu, 20 Oct 2022 04:01:42 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Sat, 06 Aug 2022 04:21:52 GMT
etag: "dbba7e90a165eec39b6aafa03542667c"
x-amz-storage-class: INTELLIGENT_TIERING
x-amz-server-side-encryption: AES256
x-amz-meta-bitrate: 128
x-amz-meta-duration: 199680
x-amz-meta-job: wYQNLiH3oDoV
cache-control: max-age=252460800
x-amz-version-id: v0ON.lXf9rznM5G7XbJq0BadW9LaVx3d
accept-ranges: bytes
server: AmazonS3
content-range: bytes 0-3195296/3195297
x-cache: Hit from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 3gdbv-ctWnmzHXXtdJSS1vm0aYU6ykTqeY9K9OBjY8MglXxEg-lDXw==
age: 311850
X-Firefox-Spdy: h2
www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
157.240.221.35200 OK 0 B URL HTTP/2 www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
IP 157.240.221.35:0
GET /login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://neexulro.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: br
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-opener-policy: same-origin-allow-popups
vary: Sec-Fetch-Site, Sec-Fetch-Mode, Accept-Encoding
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: z9ieWRjqDWYruFbNo94+R/AD/bqlbuPPzTeXf7Gbzt+j0xhXBdDCKIDtEbF7zMwN80Md3w7FPZRafEyOA8SpyQ==
date: Sun, 23 Oct 2022 18:39:06 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
accounts.google.com/v3/signin/identifier?dsh=S1326071384%3A1666550346865908&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWqJV6RLYEXevjZyA1B5z9OsDAWXTLiFrpj1dB-e_i97q3N2rn_XGRlEsDqgkOzI6iJ6dP0F_Q
216.58.207.237403 Forbidden 0 B URL HTTP/2 accounts.google.com/v3/signin/identifier?dsh=S1326071384%3A1666550346865908&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWqJV6RLYEXevjZyA1B5z9OsDAWXTLiFrpj1dB-e_i97q3N2rn_XGRlEsDqgkOzI6iJ6dP0F_Q
IP 216.58.207.237:0
GET /v3/signin/identifier?dsh=S1326071384%3A1666550346865908&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWqJV6RLYEXevjZyA1B5z9OsDAWXTLiFrpj1dB-e_i97q3N2rn_XGRlEsDqgkOzI6iJ6dP0F_Q HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://neexulro.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 23 Oct 2022 18:39:06 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-SDJ0kSyIlIQg-Dkk3kl8tg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi/external"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.webpushr.com/app.min.js
178.62.48.34200 OK 0 B URL HTTP/2 cdn.webpushr.com/app.min.js
IP 178.62.48.34:0
ASN #14061 DIGITALOCEAN-ASN
GET /app.min.js HTTP/1.1
Host: cdn.webpushr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rapshirts.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.16.1
date: Sun, 23 Oct 2022 18:39:09 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding
last-modified: Sun, 14 Aug 2022 20:26:40 GMT
etag: W/"62f95a80-a96f"
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
cache-control: max-age=86400
expires: Mon, 24 Oct 2022 18:39:09 GMT
x-gg-cache-status: HIT, HIT
content-encoding: gzip
X-Firefox-Spdy: h2
w.soundcloud.com/player/?url=https%3A//api.soundcloud.com/playlists/1406476630&color=%23ff5500&auto_play=true&hide_related=true&show_comments=true&show_user=true&show_reposts=false&show_teaser=false
143.204.55.113200 OK 0 B URL HTTP/2 w.soundcloud.com/player/?url=https%3A//api.soundcloud.com/playlists/1406476630&color=%23ff5500&auto_play=true&hide_related=true&show_comments=true&show_user=true&show_reposts=false&show_teaser=false
IP 143.204.55.113:0
GET /player/?url=https%3A//api.soundcloud.com/playlists/1406476630&color=%23ff5500&auto_play=true&hide_related=true&show_comments=true&show_user=true&show_reposts=false&show_teaser=false HTTP/1.1
Host: w.soundcloud.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rapshirts.org/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
via: sssr, 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
p3p: policyref="https://w.soundcloud.com/player/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV TAI PSAo PSDo OUR STP CNT"
cache-control: public, max-age=300
date: Sun, 23 Oct 2022 18:39:09 GMT
strict-transport-security: max-age=63072000
server: am/2
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: KhF5TxeW9XkDCTK-J91ed2SI0WBQztR3SuGZ_0ujkbloqvvCgFAF9Q==
X-Firefox-Spdy: h2
widget.sndcdn.com/assets/images/share-4d6d0315.svg
54.230.111.6200 OK 0 B URL HTTP/2 widget.sndcdn.com/assets/images/share-4d6d0315.svg
IP 54.230.111.6:0
GET /assets/images/share-4d6d0315.svg HTTP/1.1
Host: widget.sndcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://w.soundcloud.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
date: Sat, 20 Aug 2022 04:28:26 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Wed, 10 Aug 2022 09:11:48 GMT
etag: W/"e2febe1dffc89eedc7a4173da09ae49b"
cache-control: public, max-age=31536000, immutable
x-amz-version-id: anjPoo2RyIsse6dVW80UeJQ0J0CTu_lj
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: GkipXWswcAQhw3ahYojiFyDouhpbNWLqrJ7B2LZeHY7680SiEzCWYw==
age: 5580645
X-Firefox-Spdy: h2
widget.sndcdn.com/widget-0-d4dd2c1ae4c6.js
54.230.111.6200 OK 0 B URL HTTP/2 widget.sndcdn.com/widget-0-d4dd2c1ae4c6.js
IP 54.230.111.6:0
GET /widget-0-d4dd2c1ae4c6.js HTTP/1.1
Host: widget.sndcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://w.soundcloud.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Mon, 17 Oct 2022 06:23:41 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Mon, 17 Oct 2022 06:18:50 GMT
etag: W/"3dd0867f03f6be9a2844e19c2491b7d6"
cache-control: public, max-age=31536000, immutable
x-amz-version-id: LvJ9orOxk6CM7arBgpbrtGFo_AqY1yez
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: XeBF-S8LL-YbGjxYzVyqd7klrRIbn4mrWRvW8Zz-CM8mv1xpzVMkiQ==
age: 562530
X-Firefox-Spdy: h2
rapshirts.org/
192.185.236.198200 OK 0 B IP 192.185.236.198:0
ASN #46606 UNIFIEDLAYER-AS-1
GET / HTTP/1.1
Host: rapshirts.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://neexulro.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 23 Oct 2022 18:39:07 GMT
server: Apache
content-type: text/html; charset=UTF-8
content-length: 14338
vary: Accept-Encoding,Cookie
cache-control: max-age=3, must-revalidate
content-encoding: gzip
x-endurance-cache-level: 2
x-nginx-cache: WordPress
x-server-cache: true
x-proxy-cache: EXPIRED
X-Firefox-Spdy: h2
neexulro.net/funcript1666550346361.php?pub=2744562&v=CLJy2YITjNo0yQLzCNJyjoajyIIk6VdnHIJs1IZCSMwuiYcTGOFv0gI3jbom0VMmicwpiZYEmIlxuAZTEMVwsAZTWM1wlIbznLQvitO2iYJlzdaE2IlpwAXj2LJ21kMjnOR20JbH2I47iQLjCNJfoZYDXON4oBICjeo1i5MWDakM2BMyTOEx5EMDjWZolAZCTMku0UZzmLNhmxNGzbIp5pN3jbgN1JYiTOMixQNn2bIl0dYWWYRyiVZ2jcM1iJfyQe==
172.67.150.219200 OK 0 B URL HTTP/2 neexulro.net/funcript1666550346361.php?pub=2744562&v=CLJy2YITjNo0yQLzCNJyjoajyIIk6VdnHIJs1IZCSMwuiYcTGOFv0gI3jbom0VMmicwpiZYEmIlxuAZTEMVwsAZTWM1wlIbznLQvitO2iYJlzdaE2IlpwAXj2LJ21kMjnOR20JbH2I47iQLjCNJfoZYDXON4oBICjeo1i5MWDakM2BMyTOEx5EMDjWZolAZCTMku0UZzmLNhmxNGzbIp5pN3jbgN1JYiTOMixQNn2bIl0dYWWYRyiVZ2jcM1iJfyQe==
IP 172.67.150.219:0
GET /funcript1666550346361.php?pub=2744562&v=CLJy2YITjNo0yQLzCNJyjoajyIIk6VdnHIJs1IZCSMwuiYcTGOFv0gI3jbom0VMmicwpiZYEmIlxuAZTEMVwsAZTWM1wlIbznLQvitO2iYJlzdaE2IlpwAXj2LJ21kMjnOR20JbH2I47iQLjCNJfoZYDXON4oBICjeo1i5MWDakM2BMyTOEx5EMDjWZolAZCTMku0UZzmLNhmxNGzbIp5pN3jbgN1JYiTOMixQNn2bIl0dYWWYRyiVZ2jcM1iJfyQe== HTTP/1.1
Host: neexulro.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://neexulro.net/-30251FAGX/3rh?rndad=1532635802-1666550345
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 23 Oct 2022 18:39:06 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.3.27
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gkeUQISlunVioDvm3mxrRWmPBUgC4h46ONheTVbh6wpGKGOCQI9bY8BF2vWcP%2BM55VIjiRPQxmpxD5O3xJn7SKvxndtOh%2BNb5wiHzonqONFsilUieMsmQb0Wj1GaW8o%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75ec97f10b870b65-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
widget.sndcdn.com/widget-2-ed5f595f228b.js
54.230.111.6200 OK 0 B URL HTTP/2 widget.sndcdn.com/widget-2-ed5f595f228b.js
IP 54.230.111.6:0
GET /widget-2-ed5f595f228b.js HTTP/1.1
Host: widget.sndcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://w.soundcloud.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Mon, 22 Aug 2022 05:14:31 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Wed, 10 Aug 2022 09:11:43 GMT
etag: W/"e5d3ced174a397326da8f5f186af0f35"
cache-control: public, max-age=31536000, immutable
x-amz-version-id: pmlL9zzH0RYKG0ytfyGr8WHohjn8BL46
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 5XtLRCCPdnDd8W54ogrZnFfBYFWJgw53u2raDgEKtEAMoyfFTbmKwg==
age: 5405080
X-Firefox-Spdy: h2
prism.app-us1.com/?a=253408599&u=https%3A%2F%2Frapshirts.org%2F&r=http%3A%2F%2Fneexulro.net%2F
104.17.145.91200 OK 0 B URL HTTP/2 prism.app-us1.com/?a=253408599&u=https%3A%2F%2Frapshirts.org%2F&r=http%3A%2F%2Fneexulro.net%2F
IP 104.17.145.91:0
GET /?a=253408599&u=https%3A%2F%2Frapshirts.org%2F&r=http%3A%2F%2Fneexulro.net%2F HTTP/1.1
Host: prism.app-us1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rapshirts.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 23 Oct 2022 18:39:09 GMT
content-type: application/javascript
cache-control: no-cache, private
set-cookie: prism_253408599=e771a58f-b438-4fe3-8149-68bbe2b57a99; expires=Tue, 22-Nov-2022 18:39:09 GMT; Max-Age=2592000; path=/; secure; httponly; samesite=none
x-envoy-upstream-service-time: 36
x-powered-by: PHP/7.4.30
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 75ec9805afe51c0e-OSL
content-encoding: gzip
X-Firefox-Spdy: h2