fanpelis.la/el-perfecto-asesino/
104.21.80.44301 Moved Permanently 0 B URL HTTP/1.1 fanpelis.la/el-perfecto-asesino/
IP 104.21.80.44:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /el-perfecto-asesino/ HTTP/1.1
Host: fanpelis.la
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Tue, 06 Sep 2022 22:17:23 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Tue, 06 Sep 2022 23:17:23 GMT
Location: https://fanpelis.la/el-perfecto-asesino/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yi8nKikFy1hdwHhqVsvyAPM6LoDwey3OmI87CKb5Z6KjoqufuZ3J2tw70eMMqP6VBJBCJUvigXXhEZCLl6yj9SDrGA3sDp0sJwbFyGarHfMZPLDfSS5HcoX6K4knpw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 746a93148aa5b517-OSL
alt-svc: h2=":443"; ma=60
firefox.settings.services.mozilla.com/v1/
143.204.55.35200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 91dd975a7b17b2922dd23c0e49314e40
57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 06 Sep 2022 21:38:16 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 8c1diH9KLx3OdWyczf7RTVmbYlythr_i6BjI592VSWaxJC96SLGo6g==
Age: 2348
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b9adda4796e3cda8d92753c46964621c
5f1eba1f6085b23dea088a91fe6f8947172f9f62
a0577a8fcfa81b3f86d99566eb4429655b93a238ffd1a3752bc9aae3d969deea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A0577A8FCFA81B3F86D99566EB4429655B93A238FFD1A3752BC9AAE3D969DEEA"
Last-Modified: Tue, 06 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4450
Expires: Tue, 06 Sep 2022 23:31:34 GMT
Date: Tue, 06 Sep 2022 22:17:24 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.35200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.35:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 06 Sep 2022 01:15:18 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 6a757ab2991da716151f94ca00b38098.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: QkRuQA-nLR2CBEg9-cD_IsP53V98isbWEKHKo9sqeVjILjW8MBIcKA==
age: 75727
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 22:17:24 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c0498832f97967e1fbaa64eba7c65094
2dcaaa99759c7b3279d75f4f934bf05a1c4ca8e7
63621ee746f1a80c3c6167ca190e5008e3e79db0bc8f0e5cb0e5dccc11ceb822
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 22:17:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
dcai7bdiz5toz.cloudfront.net/?biacd=906515
54.230.245.40200 OK 69 kB URL HTTP/2 dcai7bdiz5toz.cloudfront.net/?biacd=906515
IP 54.230.245.40:0
File type Unicode text, UTF-8 text, with very long lines (15457)
Hash 288d98ebf30a222f6889aa67d3c3795b
247161d11d03e6912b70c2cac0eb92a3524a47b6
9052a813c6b0185e538afcfdc3a2aa3668e222b46728ed5160c828647cc45b51
GET /?biacd=906515 HTTP/1.1
Host: dcai7bdiz5toz.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fanpelis.la/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 68678
date: Tue, 06 Sep 2022 22:17:24 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 9wOHdWw1Mr7Yy6N9lAzzxUBVWiIWLe0y6caF5Qfcjw2oOYvNOiHSiA==
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c0498832f97967e1fbaa64eba7c65094
2dcaaa99759c7b3279d75f4f934bf05a1c4ca8e7
63621ee746f1a80c3c6167ca190e5008e3e79db0bc8f0e5cb0e5dccc11ceb822
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 22:17:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css?family=Oswald|Montserrat:400,700
142.250.74.10200 OK 57 kB URL HTTP/2 fonts.googleapis.com/css?family=Oswald|Montserrat:400,700
IP 142.250.74.10:0
Hash 8b4bd3bcea8242e031ef684bbb310c46
37bf6e9f14e1d5ca92e7e5b2364ba5a9b083c469
abddcd82eac03ca51c05dcc1c58454eb1fb031455f67483c3bfffc4052c648ba
GET /css?family=Oswald|Montserrat:400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fanpelis.la/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 06 Sep 2022 22:17:24 GMT
date: Tue, 06 Sep 2022 22:17:24 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash eb53024bbd41c1d8f88fa7b9becb704a
c87f5ac53cff6e3436c15551f8092f1e0215cb79
f2f589c71f9426ead1c60e4707982aa501b785a6040c95214db905a5cff8a777
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 22:17:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2
142.250.74.163200 OK 9.8 kB URL HTTP/2 fonts.gstatic.com/s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 9840, version 1.0\012- data
Hash afda6e429fd299054de28e1f157c683d
c1847d6f3df5fe11d5e96fd5e6a59b73ff7ed96b
81cd29d1413ecf75834fb3ce1da572fe5c39e53b22c61f5dafec5b14ed4ee12e
GET /s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://fanpelis.la
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 9840
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 05 Sep 2022 21:09:41 GMT
expires: Tue, 05 Sep 2023 21:09:41 GMT
cache-control: public, max-age=31536000
age: 90463
last-modified: Mon, 18 Jul 2022 19:24:04 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
142.250.74.163200 OK 31 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Hash ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://fanpelis.la
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Sep 2022 16:40:18 GMT
expires: Fri, 01 Sep 2023 16:40:18 GMT
cache-control: public, max-age=31536000
age: 452226
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash eb53024bbd41c1d8f88fa7b9becb704a
c87f5ac53cff6e3436c15551f8092f1e0215cb79
f2f589c71f9426ead1c60e4707982aa501b785a6040c95214db905a5cff8a777
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 22:17:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
e1.o.lencr.org/
23.36.76.226200 OK 344 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 94c5cd787f9c2e677a63add589d37eeb
716f5f9a889f43f9dfd91afcca69a4551bebc827
dca99aa64d1b91c4368d043f519d2c6b3f99c5a8b5a6610076ce1de2b04818ee
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "DCA99AA64D1B91C4368D043F519D2C6B3F99C5A8B5A6610076CE1DE2B04818EE"
Last-Modified: Tue, 06 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10218
Expires: Wed, 07 Sep 2022 01:07:42 GMT
Date: Tue, 06 Sep 2022 22:17:24 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 344 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 94c5cd787f9c2e677a63add589d37eeb
716f5f9a889f43f9dfd91afcca69a4551bebc827
dca99aa64d1b91c4368d043f519d2c6b3f99c5a8b5a6610076ce1de2b04818ee
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "DCA99AA64D1B91C4368D043F519D2C6B3F99C5A8B5A6610076CE1DE2B04818EE"
Last-Modified: Tue, 06 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10218
Expires: Wed, 07 Sep 2022 01:07:42 GMT
Date: Tue, 06 Sep 2022 22:17:24 GMT
Connection: keep-alive
opertyvaluat.autos/QUlEa1cgKycGaCB0Jk0iMyV5TmUHbHYtMyIoLVw1JSA+XiMuM2oIOy48IA0lLicwRTkkPWFZESsrAhsFDCQvOxkVcBE9PyYzCjpuEBEDEzwDJXEgGgIDICkvOScLOhIgBS4DPBAPNwIcBgM8IwZxBA85BiUPLl4kACJ8Khg7cBI9Ei5sdi0HcA8RMw82PhIMIxMrKg8fAg8BWAcqLgUqExg+AlokMCt3UxQVD3EaMhQ5HTMPeCAnLi8kKC5aNQMxLwIzAAseLRALJyY9bhgvdiEgFQ9xGh5xGwkzLzUmBi4zIip3OhYWGDdOZQcEKAAQEh4jMxYHJSAKOmwMADwBcGx2LQ42ABQpBCZ5EioOFC92JWcUDzRbDhMYJz4AMm8uGDgvOXkDZDILJl4lcwc2WBQ1KBIT
54.230.111.74200 OK 1.2 kB URL HTTP/2 opertyvaluat.autos/QUlEa1cgKycGaCB0Jk0iMyV5TmUHbHYtMyIoLVw1JSA+XiMuM2oIOy48IA0lLicwRTkkPWFZESsrAhsFDCQvOxkVcBE9PyYzCjpuEBEDEzwDJXEgGgIDICkvOScLOhIgBS4DPBAPNwIcBgM8IwZxBA85BiUPLl4kACJ8Khg7cBI9Ei5sdi0HcA8RMw82PhIMIxMrKg8fAg8BWAcqLgUqExg+AlokMCt3UxQVD3EaMhQ5HTMPeCAnLi8kKC5aNQMxLwIzAAseLRALJyY9bhgvdiEgFQ9xGh5xGwkzLzUmBi4zIip3OhYWGDdOZQcEKAAQEh4jMxYHJSAKOmwMADwBcGx2LQ42ABQpBCZ5EioOFC92JWcUDzRbDhMYJz4AMm8uGDgvOXkDZDILJl4lcwc2WBQ1KBIT
IP 54.230.111.74:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3005), with no line terminators
Hash 3acfc0de2c9527f06183c9bdf1ba21a4
811ad94c4dc6840a1c0b987356d92fbd49fdf40a
f751907bbc2d9d42eea9908929e5ad57be0e5dcea3ec24aa84bad43459c4ccff
GET /QUlEa1cgKycGaCB0Jk0iMyV5TmUHbHYtMyIoLVw1JSA+XiMuM2oIOy48IA0lLicwRTkkPWFZESsrAhsFDCQvOxkVcBE9PyYzCjpuEBEDEzwDJXEgGgIDICkvOScLOhIgBS4DPBAPNwIcBgM8IwZxBA85BiUPLl4kACJ8Khg7cBI9Ei5sdi0HcA8RMw82PhIMIxMrKg8fAg8BWAcqLgUqExg+AlokMCt3UxQVD3EaMhQ5HTMPeCAnLi8kKC5aNQMxLwIzAAseLRALJyY9bhgvdiEgFQ9xGh5xGwkzLzUmBi4zIip3OhYWGDdOZQcEKAAQEh4jMxYHJSAKOmwMADwBcGx2LQ42ABQpBCZ5EioOFC92JWcUDzRbDhMYJz4AMm8uGDgvOXkDZDILJl4lcwc2WBQ1KBIT HTTP/1.1
Host: opertyvaluat.autos
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fanpelis.la/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1163
date: Tue, 06 Sep 2022 22:17:24 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: OFaljiwjKNdDL7OoyaxWcDTtqjgLC67Qc_SU43QqdicoSLSM3CikaA==
X-Firefox-Spdy: h2
opertyvaluat.autos/U09sNXAyLQ9YTzJyDhMFISNREEIVal5zFDAuBQISNyYWAAQ8NUJWHDw6CFMCPCEYGx42O0kHNhotOXsgByQbejwQCgNWCDg+JwY+Yhc0Y0Y2IQB5Owc4BHwYYmpedzQHew52FxIjLWEhHw4vZ0QyJwcAO2ABVGYJazoldgQCFT9aFx9+LkwRAHcDcUNmeA1xFzcDL2cKHSdYQzo6Ch13GRZqXnM/YSA1fB4aJSVNEyIGFXwEAAcpfxVhBQhvHmJqXncqERkVUx0nal5zPGEVVVMZEgogYR9hLjoMCh18NgM9PRlbVENrOTZbQXZ9LmUYJyIKdEliGF4EVWEJNgccNSwVGBchAxtsAzIhG34oYAFJBzI1IRRWE2B6HlMcYyMmXwcjDBVCQzJ8WEcVPSMLUzUgfQ9bSHUlH1oeI3IuRSc0DAZ6CDUMBwM
54.230.111.74200 OK 26 kB URL HTTP/2 opertyvaluat.autos/U09sNXAyLQ9YTzJyDhMFISNREEIVal5zFDAuBQISNyYWAAQ8NUJWHDw6CFMCPCEYGx42O0kHNhotOXsgByQbejwQCgNWCDg+JwY+Yhc0Y0Y2IQB5Owc4BHwYYmpedzQHew52FxIjLWEhHw4vZ0QyJwcAO2ABVGYJazoldgQCFT9aFx9+LkwRAHcDcUNmeA1xFzcDL2cKHSdYQzo6Ch13GRZqXnM/YSA1fB4aJSVNEyIGFXwEAAcpfxVhBQhvHmJqXncqERkVUx0nal5zPGEVVVMZEgogYR9hLjoMCh18NgM9PRlbVENrOTZbQXZ9LmUYJyIKdEliGF4EVWEJNgccNSwVGBchAxtsAzIhG34oYAFJBzI1IRRWE2B6HlMcYyMmXwcjDBVCQzJ8WEcVPSMLUzUgfQ9bSHUlH1oeI3IuRSc0DAZ6CDUMBwM
IP 54.230.111.74:0
Hash 357f59117070c751978562209fc5beb9
d0e5dac47d4a4eabe5b830a0bc1e9a27efcb20b8
b68a1b40df94ba6f70e0c539700c4a3aba2807c110f76b867d3ad1aabc196be8
GET /U09sNXAyLQ9YTzJyDhMFISNREEIVal5zFDAuBQISNyYWAAQ8NUJWHDw6CFMCPCEYGx42O0kHNhotOXsgByQbejwQCgNWCDg+JwY+Yhc0Y0Y2IQB5Owc4BHwYYmpedzQHew52FxIjLWEhHw4vZ0QyJwcAO2ABVGYJazoldgQCFT9aFx9+LkwRAHcDcUNmeA1xFzcDL2cKHSdYQzo6Ch13GRZqXnM/YSA1fB4aJSVNEyIGFXwEAAcpfxVhBQhvHmJqXncqERkVUx0nal5zPGEVVVMZEgogYR9hLjoMCh18NgM9PRlbVENrOTZbQXZ9LmUYJyIKdEliGF4EVWEJNgccNSwVGBchAxtsAzIhG34oYAFJBzI1IRRWE2B6HlMcYyMmXwcjDBVCQzJ8WEcVPSMLUzUgfQ9bSHUlH1oeI3IuRSc0DAZ6CDUMBwM HTTP/1.1
Host: opertyvaluat.autos
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fanpelis.la/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1169
date: Tue, 06 Sep 2022 22:17:24 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 0n6Szpz85EseTPkGnte9g2ynAbWWEnHOz7YVeckSY3891jC3s1RXpQ==
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash eefbc3e92429d8e2beb6d1d913cd7442
ed50f0d6bf3aaa67945627d401d70f357940c786
693b3bff56a8f267f7831903e497dcfde37b16b188824fa63fd310698ab13388
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 22:17:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
s7.addthis.com/js/300/addthis_widget.js
23.38.200.123200 OK 116 kB URL HTTP/2 s7.addthis.com/js/300/addthis_widget.js
IP 23.38.200.123:0
File type ASCII text, with very long lines (54602)
Size 116 kB (116325 bytes)
Hash ff4671f71c958029bbf6d9694284da70
7535744f2dbaf99902a54fc529e760b08a73f265
123f781673b2e45e18df36b64984674f489a5f3541c69e295f01f554b8d3c738
GET /js/300/addthis_widget.js HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fanpelis.la/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.15.8
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: "5f971164-5834c"
cache-control: public, max-age=600
strict-transport-security: max-age=15724800; includeSubDomains
content-type: application/javascript
content-encoding: gzip
content-length: 116325
date: Tue, 06 Sep 2022 22:17:24 GMT
vary: Accept-Encoding
x-distribution: 99
x-host: s7.addthis.com
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 521428b0e694b41561bc2ed785219929
45bf3b914325f9d646879bd16bb01feb8f29f2d4
9e2c58593cb9b9baae14e338253ca44b199d965e106ddc70c700f66f0203465a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 22:17:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b559f6723c149ab84a2aaf577838207d
3aa9d78ab3af7d42dc1b954a292ebd9de8a1836d
83ac93f4b48d6f4815773a1bde5baf8f3053ff54c30e0985dc0b00fc64c7b491
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "83AC93F4B48D6F4815773A1BDE5BAF8F3053FF54C30E0985DC0B00FC64C7B491"
Last-Modified: Sun, 04 Sep 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4519
Expires: Tue, 06 Sep 2022 23:32:43 GMT
Date: Tue, 06 Sep 2022 22:17:24 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 62c739a1335c5cf0fd4e783db6cdf14b
4f4a2acf32a7b7d8d86f7d0b037cdd16d59704ff
de1d42a2f47b8a7f1fed1880f1b485f63a5e07ede87fee3194cabeab056cf6f9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 22:17:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b559f6723c149ab84a2aaf577838207d
3aa9d78ab3af7d42dc1b954a292ebd9de8a1836d
83ac93f4b48d6f4815773a1bde5baf8f3053ff54c30e0985dc0b00fc64c7b491
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "83AC93F4B48D6F4815773A1BDE5BAF8F3053FF54C30E0985DC0B00FC64C7B491"
Last-Modified: Sun, 04 Sep 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4519
Expires: Tue, 06 Sep 2022 23:32:43 GMT
Date: Tue, 06 Sep 2022 22:17:24 GMT
Connection: keep-alive
ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js?ver=2.1.3
142.250.74.42200 OK 30 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js?ver=2.1.3
IP 142.250.74.42:0
File type ASCII text, with very long lines (32180)
Hash f16500423cc2867eff8b773df637c48f
1cd32d75b59a89c3a70274e383151a61ce0594f4
6ca5dc8ad67639c69117ace46c93703cf5fff82824cfc0bada0cf0fb3b2d41d7
GET /ajax/libs/jquery/2.1.3/jquery.min.js?ver=2.1.3 HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fanpelis.la/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 29707
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 04 Sep 2022 12:53:23 GMT
expires: Mon, 04 Sep 2023 12:53:23 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
age: 206641
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ayassociallya.xyz/dndCSU5ZSCE6cyAiGHsrIwMoKn40OCEkKgwjcgs3L0R7DRpFGGQ9JxJKe3l4Q0N1bz4fE394dlAENig6AwR/eGgfGSQmc1ABf3hgRllzZ31QAn94aAIHIy5zR1EyPToaSnN/eERCcnt4RU91fXk
104.21.81.61204 No Content 0 B URL HTTP/2 ayassociallya.xyz/dndCSU5ZSCE6cyAiGHsrIwMoKn40OCEkKgwjcgs3L0R7DRpFGGQ9JxJKe3l4Q0N1bz4fE394dlAENig6AwR/eGgfGSQmc1ABf3hgRllzZ31QAn94aAIHIy5zR1EyPToaSnN/eERCcnt4RU91fXk
IP 104.21.81.61:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /dndCSU5ZSCE6cyAiGHsrIwMoKn40OCEkKgwjcgs3L0R7DRpFGGQ9JxJKe3l4Q0N1bz4fE394dlAENig6AwR/eGgfGSQmc1ABf3hgRllzZ31QAn94aAIHIy5zR1EyPToaSnN/eERCcnt4RU91fXk HTTP/1.1
Host: ayassociallya.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fanpelis.la/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Tue, 06 Sep 2022 22:17:25 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LW6rveoWtui%2B9GJdF8W46nDUhsUulkcCuNXjsH85WlDtm8MA2WZzYN3kx9DwAvtwEuwecCes%2BiTpCjGrxyo2VNIzL2KMRD73IBQy4ZiaJbOkfun6QljqWqQFPoBVjwMR4AHOPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 746a931aacb30b4d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ayassociallya.xyz/NmtRTlYZVDI9a3k+JXwDBgAeKz0DDDQPEAA6PBxudzNoBg9uDHc6P1JWaH5gA19kaCZfD2x/cEUfMDojRVZgaD9YDT5zcEBWYGBlAkVjdngHTSRzZxAfIS8xC1p3PiJCB2x/YABZZH5kAFhpeWAC
104.21.81.61204 No Content 0 B URL HTTP/2 ayassociallya.xyz/NmtRTlYZVDI9a3k+JXwDBgAeKz0DDDQPEAA6PBxudzNoBg9uDHc6P1JWaH5gA19kaCZfD2x/cEUfMDojRVZgaD9YDT5zcEBWYGBlAkVjdngHTSRzZxAfIS8xC1p3PiJCB2x/YABZZH5kAFhpeWAC
IP 104.21.81.61:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /NmtRTlYZVDI9a3k+JXwDBgAeKz0DDDQPEAA6PBxudzNoBg9uDHc6P1JWaH5gA19kaCZfD2x/cEUfMDojRVZgaD9YDT5zcEBWYGBlAkVjdngHTSRzZxAfIS8xC1p3PiJCB2x/YABZZH5kAFhpeWAC HTTP/1.1
Host: ayassociallya.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fanpelis.la/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Tue, 06 Sep 2022 22:17:25 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rSO6zBv2WNnTY6NzIcQLaMUOHs%2FtCa6VJfLz2mKPcxVM0AtUIcKZMIMxDRVTguPilDH8a7UssGlbcrBR7Dh4HZuA8r%2BwIckdYhcxVGNhPvT1M0QSHwRi7m6Fq6EU%2B3x3qeRpLg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 746a931abcc20b4d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-224039763-1
142.250.74.72200 OK 42 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-224039763-1
IP 142.250.74.72:0
File type ASCII text, with very long lines (1615)
Hash 33db7b3de5f567f6b604c6a6db2f406b
affabcc31eacd8fc0775a449bbb03faae18feb4e
59d8163b0c08decd07c8104ae41885f6d9bdf21799f51a0f85e8681bfdcf3887
GET /gtag/js?id=UA-224039763-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fanpelis.la/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 06 Sep 2022 22:17:25 GMT
expires: Tue, 06 Sep 2022 22:17:25 GMT
cache-control: private, max-age=900
last-modified: Tue, 06 Sep 2022 21:08:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 41896
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
image.tmdb.org/t/p/w780/jRJrQ72VLyEnVsvwfep8Xjlvu8c.jpg
138.199.37.229200 OK 55 kB URL HTTP/2 image.tmdb.org/t/p/w780/jRJrQ72VLyEnVsvwfep8Xjlvu8c.jpg
IP 138.199.37.229:0
ASN #60068 Datacamp Limited
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 780x439, components 3\012- data
Hash 17c359015cff31ce2dd5ad40fb89936b
3f6514f8d6334c99a7cbc0a96935db19a3c2533b
9ef192ba7aad2af00fc021a1eb41f7fd832f05ab6f69edde1be6fc8b1b24406b
GET /t/p/w780/jRJrQ72VLyEnVsvwfep8Xjlvu8c.jpg HTTP/1.1
Host: image.tmdb.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fanpelis.la/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Sep 2022 22:17:24 GMT
content-type: image/jpeg
content-length: 54659
server: BunnyCDN-DE-865
cdn-pullzone: 775336
cdn-uid: 29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
etag: "6272df03-d583"
last-modified: Wed, 04 May 2022 20:16:03 GMT
cdn-storageserver: DE-167
cdn-requestpullsuccess: True
cdn-fileserver: 335
perma-cache: HIT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-cachedat: 08/20/2022 04:45:58
cdn-edgestorageid: 863
cdn-status: 200
cdn-requestid: 136587e3933649edd5e023ab15ce0d0b
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
image.tmdb.org/t/p/w185/gT8w2VX3LFcQInpVaYL6Mjhbqwx.jpg
138.199.37.229200 OK 7.0 kB URL HTTP/2 image.tmdb.org/t/p/w185/gT8w2VX3LFcQInpVaYL6Mjhbqwx.jpg
IP 138.199.37.229:0
ASN #60068 Datacamp Limited
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 185x278, components 3\012- data
Hash a86460349d9d090a9d6a99588f54215d
14f748c1671a6abe8bec1a9b61e4c806e8144997
8e7e03c669ddea694a855d5fe9fd195c1421cab2c3c61d8386ee7c97762eb4a8
GET /t/p/w185/gT8w2VX3LFcQInpVaYL6Mjhbqwx.jpg HTTP/1.1
Host: image.tmdb.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fanpelis.la/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Sep 2022 22:17:25 GMT
content-type: image/jpeg
content-length: 7017
server: BunnyCDN-DE-865
cdn-pullzone: 775336
cdn-uid: 29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
etag: "6272b9ea-1b69"
last-modified: Wed, 04 May 2022 17:37:46 GMT
cdn-storageserver: NY-268
cdn-requestpullsuccess: True
cdn-fileserver: 341
perma-cache: HIT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-cachedat: 08/22/2022 17:51:40
cdn-edgestorageid: 565
cdn-status: 200
cdn-requestid: b1e9728097fb42ffbaeda386c6ea2492
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 701 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ca18e51baf855980a5acf038f5c54bf2
436659b4c1e74a181d2b7c770225fb8109e75af0
c8d8ad6790287d065fdf45423ef2ef60e891febf78c352545d5f2a051f641113
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "117755CAAE670CB491537CDFA3CC12F48F32088CD968C23E5B72C4961F375E3E"
Last-Modified: Mon, 05 Sep 2022 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3247
Expires: Tue, 06 Sep 2022 23:11:32 GMT
Date: Tue, 06 Sep 2022 22:17:25 GMT
Connection: keep-alive
www.youtube.com/s/player/c16db54a/www-player.css
142.250.74.14200 OK 49 kB URL HTTP/2 www.youtube.com/s/player/c16db54a/www-player.css
IP 142.250.74.14:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 666388d9ac2c812d3d9b0e511b1cfea0
4dfa524e6558a4aaf676578dd3275f544cb36625
a1532094c979ab2823b5baf7e5843d731e1c64765a8b8495f89bb56b7f7df117
GET /s/player/c16db54a/www-player.css HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/AjGr4tjEa5M
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 49081
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 02 Sep 2022 20:40:24 GMT
expires: Sat, 02 Sep 2023 20:40:24 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 02 Sep 2022 18:46:29 GMT
content-type: text/css
age: 351421
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.fembed.com/v/08zp5ilw8e-4njq
104.21.235.25301 Moved Permanently 616 B URL HTTP/2 www.fembed.com/v/08zp5ilw8e-4njq
IP 104.21.235.25:0
Hash 5379d4010b8e4c0cacbf4495ca78be39
f3955363038de2af1a369d1e144d6b1748e95479
ad72de19aae6e12a037c972ed34719d5e5b1f9710b2d2a96c41c40af8feced9f
GET /v/08zp5ilw8e-4njq HTTP/1.1
Host: www.fembed.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fanpelis.la/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Tue, 06 Sep 2022 22:17:24 GMT
location: https://vanfem.com/v/08zp5ilw8e-4njq
cache-control: max-age=3600
expires: Tue, 06 Sep 2022 23:17:24 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rlVKWF384e1Hu4gXmhiSz9es2Br5IQ4pzPex%2BXxfbWsdB1TzQRNSV%2FrgGyHn1p%2FWn4h0Rw4ho9iOikka9Y079WUx50TsFngDeJMGIsDHYxevoTx8mYmTMoagU7d1fdlIMw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 746a931ab9e406ed-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.youtube.com/s/player/c16db54a/www-embed-player.vflset/www-embed-player.js
142.250.74.14200 OK 98 kB URL HTTP/2 www.youtube.com/s/player/c16db54a/www-embed-player.vflset/www-embed-player.js
IP 142.250.74.14:0
File type ASCII text, with very long lines (592)
Hash 26b6e79984361d593bcf000927f559db
36dc3faef99c68636ed7d8a2d46783ccfc3be7ff
2795564d0f494ec4aed32d6708062dd699c22324d3df26588d5e2e2c2a956b36
GET /s/player/c16db54a/www-embed-player.vflset/www-embed-player.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/AjGr4tjEa5M
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 97590
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 02 Sep 2022 20:40:24 GMT
expires: Sat, 02 Sep 2023 20:40:24 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 02 Sep 2022 18:46:29 GMT
content-type: text/javascript
age: 351421
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.youtube.com/s/player/c16db54a/fetch-polyfill.vflset/fetch-polyfill.js
142.250.74.14200 OK 2.8 kB URL HTTP/2 www.youtube.com/s/player/c16db54a/fetch-polyfill.vflset/fetch-polyfill.js
IP 142.250.74.14:0
File type Algol 68 source text\012- Pascal source, ASCII text, with very long lines (555)
Hash 80fe2d229007996c8397073b00755dc7
121f82c77bcf2a297a1085e3b092415c463fcafe
033dfa8941482c82d4f1aaa4a9172fb379b9e46a02d5b36297c5476bbbfdea2c
GET /s/player/c16db54a/fetch-polyfill.vflset/fetch-polyfill.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/AjGr4tjEa5M
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 2786
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 02 Sep 2022 20:40:24 GMT
expires: Sat, 02 Sep 2023 20:40:24 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 02 Sep 2022 18:46:29 GMT
content-type: text/javascript
age: 351421
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.youtube.com/s/player/c16db54a/player_ias.vflset/en_US/base.js
142.250.74.14200 OK 591 kB URL HTTP/2 www.youtube.com/s/player/c16db54a/player_ias.vflset/en_US/base.js
IP 142.250.74.14:0
Size 591 kB (590664 bytes)
Hash bfc79bbcfefb753609c05b2526440773
0a55050e6f7b2893137dce1a9494e84894e0ce02
db771b160b7c4c2686da4cd317cd1667a9bc1e2b3b76d0ed5655fd8762ba154d
GET /s/player/c16db54a/player_ias.vflset/en_US/base.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/AjGr4tjEa5M
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding, Origin
content-encoding: br
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 586778
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 02 Sep 2022 20:40:43 GMT
expires: Sat, 02 Sep 2023 20:40:43 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 02 Sep 2022 18:46:29 GMT
content-type: text/javascript
age: 351402
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash eefbc3e92429d8e2beb6d1d913cd7442
ed50f0d6bf3aaa67945627d401d70f357940c786
693b3bff56a8f267f7831903e497dcfde37b16b188824fa63fd310698ab13388
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 22:17:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.youtube.com/embed/AjGr4tjEa5M
142.250.74.14200 OK 27 kB URL HTTP/2 www.youtube.com/embed/AjGr4tjEa5M
IP 142.250.74.14:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (59934)
Hash 9cd7678b4ead399ee4eb969b7f671ee9
bec48f9561df879d417684b34352a4cb906f2538
682edbc1546cb4915d74b9b239b95989bbc695c419feb5bf180fdaa494990892
GET /embed/AjGr4tjEa5M HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fanpelis.la/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 06 Sep 2022 22:17:24 GMT
strict-transport-security: max-age=31536000
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=8sPMyavKiSg; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=FxCwLmUCH3k; Domain=.youtube.com; Expires=Sun, 05-Mar-2023 22:17:24 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+760; expires=Thu, 05-Sep-2024 22:17:24 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 344 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 94c5cd787f9c2e677a63add589d37eeb
716f5f9a889f43f9dfd91afcca69a4551bebc827
dca99aa64d1b91c4368d043f519d2c6b3f99c5a8b5a6610076ce1de2b04818ee
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "DCA99AA64D1B91C4368D043F519D2C6B3F99C5A8B5A6610076CE1DE2B04818EE"
Last-Modified: Tue, 06 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10217
Expires: Wed, 07 Sep 2022 01:07:42 GMT
Date: Tue, 06 Sep 2022 22:17:25 GMT
Connection: keep-alive
www.googletagmanager.com/gtag/js?id=UA-77394287-12
142.250.74.72200 OK 42 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-77394287-12
IP 142.250.74.72:0
File type ASCII text, with very long lines (1615)
Hash 0962bfa5201a93c18349c1e86cc2ea04
e1e9e8693472e30ea9d96bb25501825b7dba8674
de1b6874d042cca61be15cf2c44118f9ddf71fb03354e3e66de7263225720bf0
GET /gtag/js?id=UA-77394287-12 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://v2.zplayer.live/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 06 Sep 2022 22:17:25 GMT
expires: Tue, 06 Sep 2022 22:17:25 GMT
cache-control: private, max-age=900
last-modified: Tue, 06 Sep 2022 21:08:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 41845
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
dcai7bdiz5toz.cloudfront.net/IbUNPTkwOLCEocxkqK3N1XXV6enlLKTwhIh1+DT4bCgAlATQLACR4ahk5K3N8Sy8uICtQZSogL1ByaS8oD357aDgdLCRzNh4vJiEqBiE/O2oYInIjIxcqIyItSHEJe2JdZn1+ZBVyfmt/L2Z9fiAELTo2aV9zN3Z6MnV7a38vZn1+PhtmfA91W21/Z2lfcy-grLwYsanwKX3N+fnxcc35rfl0lJjwpCyw3a34renlgfEs2cn8
54.230.245.40200 OK 634 B URL HTTP/2 dcai7bdiz5toz.cloudfront.net/IbUNPTkwOLCEocxkqK3N1XXV6enlLKTwhIh1+DT4bCgAlATQLACR4ahk5K3N8Sy8uICtQZSogL1ByaS8oD357aDgdLCRzNh4vJiEqBiE/O2oYInIjIxcqIyItSHEJe2JdZn1+ZBVyfmt/L2Z9fiAELTo2aV9zN3Z6MnV7a38vZn1+PhtmfA91W21/Z2lfcy-grLwYsanwKX3N+fnxcc35rfl0lJjwpCyw3a34renlgfEs2cn8
IP 54.230.245.40:0
File type ASCII text, with very long lines (868), with no line terminators
Hash 91a99d63a353feb7fdb6793023c1e94d
36a7c560a8a58a0fb579401761c29883033a915c
f2ae19d01bc52edcaa32c698b4d841078aba5734750a5486914a308fd446a7e5
GET /IbUNPTkwOLCEocxkqK3N1XXV6enlLKTwhIh1+DT4bCgAlATQLACR4ahk5K3N8Sy8uICtQZSogL1ByaS8oD357aDgdLCRzNh4vJiEqBiE/O2oYInIjIxcqIyItSHEJe2JdZn1+ZBVyfmt/L2Z9fiAELTo2aV9zN3Z6MnV7a38vZn1+PhtmfA91W21/Z2lfcy-grLwYsanwKX3N+fnxcc35rfl0lJjwpCyw3a34renlgfEs2cn8 HTTP/1.1
Host: dcai7bdiz5toz.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://opertyvaluat.autos/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 634
date: Tue, 06 Sep 2022 22:17:25 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: nITkkyu9F2hv7t9qiVJCLx2Aip3zYRFa5tbkoKsREhuBhzLEnnjKTw==
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6d8f664bf2ecdccd9f7d3ff4e22812ee
9fb4cb9ac3a5a9cd93c57d562572faeb47c1e74a
a7f9398e96b5a077d947f68759d28a672c98b8cdb7c6d8bfafc55348359acfe6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A7F9398E96B5A077D947F68759D28A672C98B8CDB7C6D8BFAFC55348359ACFE6"
Last-Modified: Sun, 04 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3030
Expires: Tue, 06 Sep 2022 23:07:55 GMT
Date: Tue, 06 Sep 2022 22:17:25 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash e8952752ad4a452a575522a7eb737217
c5554fa2af05d7a7117032b0f99352de08988346
8c182bed7bbd843774a2136823b30a4cb707e2a5386f71d01640aa3558888bf7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3669
Cache-Control: max-age=125428
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 22:17:25 GMT
Etag: "6316ff94-1d7"
Expires: Thu, 08 Sep 2022 09:07:53 GMT
Last-Modified: Tue, 06 Sep 2022 08:06:44 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471
e1.o.lencr.org/
23.36.76.226200 OK 344 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a06cb209fdc15ecf8329895a6c0fc705
cb50f7e79c5db17b1b6bdaa5078d6a2bcb16b978
456a815459be52bda7348e51591a765c94a46e7ed36b70a69142c4163b3f62dc
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "456A815459BE52BDA7348E51591A765C94A46E7ED36B70A69142C4163B3F62DC"
Last-Modified: Sun, 04 Sep 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2531
Expires: Tue, 06 Sep 2022 22:59:36 GMT
Date: Tue, 06 Sep 2022 22:17:25 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 344 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a06cb209fdc15ecf8329895a6c0fc705
cb50f7e79c5db17b1b6bdaa5078d6a2bcb16b978
456a815459be52bda7348e51591a765c94a46e7ed36b70a69142c4163b3f62dc
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "456A815459BE52BDA7348E51591A765C94A46E7ED36B70A69142C4163B3F62DC"
Last-Modified: Sun, 04 Sep 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2531
Expires: Tue, 06 Sep 2022 22:59:36 GMT
Date: Tue, 06 Sep 2022 22:17:25 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 51793b7aca12e07c707f923e821c3231
8aecbe01ed606227ff1d7c5684f4ca82e5016bf9
a3a7bcdc8076b46d7c77ae9a4b22a064de07b296c9e18070aaed7ad9c8fdef8b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 22:17:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
opertyvaluat.autos/utx?cb=NUcaRTFoDcOZ&top=fanpelis.la&tid=906545
54.230.111.74204 No Content 0 B URL HTTP/2 opertyvaluat.autos/utx?cb=NUcaRTFoDcOZ&top=fanpelis.la&tid=906545
IP 54.230.111.74:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /utx?cb=NUcaRTFoDcOZ&top=fanpelis.la&tid=906545 HTTP/1.1
Host: opertyvaluat.autos
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://fanpelis.la
Connection: keep-alive
Referer: https://fanpelis.la/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Tue, 06 Sep 2022 22:17:25 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://fanpelis.la
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Tue, 06 Sep 2022 22:18:25 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
x-cache: Miss from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: LmqNvWf7lIgNXPhv0wJ-JLx77gBvxp4q8_TNYvadVKB5KgJmMdDkUg==
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 195accce5155b06c8155a77d9a93d052
5cda84923d0c591c65ba0f6f9b2d0975f5b23298
880b22b6e4fa06c20f09fa0e736386ffa6c62028bbd0b275ab5a0f8ee32c4941
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4227
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 22:17:25 GMT
Last-Modified: Tue, 06 Sep 2022 21:06:58 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471
arc.io/widget.min.js
54.230.111.49200 OK 2.9 kB IP 54.230.111.49:0
File type ASCII text, with very long lines (7592), with no line terminators
Hash 9c0ac43785568066333d6f90f95ff3a5
b75fa88bd669aa32fa9ec89ff1db467bc589382a
28737f2fab65acd1c497bf6f4ee316acb4bc6f0c3edbc2dae09b836930bc5865
GET /widget.min.js HTTP/1.1
Host: arc.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://v2.zplayer.live/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 2931
last-modified: Tue, 06 Sep 2022 17:57:58 GMT
content-encoding: br
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
date: Tue, 06 Sep 2022 21:53:32 GMT
cache-control: public, max-age=3600, stale-while-revalidate=864000
etag: "63178a26-b73"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: LXA8mOPH73ixnVln4Z1bs72NtXf2InaqXy2fSIyzKqaq8ICgWf9v5Q==
age: 1437
X-Firefox-Spdy: h2
content.jwplatform.com/libraries/KB5zFt7A.js
54.230.111.23200 OK 42 kB URL HTTP/2 content.jwplatform.com/libraries/KB5zFt7A.js
IP 54.230.111.23:0
File type Unicode text, UTF-8 text, with very long lines (65143)
Hash e8b772705b6eab07ecd5820877091e63
1b866018b691f3d5e8784e8d23dbfa5f887a1d5d
58a1f70d129e5a571d636d1b0fe759eedafcccc8560f497329d808381270796a
GET /libraries/KB5zFt7A.js HTTP/1.1
Host: content.jwplatform.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://v2.zplayer.live/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
content-length: 42003
access-control-allow-origin: *
cache-control: max-age=180
content-encoding: gzip
date: Tue, 06 Sep 2022 22:16:25 GMT
server: openresty
x-cache: Hit from cloudfront
via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: C33D3p5t8g3t_HEJgVRtNVPQHz5aVoIKeflH4y5DHYZk7DDGCOYjnA==
age: 60
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 51793b7aca12e07c707f923e821c3231
8aecbe01ed606227ff1d7c5684f4ca82e5016bf9
a3a7bcdc8076b46d7c77ae9a4b22a064de07b296c9e18070aaed7ad9c8fdef8b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 22:17:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
v2.zplayer.live/js/jquery.min.js
172.67.171.65200 OK 35 kB URL HTTP/2 v2.zplayer.live/js/jquery.min.js
IP 172.67.171.65:0
File type ASCII text, with very long lines (32086)
Hash d8a3a58feb8a054393c45da500c18ed2
fcaafe980f9acf88cb7c1ddec74035d24b255e30
7ca3a779d2d14acd1efa671771db261bca8213e9e6bb6b5f0ec0c482b0a06729
GET /js/jquery.min.js HTTP/1.1
Host: v2.zplayer.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://v2.zplayer.live/embed/orhbl56m6gqd
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 22:17:25 GMT
content-type: application/javascript
last-modified: Thu, 20 Nov 2014 00:40:20 GMT
etag: W/"1762a-5083f92a80500"
cache-control: max-age=14400
cf-cache-status: HIT
age: 6628
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GHITK2Hm%2BABjC7J27S30746M6lz%2FYa1qSls7q8LRxmuzmFbVT6yOKvygrbv7niHsPjXS7g9EqSrbADzZWryTB6rh7TI2YSNCX1YDonD596d%2BiqfzA2FM2d6xg5s7JA%2BV6MI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 746a931bfd5fb512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 71f97f141f6ae2ab5e99f005b515b942
71724c7a5f6055096c674cc121745421a230d6b8
9387d95254fad633c9eb1f7fc23b12c281a06d0f9cdd4751a0df5a43c3a8f191
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9387D95254FAD633C9EB1F7FC23B12C281A06D0F9CDD4751A0DF5A43C3A8F191"
Last-Modified: Mon, 05 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2964
Expires: Tue, 06 Sep 2022 23:06:49 GMT
Date: Tue, 06 Sep 2022 22:17:25 GMT
Connection: keep-alive
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
216.58.207.237302 Found 395 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
IP 216.58.207.237:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (381)
Hash 4d3ceca8ec2e0eea7049b40f88fb33bc
61a7041dc0ff899182f6e5fa23ffa7f2abc1bb41
d010b336b4aa0b5ff5e561edcb274e04cd926e791014372d75cf1213935be588
GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fanpelis.la/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 06 Sep 2022 22:17:25 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S-1274113929%3A1662502645469694&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQN2RmXuR727i-5VlyiYK9ALiJWg1PBQvbgCHBFB3hF2_a57FVGI0M50RVpVfidVcU3saOp2v8mhoQ
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-i4sLUba6VKBaaodlugzGBA' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 395
server: GSE
set-cookie: __Host-GAPS=1:nZZLGpggixMZSrrbDIfwez9I8kqpCQ:DWYitXkQBtcSUq33;Path=/;Expires=Thu, 05-Sep-2024 22:17:25 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 344 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 38e5b32eb73fc74b421b90a129e571d5
11aefe3ee843c1b44f96d7c2983a62d362002715
117755caae670cb491537cdfa3cc12f48f32088cd968c23e5b72c4961f375e3e
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "117755CAAE670CB491537CDFA3CC12F48F32088CD968C23E5B72C4961F375E3E"
Last-Modified: Mon, 05 Sep 2022 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3247
Expires: Tue, 06 Sep 2022 23:11:32 GMT
Date: Tue, 06 Sep 2022 22:17:25 GMT
Connection: keep-alive
push.services.mozilla.com/
44.237.163.41101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.237.163.41:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 7urS5RA/zJjQDdjUFT0L4g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: vJQMNQIYGpJA08U5NksoBDHaVtE=
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 8fc7316fab55e89a81536e926eab6f83
7fcab743b176312e76999b39a1b2a3b97dbeb10f
8178b9805611209f5c47dce32da555117870a90648e026d08cc691a4103169a7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 22:17:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash fa29b2ff732f178e3313e38af69ba26c
56fe42fbe714ff8990310e62371ac1c15d4a38fd
3c009fc7b6f33a249fb4007c65cf181d37064360e192871e4159a3877870c9d4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3C009FC7B6F33A249FB4007C65CF181D37064360E192871E4159A3877870C9D4"
Last-Modified: Mon, 05 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3227
Expires: Tue, 06 Sep 2022 23:11:12 GMT
Date: Tue, 06 Sep 2022 22:17:25 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 69879e055a94f80d16b267c4c5582fef
2e84a658e5f09c64c88fe484b5d74e0cc9ba2298
5c7dae582d09bbd7dc3b75b42ba812d9b61b430d719e0ce0408e211dda04d123
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5C7DAE582D09BBD7DC3B75B42BA812D9B61B430D719E0CE0408E211DDA04D123"
Last-Modified: Sun, 04 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4134
Expires: Tue, 06 Sep 2022 23:26:19 GMT
Date: Tue, 06 Sep 2022 22:17:25 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 69879e055a94f80d16b267c4c5582fef
2e84a658e5f09c64c88fe484b5d74e0cc9ba2298
5c7dae582d09bbd7dc3b75b42ba812d9b61b430d719e0ce0408e211dda04d123
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5C7DAE582D09BBD7DC3B75B42BA812D9B61B430D719E0CE0408E211DDA04D123"
Last-Modified: Sun, 04 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4134
Expires: Tue, 06 Sep 2022 23:26:19 GMT
Date: Tue, 06 Sep 2022 22:17:25 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 195accce5155b06c8155a77d9a93d052
5cda84923d0c591c65ba0f6f9b2d0975f5b23298
880b22b6e4fa06c20f09fa0e736386ffa6c62028bbd0b275ab5a0f8ee32c4941
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4227
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 22:17:25 GMT
Last-Modified: Tue, 06 Sep 2022 21:06:58 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471
e1.o.lencr.org/
23.36.76.226200 OK 344 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a06cb209fdc15ecf8329895a6c0fc705
cb50f7e79c5db17b1b6bdaa5078d6a2bcb16b978
456a815459be52bda7348e51591a765c94a46e7ed36b70a69142c4163b3f62dc
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "456A815459BE52BDA7348E51591A765C94A46E7ED36B70A69142C4163B3F62DC"
Last-Modified: Sun, 04 Sep 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2531
Expires: Tue, 06 Sep 2022 22:59:36 GMT
Date: Tue, 06 Sep 2022 22:17:25 GMT
Connection: keep-alive
sedatecompulsiveout.com/08/1c/08/081c083bd5586bdd4c1b0f7fe7ad2743.js
192.243.59.13200 OK 13 kB URL HTTP/1.1 sedatecompulsiveout.com/08/1c/08/081c083bd5586bdd4c1b0f7fe7ad2743.js
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with very long lines (37169), with no line terminators
Hash ba6bcccd097a5ffb97246377bcecabff
ca636a14427b1e35ed6fbeba151820f46a0fc6a1
e616e70d64c8d8c1230b42f00563399829e4336c1d0d61f8b7bed21eaa80fbef
Analyzer Verdict Alert quad9 Sinkholed
GET /08/1c/08/081c083bd5586bdd4c1b0f7fe7ad2743.js HTTP/1.1
Host: sedatecompulsiveout.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fanpelis.la/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Tue, 06 Sep 2022 22:17:25 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: bec2d10659bff404d17520bfb9934950
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
v2.zplayer.live/js/xupload.js
172.67.171.65200 OK 41 kB URL HTTP/2 v2.zplayer.live/js/xupload.js
IP 172.67.171.65:0
Hash 496aafb2013558a31a73568dc6360151
d7ba5135ccfb2f68c38d9ea73c18825585a763f5
3d181d5912fcda473c42cf6ebd350d8f7f1da89c63e07f8a4928852acdf71c69
GET /js/xupload.js HTTP/1.1
Host: v2.zplayer.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://v2.zplayer.live/embed/orhbl56m6gqd
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 22:17:25 GMT
content-type: application/javascript
last-modified: Sat, 26 Sep 2020 03:30:37 GMT
etag: W/"26ca-5b02f0e837140"
cache-control: max-age=14400
cf-cache-status: HIT
age: 2861
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R158tFANQGy%2Fy3WFgcCFSe68I5U71y4aLlAx1NEIOVuquGiJvHEunIR8OEjMTYrTniGB7mZtHVWbbvaV1XB0JBPLJeEPxJo0Ksloc17HVVR7glCbTaW7k3kNkdnbxSdwIlQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 746a931c4d9fb512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
vanfem.com/v/08zp5ilw8e-4njq
172.67.194.129200 OK 111 kB URL HTTP/2 vanfem.com/v/08zp5ilw8e-4njq
IP 172.67.194.129:0
File type ASCII text, with very long lines (1463)
Size 111 kB (110885 bytes)
Hash c42795c0cadbc3cb0c4b08a76ec83e16
5711ea3610b294caf4809fd84b51d5ef7433eed8
d4631cf3b0ec48c593f17d61c3cfa2e29bc007dc47b7f87cb3f00274877652e0
GET /v/08zp5ilw8e-4njq HTTP/1.1
Host: vanfem.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fanpelis.la/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Sep 2022 22:17:25 GMT
content-type: text/html; charset=UTF-8
last-modified: Sun, 29 Mar 2020 17:57:43 GMT
vary: Accept-Encoding
etag: W/"5e80e197-1bf3"
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iHgAKIWMSxOnx%2BoI7dP9%2FEM5fcOb0CpSdFP34k1MmrLLkmNQ4NIEu0Wg5yCScNoVp5l0R1mUrgXHRPoy1JN2MQ8AHmnFaEI%2F%2FvwaFQxqiCXjv%2BjbUkfC7IvBU4oi"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 746a931c4d320b55-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ausoafab.net/tag.min.js
139.45.197.239200 OK 23 kB IP 139.45.197.239:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash be63c388d567538b52da54af92341fd4
d6b53ecf63fd5c60961bb6810af5d590edcd75ff
67c8c82259890c03f120fb5a06f6ab72a79639f6d00c4a2988de8331c2410d56
Analyzer Verdict Alert quad9 Sinkholed
GET /tag.min.js HTTP/1.1
Host: ausoafab.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://v2.zplayer.live/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 22:17:25 GMT
content-type: text/javascript; charset=utf-8
content-length: 22987
content-encoding: br
x-trace-id: 6941d8368112f880c4c16c95ae99bee0
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
accept-ranges: bytes
last-modified: Tue, 06 Sep 2022 12:28:39 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
ssl.p.jwpcdn.com/player/v/8.26.0/jwpsrv.js
151.101.86.114200 OK 19 kB URL HTTP/2 ssl.p.jwpcdn.com/player/v/8.26.0/jwpsrv.js
IP 151.101.86.114:0
File type ASCII text, with very long lines (63039)
Hash 47c80e5e949f9c51cea9f3f4eb3411c8
ea848020d7f54579af52ebd5e5f6922b98cc2512
6455d2bb063d9fde3276b77cb3e6e886c9b2a87dfc1bf16365d0cd3e8c1d131d
GET /player/v/8.26.0/jwpsrv.js HTTP/1.1
Host: ssl.p.jwpcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://v2.zplayer.live/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=900, immutable
last-modified: Wed, 31 Aug 2022 18:45:24 GMT
etag: "662d21d9cc48caa9758882be57e10e92"
content-type: application/javascript
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Tue, 06 Sep 2022 22:17:25 GMT
via: 1.1 varnish
age: 894
x-served-by: cache-bma1658-BMA
x-cache: HIT
x-cache-hits: 186
x-timer: S1662502646.637087,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 18857
X-Firefox-Spdy: h2
ssl.p.jwpcdn.com/player/v/8.26.0/jwplayer.core.controls.js
151.101.86.114200 OK 84 kB URL HTTP/2 ssl.p.jwpcdn.com/player/v/8.26.0/jwplayer.core.controls.js
IP 151.101.86.114:0
File type ASCII text, with very long lines (65143)
Hash 138bd68a44a63ff376a877cc7dcb1837
8130d9e2b1a32d31b1cf7859f55a821512799d03
c5e612b1523a21d1b511837515ae5f744290ba8a521445f6af62cb495e071dd5
GET /player/v/8.26.0/jwplayer.core.controls.js HTTP/1.1
Host: ssl.p.jwpcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://v2.zplayer.live/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=31536000, immutable
last-modified: Wed, 31 Aug 2022 18:45:15 GMT
etag: "ec88d8889c04ff5ee385f656e016a0e6"
content-type: application/javascript
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Tue, 06 Sep 2022 22:17:25 GMT
via: 1.1 varnish
age: 527983
x-served-by: cache-bma1658-BMA
x-cache: HIT
x-cache-hits: 123830
x-timer: S1662502646.641470,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 83724
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b17e7c43801e70e860f2194d225493c7
3b622b970fadc8d37ece3e8d0e66a31cff93ad09
cb21ef278a638b1488ef9165c018a30155f103290ec99661498e67974f79063c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CB21EF278A638B1488EF9165C018A30155F103290EC99661498E67974F79063C"
Last-Modified: Tue, 06 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2936
Expires: Tue, 06 Sep 2022 23:06:21 GMT
Date: Tue, 06 Sep 2022 22:17:25 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b17e7c43801e70e860f2194d225493c7
3b622b970fadc8d37ece3e8d0e66a31cff93ad09
cb21ef278a638b1488ef9165c018a30155f103290ec99661498e67974f79063c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CB21EF278A638B1488EF9165C018A30155F103290EC99661498E67974F79063C"
Last-Modified: Tue, 06 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2936
Expires: Tue, 06 Sep 2022 23:06:21 GMT
Date: Tue, 06 Sep 2022 22:17:25 GMT
Connection: keep-alive
glersakr.com/tag.min.js
139.45.197.239200 OK 23 kB IP 139.45.197.239:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash be63c388d567538b52da54af92341fd4
d6b53ecf63fd5c60961bb6810af5d590edcd75ff
67c8c82259890c03f120fb5a06f6ab72a79639f6d00c4a2988de8331c2410d56
Analyzer Verdict Alert fortinet Malware
GET /tag.min.js HTTP/1.1
Host: glersakr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://streamtape.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 22:17:25 GMT
content-type: text/javascript; charset=utf-8
content-length: 22987
content-encoding: br
x-trace-id: 0b6aefe08d3a3eb9f910e0eb5434ee60
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
accept-ranges: bytes
last-modified: Tue, 06 Sep 2022 12:28:39 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 10585eccdd73117e0bc71ecaf1cd02cb
7bda7ff7308cac8c8824a5a558097a15a2325f5e
6303f8b80751e64006c77524615f10709b136b0606695feb0f51b964e0c2163d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 22:17:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e27313c78bb1b4915b56819ea1681c89
aeea006638532562eb6d03ce71f1928f16a79e14
54f506e01b24da86d55bed7a799101e97f051c3ae9f40adb8627b28f611d4570
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 22:17:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.doubleclick.net/instream/ad_status.js
216.58.207.230200 OK 29 B URL HTTP/2 static.doubleclick.net/instream/ad_status.js
IP 216.58.207.230:0
Hash 1fa71744db23d0f8df9cce6719defcb7
e4be9b7136697942a036f97cf26ebaf703ad2067
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
GET /instream/ad_status.js HTTP/1.1
Host: static.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 29
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Sep 2022 22:14:23 GMT
expires: Tue, 06 Sep 2022 22:29:23 GMT
cache-control: public, max-age=900
age: 182
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/id
142.250.74.34302 Found 0 B URL HTTP/2 googleads.g.doubleclick.net/pagead/id
IP 142.250.74.34:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/id HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
date: Tue, 06 Sep 2022 22:17:25 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
browser.sentry-cdn.com/6.2.2/bundle.min.js
151.101.130.217200 OK 21 kB URL HTTP/2 browser.sentry-cdn.com/6.2.2/bundle.min.js
IP 151.101.130.217:0
File type ASCII text, with very long lines (65448)
Hash a948fc086ec14683f3f2270913c7f702
945e9d1a6a70d4e3f87dbd1058879bcddcb40a1d
0bb5309b61da0b307549c7c9edd6a61766a86d3dd317d093525fddeebeb212e9
GET /6.2.2/bundle.min.js HTTP/1.1
Host: browser.sentry-cdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://v2.zplayer.live
Connection: keep-alive
Referer: https://v2.zplayer.live/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=31536000
expires: Fri, 17 Mar 2023 07:22:09 GMT
last-modified: Thu, 11 Mar 2021 09:25:54 GMT
etag: "a948fc086ec14683f3f2270913c7f702"
content-type: application/javascript; charset=utf-8
content-encoding: gzip
accept-ranges: bytes
date: Tue, 06 Sep 2022 22:17:25 GMT
age: 15000916
vary: Accept-Encoding
access-control-allow-origin: *
server: Fastly
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 20633
X-Firefox-Spdy: h2
entitlements.jwplayer.com/gz_FBsVMEeWiQBKCk4Wcgw.json
152.199.22.243200 OK 69 B URL HTTP/2 entitlements.jwplayer.com/gz_FBsVMEeWiQBKCk4Wcgw.json
IP 152.199.22.243:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 84cc8845ef41159395e809a1c72f21f1
de584ee15d74115c78d11f5c30245753062049d0
074222a91e513b457c1ed8f51ec5eacfaf092c4a036ea2e22fb7ae360f5bb6c3
GET /gz_FBsVMEeWiQBKCk4Wcgw.json HTTP/1.1
Host: entitlements.jwplayer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://v2.zplayer.live
Connection: keep-alive
Referer: https://v2.zplayer.live/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
age: 12690
cache-control: max-age=1800, s-maxage=14760
content-type: application/json
date: Tue, 06 Sep 2022 22:17:25 GMT
last-modified: Tue, 06 Sep 2022 18:45:55 GMT
server: ECAcc (ska/F6BB)
vary: Accept-Encoding
x-cache: HIT
content-length: 69
X-Firefox-Spdy: h2
ausoafab.net/5/4716565/?oo=1&aab=1
139.45.197.239200 OK 1.8 kB URL HTTP/2 ausoafab.net/5/4716565/?oo=1&aab=1
IP 139.45.197.239:0
Hash 40a62edcf52aa597a40dc1ef05fdec16
0c979364745292e114a2a8a63cc1470c82cb6282
5273f85a37735616c6f7eb39b338886936590ca87cc6ce37fa5c175e7ea83541
Analyzer Verdict Alert quad9 Sinkholed
GET /5/4716565/?oo=1&aab=1 HTTP/1.1
Host: ausoafab.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://v2.zplayer.live
Connection: keep-alive
Referer: https://v2.zplayer.live/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 22:17:25 GMT
content-type: application/json
x-trace-id: 65024b837b9f0862e30b94edccda3944
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: https://v2.zplayer.live
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=0c522a18c6004fceb2fb1af34eeee05c; expires=Wed, 06 Sep 2023 22:17:25 GMT; path=/; secure; SameSite=None
oaidts=1662502645; expires=Wed, 06 Sep 2023 22:17:25 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 10585eccdd73117e0bc71ecaf1cd02cb
7bda7ff7308cac8c8824a5a558097a15a2325f5e
6303f8b80751e64006c77524615f10709b136b0606695feb0f51b964e0c2163d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 22:17:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.arc.io/widget/js/vendors~widget-ui.js?c9b0de53
194.242.11.186200 OK 72 kB URL HTTP/2 static.arc.io/widget/js/vendors~widget-ui.js?c9b0de53
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
File type ASCII text, with very long lines (63194)
Hash 829cf8058e59ed864909135410a59fb1
192eb1cc25561f264b29c7ff91777c6b21402811
2d4c3aa97082c363debd545262812856dc0ace870dbb72a668386ddc77dd3a0e
GET /widget/js/vendors~widget-ui.js?c9b0de53 HTTP/1.1
Host: static.arc.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://v2.zplayer.live/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Sep 2022 22:17:25 GMT
content-type: application/javascript
server: BunnyCDN-NO-830
cdn-pullzone: 786569
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
access-control-max-age: 86400
cache-control: public, max-age=2592000, stale-while-revalidate=864000
etag: W/"5f5181a44cab6b9ccdc03f0d9f46e177"
last-modified: Mon, 08 Aug 2022 22:09:02 GMT
x-amz-id-2: A9pqjKPrqIQflyxmXrVwzuzToR7cxaWclWx6NjnAerAt8ogrYlvolAtqoGvvdIsvqEeqAzY1AX0=
x-amz-request-id: 6ACY3P80RJNPZB5G
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 08/14/2022 14:32:19
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 7a394c45330d1111e47b4f9b19e3d87c
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.10200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.10:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Tue, 06 Sep 2022 22:17:26 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.10200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.10:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 5c807ff405aea9683b2b15461d9fcee2
d86e9ed371c2b8839162dcb8b51a586149001a2d
1a67e39187e9da069d31ba536383e646f2c7bafbd4d1d0791aaef5df1225345f
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Tue, 06 Sep 2022 22:17:26 GMT
server: ESF
cache-control: private
content-length: 30618
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 21d1b5be072df45253749eeb3290be82
4ac9978797c085289b9fcc2fe9a57b619e1c78c9
9ea779e1ad86a4a7c403b574908e2dc60d079b366ab1cf439b34c73c9a9c64c9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 22:17:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/js/th/97z2yBxPcYiv6eioOAzftW1739b5eZ3I_zVAeb-vK4k.js
142.250.74.164200 OK 14 kB URL HTTP/2 www.google.com/js/th/97z2yBxPcYiv6eioOAzftW1739b5eZ3I_zVAeb-vK4k.js
IP 142.250.74.164:0
File type ASCII text, with very long lines (36079)
Hash 72692ad1b05fd9a02ff85f1c3ca30a46
520a2098d9be492a862bab96f6653393205e00e9
1c17c960446cf9498b1f6703a553a7e59f005816bb9991b97c5718524c5fa4d5
GET /js/th/97z2yBxPcYiv6eioOAzftW1739b5eZ3I_zVAeb-vK4k.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 14243
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 31 Aug 2022 05:03:20 GMT
expires: Thu, 31 Aug 2023 05:03:20 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 29 Aug 2022 11:00:00 GMT
content-type: text/javascript
age: 580446
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
static.arc.io/widget/js/widget-ui.js?784632c0
194.242.11.186200 OK 49 kB URL HTTP/2 static.arc.io/widget/js/widget-ui.js?784632c0
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
Hash c061b47e7ec16700d8f305eea6b5e105
cfd512bdab117fc6e0cc897b5721408063c828cb
4144ce63cae432910159b57feed4b4ad2f348a2d637e1126f52e0dd0a155f891
GET /widget/js/widget-ui.js?784632c0 HTTP/1.1
Host: static.arc.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://v2.zplayer.live/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Sep 2022 22:17:25 GMT
content-type: application/javascript
server: BunnyCDN-NO-830
cdn-pullzone: 786569
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
access-control-max-age: 86400
cache-control: public, max-age=2592000, stale-while-revalidate=864000
etag: W/"7b9dc001ae1d02594045f630c0c9760a"
last-modified: Thu, 01 Sep 2022 19:21:28 GMT
x-amz-id-2: sso+CjRy526e+aJLRNdKq8RjhZ6KoGwR6Y604T67KYRlvAXyQ4xEXLctgzgvzzy4W5PmUrRFebM=
x-amz-request-id: 0RKQT4A1JEK82HB5
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 09/01/2022 19:27:00
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 7827f2fcddb445e36b1fbe0d3d638f1e
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
static.arc.io/broker/js/lazy-modules.a169b1ec.js
194.242.11.186200 OK 16 kB URL HTTP/2 static.arc.io/broker/js/lazy-modules.a169b1ec.js
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
File type ASCII text, with very long lines (25027)
Hash e79f2d46d464e703ee8a9f71f497bcf6
4c515421dff9d0c7dd53e9d933c008ff174c8656
0960d619177b6d9325d57b2d285171e56b65b7a230c52fdcf59d87168d38203b
GET /broker/js/lazy-modules.a169b1ec.js HTTP/1.1
Host: static.arc.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://core.arc.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 22:17:26 GMT
content-type: application/javascript
server: BunnyCDN-NO-830
cdn-pullzone: 786569
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
access-control-max-age: 86400
cache-control: public, max-age=2592000
etag: W/"32ab6174f553ec44ff554a5a2406b76d"
last-modified: Wed, 19 Jan 2022 23:33:03 GMT
x-amz-id-2: 1HPOvli1UWDpUZXFWu6CwdlYyQUcdV4wPGgPy4nfB7B6fDlC7Q604ob7CUR3XzVeynp2AAE8mww=
x-amz-request-id: ST1DTDBD2C8CBP39
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 07/16/2022 07:43:24
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 4f564f6c3e16c4bf73f1bacac7946a4d
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
mc.yandex.ru/metrika/tag.js
87.250.250.119200 OK 72 kB URL HTTP/2 mc.yandex.ru/metrika/tag.js
IP 87.250.250.119:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (681)
Hash 034d4604beaddff5783b9878fadfaee6
64d5e1e0dbbbd62d6a64349dd964763b7ab4cbea
f8a957ee3468693f465da61d899438a2b674369b80c9d5c9ffff1111a7091290
GET /metrika/tag.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vanfem.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 71985
date: Tue, 06 Sep 2022 22:17:26 GMT
access-control-allow-origin: *
etag: "6315c3a4-11931"
expires: Tue, 06 Sep 2022 23:17:26 GMT
last-modified: Mon, 05 Sep 2022 12:38:44 GMT
cache-control: max-age=3600
content-encoding: br
content-type: application/javascript
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
glersakr.com/tag.min.js
139.45.197.239200 OK 23 kB IP 139.45.197.239:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash be63c388d567538b52da54af92341fd4
d6b53ecf63fd5c60961bb6810af5d590edcd75ff
67c8c82259890c03f120fb5a06f6ab72a79639f6d00c4a2988de8331c2410d56
Analyzer Verdict Alert fortinet Malware
GET /tag.min.js HTTP/1.1
Host: glersakr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adblockplustape.xyz/
Cookie: OAID=f48997e38f034f3b9780dee829df954d; oaidts=1662502645
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 22:17:26 GMT
content-type: text/javascript; charset=utf-8
content-length: 22987
content-encoding: br
x-trace-id: d36ffc910ad9cc21cf075dc4176c97c4
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
accept-ranges: bytes
last-modified: Tue, 06 Sep 2022 12:29:25 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8a7f8ce76c818d9755e241973344aaa9
9e138f13a8b6f8621440336d9284c5e7ea24b455
728a530b8f9a6218fa1e70e5f1bacafc177dd8ac059ae4cdfd9744417b8d249c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "728A530B8F9A6218FA1E70E5F1BACAFC177DD8AC059AE4CDFD9744417B8D249C"
Last-Modified: Mon, 05 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3965
Expires: Tue, 06 Sep 2022 23:23:31 GMT
Date: Tue, 06 Sep 2022 22:17:26 GMT
Connection: keep-alive
mc.yandex.ru/watch/49788082/1?wmode=7&page-url=https%3A%2F%2Fvanfem.com%2Fv%2F08zp5ilw8e-4njq&page-ref=https%3A%2F%2Ffanpelis.la%2F&charset=utf-8&site-info=%7B%22owner%22%3A%22212914%22%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9urjbdp7e2g%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A1155800666440%3Ahid%3A954048443%3Az%3A0%3Ai%3A20220906221720%3Aet%3A1662502641%3Arn%3A1009622401%3Arqn%3A1%3Au%3A1662502641623338503%3Aw%3A0x0%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Ans%3A1662502638773%3Ads%3A0%2C0%2C0%2C%2C250%2C0%2C%2C687%2C1%2C%2C%2C%2C1470%3Awv%3A2%3Aco%3A0%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-a81f3b9bcdd80a361c14af38dc09b309-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662502641%3At%3AVideo%20El%20perfecto%20asesino%20-%20El%20profesional%20-%20L%C3%A9on%20The%20Professional%20%281994%29.mp4&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29
87.250.250.119200 OK 419 B URL HTTP/2 mc.yandex.ru/watch/49788082/1?wmode=7&page-url=https%3A%2F%2Fvanfem.com%2Fv%2F08zp5ilw8e-4njq&page-ref=https%3A%2F%2Ffanpelis.la%2F&charset=utf-8&site-info=%7B%22owner%22%3A%22212914%22%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9urjbdp7e2g%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A1155800666440%3Ahid%3A954048443%3Az%3A0%3Ai%3A20220906221720%3Aet%3A1662502641%3Arn%3A1009622401%3Arqn%3A1%3Au%3A1662502641623338503%3Aw%3A0x0%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Ans%3A1662502638773%3Ads%3A0%2C0%2C0%2C%2C250%2C0%2C%2C687%2C1%2C%2C%2C%2C1470%3Awv%3A2%3Aco%3A0%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-a81f3b9bcdd80a361c14af38dc09b309-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662502641%3At%3AVideo%20El%20perfecto%20asesino%20-%20El%20profesional%20-%20L%C3%A9on%20The%20Professional%20%281994%29.mp4&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29
IP 87.250.250.119:0
File type JSON data\012- , ASCII text, with very long lines (419), with no line terminators
Hash 3da724a9f33239031df36c600af30ac4
98cc4f261defacc88bb1157162d61ad84445c39b
d6463e4495b382908cf3b0378ac12bf39203c90baf676c76ac975c5f3597b474
GET /watch/49788082/1?wmode=7&page-url=https%3A%2F%2Fvanfem.com%2Fv%2F08zp5ilw8e-4njq&page-ref=https%3A%2F%2Ffanpelis.la%2F&charset=utf-8&site-info=%7B%22owner%22%3A%22212914%22%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9urjbdp7e2g%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A1155800666440%3Ahid%3A954048443%3Az%3A0%3Ai%3A20220906221720%3Aet%3A1662502641%3Arn%3A1009622401%3Arqn%3A1%3Au%3A1662502641623338503%3Aw%3A0x0%3As%3A1280x1024x24%3Ask%3A1%3Aifr%3A1%3Ans%3A1662502638773%3Ads%3A0%2C0%2C0%2C%2C250%2C0%2C%2C687%2C1%2C%2C%2C%2C1470%3Awv%3A2%3Aco%3A0%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-a81f3b9bcdd80a361c14af38dc09b309-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1662502641%3At%3AVideo%20El%20perfecto%20asesino%20-%20El%20profesional%20-%20L%C3%A9on%20The%20Professional%20%281994%29.mp4&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29 HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://vanfem.com
Referer: https://vanfem.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 419
date: Tue, 06 Sep 2022 22:17:26 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://vanfem.com
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Tue, 06-Sep-2022 22:17:26 GMT
last-modified: Tue, 06-Sep-2022 22:17:26 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: application/json; charset=utf-8
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2587
Expires: Tue, 06 Sep 2022 23:00:33 GMT
Date: Tue, 06 Sep 2022 22:17:26 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2587
Expires: Tue, 06 Sep 2022 23:00:33 GMT
Date: Tue, 06 Sep 2022 22:17:26 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2587
Expires: Tue, 06 Sep 2022 23:00:33 GMT
Date: Tue, 06 Sep 2022 22:17:26 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2587
Expires: Tue, 06 Sep 2022 23:00:33 GMT
Date: Tue, 06 Sep 2022 22:17:26 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faba86944-df9f-4d50-9b10-d50644b978e3.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faba86944-df9f-4d50-9b10-d50644b978e3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4f29d8aaae2d67c27c58001e7553dea7
5200b601017ce86614783b76fd2a775c1c48d4e9
6b55c4d692cf584e0319b07251d9845749fe8954062dab66e003dd2706451504
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faba86944-df9f-4d50-9b10-d50644b978e3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4805
x-amzn-requestid: 6db42fa4-5a04-4368-b5cb-ea8f70d83ead
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XmxSRFp7oAMFb3Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630c2f41-1df42bd2265554de5f47932e;Sampled=0
x-amzn-remapped-date: Mon, 29 Aug 2022 03:15:13 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: KQ1yb69_uETJJlEIcwsR165zqZuiklGuj3Nn-tyta0e_q8BGqs3cXg==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 21:51:24 GMT
age: 1562
etag: "5200b601017ce86614783b76fd2a775c1c48d4e9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46aec6c9-5dde-4aba-879c-d92f0cfec73f.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46aec6c9-5dde-4aba-879c-d92f0cfec73f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f754103a24f76f89b092a30c13f2d5d5
800998b57db224e881f26b245baa4da9626d9f0a
2d535af5239ad8c836cb8545ae6bcc957b3ebcf5ae3abe60fb4281c9e268b0be
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46aec6c9-5dde-4aba-879c-d92f0cfec73f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13523
x-amzn-requestid: 10df7b4c-540c-4706-a511-5ff96a3aeb9c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YDikTETaIAMFk6A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6317b14e-4afbd43f3d8117aa10e91f64;Sampled=0
x-amzn-remapped-date: Tue, 06 Sep 2022 20:45:02 GMT
x-amz-cf-pop: YVR50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: dDCQ13zMHNL9RVL9bvUVut-AfDpiTNaj8798O5T20k0hiSkL2t3KjA==
via: 1.1 1dd804267731601ebefbfc73a35de7a8.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 21:51:15 GMT
etag: "800998b57db224e881f26b245baa4da9626d9f0a"
content-type: image/jpeg
age: 1571
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
pogothere.xyz/asd100.bin
104.21.86.231200 OK 139 kB IP 104.21.86.231:0
Size 139 kB (138935 bytes)
Hash 5c775d98eb29a4e0ea4a0482c1d52d5e
dce636a11145b2605ceaf85ddf4e9e4c81248a34
61f805ead8300e10c695b5688f5ae5365fc333eac1807f2c88f5f52344334d8f
GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fanpelis.la/
Origin: https://fanpelis.la
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 06 Sep 2022 22:17:25 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://fanpelis.la
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: EXPIRED
last-modified: Tue, 06 Sep 2022 19:59:24 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s0lfvkW%2BR7A%2FsTauwiqrV2EBoLll%2BoCJaFDRKF%2F5BfZHZ43C4z%2BX6uJgfH6MdCUDOWbgZqgpqrzHHmb8bSyaAvkPfJd8dLTIsEWg4IE%2FnCn4PvTIQBB8nvaNxQPm5kAL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 746a931d7f950b69-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
zap.buzz/8YbYQea
104.21.53.136302 Found 9.4 kB IP 104.21.53.136:0
Hash 9552f767643b20dceeabfaaa3874d6d6
12469e7d1d2cfe94cb0798c9b1d4a4d071a69c2d
685379f601e7fb54f456e6287058ab6d5e260b81f809ccf69b8ef5d318a8d1c6
GET /8YbYQea HTTP/1.1
Host: zap.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Tue, 06 Sep 2022 22:17:26 GMT
content-type: text/html; charset=utf-8
location: https://xml.popmonetizer.com/redirect?feed=457655&auth=BcObps&pubid=155183
vary: Cookie
set-cookie: session=eyJfcGVybWFuZW50Ijp0cnVlfQ.YxfG9g.aESb04R6UZSfKu7WmNJoayhASoQ; Expires=Tue, 06 Sep 2022 22:47:26 GMT; HttpOnly; Path=/
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cMiwBiJ%2Bkoh3m4oj8w5yZIFAsfaK47N2VsP3f1cfK6yw8wNSet8tEW6R1OQ4C6OTwV1nhJqWfXnDMmR2d3iSc9TeiC8VNS%2BkhOZBiYvJiHkmWqvmhY1aZw1meA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 746a9324f82eb517-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 7c4e2bba6bee091c96d60f6517e94721
35ae4c28dd99b92bf968b525c76c089859b40d30
ac49fe48096bd981334867b35cc4f9af753559f78d00e0c5ef2d8b2524ae0e20
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 22:17:26 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 04 Sep 2022 23:22:12 GMT
Expires: Sun, 11 Sep 2022 23:22:11 GMT
Etag: "35ae4c28dd99b92bf968b525c76c089859b40d30"
Cache-Control: max-age=435284,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 746a9326cf88b51b-OSL
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2e9b3424-a7df-4a41-82c2-4baf4813509c.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2e9b3424-a7df-4a41-82c2-4baf4813509c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fcf56e65178e3bdb802a8215b48d11f0
6ca14b815e1446172a72f28f58fbbf97272a512b
42a88966c46e9670786e171700f403805f1a278aef0edfee233afb8fd5e41e46
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2e9b3424-a7df-4a41-82c2-4baf4813509c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11464
x-amzn-requestid: 5a4d63f8-dd44-4003-bd90-4ebcdf4517e2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XdbBcECroAMFrFA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63087209-22f3a6a174d32fd11f863106;Sampled=0
x-amzn-remapped-date: Fri, 26 Aug 2022 07:11:05 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: RN78TWtmq0okztaJVpUNwYH093j1R18-1HsnQGKYpciJ41WsUhwcMA==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 22:07:41 GMT
age: 585
etag: "6ca14b815e1446172a72f28f58fbbf97272a512b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
glersakr.com/5/3567558/?oo=1&aab=1
139.45.197.239200 OK 9.8 kB URL HTTP/2 glersakr.com/5/3567558/?oo=1&aab=1
IP 139.45.197.239:0
Hash 081629480bb27bf698cce33837aeba36
94eb2ae59a9749b39f3bb3664e4191a588022f64
d8316156037f2cab91199142f54c235d7c1a5e4b2a20ba00973dd981207b93e0
GET /5/3567558/?oo=1&aab=1 HTTP/1.1
Host: glersakr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://streamtape.com
Connection: keep-alive
Referer: https://streamtape.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 22:17:25 GMT
content-type: application/json
x-trace-id: f9c6b6c0a99e5ff00656180b04413a0c
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: https://streamtape.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=f48997e38f034f3b9780dee829df954d; expires=Wed, 06 Sep 2023 22:17:25 GMT; path=/; secure; SameSite=None
oaidts=1662502645; expires=Wed, 06 Sep 2023 22:17:25 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
mc.yandex.ru/metrika/advert.gif
87.250.250.119200 OK 43 B URL HTTP/2 mc.yandex.ru/metrika/advert.gif
IP 87.250.250.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /metrika/advert.gif HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vanfem.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Tue, 06 Sep 2022 22:17:26 GMT
access-control-allow-origin: *
etag: "6315c3a4-2b"
expires: Tue, 06 Sep 2022 23:17:26 GMT
accept-ranges: bytes
last-modified: Mon, 05 Sep 2022 12:38:44 GMT
cache-control: max-age=3600
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
6.adsco.re/
104.17.166.186200 OK 0 B IP 104.17.166.186:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: 6.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://adblockplustape.xyz
Connection: keep-alive
Referer: https://adblockplustape.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Sep 2022 22:17:26 GMT
content-type: text/plain;charset=UTF-8
content-length: 0
access-control-allow-origin: https://adblockplustape.xyz
cache-control: private, max-age=10
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-max-age: 2592000
vary: Accept-Encoding
server: cloudflare
cf-ray: 746a93274d39b4eb-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 7c4e2bba6bee091c96d60f6517e94721
35ae4c28dd99b92bf968b525c76c089859b40d30
ac49fe48096bd981334867b35cc4f9af753559f78d00e0c5ef2d8b2524ae0e20
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 22:17:26 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 04 Sep 2022 23:22:12 GMT
Expires: Sun, 11 Sep 2022 23:22:11 GMT
Etag: "35ae4c28dd99b92bf968b525c76c089859b40d30"
Cache-Control: max-age=435284,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 746a93272ca3b506-OSL
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 883290e08668bfab63508d5c2a0af51b
24f03311c48b64b7a6cdbd9825bc317a705ccd5a
e52b44e5e619b45296028a85858a809cc98d751e621475876d120e0369e7fc60
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E52B44E5E619B45296028A85858A809CC98D751E621475876D120E0369E7FC60"
Last-Modified: Mon, 05 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3148
Expires: Tue, 06 Sep 2022 23:09:54 GMT
Date: Tue, 06 Sep 2022 22:17:26 GMT
Connection: keep-alive
7tou0iduk8x8.l4.adsco.re/
185.200.118.90200 OK 0 B URL HTTP/1.1 7tou0iduk8x8.l4.adsco.re/
IP 185.200.118.90:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: 7tou0iduk8x8.l4.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://adblockplustape.xyz
Connection: keep-alive
Referer: https://adblockplustape.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 22:17:26 GMT
Content-Type: text/html
Content-Length: 0
Last-Modified: Tue, 31 Jul 2018 22:16:15 GMT
Connection: close
ETag: "5b60dfaf-0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Accept-Ranges: bytes
4.adsco.re/
162.252.214.5200 OK 62 B IP 162.252.214.5:0
File type ASCII text, with no line terminators
Hash adde5febc7b5b6c2c759ec735cce83a0
77ec17be8a9970ff04663294d41c590d0d24fde4
ce2b9f2e5005195de7add565505005be6f2ef0d37521771e15106d1e1b9260ff
GET / HTTP/1.1
Host: 4.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://adblockplustape.xyz
Connection: keep-alive
Referer: https://adblockplustape.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 22:17:26 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Origin: https://adblockplustape.xyz
Access-Control-Max-Age: 2592000
Cache-Control: private, max-age=5
Content-Encoding: gzip
xml.popmonetizer.com/redirect?feed=457655&auth=BcObps&pubid=155183
174.137.133.18200 OK 0 B URL HTTP/1.1 xml.popmonetizer.com/redirect?feed=457655&auth=BcObps&pubid=155183
IP 174.137.133.18:0
ASN #27257 WEBAIR-INTERNET
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect?feed=457655&auth=BcObps&pubid=155183 HTTP/1.1
Host: xml.popmonetizer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 06 Sep 2022 22:17:26 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
Age: 0
Pragma: no-cache
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 912f9a32166cf6d4e458969545df501d
6cecdd7246361b80f2464910ba31ee1f4381ee7d
58d632863a6aab3b308ad380f47595e74120f4495f48e83e89647e4f42533fa3
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 22:17:27 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 05 Sep 2022 06:25:21 GMT
Expires: Mon, 12 Sep 2022 06:25:20 GMT
Etag: "6cecdd7246361b80f2464910ba31ee1f4381ee7d"
Cache-Control: max-age=460672,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 746a93272fccb51b-OSL
my.rtmark.net/gid.js
139.45.195.8200 OK 65 B IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash 3adc4084468e5efa76a9e64d1dbda44f
02b7aca2a0dde8548a6b52a6bd13fdbc16d12f18
88c4d72660a146a294483688e849d3981cdfbddf33fedfb3218776e0e9b114b1
GET /gid.js HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://adblockplustape.xyz
Connection: keep-alive
Referer: https://adblockplustape.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 22:17:27 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://adblockplustape.xyz
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=48109fb853f546eb9ce3d9c3c1668220; expires=Wed, 06 Sep 2023 22:17:27 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9ccd7ddbb0da1d44f504cd3a93b0a71c
acf32c42258458db9774ac7c86d2d4ccba3d9bb3
3dbf4292ae995a1e890c1e263e2062bf9e8d54b06ce708ddadad4f9575a1a964
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3DBF4292AE995A1E890C1E263E2062BF9E8D54B06CE708DDADAD4F9575A1A964"
Last-Modified: Mon, 05 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3008
Expires: Tue, 06 Sep 2022 23:07:35 GMT
Date: Tue, 06 Sep 2022 22:17:27 GMT
Connection: keep-alive
xml.popmonetizer.com/redirect?feed=457655&auth=BcObps&pubid=155183
174.137.133.18302 Found 0 B URL HTTP/1.1 xml.popmonetizer.com/redirect?feed=457655&auth=BcObps&pubid=155183
IP 174.137.133.18:0
ASN #27257 WEBAIR-INTERNET
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /redirect?feed=457655&auth=BcObps&pubid=155183 HTTP/1.1
Host: xml.popmonetizer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Tue, 06 Sep 2022 22:17:27 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store
Age: 0
Location: https://cngcpy.com/cuhdl?wh=MS9RKSYOsDOD7jbbc39Ni1Cy&si1=409133
Pragma: no-cache
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a46a3ef2a2706d4d360c3708f231d5dd
401f54396b220a566ae4fe0ea4a6d19201562026
dbeb68fc518d044429233603ffb767a1bc2c74ad76cda82bf016f183e03c5740
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "DBEB68FC518D044429233603FFB767A1BC2C74AD76CDA82BF016F183E03C5740"
Last-Modified: Sun, 04 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4610
Expires: Tue, 06 Sep 2022 23:34:17 GMT
Date: Tue, 06 Sep 2022 22:17:27 GMT
Connection: keep-alive
7tou0iduk8x8.n4.adsco.re/
38.132.109.186200 OK 0 B URL HTTP/1.1 7tou0iduk8x8.n4.adsco.re/
IP 38.132.109.186:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: 7tou0iduk8x8.n4.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://adblockplustape.xyz
Connection: keep-alive
Referer: https://adblockplustape.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 22:17:27 GMT
Content-Type: text/html
Content-Length: 0
Last-Modified: Mon, 30 Jul 2018 15:32:42 GMT
Connection: close
ETag: "5b5f2f9a-0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Accept-Ranges: bytes
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a46a3ef2a2706d4d360c3708f231d5dd
401f54396b220a566ae4fe0ea4a6d19201562026
dbeb68fc518d044429233603ffb767a1bc2c74ad76cda82bf016f183e03c5740
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "DBEB68FC518D044429233603FFB767A1BC2C74AD76CDA82BF016F183E03C5740"
Last-Modified: Sun, 04 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4610
Expires: Tue, 06 Sep 2022 23:34:17 GMT
Date: Tue, 06 Sep 2022 22:17:27 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash eb5a8aa7a9937cd24a5dad6a48259d76
213211fd656aaa3ceb7b33ddeb1b0e72c031bcb7
0b4466944481df916778cd7b282b169a47941687cde72982bb9ac24ae0a5820e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0B4466944481DF916778CD7B282B169A47941687CDE72982BB9AC24AE0A5820E"
Last-Modified: Tue, 06 Sep 2022 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3472
Expires: Tue, 06 Sep 2022 23:15:19 GMT
Date: Tue, 06 Sep 2022 22:17:27 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ae09901aeb80e63c1bdf44826ee50a57
3e5b56ad93dea11620a7c0e77851efe4a621c493
60de0d47d81dfec4bb16b47f79a2e27c546ed2fe49d1c4d3f041fcc87936ac0e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "60DE0D47D81DFEC4BB16B47F79A2E27C546ED2FE49D1C4D3F041FCC87936AC0E"
Last-Modified: Mon, 05 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2665
Expires: Tue, 06 Sep 2022 23:01:52 GMT
Date: Tue, 06 Sep 2022 22:17:27 GMT
Connection: keep-alive
7tou0iduk8x8.s4.adsco.re/
185.200.116.90200 OK 0 B URL HTTP/1.1 7tou0iduk8x8.s4.adsco.re/
IP 185.200.116.90:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: 7tou0iduk8x8.s4.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://adblockplustape.xyz
Connection: keep-alive
Referer: https://adblockplustape.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 06 Sep 2022 22:17:27 GMT
Content-Type: text/html
Content-Length: 0
Last-Modified: Mon, 30 Jul 2018 15:38:01 GMT
Connection: close
ETag: "5b5f30d9-0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Accept-Ranges: bytes
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F06ecbe48-320f-4519-b483-d18aef3d2553.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F06ecbe48-320f-4519-b483-d18aef3d2553.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f0408a050e5a372bd7779e85c795657c
0982f165e38844efca891ed93a50bdd7207e0a0b
9edf3e51b6d968619b4996b478e66a10dc44df3e1d4eeeb72b414fa3cc7a422f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F06ecbe48-320f-4519-b483-d18aef3d2553.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 9979
x-amzn-requestid: dd8213ad-743d-4427-b71b-b149394fc69b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X-FSLFLXIAMFSjQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63158274-31ee142e3fec71c16a5221f0;Sampled=0
x-amzn-remapped-date: Mon, 05 Sep 2022 05:00:36 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: GkJqu6f6Jrh3zDUi0D0DRNENK7wnNyztFsn7EXdpXjI9yWDPrj8fhA==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 31119c39c5a6dc62dfa1fe940afd7be2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 21:49:11 GMT
age: 1702
etag: "0982f165e38844efca891ed93a50bdd7207e0a0b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa3ae4346-3791-48e9-b716-4bfdc670467a.jpeg
34.120.237.76200 OK 5.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa3ae4346-3791-48e9-b716-4bfdc670467a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8a9a1bb14200a889ef20d3879ab38009
a774e156a3d78ba360831d5146beac913b0b0840
95aa2305965dae7e22ca4baee53de9b21fd0824dc6ae743ea6286f203cb16770
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa3ae4346-3791-48e9-b716-4bfdc670467a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 5629
x-amzn-requestid: b1ebe759-bf6e-4c58-871e-ab7640cdbf1f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xe20pEIdIAMFxCg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630904ea-702b55ac4cf0aa022352258e;Sampled=0
x-amzn-remapped-date: Fri, 26 Aug 2022 17:37:46 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: cwzhd4wqvBShSJO_Qfudrz51RnFC8eQRX8fpbzOEX0wcVdzQVD_PRA==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 21:52:00 GMT
age: 1534
etag: "a774e156a3d78ba360831d5146beac913b0b0840"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8639d630-8c8a-4807-a0b9-15086c24357f.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8639d630-8c8a-4807-a0b9-15086c24357f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c59fa99ae2913811dc92e67032c57394
de4df8a9282e9cec140c9074a140f72fb3dc896e
bb5841642c985c12489b7b23a2a95571864896eef9a04645e61029f9f6717bdc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8639d630-8c8a-4807-a0b9-15086c24357f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 11675
x-amzn-requestid: 4dec6362-eb2a-4cd9-b92e-c569f31b2cc0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X3OeFGyboAMFzqg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6312c459-1506326857a16d2f3bbb231c;Sampled=0
x-amzn-remapped-date: Sat, 03 Sep 2022 03:04:58 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: YgSKXkER0MzEbjO3lpl_uMkqf8hB_V1Scbj75aaP2_zxXt_Va-ZaCg==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 31119c39c5a6dc62dfa1fe940afd7be2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 21:51:26 GMT
age: 1569
etag: "de4df8a9282e9cec140c9074a140f72fb3dc896e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fde9352b2-4ab5-48d0-9676-61bf3275b779.jpeg
34.120.237.76200 OK 7.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fde9352b2-4ab5-48d0-9676-61bf3275b779.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 489429fc4af7d245f194596e975d1e49
ab455b8abde4309f365d55508794a8cf8c85d8b6
112f3ed8114c9a10d897af2d083a71f10ec68442d5896487f12259ed676ae017
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fde9352b2-4ab5-48d0-9676-61bf3275b779.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 22:17:36 GMT
content-type: image/jpeg
content-length: 7002
x-amzn-requestid: 0752310a-7ca0-4ea8-a678-8f049b75ad51
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X5xa4HedIAMF4pw=
x-content-type-options: nosniff
etag: "ab455b8abde4309f365d55508794a8cf8c85d8b6"
x-amzn-trace-id: Root=1-6313c912-22f168ab60f17c4b671d6370;Sampled=0
x-amzn-remapped-date: Sat, 03 Sep 2022 21:37:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: -d0fBEUietExakJOgudzXyCpL-T2WstDUoOaVnutZTF0PUrrzPTL3A==
age: 218929
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe32c4c11-63fc-45cc-8135-a07269f9cfff.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe32c4c11-63fc-45cc-8135-a07269f9cfff.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e394af6d0aec5b71edd498560f9ec203
b01d56a5089b4603c0457635cb27fb3e674f65d1
95a5f3cf75273226304f1bda382bb4e6b3b1b93102680e088679cd6ab456d9b4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe32c4c11-63fc-45cc-8135-a07269f9cfff.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 10271
x-amzn-requestid: 9e4b6ad9-d5bb-41f4-9c44-6825559f9c76
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YDsC-G3LoAMFRfQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6317c079-482e37871987d52023a82d4d;Sampled=0
x-amzn-remapped-date: Tue, 06 Sep 2022 21:49:45 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 28L4Qiki8GQVRN5gWNSd5ZZyHTYWj-KryMkJg9er8NTQYCmsdZG8_g==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 22:11:45 GMT
etag: "b01d56a5089b4603c0457635cb27fb3e674f65d1"
content-type: image/jpeg
age: 352
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F544c97ea-c914-4fdc-82af-945cb0832cde.jpeg
34.120.237.76200 OK 3.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F544c97ea-c914-4fdc-82af-945cb0832cde.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash edcd025faafbf7161d4d606f47304c2b
a99519726bc82f2cc0541c79f47ddd15c7362669
ed7b147e3ea371ea4b014805d9c2f45407918924bb2ec540ea6f7cd0a8b1b698
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F544c97ea-c914-4fdc-82af-945cb0832cde.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 3529
x-amzn-requestid: 6ee305f1-aaaf-49eb-94b5-1176943a1922
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YCjYWFzNoAMFajg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63174c35-7e8ef3554da3194d47726d0d;Sampled=0
x-amzn-remapped-date: Tue, 06 Sep 2022 13:33:41 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: u3PSpvVEoPGJTFmcB643hOaVUAp-iW0X68PxtIaJZvGHc-Bh79gPgQ==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 21:41:50 GMT
age: 27256
etag: "a99519726bc82f2cc0541c79f47ddd15c7362669"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
my.rtmark.net/gid.js?userId=0c522a18c6004fceb2fb1af34eeee05c
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?userId=0c522a18c6004fceb2fb1af34eeee05c
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash 3adc4084468e5efa76a9e64d1dbda44f
02b7aca2a0dde8548a6b52a6bd13fdbc16d12f18
88c4d72660a146a294483688e849d3981cdfbddf33fedfb3218776e0e9b114b1
GET /gid.js?userId=0c522a18c6004fceb2fb1af34eeee05c HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://v2.zplayer.live
Connection: keep-alive
Referer: https://v2.zplayer.live/
Cookie: ID=48109fb853f546eb9ce3d9c3c1668220
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 22:17:43 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://v2.zplayer.live
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=48109fb853f546eb9ce3d9c3c1668220; expires=Wed, 06 Sep 2023 22:17:43 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c4f112da21b8595a118d74c62a9ade71
e9d07c7b746ac1c3813c30eafcf3cb62b3767b91
b2d11eb11d46ae622a9728b453d24fe227ab15555156fe247d74f482b6d795ad
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B2D11EB11D46AE622A9728B453D24FE227AB15555156FE247D74F482B6D795AD"
Last-Modified: Sun, 04 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2636
Expires: Tue, 06 Sep 2022 23:01:39 GMT
Date: Tue, 06 Sep 2022 22:17:43 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8cad02303e445454151cf347f92b7d46
387ed6896562a3a8343c4073039bac8e000c31e9
51ee13f77ae39cbb8038c9c6d7135f125415d14e0fa035a750a7edef62156d62
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "51EE13F77AE39CBB8038C9C6D7135F125415D14E0FA035A750A7EDEF62156D62"
Last-Modified: Tue, 06 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2571
Expires: Tue, 06 Sep 2022 23:00:34 GMT
Date: Tue, 06 Sep 2022 22:17:43 GMT
Connection: keep-alive
c.adsco.re/
104.17.166.186200 OK 0 B IP 104.17.166.186:0
GET / HTTP/1.1
Host: c.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adblockplustape.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Sep 2022 22:17:26 GMT
content-type: text/html
cache-control: public, max-age=2678400
accept-ch: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
permissions-policy: ch-ua=(self "https://adsco.re"),ch-ua-mobile=(self "https://adsco.re"),ch-ua-full-version=(self "https://adsco.re"),ch-ua-platform=(self "https://adsco.re"),ch-ua-platform-version=(self "https://adsco.re"),ch-ua-arch=(self "https://adsco.re"),ch-ua-model=(self "https://adsco.re"),ch-device-memory=(self "https://adsco.re"),ch-downlink=(self "https://adsco.re"),ch-ect=(self "https://adsco.re"),ch-rtt=(self "https://adsco.re"),ch-width=(self "https://adsco.re"),ch-viewport-width=(self "https://adsco.re"),ch-dpr=(self "https://adsco.re")
link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=preconnect
expires: Fri, 07 Oct 2022 22:17:26 GMT
etag: W/"49EMMoGNl608re5Cihgheg=="
cf-cache-status: HIT
age: 606586
vary: Accept-Encoding
server: cloudflare
cf-ray: 746a93262994fac0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.arc.io/widget/css/widget.css?451963a
194.242.11.186200 OK 0 B URL HTTP/2 static.arc.io/widget/css/widget.css?451963a
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
GET /widget/css/widget.css?451963a HTTP/1.1
Host: static.arc.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://v2.zplayer.live/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Sep 2022 22:17:25 GMT
content-type: text/css
server: BunnyCDN-NO-830
cdn-pullzone: 786569
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-allow-methods: GET, HEAD
access-control-max-age: 86400
cache-control: public, max-age=2592000, stale-while-revalidate=864000
etag: W/"ce66dd39d9339eebd65264a9ecc334be"
last-modified: Tue, 06 Sep 2022 17:58:16 GMT
x-amz-id-2: Z7uLXOP8QEalZaNAUyCNg7xDK5PAMVIgC/Xqud7jMJ/M0knwlYv820X7SP/Fe0iU9PJethAk9ic=
x-amz-request-id: VS0NMGHF133RADYE
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 09/06/2022 18:43:40
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: b3ea13b36a8a0502eff6af371a0483b8
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
v2.zplayer.live/js/jquery.cookie.js
172.67.171.65200 OK 0 B URL HTTP/2 v2.zplayer.live/js/jquery.cookie.js
IP 172.67.171.65:0
GET /js/jquery.cookie.js HTTP/1.1
Host: v2.zplayer.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://v2.zplayer.live/embed/orhbl56m6gqd
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 22:17:25 GMT
content-type: application/javascript
last-modified: Tue, 31 May 2011 16:53:56 GMT
etag: W/"10eb-4a4953fe69100"
cache-control: max-age=14400
cf-cache-status: HIT
age: 2861
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z%2FBi6O4tHbsEPiHSv97F1gweBpW5h4Y1bj3DqwIvJOSzAVmhHUO6cYfogWDAjRV8EnrFabikEt3nlE92YrszUXbPj5AHUvbMgNjAa930gfG6QzNN2LqFFSK2Pid3LgLEVns%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 746a931c4da0b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.arc.io/widget/js/core.js?451963a
194.242.11.186200 OK 0 B URL HTTP/2 static.arc.io/widget/js/core.js?451963a
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
GET /widget/js/core.js?451963a HTTP/1.1
Host: static.arc.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://v2.zplayer.live
Connection: keep-alive
Referer: https://v2.zplayer.live/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Sep 2022 22:17:25 GMT
content-type: application/javascript
server: BunnyCDN-NO-830
cdn-pullzone: 786569
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
access-control-max-age: 86400
cache-control: public, max-age=2592000, stale-while-revalidate=864000
etag: W/"6da04fddbc8dd7086c020ce7fbf3631a"
last-modified: Tue, 06 Sep 2022 17:58:16 GMT
x-amz-id-2: wTG2qbJ7AD4PG5AcKZI+s2ZVtzO7y1bO6nDx27TfPIQVMohlLmSyE409LleE+FzitMtG4Ks19rk=
x-amz-request-id: VS0VZ52QCZZK9CE4
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 09/06/2022 18:43:40
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: ca20b319532c4bbdc9291cfe665462fd
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
pogothere.xyz/
104.21.86.231200 OK 0 B IP 104.21.86.231:0
GET / HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fanpelis.la/
Origin: https://fanpelis.la
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Sep 2022 22:17:25 GMT
content-type: text/plain
set-cookie: csu=2229106834106417@1@1662502645; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: https://fanpelis.la
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mmAcxjjm%2FH1QqSRm8JTk6pBHVQWzGC57lplkVQlXt1rVXDeH98cW7AeIxJa45NJZ%2BgtEc8n%2BlWvxkn9%2FJ54OTyW4o%2FkGgNCwpSxyMSfSt7YGsMJD3N4IU%2FEvK%2Fw0Qrkg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 746a931d7f910b69-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
haxbyq.com/play-2_1?h=waWQiOjExMzI5NDksInNpZCI6MTE1NzI1Niwid2lkIjozNzI0NjksInNyYyI6Mn0=eyJ&click_id=a2_4199576946580144428_355801_2_0&si1=a355801
185.56.234.205200 OK 0 B URL HTTP/2 haxbyq.com/play-2_1?h=waWQiOjExMzI5NDksInNpZCI6MTE1NzI1Niwid2lkIjozNzI0NjksInNyYyI6Mn0=eyJ&click_id=a2_4199576946580144428_355801_2_0&si1=a355801
IP 185.56.234.205:0
ASN #39572 DataWeb Global Group B.V.
GET /play-2_1?h=waWQiOjExMzI5NDksInNpZCI6MTE1NzI1Niwid2lkIjozNzI0NjksInNyYyI6Mn0=eyJ&click_id=a2_4199576946580144428_355801_2_0&si1=a355801 HTTP/1.1
Host: haxbyq.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.21.1
date: Tue, 06 Sep 2022 22:17:27 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: truniq=1; expires=Wed, 07-Sep-2022 22:17:27 GMT; Max-Age=86400; path=/; domain=haxbyq.com
x-zone: eu3
content-encoding: gzip
X-Firefox-Spdy: h2
glersakr.com/5/3567558/?oo=1&aab=1
139.45.197.239200 OK 0 B URL HTTP/2 glersakr.com/5/3567558/?oo=1&aab=1
IP 139.45.197.239:0
GET /5/3567558/?oo=1&aab=1 HTTP/1.1
Host: glersakr.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://adblockplustape.xyz
Connection: keep-alive
Referer: https://adblockplustape.xyz/
Cookie: OAID=f48997e38f034f3b9780dee829df954d; oaidts=1662502645
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 22:17:26 GMT
content-type: application/json
x-trace-id: 5cb4a928fda45e6bbe64f55ce96d7837
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: https://adblockplustape.xyz
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=f48997e38f034f3b9780dee829df954d; expires=Wed, 06 Sep 2023 22:17:26 GMT; path=/; secure; SameSite=None
oaidts=1662502645; expires=Wed, 06 Sep 2023 22:17:26 GMT; path=/; secure; SameSite=None
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
mc.yandex.ru/watch/88698312
87.250.250.119302 Found 0 B URL HTTP/2 mc.yandex.ru/watch/88698312
IP 87.250.250.119:0
GET /watch/88698312 HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://vanfem.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /watch/88698312/1
date: Tue, 06 Sep 2022 22:17:43 GMT
set-cookie: yandexuid=4158105411662502663; Expires=Wed, 06-Sep-2023 22:17:43 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=4158105411662502663; Expires=Wed, 06-Sep-2023 22:17:43 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yabs-sid=51724701662502663; Path=/; SameSite=None; Secure
i=GLVJfrkmOu7yTGOZVzzrjGB20OfzlAFBbcS26UY+N73+RoOKZOiiYli2jMm8J1d2yPCC1w4bzPeRERhw0+OJNf1dc6E=; Expires=Fri, 03-Sep-2032 22:17:38 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
ymex=1694038663.yrts.1662502663#1694038663.yrtsi.1662502663; Expires=Wed, 06-Sep-2023 22:17:43 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Tue, 06-Sep-2022 22:17:43 GMT
last-modified: Tue, 06-Sep-2022 22:17:43 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
v2.zplayer.live/zplayer/assets/uikit/css/uikit.zplayer.min.css
172.67.171.65200 OK 0 B URL HTTP/2 v2.zplayer.live/zplayer/assets/uikit/css/uikit.zplayer.min.css
IP 172.67.171.65:0
GET /zplayer/assets/uikit/css/uikit.zplayer.min.css HTTP/1.1
Host: v2.zplayer.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://v2.zplayer.live/embed/orhbl56m6gqd
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 22:17:25 GMT
content-type: text/css
last-modified: Tue, 02 Jun 2020 01:06:35 GMT
etag: W/"2f02d-5a70f85d17cc0"
cache-control: max-age=14400
cf-cache-status: HIT
age: 2861
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S6%2B8Nj5%2FHzRWk%2F1r3bVsrEwFJwQ4JdRa8cw6S1XMVHoe%2FLmq%2BaRArEstjG2Wn8Ty9Snf2oSh9UDKX3iZAXi03ggc0CQxxUnpitlVimus3trNFSKOOOKtODLK7sEYuhEfj9o%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 746a931bfd55b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
v2.zplayer.live/css/main.css
172.67.171.65200 OK 0 B URL HTTP/2 v2.zplayer.live/css/main.css
IP 172.67.171.65:0
GET /css/main.css HTTP/1.1
Host: v2.zplayer.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://v2.zplayer.live/embed/orhbl56m6gqd
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 22:17:25 GMT
content-type: text/css
last-modified: Wed, 08 Jan 2020 17:05:42 GMT
etag: W/"be25-59ba3e70e4580"
cache-control: max-age=14400
cf-cache-status: HIT
age: 2861
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S8Cx2I4KJILTJnYJOsNs5N9G4iMKEDXz22mdy4BevrRViI6sOnGhT8RucNRBppg0rN3qfvdeA3OhwfMsrlDJ%2FL0kakJUL1%2F%2B%2B9i%2FMWfrqWZEAJOP8HS6dWZ9R0QlMctdr4Q%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 746a931bfd5ab512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
v2.zplayer.live/zplayer/assets/crispskin/css/crispskin.css?v=5
172.67.171.65200 OK 0 B URL HTTP/2 v2.zplayer.live/zplayer/assets/crispskin/css/crispskin.css?v=5
IP 172.67.171.65:0
GET /zplayer/assets/crispskin/css/crispskin.css?v=5 HTTP/1.1
Host: v2.zplayer.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://v2.zplayer.live/embed/orhbl56m6gqd
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 22:17:25 GMT
content-type: text/css
last-modified: Thu, 16 Jul 2020 20:28:29 GMT
etag: W/"6ff4-5aa94e21d3540"
cache-control: max-age=14400
cf-cache-status: HIT
age: 3847
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VsGvDgKs%2B6BFA9SD6LqUSvHAUr5o0naZsnspumRBXBmukzUqubq%2FUoKksCl29LqWV8CnzaTlglcNdobpATCbXrUntWVIi3gVCfcUy4p1McK9qIWKzc7Jn6KqiYfuaueUq%2B4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 746a931bfd58b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
accounts.google.com/v3/signin/identifier?dsh=S-821400509%3A1662502645412310&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQN2RmX8hDhpb28VBTHm_l45iv-uAaH8pVQSt6C9f0GIWWeunyJlmrN6MKRcELuxwd7sREaKtEiGAQ
216.58.207.237403 Forbidden 0 B URL HTTP/2 accounts.google.com/v3/signin/identifier?dsh=S-821400509%3A1662502645412310&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQN2RmX8hDhpb28VBTHm_l45iv-uAaH8pVQSt6C9f0GIWWeunyJlmrN6MKRcELuxwd7sREaKtEiGAQ
IP 216.58.207.237:0
GET /v3/signin/identifier?dsh=S-821400509%3A1662502645412310&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQN2RmX8hDhpb28VBTHm_l45iv-uAaH8pVQSt6C9f0GIWWeunyJlmrN6MKRcELuxwd7sREaKtEiGAQ HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fanpelis.la/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 06 Sep 2022 22:17:25 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi/external"}]}
content-security-policy: script-src 'nonce-NSMmv9y7jotio8KTRTLp9Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
set-cookie: NID=511=WKtuxIphQReolz8v2pG1Exr8T9E8rXl0j3Qe4au29APEhjfghoEI64yij1J-rTtnfUeM0emkmPg_8QJPef2nwzWjrpzFwMAYx6Y7sjh3T817NVAwvSC1F4d1vdYjLCLHEDwyeRV3RJZKuAPHNuZQiuga2bcxQovukPfyxtYlFM8; expires=Wed, 08-Mar-2023 22:17:25 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
static.arc.io/broker/js/broker.b281d075.js
194.242.11.186200 OK 0 B URL HTTP/2 static.arc.io/broker/js/broker.b281d075.js
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
GET /broker/js/broker.b281d075.js HTTP/1.1
Host: static.arc.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://core.arc.io
Connection: keep-alive
Referer: https://core.arc.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Tue, 06 Sep 2022 22:17:26 GMT
content-type: application/javascript
server: BunnyCDN-NO-830
cdn-pullzone: 786569
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
cdn-requestcountrycode: NO
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
access-control-max-age: 86400
cache-control: public, max-age=2592000
etag: W/"8c5f6da1d62d33cc4c32a8ce63be2bf6"
last-modified: Wed, 19 Jan 2022 23:33:03 GMT
x-amz-id-2: 15mXd8XH2lx2CE03B29NPUH0DZY/LOqIKeKzeLqmQNgXs1snFjVDp9XICA09Vhudm/HuQ+kRbm0=
x-amz-request-id: 1BTZ9YPB4J9E9E0X
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 08/14/2022 14:32:18
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: aca991f4af9b9f05d51934b8b66564de
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
fanpelis.la/el-perfecto-asesino/
104.21.80.44200 OK 0 B URL HTTP/2 fanpelis.la/el-perfecto-asesino/
IP 104.21.80.44:0
GET /el-perfecto-asesino/ HTTP/1.1
Host: fanpelis.la
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Tue, 06 Sep 2022 22:17:24 GMT
content-type: text/html; charset=UTF-8
x-pingback: https://fanpelis.la/xmlrpc.php
link: <https://fanpelis.la/wp-json/>; rel="https://api.w.org/", <https://fanpelis.la/wp-json/wp/v2/posts/4236>; rel="alternate"; type="application/json", <https://fanpelis.la/?p=4236>; rel=shortlink
cache-control: s-maxage=31536000, max-age=60
x-wp-cf-super-cache: cache
x-wp-cf-super-cache-active: 1
x-wp-cf-super-cache-cache-control: s-maxage=31536000, max-age=60
x-wp-cf-super-cache-cookies-bypass: swfpc-feature-not-enabled
x-litespeed-tag: ba3_HTTP.200,ba3_post,ba3_URL.62c6f6c865a0df48b0643b3dece25985,ba3_Po.4236,ba3_,ba3_CCSS.7c73d46af9d80f63b6890ad0d1f31048
vary: Accept-Encoding
last-modified: Tue, 06 Sep 2022 21:11:39 GMT
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nXIvYGtXpdj856Kx5bQVzLUKh2cJf95ZWM4LbnqXa2LhuZWmSYYiGlA3wAVQ2aZWCyriqu49bx%2Fvt2enrWjdpitgRkMs7SdQw1SSqHleDm89zUmbJ7AA4ysY621VSw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 746a93165882b4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.cdn4ads.com/kronos.min.js
185.76.9.22200 OK 0 B URL HTTP/2 www.cdn4ads.com/kronos.min.js
IP 185.76.9.22:0
ASN #60068 Datacamp Limited
GET /kronos.min.js HTTP/1.1
Host: www.cdn4ads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://streamtape.com
Connection: keep-alive
Referer: https://streamtape.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Sep 2022 22:17:25 GMT
content-type: application/x-javascript
alt-svc: quic="185.76.9.20:443"; ma=2592000; v="44,43,39"
expires: Sun, 11 Sep 2022 22:18:55 GMT
access-control-allow-origin: *
link: <https://cdn4ads.com/>;rel=preconnect,<https://c.adsco.re/>;rel=preconnect,<https://adsco.re/>;rel=preconnect
cache-control: public, max-age=604800
x-accel-expires: @1662934735
server: CDN77-Turbo
x-77-nzt: AblMCRRlTT3/pqICAA
x-77-nzt-ray: 7HhCB6evOUs
x-cache: HIT
x-age: 172710
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
cngcpy.com/cuhdl?wh=MS9RKSYOsDOD7jbbc39Ni1Cy&si1=409133
104.21.38.243302 Found 0 B URL HTTP/2 cngcpy.com/cuhdl?wh=MS9RKSYOsDOD7jbbc39Ni1Cy&si1=409133
IP 104.21.38.243:0
GET /cuhdl?wh=MS9RKSYOsDOD7jbbc39Ni1Cy&si1=409133 HTTP/1.1
Host: cngcpy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Tue, 06 Sep 2022 22:17:27 GMT
content-type: text/html; charset=utf-8
location: https://haxbyq.com/play-2_1?h=waWQiOjExMzI5NDksInNpZCI6MTE1NzI1Niwid2lkIjozNzI0NjksInNyYyI6Mn0=eyJ&click_id=a2_4199576946580144428_355801_2_0&si1=a355801
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tZrJDb7A44g3CPHVqINdrKJ0p0Uqc52ThjyCCkq0NTIyY%2BKrWL%2FAslM6keD3Cn0z6IPvvev3ShxZQeTWnc%2BzUdk9XKIdjCj0xKuTTKLRRwBYBTFH5%2BAzsxuSCvWM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 746a93297eff0b69-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
adblockplustape.xyz/e/6BeZW6PLYji90VD/El_perfecto_asesino_-_El_profesional_-_L%C3%A9on_-_L%C3%A9on_The_Professional_%281994%29.mp4
172.67.141.204404 Not Found 0 B URL HTTP/2 adblockplustape.xyz/e/6BeZW6PLYji90VD/El_perfecto_asesino_-_El_profesional_-_L%C3%A9on_-_L%C3%A9on_The_Professional_%281994%29.mp4
IP 172.67.141.204:0
GET /e/6BeZW6PLYji90VD/El_perfecto_asesino_-_El_profesional_-_L%C3%A9on_-_L%C3%A9on_The_Professional_%281994%29.mp4 HTTP/1.1
Host: adblockplustape.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://streamtape.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
date: Tue, 06 Sep 2022 22:17:25 GMT
content-type: text/html; charset=UTF-8
cache-control: private
cf-cache-status: BYPASS
set-cookie: _b=kube12; path=/
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3JsmllR8CutR6ME1Nj4s9TCa3Gbgwpb1%2Bze9i%2B7pb5Cdbb%2FWxcUE262j08F6spswSyGkPe7HuKIGjiFlKNEYYe1i0Vvx74BD2U4Pz%2B2QtCvCG6pSxD2TFKuXwwx%2BbaEN1bx1O0Qy"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 746a931f7a89b518-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
v2.zplayer.live/embed/orhbl56m6gqd
172.67.171.65200 OK 0 B URL HTTP/2 v2.zplayer.live/embed/orhbl56m6gqd
IP 172.67.171.65:0
GET /embed/orhbl56m6gqd HTTP/1.1
Host: v2.zplayer.live
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fanpelis.la/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Sep 2022 22:17:25 GMT
content-type: text/html; charset=UTF-8
expires: Mon, 05 Sep 2022 22:17:25 GMT
set-cookie: lang=1; domain=.v2.zplayer.live; path=/; HttpOnly
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zQLcaFbUHi%2F1AR7Ql5AcUgkA4rC6PhCBTrdoqP4OWA1qKhiPMzaawRvG1T%2FmrEzD8%2BGzn%2Fk9B6bZ6DbW6j27JEDZjW8%2BD763S3DE8D0Qc8upWXFhIvaxilAU6OMMEAXA%2BfE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 746a931abc37b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
streamtape.com/e/6BeZW6PLYji90VD/El_perfecto_asesino_-_El_profesional_-_L%C3%A9on_-_L%C3%A9on_The_Professional_%281994%29.mp4
172.67.195.24404 Not Found 0 B URL HTTP/2 streamtape.com/e/6BeZW6PLYji90VD/El_perfecto_asesino_-_El_profesional_-_L%C3%A9on_-_L%C3%A9on_The_Professional_%281994%29.mp4
IP 172.67.195.24:0
GET /e/6BeZW6PLYji90VD/El_perfecto_asesino_-_El_profesional_-_L%C3%A9on_-_L%C3%A9on_The_Professional_%281994%29.mp4 HTTP/1.1
Host: streamtape.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fanpelis.la/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
date: Tue, 06 Sep 2022 22:17:25 GMT
content-type: text/html; charset=UTF-8
cache-control: private
cf-cache-status: BYPASS
set-cookie: _b=kube16; path=/
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v29mhFDB7gYqF8p2Sx1h9lrYhGl2G3Zsqmt63AYFsvIe4xPWcwS3AI5djoKvErtsElQhAvbozlDnGVXo2Ukpj7D7cTEQXSMdGA3EqeFKryZSQRYtjybP%2FzBc61NjjLjzpA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 746a931a9a3ab4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
core.arc.io/broker.html?451963a
194.242.11.186200 OK 0 B URL HTTP/2 core.arc.io/broker.html?451963a
IP 194.242.11.186:0
ASN #34989 ServeTheWorld AS
GET /broker.html?451963a HTTP/1.1
Host: core.arc.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://v2.zplayer.live/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Sep 2022 22:17:25 GMT
content-type: text/html
vary: Accept-Encoding
server: BunnyCDN-NO-830
cdn-pullzone: 786568
cdn-uid: 1756f224-b505-436a-b48a-b92ddf4fdbea
cdn-requestcountrycode: NO
access-control-allow-origin: *
cache-control: public, max-age=2592000
etag: W/"61e89f9d-612"
expires: Thu, 06 Oct 2022 18:43:40 GMT
last-modified: Wed, 19 Jan 2022 23:32:45 GMT
strict-transport-security: max-age=15724800; includeSubDomains
cdn-proxyver: 1.02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 09/06/2022 18:43:40
cdn-edgestorageid: 830
cdn-status: 200
cdn-requestid: 1433f580fd129028e3ee5873a5d71d01
cdn-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2