r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash cfec3d7283a9b66d2be426ce54d210f3
808c1feb1ba918951d1928c1f6bfc0c253262774
1bad6c06aa3e88dcbc125fc98a6cb753eb2b18d2c8dd61da21d12209aeeda3f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5946
Expires: Mon, 05 Dec 2022 05:05:51 GMT
Date: Mon, 05 Dec 2022 03:26:45 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fb2c0697c6d9a96a5411dd2952947458
79e57f831ec396bbdaa5bfe9472a05e6c9fb31f4
3fd7edcc349ab4402f62e54a142be6b4cecf0e7ee3f431d3168bdf0643ba4d92
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6284
Cache-Control: max-age=118156
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 03:26:45 GMT
Etag: "638c76f5-1d7"
Expires: Tue, 06 Dec 2022 12:16:01 GMT
Last-Modified: Sun, 04 Dec 2022 10:31:17 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
lajme-info.live/
63.250.43.132200 OK 8.3 kB IP 63.250.43.132:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (9381), with CRLF, LF line terminators
Hash 69715a33e0d56e5de4ff8b5e96b6f6c5
c033d95b049542faffe3dece79fc65d2b91e35a8
e33c3324d50172299e6c6804d03740e1f0b16294d70142621be9edeed014cc2d
GET / HTTP/1.1
Host: lajme-info.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
server: nginx
date: Sun, 04 Dec 2022 19:54:12 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
link: <http://lajme-info.live/wp-json/>; rel="https://api.w.org/"
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: public
referrer-policy: strict-origin-when-cross-origin
content-encoding: gzip
x-cacheable: YES
age: 27153
accept-ranges: bytes
x-cache: HIT
content-length: 8277
strict-transport-security: max-age=15768000
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 1ea206ac3c440825741687351f8c6e4e
2f38dafd8c43dcce2411a0590bc5c02cd6286735
7d7232c8c91bcd18161ba2c9d23e3bff159604e058bd5b3fc1c7fcbcd03a7ee3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5713
Expires: Mon, 05 Dec 2022 05:01:58 GMT
Date: Mon, 05 Dec 2022 03:26:45 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 05 Dec 2022 03:20:12 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 393
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: FHrp7z4EaTFmFypwMj+Y4CHygAYolzkUBS+6/ozHC8gcuuyqDZfdanSd2EkL2uqRLf1q2R7PrPk=
x-amz-request-id: VRYCPNW43WJ9W0EZ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 05 Dec 2022 02:47:13 GMT
age: 2372
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 03:26:45 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
lajme-info.live/wp-includes/css/classic-themes.min.css?ver=1
63.250.43.132200 OK 217 B URL HTTP/1.1 lajme-info.live/wp-includes/css/classic-themes.min.css?ver=1
IP 63.250.43.132:0
Hash 95e891f28e44a9b314c09545d86be2b7
f9b13a8bd47273b086a0a07df15f314e0af0bc3e
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: lajme-info.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://lajme-info.live/
Connection: keep-alive
HTTP/1.1 200 OK
server: nginx
date: Sun, 04 Dec 2022 19:54:44 GMT
content-type: text/css
content-length: 217
last-modified: Sun, 04 Dec 2022 15:50:13 GMT
etag: "638cc1b5-d9"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
x-cacheable: YES
age: 27121
accept-ranges: bytes
x-cache: HIT
strict-transport-security: max-age=15768000
lajme-info.live/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
63.250.43.132200 OK 12 kB URL HTTP/1.1 lajme-info.live/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
IP 63.250.43.132:0
File type ASCII text, with very long lines (47826)
Hash 981383d43a7adb38d6c2bf5286dcd065
e41871905868763178f7d8127e3dfb87909f108f
fceb208fc5a1581abc1926596d5f59fa41e7a7d72027b563303b445cdf7ed126
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 HTTP/1.1
Host: lajme-info.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://lajme-info.live/
Connection: keep-alive
HTTP/1.1 200 OK
server: nginx
date: Sun, 04 Dec 2022 19:54:44 GMT
content-type: text/css
last-modified: Sun, 04 Dec 2022 15:50:13 GMT
vary: Accept-Encoding
etag: W/"638cc1b5-172a9"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 27122
accept-ranges: bytes
x-cache: HIT
content-length: 12518
strict-transport-security: max-age=15768000
lajme-info.live/wp-content/themes/apex-news/style.css?ver=1.0.1
63.250.43.132200 OK 2.4 kB URL HTTP/1.1 lajme-info.live/wp-content/themes/apex-news/style.css?ver=1.0.1
IP 63.250.43.132:0
File type ASCII text, with very long lines (1245), with CRLF line terminators
Hash 382e875d88fe8b4726772424b8e62247
6adbe54cb182db9e70d4d8fc1faaea819e3fbcaa
cfc2b556f125b1b42065cb91120b0c9cac438c43f40f56a4d36ede3c30b26d19
GET /wp-content/themes/apex-news/style.css?ver=1.0.1 HTTP/1.1
Host: lajme-info.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://lajme-info.live/
Connection: keep-alive
HTTP/1.1 200 OK
server: nginx
date: Sun, 04 Dec 2022 19:54:44 GMT
content-type: text/css
last-modified: Sat, 03 Dec 2022 23:10:25 GMT
vary: Accept-Encoding
etag: W/"638bd761-42ac"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 27121
accept-ranges: bytes
x-cache: HIT
content-length: 2444
strict-transport-security: max-age=15768000
lajme-info.live/wp-content/themes/legal-news/assets/css/slick.min.css?ver=1.8.0
63.250.43.132200 OK 485 B URL HTTP/1.1 lajme-info.live/wp-content/themes/legal-news/assets/css/slick.min.css?ver=1.8.0
IP 63.250.43.132:0
File type ASCII text, with very long lines (1257), with no line terminators
Hash 10e66dea6d65a800e049527b13397a7d
b93aeea4d12b65a0784be085ef7e50085ae245f8
152c616e2c3175164a49ca85c8065b3c5184059fa8f73522fb26aeb1be2219d9
GET /wp-content/themes/legal-news/assets/css/slick.min.css?ver=1.8.0 HTTP/1.1
Host: lajme-info.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://lajme-info.live/
Connection: keep-alive
HTTP/1.1 200 OK
server: nginx
date: Sun, 04 Dec 2022 19:54:44 GMT
content-type: text/css
last-modified: Sat, 03 Dec 2022 23:10:27 GMT
vary: Accept-Encoding
etag: W/"638bd763-4e9"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 27122
accept-ranges: bytes
x-cache: HIT
content-length: 485
strict-transport-security: max-age=15768000
lajme-info.live/wp-content/plugins/translatepress-multilingual/assets/css/trp-language-switcher.css?ver=2.4.2
63.250.43.132200 OK 817 B URL HTTP/1.1 lajme-info.live/wp-content/plugins/translatepress-multilingual/assets/css/trp-language-switcher.css?ver=2.4.2
IP 63.250.43.132:0
Hash acb1ca96c3af9a9dadfff5495182ab8d
5ea2bd06354f3b03ca74f28a4ea98b13ad600985
89dedebaac821c638da0e023753c5a2ce5852a9f472c876e40313e7ebeeae5cb
GET /wp-content/plugins/translatepress-multilingual/assets/css/trp-language-switcher.css?ver=2.4.2 HTTP/1.1
Host: lajme-info.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://lajme-info.live/
Connection: keep-alive
HTTP/1.1 200 OK
server: nginx
date: Sun, 04 Dec 2022 19:54:44 GMT
content-type: text/css
last-modified: Sat, 03 Dec 2022 22:55:14 GMT
vary: Accept-Encoding
etag: W/"638bd3d2-a6b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 27122
accept-ranges: bytes
x-cache: HIT
content-length: 817
strict-transport-security: max-age=15768000
lajme-info.live/wp-content/themes/legal-news/assets/css/fontawesome.min.css?ver=5.15.4
63.250.43.132200 OK 13 kB URL HTTP/1.1 lajme-info.live/wp-content/themes/legal-news/assets/css/fontawesome.min.css?ver=5.15.4
IP 63.250.43.132:0
File type ASCII text, with very long lines (59119), with CRLF line terminators
Hash ea18162c83c16ae46e17331bcba6b774
644421088b911b429abce803c2d478f0c0abe142
00ae02bcbb3097a68b9372117653a16dcee04452bc5d59d6516c31ce641c3c6d
GET /wp-content/themes/legal-news/assets/css/fontawesome.min.css?ver=5.15.4 HTTP/1.1
Host: lajme-info.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://lajme-info.live/
Connection: keep-alive
HTTP/1.1 200 OK
server: nginx
date: Sun, 04 Dec 2022 19:54:44 GMT
content-type: text/css
last-modified: Sat, 03 Dec 2022 23:10:26 GMT
vary: Accept-Encoding
etag: W/"638bd762-e7ad"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 27122
accept-ranges: bytes
x-cache: HIT
content-length: 12862
strict-transport-security: max-age=15768000
lajme-info.live/wp-content/fonts/7ef2cbd9c8aeb8c2f3cc5f3872845117.css
63.250.43.132200 OK 581 B URL HTTP/1.1 lajme-info.live/wp-content/fonts/7ef2cbd9c8aeb8c2f3cc5f3872845117.css
IP 63.250.43.132:0
Hash ac8dee36f7e9f5e07616b24e2f562afe
795076384a185acd39da611389516905210d81c1
792ccaaa72ed35e33e1ab5e629761b9cffedfb1881d5392a83de2c0e271f2b76
GET /wp-content/fonts/7ef2cbd9c8aeb8c2f3cc5f3872845117.css HTTP/1.1
Host: lajme-info.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://lajme-info.live/
Connection: keep-alive
HTTP/1.1 200 OK
server: nginx
date: Sun, 04 Dec 2022 19:54:44 GMT
content-type: text/css
last-modified: Sun, 04 Dec 2022 17:47:44 GMT
vary: Accept-Encoding
etag: W/"638cdd40-202d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 27121
accept-ranges: bytes
x-cache: HIT
content-length: 581
strict-transport-security: max-age=15768000
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 05 Dec 2022 03:08:58 GMT
cache-control: public,max-age=3600
age: 1068
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
lajme-info.live/wp-content/themes/legal-news/style.css?ver=1.0.2
63.250.43.132200 OK 20 kB URL HTTP/1.1 lajme-info.live/wp-content/themes/legal-news/style.css?ver=1.0.2
IP 63.250.43.132:0
File type ASCII text, with very long lines (785), with CRLF line terminators
Hash 766093535f59f0953203b8c2d9fdb215
4267b29e602e0ae8d78de4573084632c423def5a
b5f1f393a09d7da37d8e018cd89e038f820a7e4d7dae792373215e475693b3f9
GET /wp-content/themes/legal-news/style.css?ver=1.0.2 HTTP/1.1
Host: lajme-info.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://lajme-info.live/
Connection: keep-alive
HTTP/1.1 200 OK
server: nginx
date: Sun, 04 Dec 2022 19:54:44 GMT
content-type: text/css
last-modified: Sat, 03 Dec 2022 23:10:27 GMT
vary: Accept-Encoding
etag: W/"638bd763-22e33"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 27121
accept-ranges: bytes
x-cache: HIT
content-length: 20367
strict-transport-security: max-age=15768000
lajme-info.live/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
63.250.43.132200 OK 4.2 kB URL HTTP/1.1 lajme-info.live/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 63.250.43.132:0
File type ASCII text, with very long lines (11126)
Hash 5629711d7fdd5b28441bac39b851299f
4e0bf2b7383097f7c352023a1b1b1b48a50356b6
44c444309c7a6c05ff4a9bc198bed9e9596bedb5658637c85689c9a471dcdd16
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: lajme-info.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://lajme-info.live/
Connection: keep-alive
HTTP/1.1 200 OK
server: nginx
date: Sun, 04 Dec 2022 19:54:44 GMT
content-type: application/javascript
last-modified: Wed, 15 Jun 2022 13:01:51 GMT
vary: Accept-Encoding
etag: W/"62a9d83f-2bd8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 27122
accept-ranges: bytes
x-cache: HIT
content-length: 4169
strict-transport-security: max-age=15768000
lajme-info.live/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4
63.250.43.132200 OK 2.9 kB URL HTTP/1.1 lajme-info.live/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4
IP 63.250.43.132:0
File type ASCII text, with very long lines (9937), with no line terminators
Hash 8189a6a3f3f0efc64f857fe869d3729b
bc84b1c1e96a26fd6595da0cb024aad989c1f331
e2683386c2d5a8b3280fa9920d22fedb31a33a8bdca8ec494d3fe4df9fc6b337
GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4 HTTP/1.1
Host: lajme-info.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://lajme-info.live/
Connection: keep-alive
HTTP/1.1 200 OK
server: nginx
date: Sun, 04 Dec 2022 19:54:44 GMT
content-type: application/javascript
last-modified: Sat, 03 Dec 2022 23:23:37 GMT
vary: Accept-Encoding
etag: W/"638bda79-26d1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 27121
accept-ranges: bytes
x-cache: HIT
content-length: 2937
strict-transport-security: max-age=15768000
lajme-info.live/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4
63.250.43.132200 OK 4.0 kB URL HTTP/1.1 lajme-info.live/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4
IP 63.250.43.132:0
File type HTML document, ASCII text, with very long lines (12310), with no line terminators
Hash 832eeb1fd498e5839b89bfb5f05a2f0d
cf2d8668aecc5033346ac2906bb8bf7e143cfa4a
35b2b27ba0ba63c065e4c67d15b7cb1878b5868d7f475cc7f6f1724d3988793a
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4 HTTP/1.1
Host: lajme-info.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://lajme-info.live/
Connection: keep-alive
HTTP/1.1 200 OK
server: nginx
date: Sun, 04 Dec 2022 19:54:44 GMT
content-type: application/javascript
last-modified: Sat, 03 Dec 2022 23:23:37 GMT
vary: Accept-Encoding
etag: W/"638bda79-3016"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 27121
accept-ranges: bytes
x-cache: HIT
content-length: 3957
strict-transport-security: max-age=15768000
lajme-info.live/wp-content/themes/legal-news/assets/js/navigation.js?ver=1.0.2
63.250.43.132200 OK 1.1 kB URL HTTP/1.1 lajme-info.live/wp-content/themes/legal-news/assets/js/navigation.js?ver=1.0.2
IP 63.250.43.132:0
File type ASCII text, with CRLF line terminators
Hash e26ad94adb34a8db881fe4630f596fe3
e01a9697155c3ae58725b417f97e34831faf39cd
567d61776edd753e993f38a50448f949da06bd97f2fb09d9fe1cf9c0da1a549a
GET /wp-content/themes/legal-news/assets/js/navigation.js?ver=1.0.2 HTTP/1.1
Host: lajme-info.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://lajme-info.live/
Connection: keep-alive
HTTP/1.1 200 OK
server: nginx
date: Sun, 04 Dec 2022 19:54:44 GMT
content-type: application/javascript
last-modified: Sat, 03 Dec 2022 23:10:27 GMT
vary: Accept-Encoding
etag: W/"638bd763-d35"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 27121
accept-ranges: bytes
x-cache: HIT
content-length: 1141
strict-transport-security: max-age=15768000
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 31b129c94a90b1e695b21395cb54e378
a3cae46b48d469cc61ab0581303bcd5f5b654db9
fac3f681be358a20f78958dff10c89b7a91365c5114c81246c1bc34c1362ba1e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6293
Cache-Control: max-age=113098
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 03:26:46 GMT
Etag: "638c632b-1d7"
Expires: Tue, 06 Dec 2022 10:51:44 GMT
Last-Modified: Sun, 04 Dec 2022 09:06:51 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
pl18034758.highperformancecpmgate.com/d8/a5/1c/d8a51cee7a32b781d2723a6d87492cac.js
173.233.137.44200 OK 13 kB URL HTTP/1.1 pl18034758.highperformancecpmgate.com/d8/a5/1c/d8a51cee7a32b781d2723a6d87492cac.js
IP 173.233.137.44:0
File type ASCII text, with very long lines (37152), with no line terminators
Hash c98e39cce857a63f45ef80c3b97f0411
bb459315096aca761cf9669a659fdb375e94e97e
e9158abd308c90bbc4111c4d35eec47440792538750d97a428c6fade4ee895da
Analyzer Verdict Alert quad9 Sinkholed
GET /d8/a5/1c/d8a51cee7a32b781d2723a6d87492cac.js HTTP/1.1
Host: pl18034758.highperformancecpmgate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://lajme-info.live/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 05 Dec 2022 03:26:46 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 9a8102e6773c7a6c0654fe5bb80ea30f
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
lajme-info.live/wp-content/themes/legal-news/assets/js/slick.min.js?ver=1.8.0
63.250.43.132200 OK 10 kB URL HTTP/1.1 lajme-info.live/wp-content/themes/legal-news/assets/js/slick.min.js?ver=1.8.0
IP 63.250.43.132:0
File type ASCII text, with very long lines (43146), with no line terminators
Hash eb9217486f4e6760a06b0c2e6f59d651
578fb7523233c16ffe1a0fbad33b2106d7eb51cd
6bba058683fb17c611d1cb6637d6d6c2590bef0763ca0befdb44c2d1f444686c
GET /wp-content/themes/legal-news/assets/js/slick.min.js?ver=1.8.0 HTTP/1.1
Host: lajme-info.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://lajme-info.live/
Connection: keep-alive
HTTP/1.1 200 OK
server: nginx
date: Sun, 04 Dec 2022 19:54:44 GMT
content-type: application/javascript
last-modified: Sat, 03 Dec 2022 23:10:27 GMT
vary: Accept-Encoding
etag: W/"638bd763-a88a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 27121
accept-ranges: bytes
x-cache: HIT
content-length: 10479
strict-transport-security: max-age=15768000
lajme-info.live/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
63.250.43.132200 OK 31 kB URL HTTP/1.1 lajme-info.live/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP 63.250.43.132:0
File type ASCII text, with very long lines (65447)
Hash 2eccf707201b564e5e0cc3637fe4fd79
13b3ab2c399a84808e8fd6a2c795a6a49f5090a4
fb2e62f5864ef969b2d586b0e589fc81d7689038cd54a90fbca4b463e0ca6261
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: lajme-info.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://lajme-info.live/
Connection: keep-alive
HTTP/1.1 200 OK
server: nginx
date: Sun, 04 Dec 2022 19:54:44 GMT
content-type: application/javascript
last-modified: Sun, 04 Dec 2022 15:50:15 GMT
vary: Accept-Encoding
etag: W/"638cc1b7-15e54"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 27122
accept-ranges: bytes
x-cache: HIT
content-length: 31038
strict-transport-security: max-age=15768000
lajme-info.live/wp-content/themes/legal-news/assets/js/jquery.marquee.min.js?ver=1.6.0
63.250.43.132200 OK 2.3 kB URL HTTP/1.1 lajme-info.live/wp-content/themes/legal-news/assets/js/jquery.marquee.min.js?ver=1.6.0
IP 63.250.43.132:0
File type ASCII text, with very long lines (9029), with no line terminators
Hash 42f93a7b309dbceeeb0fc5df558e77e9
2dcdb3182b2c65aa0a49ed9bd4a00302392b05df
06d05467a1d218cd263703bd1231d590a4b29e248e4186fff15985433020a77e
GET /wp-content/themes/legal-news/assets/js/jquery.marquee.min.js?ver=1.6.0 HTTP/1.1
Host: lajme-info.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://lajme-info.live/
Connection: keep-alive
HTTP/1.1 200 OK
server: nginx
date: Sun, 04 Dec 2022 19:54:44 GMT
content-type: application/javascript
last-modified: Sat, 03 Dec 2022 23:10:27 GMT
vary: Accept-Encoding
etag: W/"638bd763-2345"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 27121
accept-ranges: bytes
x-cache: HIT
content-length: 2336
strict-transport-security: max-age=15768000
lajme-info.live/wp-content/themes/legal-news/assets/js/custom.min.js?ver=1.0.2
63.250.43.132200 OK 1.1 kB URL HTTP/1.1 lajme-info.live/wp-content/themes/legal-news/assets/js/custom.min.js?ver=1.0.2
IP 63.250.43.132:0
File type ASCII text, with very long lines (6105), with no line terminators
Hash e31ef9dd55f524ba9f4a6d662dd5d33f
972fb0354e4c3a9c600c59bd5bf9b4aec6b9cd79
df81d72057d1f7c977785547d06102246e364c1a6a6b49eb1eeb59ef34c39e3f
GET /wp-content/themes/legal-news/assets/js/custom.min.js?ver=1.0.2 HTTP/1.1
Host: lajme-info.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://lajme-info.live/
Connection: keep-alive
HTTP/1.1 200 OK
server: nginx
date: Sun, 04 Dec 2022 19:54:45 GMT
content-type: application/javascript
last-modified: Sat, 03 Dec 2022 23:10:27 GMT
vary: Accept-Encoding
etag: W/"638bd763-17d9"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 27121
accept-ranges: bytes
x-cache: HIT
content-length: 1067
strict-transport-security: max-age=15768000
lajme-info.live/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
63.250.43.132200 OK 5.0 kB URL HTTP/1.1 lajme-info.live/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
IP 63.250.43.132:0
File type ASCII text, with very long lines (15660)
Hash 1b982d290af16dac5885f21a198aaa66
f847ca85d23c2f240938bbde0135f3de97925759
0b6e238cc0728a0bace390dfff472ff8bb5a5fd4714bcfcdac7c28621d67b8dc
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1
Host: lajme-info.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://lajme-info.live/
Connection: keep-alive
HTTP/1.1 200 OK
server: nginx
date: Sun, 04 Dec 2022 19:54:45 GMT
content-type: application/javascript
last-modified: Wed, 15 Jun 2022 13:01:51 GMT
vary: Accept-Encoding
etag: W/"62a9d83f-48b9"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 27121
accept-ranges: bytes
x-cache: HIT
content-length: 5004
strict-transport-security: max-age=15768000
lajme-info.live/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.4
63.250.43.132200 OK 972 B URL HTTP/1.1 lajme-info.live/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.4
IP 63.250.43.132:0
Hash 8bf268dfcca7cb20719b7ea14373ef4a
58bd839bbf0e8cc082f0a488b538b4ec71bebd2e
eece4a14939273c7af07bce8bab3a6cfc2c9de44c0eea82cc886abac13cb3870
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.4 HTTP/1.1
Host: lajme-info.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://lajme-info.live/
Connection: keep-alive
HTTP/1.1 200 OK
server: nginx
date: Sun, 04 Dec 2022 19:54:44 GMT
content-type: text/css
last-modified: Sat, 03 Dec 2022 23:23:37 GMT
vary: Accept-Encoding
etag: W/"638bda79-aab"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 27122
accept-ranges: bytes
x-cache: HIT
content-length: 972
strict-transport-security: max-age=15768000
lajme-info.live/wp-content/plugins/translatepress-multilingual/assets/css/trp-floater-language-switcher.css?ver=2.4.2
63.250.43.132200 OK 1.0 kB URL HTTP/1.1 lajme-info.live/wp-content/plugins/translatepress-multilingual/assets/css/trp-floater-language-switcher.css?ver=2.4.2
IP 63.250.43.132:0
Hash 9e47e033a3c7ed5e1738f0d5d8a9ec7b
a9e1b438117025af30d88bd0d23edecad789d09c
97eaedd9574fc83282880c14ba3ddc1b4bd2adee845bab6b61a9d490dc0aa4f8
GET /wp-content/plugins/translatepress-multilingual/assets/css/trp-floater-language-switcher.css?ver=2.4.2 HTTP/1.1
Host: lajme-info.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://lajme-info.live/
Connection: keep-alive
HTTP/1.1 200 OK
server: nginx
date: Sun, 04 Dec 2022 19:54:44 GMT
content-type: text/css
last-modified: Sat, 03 Dec 2022 22:55:14 GMT
vary: Accept-Encoding
etag: W/"638bd3d2-131e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
content-encoding: gzip
x-cacheable: YES
age: 27122
accept-ranges: bytes
x-cache: HIT
content-length: 1044
strict-transport-security: max-age=15768000
push.services.mozilla.com/
34.218.164.174101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.218.164.174:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: j9Ef/1CQubAfC7EfNWZxbg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: MXjihsyjTRJboIyoBUkB8WEE8LM=
lajme-info.live/wp-content/plugins/translatepress-multilingual/assets/images/flags/en_US.png
63.250.43.132200 OK 502 B URL HTTP/1.1 lajme-info.live/wp-content/plugins/translatepress-multilingual/assets/images/flags/en_US.png
IP 63.250.43.132:0
File type PNG image data, 18 x 12, 8-bit/color RGB, non-interlaced\012- data
Hash ab347ae5be9857bf2cd91fc8203ff20c
136ee4ffb05ee0c980c4beae0bc45abe8c103a2f
84554ad84b590aa4d161301d4abb95d5d3b7013f38bbb0c02ba0d506ce3c548e
GET /wp-content/plugins/translatepress-multilingual/assets/images/flags/en_US.png HTTP/1.1
Host: lajme-info.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://lajme-info.live/
Connection: keep-alive
HTTP/1.1 200 OK
server: nginx
date: Sun, 04 Dec 2022 19:54:19 GMT
content-type: image/png
content-length: 502
last-modified: Sat, 03 Dec 2022 22:55:14 GMT
etag: "638bd3d2-1f6"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
x-cacheable: YES
age: 27147
accept-ranges: bytes
x-cache: HIT
strict-transport-security: max-age=15768000
addresseepaper.com/sfp.js
34.160.73.230429 Too Many Requests 298 B URL HTTP/1.1 addresseepaper.com/sfp.js
IP 34.160.73.230:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 2d276fc22806d34e2355196fe7bea1f3
0f2c85ecd7a43e866345fd0eafe5e0fdd4aa7acf
9e522902dee04e1345219cee056a1a291ba4eca674870853ab05f3579875ff38
GET /sfp.js HTTP/1.1
Host: addresseepaper.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://lajme-info.live/
Connection: keep-alive
HTTP/1.1 429 Too Many Requests
Server: openresty
Date: Mon, 05 Dec 2022 03:26:47 GMT
Content-Type: text/html
Content-Length: 298
ETag: "63734773-12a"
Via: 1.1 google
lajme-info.live/wp-content/fonts/titillium-web/NaPDcZTIAOhVxoMyOr9n_E7ffHjDGItzYw.woff2
63.250.43.132200 OK 12 kB URL HTTP/1.1 lajme-info.live/wp-content/fonts/titillium-web/NaPDcZTIAOhVxoMyOr9n_E7ffHjDGItzYw.woff2
IP 63.250.43.132:0
File type Web Open Font Format (Version 2), TrueType, length 11796, version 1.0\012- data
Hash 8d4079c3aa4f01e6d9bbd4f1bbcdf114
52ab47c062d0bfdbd34dbd31784008bd0e4c4227
d5c1172f24f4f49f780c65cf5be897527fd08f3662a2ba8db0cfe0057d92e367
GET /wp-content/fonts/titillium-web/NaPDcZTIAOhVxoMyOr9n_E7ffHjDGItzYw.woff2 HTTP/1.1
Host: lajme-info.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://lajme-info.live/wp-content/fonts/7ef2cbd9c8aeb8c2f3cc5f3872845117.css
HTTP/1.1 200 OK
server: nginx
date: Sun, 04 Dec 2022 19:33:18 GMT
content-type: font/woff2
content-length: 11796
last-modified: Sat, 03 Dec 2022 23:10:44 GMT
etag: "638bd774-2e14"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
x-cacheable: YES
age: 28408
accept-ranges: bytes
x-cache: HIT
strict-transport-security: max-age=15768000
lajme-info.live/wp-content/fonts/titillium-web/NaPecZTIAOhVxoMyOr9n_E7fdMPmDQ.woff2
63.250.43.132200 OK 12 kB URL HTTP/1.1 lajme-info.live/wp-content/fonts/titillium-web/NaPecZTIAOhVxoMyOr9n_E7fdMPmDQ.woff2
IP 63.250.43.132:0
File type Web Open Font Format (Version 2), TrueType, length 12372, version 1.0\012- data
Hash 0ef99cf07a2a261ab43d5dc1937ffb27
bd39f9cd13ef2a6f912dcba8fa916fc67b4a19d9
557f6d0883db85be712c3a77baa38875ddf99ecbdfd6fec98e5c0b1f7a0e1532
GET /wp-content/fonts/titillium-web/NaPecZTIAOhVxoMyOr9n_E7fdMPmDQ.woff2 HTTP/1.1
Host: lajme-info.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://lajme-info.live/wp-content/fonts/7ef2cbd9c8aeb8c2f3cc5f3872845117.css
HTTP/1.1 200 OK
server: nginx
date: Sun, 04 Dec 2022 19:32:35 GMT
content-type: font/woff2
content-length: 12372
last-modified: Sat, 03 Dec 2022 23:10:44 GMT
etag: "638bd774-3054"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
x-cacheable: YES
age: 28451
accept-ranges: bytes
x-cache: HIT
strict-transport-security: max-age=15768000
lajme-info.live/wp-content/fonts/titillium-web/NaPDcZTIAOhVxoMyOr9n_E7ffBzCGItzYw.woff2
63.250.43.132200 OK 12 kB URL HTTP/1.1 lajme-info.live/wp-content/fonts/titillium-web/NaPDcZTIAOhVxoMyOr9n_E7ffBzCGItzYw.woff2
IP 63.250.43.132:0
File type Web Open Font Format (Version 2), TrueType, length 12136, version 1.0\012- data
Hash 5d7c6bb8fd4fc992c54e596ab7433d5d
35fd6e4c125235cb7f9aa6e297da4b64ae45b06a
dd870101ad4e95d687a2eb734707b0dd7c20808f76d7be77a71a5d13cf99401c
GET /wp-content/fonts/titillium-web/NaPDcZTIAOhVxoMyOr9n_E7ffBzCGItzYw.woff2 HTTP/1.1
Host: lajme-info.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://lajme-info.live/wp-content/fonts/7ef2cbd9c8aeb8c2f3cc5f3872845117.css
HTTP/1.1 200 OK
server: nginx
date: Sun, 04 Dec 2022 19:33:06 GMT
content-type: font/woff2
content-length: 12136
last-modified: Sat, 03 Dec 2022 23:10:44 GMT
etag: "638bd774-2f68"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
x-cacheable: YES
age: 28420
accept-ranges: bytes
x-cache: HIT
strict-transport-security: max-age=15768000
friendshipmale.com/sfp.js
172.64.141.24200 OK 28 kB URL HTTP/1.1 friendshipmale.com/sfp.js
IP 172.64.141.24:0
File type Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Hash b1fa950e77a7db5425f9a5257af02e9c
2d5580451f34ad96218f8b97edf9708f9ee1be87
d999c4320df27dc4a1d3de5aec22bb3ef201560b47a7eff3f28f4133c1997a14
GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://lajme-info.live/
Connection: keep-alive
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 03:26:47 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: max-age=14400
X-Request-ID: 8ea5c0299ff639bed89e3d412fcd9d73
Strict-Transport-Security: max-age=0; includeSubdomains
CF-Cache-Status: EXPIRED
Last-Modified: Mon, 05 Dec 2022 03:26:46 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YQD0j6EHEswILNKXtJsQt6zsYi4Sw3K%2BqZpVm6afSlk6yq5MfRMwVemsMR4rrCqYEJfqkTMWqaLHgzbUX168XnkksrfXBAZN1aKcjiDLa%2FQCaaWl1vlTsD3etTFAVJ%2BgkCfrtnM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7749aea7ddf1754d-LHR
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.sca1b.amazontrust.com/
54.230.245.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.118:0
Hash f0f8b0d8806166791f6d6d9a9aa908ca
e30099fed67b541c022984b41b6de1e9ca8e01bb
c8d3589546edd372653dbcc6fe1bc48340d7bf5dc3b0f37324a9ff8014aa912b
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 05 Dec 2022 03:26:47 GMT
Last-Modified: Mon, 05 Dec 2022 02:02:16 GMT
Server: ECS (nyb/1D16)
X-Cache: Miss from cloudfront
Via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: sebGGLf1iLD99A10Pmh61NM3aVrl-DzltM2WVPXQuX3YQ6NMA_gu4A==
Age: 5071
tolerableinflectionkazan.com/pixel/purst?dl=0&th=0&sc=0&rs=1258&rd=1258&fd=855&bv=22.10.v.9&tmpl=70
192.243.59.13200 OK 0 B URL HTTP/1.1 tolerableinflectionkazan.com/pixel/purst?dl=0&th=0&sc=0&rs=1258&rd=1258&fd=855&bv=22.10.v.9&tmpl=70
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel/purst?dl=0&th=0&sc=0&rs=1258&rd=1258&fd=855&bv=22.10.v.9&tmpl=70 HTTP/1.1
Host: tolerableinflectionkazan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://lajme-info.live/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Mon, 05 Dec 2022 03:26:47 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
ocsp.sca1b.amazontrust.com/
54.230.245.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.118:0
Hash f0f8b0d8806166791f6d6d9a9aa908ca
e30099fed67b541c022984b41b6de1e9ca8e01bb
c8d3589546edd372653dbcc6fe1bc48340d7bf5dc3b0f37324a9ff8014aa912b
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=128266
Date: Mon, 05 Dec 2022 03:26:47 GMT
Etag: "638ca11c-1d7"
Expires: Tue, 06 Dec 2022 15:04:33 GMT
Last-Modified: Sun, 04 Dec 2022 13:31:08 GMT
Server: ECS (nyb/1D2E)
X-Cache: Miss from cloudfront
Via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: AM1dkCE49voUKqFJzRu1AKTFiK7ZAlMjncWnqB1DmQcsOlWW_7D5mg==
Age: 5605
simplewebanalysis.com/stats
18.185.190.54200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 18.185.190.54:0
File type ASCII text, with no line terminators
Hash 4848465cd12bac6b81d772e0b5615bb6
52f1a7e9c38f0a321aed5b85a25c85c5526d0697
350bd4f756ac138e6077a4673708af6cde249d730819e32096cc063169883b93
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://lajme-info.live/
Origin: http://lajme-info.live
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 03:26:47 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: http://lajme-info.live
access-control-allow-credentials: true
set-cookie: uid_id2=b6e967c8-e9db-4f96-823f-fce7bbec4204:1:1; expires=Thu, 02 Dec 2032 03:26:47 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
18.185.190.54200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 18.185.190.54:0
File type ASCII text, with no line terminators
Hash ecd507f5274d782fcd5e15c8f96036a5
aa4ade4e3729e0f1a2a780f6ca130b7a78061dcb
e86ca6cba893c9eb696fd17834fd2448811e80422d389bb7ffad1e7f0b3030ed
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://lajme-info.live/
Origin: http://lajme-info.live
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 03:26:47 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: http://lajme-info.live
access-control-allow-credentials: true
set-cookie: uid_id2=a50ae0aa-f430-4bfa-b709-642a4a8762d2:1:1; expires=Thu, 02 Dec 2032 03:26:47 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
lajme-info.live/wp-content/uploads/2022/12/a-72.jpg
63.250.43.132200 OK 77 kB URL HTTP/1.1 lajme-info.live/wp-content/uploads/2022/12/a-72.jpg
IP 63.250.43.132:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 120x120, segment length 16, baseline, precision 8, 910x542, components 3\012- data
Hash 66a01342c682fdf31426ecb69ab587b1
08946b85d4c401b2899c57d9f55298fa8d72ea9d
cc66e259613e8747599c7796bd34cdf7f72f598861f9a73a6e6c32d0834d77be
GET /wp-content/uploads/2022/12/a-72.jpg HTTP/1.1
Host: lajme-info.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://lajme-info.live/
Connection: keep-alive
HTTP/1.1 200 OK
server: nginx
date: Sun, 04 Dec 2022 19:52:14 GMT
content-type: image/jpeg
content-length: 77264
last-modified: Sun, 04 Dec 2022 19:31:24 GMT
etag: "638cf58c-12dd0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
x-cacheable: YES
age: 27272
accept-ranges: bytes
x-cache: HIT
strict-transport-security: max-age=15768000
lajme-info.live/wp-content/themes/legal-news/assets/webfonts/fa-regular-400.woff2
63.250.43.132200 OK 13 kB URL HTTP/1.1 lajme-info.live/wp-content/themes/legal-news/assets/webfonts/fa-regular-400.woff2
IP 63.250.43.132:0
File type Web Open Font Format (Version 2), TrueType, length 13224, version 331.-31196\012- data
Hash b91d376b8d7646d671cd820950d5f7f1
13517529affa39e2585c591acae6dc336b6aa917
e42a88444448ac3d60549cc7c1ff2c8a9cac721034c073d80a14a44e79730cca
GET /wp-content/themes/legal-news/assets/webfonts/fa-regular-400.woff2 HTTP/1.1
Host: lajme-info.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://lajme-info.live/wp-content/themes/legal-news/assets/css/fontawesome.min.css?ver=5.15.4
HTTP/1.1 200 OK
server: nginx
date: Sun, 04 Dec 2022 19:54:45 GMT
content-type: font/woff2
content-length: 13224
last-modified: Sat, 03 Dec 2022 23:10:27 GMT
etag: "638bd763-33a8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: http://lajme-info.live
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
x-cacheable: YES
age: 27121
accept-ranges: bytes
x-cache: HIT
strict-transport-security: max-age=15768000
banquetunarmedgrater.com/advertisers.js
173.233.137.44200 OK 0 B URL HTTP/1.1 banquetunarmedgrater.com/advertisers.js
IP 173.233.137.44:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /advertisers.js HTTP/1.1
Host: banquetunarmedgrater.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://lajme-info.live/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 05 Dec 2022 03:26:47 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 23cbe640ec22a9693c5ada038455daba
Strict-Transport-Security: max-age=0; includeSubdomains
lajme-info.live/wp-content/themes/legal-news/assets/webfonts/fa-solid-900.woff2
63.250.43.132200 OK 78 kB URL HTTP/1.1 lajme-info.live/wp-content/themes/legal-news/assets/webfonts/fa-solid-900.woff2
IP 63.250.43.132:0
File type Web Open Font Format (Version 2), TrueType, length 78268, version 331.-31196\012- data
Hash d824df7eb2e268626a2dd9a6a741ac4e
0ccb2c814a7e4ca12c4778821633809cb0361eaa
9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537
GET /wp-content/themes/legal-news/assets/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: lajme-info.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://lajme-info.live/wp-content/themes/legal-news/assets/css/fontawesome.min.css?ver=5.15.4
HTTP/1.1 200 OK
server: nginx
date: Sun, 04 Dec 2022 19:54:45 GMT
content-type: font/woff2
content-length: 78268
last-modified: Sat, 03 Dec 2022 23:10:27 GMT
etag: "638bd763-131bc"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: http://lajme-info.live
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
x-cacheable: YES
age: 27121
accept-ranges: bytes
x-cache: HIT
strict-transport-security: max-age=15768000
lajme-info.live/wp-content/uploads/2022/12/ilir-meta-2-2.jpg
63.250.43.132200 OK 125 kB URL HTTP/1.1 lajme-info.live/wp-content/uploads/2022/12/ilir-meta-2-2.jpg
IP 63.250.43.132:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4], baseline, precision 8, 1046x554, components 3\012- data
Size 125 kB (125212 bytes)
Hash 3ec8f23262a5daf1ef4e91ee52b78812
a64948a8fc8d90785b48c1b5edeb54c4a4e8b052
8c659669f8ceea10460d154faafb746bef62910f61d70d3e9c2ba9172edec5a2
GET /wp-content/uploads/2022/12/ilir-meta-2-2.jpg HTTP/1.1
Host: lajme-info.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://lajme-info.live/
Connection: keep-alive
HTTP/1.1 200 OK
server: nginx
date: Sun, 04 Dec 2022 19:54:18 GMT
content-type: image/jpeg
content-length: 125212
last-modified: Sun, 04 Dec 2022 17:54:05 GMT
etag: "638cdebd-1e91c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
access-control-allow-credentials: true
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type
x-cacheable: YES
age: 27149
accept-ranges: bytes
x-cache: HIT
strict-transport-security: max-age=15768000
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 74ad419af503bc1793670c1de7fb305a
f8e9758008028f7b332d8d56d6728990a4a86d49
d9a05bfd5cc726889f8d8210ae75320f2596c5d5aebf1e7001646dea286bc439
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D9A05BFD5CC726889F8D8210AE75320F2596C5D5AEBF1E7001646DEA286BC439"
Last-Modified: Mon, 05 Dec 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13601
Expires: Mon, 05 Dec 2022 07:13:28 GMT
Date: Mon, 05 Dec 2022 03:26:47 GMT
Connection: keep-alive
unseenreport.com/pxf.gif?uuid=a50ae0aa-f430-4bfa-b709-642a4a8762d2&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1053&b_frame=0&pk=d8a51cee7a32b781d2723a6d87492cac&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=3
192.243.59.12200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=a50ae0aa-f430-4bfa-b709-642a4a8762d2&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1053&b_frame=0&pk=d8a51cee7a32b781d2723a6d87492cac&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=3
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=a50ae0aa-f430-4bfa-b709-642a4a8762d2&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1053&b_frame=0&pk=d8a51cee7a32b781d2723a6d87492cac&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=3 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://lajme-info.live/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Mon, 05 Dec 2022 03:26:47 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a902e5f25ed3b4ec95b27beabcbc1ffa
Strict-Transport-Security: max-age=0; includeSubdomains
unseenreport.com/pxf.gif?uuid=a50ae0aa-f430-4bfa-b709-642a4a8762d2&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1053&b_frame=0&pk=09a00d0c991e7703a4b0783e14911aa8&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=3
192.243.59.12200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=a50ae0aa-f430-4bfa-b709-642a4a8762d2&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1053&b_frame=0&pk=09a00d0c991e7703a4b0783e14911aa8&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=3
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=a50ae0aa-f430-4bfa-b709-642a4a8762d2&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1053&b_frame=0&pk=09a00d0c991e7703a4b0783e14911aa8&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=3 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://lajme-info.live/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Mon, 05 Dec 2022 03:26:47 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d942d68e163455c8700af3680f4bb3be
Strict-Transport-Security: max-age=0; includeSubdomains
lajme-info.live/favicon.ico
63.250.43.132204 No Content 0 B URL HTTP/1.1 lajme-info.live/favicon.ico
IP 63.250.43.132:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: lajme-info.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://lajme-info.live/
Connection: keep-alive
Cookie: dom3ic8zudi28v8lr6fgphwffqoz0j6c=a50ae0aa-f430-4bfa-b709-642a4a8762d2%3A1%3A1; ppu_main_09a00d0c991e7703a4b0783e14911aa8=1; sb_main_d8a51cee7a32b781d2723a6d87492cac=1; sb_count_d8a51cee7a32b781d2723a6d87492cac=1
HTTP/1.1 204 No Content
server: nginx
date: Sun, 04 Dec 2022 19:54:57 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-type: image/png
age: 27110
x-cache: HIT
strict-transport-security: max-age=15768000
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4281
Expires: Mon, 05 Dec 2022 04:38:09 GMT
Date: Mon, 05 Dec 2022 03:26:48 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4281
Expires: Mon, 05 Dec 2022 04:38:09 GMT
Date: Mon, 05 Dec 2022 03:26:48 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4281
Expires: Mon, 05 Dec 2022 04:38:09 GMT
Date: Mon, 05 Dec 2022 03:26:48 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4281
Expires: Mon, 05 Dec 2022 04:38:09 GMT
Date: Mon, 05 Dec 2022 03:26:48 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60dcc231-abb7-48f1-8ec5-e25b31bd100b.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60dcc231-abb7-48f1-8ec5-e25b31bd100b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 24c69d7ef356b352956d6dcbc9f5df1d
2cc31dc1c5d2d2a8b3a378dce8a1240a79acfec9
94d068620c34652cb2d24ca8b3cf962febe9606e6d3a33d937fc9d99f176edef
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60dcc231-abb7-48f1-8ec5-e25b31bd100b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10396
x-amzn-requestid: b879fd2e-b6cf-4373-b780-2d97481c45f8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cioNbH5KoAMFUsA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638a8722-6add7f8e225878473b20c015;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 23:15:46 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ir97GJKaFoW6BNXCcmMqp0JSUd5JhCACyUvLh5G-0BWCDVJsqs7XhQ==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 22:03:01 GMT
age: 19427
etag: "2cc31dc1c5d2d2a8b3a378dce8a1240a79acfec9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9e81e29f-79a8-4af6-b0c7-7f49bfafb17e.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9e81e29f-79a8-4af6-b0c7-7f49bfafb17e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f71032604eecccf0a81f323a5f96a400
f8866d4f3185bcf7871581d75339998b34d6cf6d
d053eedc717d7fd86e621ba948680be16538396d1ba9854b6816626d149b1c57
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9e81e29f-79a8-4af6-b0c7-7f49bfafb17e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6886
x-amzn-requestid: d721caf6-2252-4ede-9533-3d3fcd6cce0d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cpsw-FfRoAMFtOQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d5b39-7644a195142f6c420ec7eac6;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 02:45:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: RwhNdxS-EBTraqzS_TnCNXj3JXgz5NkO8oLyQaHOhHdtnvBbg4vsRQ==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 02:45:13 GMT
etag: "f8866d4f3185bcf7871581d75339998b34d6cf6d"
content-type: image/jpeg
age: 2495
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F47f316c5-1381-4b6e-9e8d-f1956258ef3e.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F47f316c5-1381-4b6e-9e8d-f1956258ef3e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a349d02cce160f72cc93f6fb6e45fa46
a6f82481ea0a820da0f199e8f9051a4aa4013c82
ab320118577a2dcb6ab7ad904d6350e187501a94b39b71fdd70b31cbc8853b24
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F47f316c5-1381-4b6e-9e8d-f1956258ef3e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6826
x-amzn-requestid: f0abdba6-14c8-4aae-ba3b-37ba0af2ff08
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_t2FsLIAMFekA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d1325-3452be066acddb554f528cc3;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:41 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: GS4yLzXiIZt-eL9T7gjbf2-vMu8i30WKPDmc2EQDxv0CELjdW1gMVA==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:46:51 GMT
age: 20397
etag: "a6f82481ea0a820da0f199e8f9051a4aa4013c82"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc619d7d-5f58-4402-a30a-fe05dd9e2922.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc619d7d-5f58-4402-a30a-fe05dd9e2922.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6079166a1ed5bac7373183f03f33b84e
b0c9391b87a4560598e43d5084dda41e267974a9
3e2faccbc3e14a10da4a433d789068cdc3fb2d3e2a04a7e2b7ea5f6f6313dcd4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc619d7d-5f58-4402-a30a-fe05dd9e2922.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13647
x-amzn-requestid: 36276b12-9e02-4d00-a100-9aa5c794fc79
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_ueEWUoAMFj7Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d1329-7abb45a85c6bc2235c25d61e;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:45 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: oXeR8DTpEoK8E-BiI7gT4JEIdVBfiimfydNYIC62_rNLlTdem9Buig==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:45:46 GMT
age: 20462
etag: "b0c9391b87a4560598e43d5084dda41e267974a9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa1caf4c1-b9c0-4db1-a780-00b9a6198731.jpeg
34.120.237.76200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa1caf4c1-b9c0-4db1-a780-00b9a6198731.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8d76ec668361348eb17d54001fd2e6c6
534299a20a76ea6e3250f0fb35fe772cac04ef51
22676fae3909acf18e6cd4f505ec718fdac156990edb20926afdae2a359a2859
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa1caf4c1-b9c0-4db1-a780-00b9a6198731.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5209
x-amzn-requestid: 682056d5-7815-4fd1-b05b-723619128d8a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cjKUXF5eoAMFRvQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638abdb5-6df5d866267739212832ee66;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 03:08:37 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: pFKMx6_a5Ml_dBK1dafOt4KFMeC5SwUqNlNpc8sO4DVj0Ocb2Yksrw==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 03:45:46 GMT
age: 85262
etag: "534299a20a76ea6e3250f0fb35fe772cac04ef51"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe9e8d044-2cda-4dba-9da8-c0a296845bca.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe9e8d044-2cda-4dba-9da8-c0a296845bca.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b8e6f84dff61fedd8ff9baa9bb648883
f8d5cc7b315879b66a11b403463da1330617d2fa
025c66a4a0e7927353e1733d7f8cfb6ec3c9c0228d34267cbff11f09cf112127
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe9e8d044-2cda-4dba-9da8-c0a296845bca.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12348
x-amzn-requestid: 72f681ef-9ae7-4fc5-8539-230e1d4277a1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cjKa_HpTIAMFrcg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638abddf-43ef45165fd982997e5018c8;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 03:09:19 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Ee7Rihwq-F-zcJWcnxZtfzfmhrn0w3mub_5F4j8u0r2Uc91oXrKPzA==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 04:17:01 GMT
age: 83387
etag: "f8d5cc7b315879b66a11b403463da1330617d2fa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
triflingzenithenergetic.com/sbar.json?key=d8a51cee7a32b781d2723a6d87492cac&uuid=b6e967c8-e9db-4f96-823f-fce7bbec4204%3A1%3A1
192.243.59.20200 OK 4.2 kB URL HTTP/1.1 triflingzenithenergetic.com/sbar.json?key=d8a51cee7a32b781d2723a6d87492cac&uuid=b6e967c8-e9db-4f96-823f-fce7bbec4204%3A1%3A1
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type JSON data\012- , ASCII text, with very long lines (5870), with no line terminators
Hash 62d5faa2405d26af904daedccef0c3e6
595be21dcc52af7d10e7e1aa207b96621df306d0
cb4c9c34558cb8311b3104f28c68f28f2a9cb6dcd5b565053c6e0e9e3d310b91
Analyzer Verdict Alert quad9 Sinkholed
GET /sbar.json?key=d8a51cee7a32b781d2723a6d87492cac&uuid=b6e967c8-e9db-4f96-823f-fce7bbec4204%3A1%3A1 HTTP/1.1
Host: triflingzenithenergetic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://lajme-info.live/
Origin: http://lajme-info.live
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Mon, 05 Dec 2022 03:26:48 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://lajme-info.live
Access-Control-Allow-Origin: http://lajme-info.live
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=17934259; expires=Tue, 06 Dec 2022 03:26:47 GMT; secure; SameSite=None
uid_id2=b6e967c8-e9db-4f96-823f-fce7bbec4204:1:1; expires=Mon, 12 Dec 2022 03:26:47 GMT; secure; SameSite=None
pdhtkv=true; expires=Tue, 06 Dec 2022 03:26:48 GMT; secure; SameSite=None
uncs=1; expires=Tue, 06 Dec 2022 03:26:48 GMT; secure; SameSite=None
pdhtkv29=true; expires=Tue, 06 Dec 2022 03:26:48 GMT; secure; SameSite=None
uncs29=1; expires=Tue, 06 Dec 2022 03:26:48 GMT; secure; SameSite=None
slecd8a51cee7a32b781d2723a6d87492cac=[3760946]; expires=Mon, 05 Dec 2022 03:26:53 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 898a4b55143ae1eca142195b1219a5c6
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash d616b0b14e0c5cda5c98d0b99cccbaf3
657299c8f642a892045dbfe2a6958133e6b57f99
3590d6a37989c47a5d082655909defed76f2f4a467d3f6700134bba4ffb130f7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3590D6A37989C47A5D082655909DEFED76F2F4A467D3F6700134BBA4FFB130F7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6523
Expires: Mon, 05 Dec 2022 05:15:31 GMT
Date: Mon, 05 Dec 2022 03:26:48 GMT
Connection: keep-alive
triflingzenithenergetic.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSzYscxRuuTvZ3%2BOkp4kXwYw4eFNzZ7p7PNodgTKLBJBuSSMBbffVsZau7mqru6cmeFoOSg8EJOcRj7zO7WdSgBsGbKLO5yIKwoyB7cPVPEALBiyAzO7D4QtX7vvW8h%2Fd5nvp4ozggPgq6f%2FmiWVNa06VW3a%2B9dl2lwpSudulaLfDr%2FsnadZW2mydrg%2Bll%2B28Gfqvuv157R%2FJVsxT6ge8HflA7p6yMzWBphkJlD6OgHvn1ZlgPWk0M7H97V3hw1IPoH5DnoMTkfys%2FPYLiY6TJN2ekW81N9sbZpNA0NxZ9sf1%2BupqaMkVyVMbWQ5xuz6dh3ISQz47BpNtzBjD9zSkDMDUh3m8BWLo9XxOsv3W4KdOQKZh4FmV%2FDKnHUHQMbm5BiT0CcIFLy0iTB5eMLenNQ5RO0QlZePoEqpyQhd%2BfR5p8dVqrQe2q0UWuTOowiCuowRiqN0ZW7CBf86DKHfD8QyjxM1l6egFpsrnstIES%2B6%2BytozaHd5dlJFgi804ai92w0a8GHPZYUzyZug3ZxIpNYaKx9ByCOo8FNOjPBSxhyLzkIj9Gm1Fse93YhY3Gt0m57zR4LzVbYuWaDS7sY%2BCTzkMkWdDcD0Et%2BvI7DpW1d2945%2FCFj%2FCrVRwwoPLCfqiQikJSkdQUoJSEZQ5QdmvtoR2oaseCO0KFsxzOM%2BNamTy3gbdMnlPpmQjOyAnptp5J7a%2Fxarcr4kubQVcyg5thKzTDUTYCRu0LbqdZhRyyuFUBeWOzZiuqQl55aP7yNSE%2FP%2Fde2B0B07vgKsXQYuXQMtRJ%2FRBV0bNro%2B19GtNbyRyUaWxqWvVlxCmQpYvIL%2FpbegD8sLMxoiHkHz31J%2B%2F%2FvPku7MAtxUyW%2BGGekzQ07dHV0xJNq%2BY0pFHy1muErVGpxZfzWkuF754T94sjRXnz7jh52%2FxKTAtH16TLr9AU6HSniNfnlZCSHvOWC7J9%2BfddckuF27ldGHTIrtw%2Be1z55PMSueUScegaq9zD1xNyDMX12ef9%2BVPHkPZMWxRISl2yTygzA54tg6X7Z66f2f5j5PiAzhDYPXRDMs8lEU1siE7etSKQMujnrIKTh5JwOTuD38dYhvuNnrWA81vIU0q9G2Fvq5A9RCuOD7KM7t76pfGLMC0N2LaeptMW333UFqn9muyFfux9EPJ4ojFHeqLKG5GjEaB7LAWDZC7Cb8j%2Fv4XAAD%2F%2FwEAAP%2F%2FuwcR%2FJQEAAA%3D
192.243.59.20200 OK 7 B URL HTTP/1.1 triflingzenithenergetic.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSzYscxRuuTvZ3%2BOkp4kXwYw4eFNzZ7p7PNodgTKLBJBuSSMBbffVsZau7mqru6cmeFoOSg8EJOcRj7zO7WdSgBsGbKLO5yIKwoyB7cPVPEALBiyAzO7D4QtX7vvW8h%2Fd5nvp4ozggPgq6f%2FmiWVNa06VW3a%2B9dl2lwpSudulaLfDr%2FsnadZW2mydrg%2Bll%2B28Gfqvuv157R%2FJVsxT6ge8HflA7p6yMzWBphkJlD6OgHvn1ZlgPWk0M7H97V3hw1IPoH5DnoMTkfys%2FPYLiY6TJN2ekW81N9sbZpNA0NxZ9sf1%2BupqaMkVyVMbWQ5xuz6dh3ISQz47BpNtzBjD9zSkDMDUh3m8BWLo9XxOsv3W4KdOQKZh4FmV%2FDKnHUHQMbm5BiT0CcIFLy0iTB5eMLenNQ5RO0QlZePoEqpyQhd%2BfR5p8dVqrQe2q0UWuTOowiCuowRiqN0ZW7CBf86DKHfD8QyjxM1l6egFpsrnstIES%2B6%2BytozaHd5dlJFgi804ai92w0a8GHPZYUzyZug3ZxIpNYaKx9ByCOo8FNOjPBSxhyLzkIj9Gm1Fse93YhY3Gt0m57zR4LzVbYuWaDS7sY%2BCTzkMkWdDcD0Et%2BvI7DpW1d2945%2FCFj%2FCrVRwwoPLCfqiQikJSkdQUoJSEZQ5QdmvtoR2oaseCO0KFsxzOM%2BNamTy3gbdMnlPpmQjOyAnptp5J7a%2Fxarcr4kubQVcyg5thKzTDUTYCRu0LbqdZhRyyuFUBeWOzZiuqQl55aP7yNSE%2FP%2Fde2B0B07vgKsXQYuXQMtRJ%2FRBV0bNro%2B19GtNbyRyUaWxqWvVlxCmQpYvIL%2FpbegD8sLMxoiHkHz31J%2B%2F%2FvPku7MAtxUyW%2BGGekzQ07dHV0xJNq%2BY0pFHy1muErVGpxZfzWkuF754T94sjRXnz7jh52%2FxKTAtH16TLr9AU6HSniNfnlZCSHvOWC7J9%2BfddckuF27ldGHTIrtw%2Be1z55PMSueUScegaq9zD1xNyDMX12ef9%2BVPHkPZMWxRISl2yTygzA54tg6X7Z66f2f5j5PiAzhDYPXRDMs8lEU1siE7etSKQMujnrIKTh5JwOTuD38dYhvuNnrWA81vIU0q9G2Fvq5A9RCuOD7KM7t76pfGLMC0N2LaeptMW333UFqn9muyFfux9EPJ4ojFHeqLKG5GjEaB7LAWDZC7Cb8j%2Fv4XAAD%2F%2FwEAAP%2F%2FuwcR%2FJQEAAA%3D
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSzYscxRuuTvZ3%2BOkp4kXwYw4eFNzZ7p7PNodgTKLBJBuSSMBbffVsZau7mqru6cmeFoOSg8EJOcRj7zO7WdSgBsGbKLO5yIKwoyB7cPVPEALBiyAzO7D4QtX7vvW8h%2Fd5nvp4ozggPgq6f%2FmiWVNa06VW3a%2B9dl2lwpSudulaLfDr%2FsnadZW2mydrg%2Bll%2B28Gfqvuv157R%2FJVsxT6ge8HflA7p6yMzWBphkJlD6OgHvn1ZlgPWk0M7H97V3hw1IPoH5DnoMTkfys%2FPYLiY6TJN2ekW81N9sbZpNA0NxZ9sf1%2BupqaMkVyVMbWQ5xuz6dh3ISQz47BpNtzBjD9zSkDMDUh3m8BWLo9XxOsv3W4KdOQKZh4FmV%2FDKnHUHQMbm5BiT0CcIFLy0iTB5eMLenNQ5RO0QlZePoEqpyQhd%2BfR5p8dVqrQe2q0UWuTOowiCuowRiqN0ZW7CBf86DKHfD8QyjxM1l6egFpsrnstIES%2B6%2BytozaHd5dlJFgi804ai92w0a8GHPZYUzyZug3ZxIpNYaKx9ByCOo8FNOjPBSxhyLzkIj9Gm1Fse93YhY3Gt0m57zR4LzVbYuWaDS7sY%2BCTzkMkWdDcD0Et%2BvI7DpW1d2945%2FCFj%2FCrVRwwoPLCfqiQikJSkdQUoJSEZQ5QdmvtoR2oaseCO0KFsxzOM%2BNamTy3gbdMnlPpmQjOyAnptp5J7a%2Fxarcr4kubQVcyg5thKzTDUTYCRu0LbqdZhRyyuFUBeWOzZiuqQl55aP7yNSE%2FP%2Fde2B0B07vgKsXQYuXQMtRJ%2FRBV0bNro%2B19GtNbyRyUaWxqWvVlxCmQpYvIL%2FpbegD8sLMxoiHkHz31J%2B%2F%2FvPku7MAtxUyW%2BGGekzQ07dHV0xJNq%2BY0pFHy1muErVGpxZfzWkuF754T94sjRXnz7jh52%2FxKTAtH16TLr9AU6HSniNfnlZCSHvOWC7J9%2BfddckuF27ldGHTIrtw%2Be1z55PMSueUScegaq9zD1xNyDMX12ef9%2BVPHkPZMWxRISl2yTygzA54tg6X7Z66f2f5j5PiAzhDYPXRDMs8lEU1siE7etSKQMujnrIKTh5JwOTuD38dYhvuNnrWA81vIU0q9G2Fvq5A9RCuOD7KM7t76pfGLMC0N2LaeptMW333UFqn9muyFfux9EPJ4ojFHeqLKG5GjEaB7LAWDZC7Cb8j%2Fv4XAAD%2F%2FwEAAP%2F%2FuwcR%2FJQEAAA%3D HTTP/1.1
Host: triflingzenithenergetic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://lajme-info.live/
Connection: keep-alive
Cookie: u_pl=17934259; uid_id2=b6e967c8-e9db-4f96-823f-fce7bbec4204:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecd8a51cee7a32b781d2723a6d87492cac=[3760946]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Mon, 05 Dec 2022 03:26:48 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 7e8be1bfdcfd04978b0ffb6da97c55ca
Strict-Transport-Security: max-age=0; includeSubdomains
e1.o.lencr.org/
95.101.11.115200 OK 346 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash a9ff5fa0b5c4765b050f2381f57f5520
0ce842b0fbaef98e256cc66eff4615df094b9d51
95e33b8d7c38a952cbc353b5e2587cd1154da32d9ba29f010bd4b70a4ff2c487
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "95E33B8D7C38A952CBC353B5E2587CD1154DA32D9BA29F010BD4B70A4FF2C487"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6427
Expires: Mon, 05 Dec 2022 05:13:55 GMT
Date: Mon, 05 Dec 2022 03:26:48 GMT
Connection: keep-alive
e1.o.lencr.org/
95.101.11.115200 OK 346 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash a9ff5fa0b5c4765b050f2381f57f5520
0ce842b0fbaef98e256cc66eff4615df094b9d51
95e33b8d7c38a952cbc353b5e2587cd1154da32d9ba29f010bd4b70a4ff2c487
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "95E33B8D7C38A952CBC353B5E2587CD1154DA32D9BA29F010BD4B70A4FF2C487"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6427
Expires: Mon, 05 Dec 2022 05:13:55 GMT
Date: Mon, 05 Dec 2022 03:26:48 GMT
Connection: keep-alive
cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/mac/multi/1/img/flash-logo.png
172.64.109.13200 OK 9.4 kB URL HTTP/2 cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/mac/multi/1/img/flash-logo.png
IP 172.64.109.13:0
File type PNG image data, 240 x 240, 8-bit colormap, non-interlaced\012- data
Hash 910542c04f8bf2f90ee33d17d538a006
18d5943e5d51539038f7988c34bccef2937c5545
5969cb3c5c4f573f5c05035ddf9748ee17d5c71df6fca4e484f65d30e2694e57
GET /sb/interstitial/software/flashPlayer/mac/multi/1/img/flash-logo.png HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 03:26:48 GMT
content-type: image/png
content-length: 9360
last-modified: Wed, 01 Sep 2021 12:22:39 GMT
etag: "612f708f-2490"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 1690478
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CaRDYJGWf6QWEX3omVzs4%2BAuJj0VigeC77NQss1OxbhiQGB1ybCJf3QbiJvyc7fCxseYK9OKBfyQMkR0srlmf2fDCj0oWzvI8joncgzIkgdgHd1U5RHPKTsiwFlKFo1rebf%2Fquf6dqL4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7749aeb12d6b75c5-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
142.250.74.74200 OK 660 B URL HTTP/1.1 fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
IP 142.250.74.74:0
Hash 55130bf120bd75a4bba7d678be617cdf
77b172c0cc1d15e60ab95edccf3ac1e640d16812
262b9e8c2eeba18bdc3dd53ac7bbacdbbec713a9443ff5dc34e359de56ea040d
GET /css?family=Roboto:300,400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Mon, 05 Dec 2022 03:26:48 GMT
Date: Mon, 05 Dec 2022 03:26:48 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin-allow-popups
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
e1.o.lencr.org/
95.101.11.115200 OK 346 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash a9ff5fa0b5c4765b050f2381f57f5520
0ce842b0fbaef98e256cc66eff4615df094b9d51
95e33b8d7c38a952cbc353b5e2587cd1154da32d9ba29f010bd4b70a4ff2c487
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "95E33B8D7C38A952CBC353B5E2587CD1154DA32D9BA29F010BD4B70A4FF2C487"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6427
Expires: Mon, 05 Dec 2022 05:13:55 GMT
Date: Mon, 05 Dec 2022 03:26:48 GMT
Connection: keep-alive
triflingzenithenergetic.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Finterstitial%2Fsoftware%2FflashPlayer%2Fmac%2Fmulti%2F1%2Findex.html&l=3323&fd=112
192.243.59.20200 OK 0 B URL HTTP/1.1 triflingzenithenergetic.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Finterstitial%2Fsoftware%2FflashPlayer%2Fmac%2Fmulti%2F1%2Findex.html&l=3323&fd=112
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Finterstitial%2Fsoftware%2FflashPlayer%2Fmac%2Fmulti%2F1%2Findex.html&l=3323&fd=112 HTTP/1.1
Host: triflingzenithenergetic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://lajme-info.live/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Mon, 05 Dec 2022 03:26:48 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
triflingzenithenergetic.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Finterstitial%2Fsoftware%2FflashPlayer%2Fmac%2Fmulti%2F1%2Fcss%2Fanimate.css&l=79249&fd=335
192.243.59.20200 OK 0 B URL HTTP/1.1 triflingzenithenergetic.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Finterstitial%2Fsoftware%2FflashPlayer%2Fmac%2Fmulti%2F1%2Fcss%2Fanimate.css&l=79249&fd=335
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Finterstitial%2Fsoftware%2FflashPlayer%2Fmac%2Fmulti%2F1%2Fcss%2Fanimate.css&l=79249&fd=335 HTTP/1.1
Host: triflingzenithenergetic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://lajme-info.live/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Mon, 05 Dec 2022 03:26:48 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/mac/multi/1/js/jquery.min.js
172.64.109.13200 OK 31 kB URL HTTP/2 cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/mac/multi/1/js/jquery.min.js
IP 172.64.109.13:0
File type ASCII text, with very long lines (32025), with CRLF line terminators
Hash 495f2637f06227cfe1ca251b271469a4
9938a06dbbbe9202b2e63f3a78def4cdae776de4
8ebdfa0cf6b633da88c4b315ae426f7fc03c0bf7e502a6f33e2f6347f3994aac
GET /sb/interstitial/software/flashPlayer/mac/multi/1/js/jquery.min.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 03:26:48 GMT
content-type: application/javascript
last-modified: Wed, 01 Sep 2021 12:22:37 GMT
etag: W/"612f708d-149a0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 1690478
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tiSfQC8lNGz0MwXsqMvsJ2hw4FCWG0hKPm%2BCnwLqtZAkmOF9FaCCqJFiNO285kbqLlLpMSZil%2B2JfBnIBwTNvj2f5A6fhSpbJGC1H0CMw4gIGM%2FcTWclORURtcCp3Fxh9cv1JzBmxAET"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7749aeb12d6d75c5-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/mac/multi/1/css/style.css
172.64.109.13200 OK 1.3 kB URL HTTP/2 cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/mac/multi/1/css/style.css
IP 172.64.109.13:0
Hash b0b362d133eb4904706bb0622229b74f
22d89f78efb4c1cf967ac7e28821f4f39df8baf7
79b0f34463059aaa97b3b2f0f3319f64e893a595ce9e300d86fb031cc7fa28c0
GET /sb/interstitial/software/flashPlayer/mac/multi/1/css/style.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://lajme-info.live/
Origin: http://lajme-info.live
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 03:26:48 GMT
content-type: text/css
last-modified: Wed, 01 Sep 2021 12:22:34 GMT
etag: W/"612f708a-11aa"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X0K76j8EPY2YpjYGja6ED6s2zEMRE6m%2BaH0JPjKYNyvSmQDhGtvrG5bLlekCrRMUUqa9FPdBwZ841dg3QBkrkyvwnxmMlb0Graqaa9jJV17h2i5TkBchmoY85OgjUeMBmnE094ab5nQK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7749aeb10d6275c5-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/mac/multi/1/js/script.js
172.64.109.13200 OK 11 kB URL HTTP/2 cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/mac/multi/1/js/script.js
IP 172.64.109.13:0
Hash ab45e7ba56486198f59bfaab78f54f51
e84ec582a35ae6c5448103be671519787f17a7d8
c20d1df84228735ce775522e25ddc9cd2017ed49c8e1e517bbcb3bc398d39c1f
GET /sb/interstitial/software/flashPlayer/mac/multi/1/js/script.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://lajme-info.live/
Origin: http://lajme-info.live
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 03:26:48 GMT
content-type: application/javascript
last-modified: Wed, 01 Sep 2021 12:22:36 GMT
etag: W/"612f708c-7082"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9XJlfK3ka1jndruZM4PDs1u289OQ23JoNmSsaFeIlFhIftyFAjpnTxekRAjoPOpAgfWik%2FbzTAhWLbjQI71zRJ3nQ%2Buu%2FWrXpdWffpOwtHQZj4nvu49wvlkOh2ofHxkh2YWqbDzEEJJi"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7749aeb18d9275c5-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
triflingzenithenergetic.com/pixel/sbs?c=1
192.243.59.20200 OK 0 B URL HTTP/1.1 triflingzenithenergetic.com/pixel/sbs?c=1
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbs?c=1 HTTP/1.1
Host: triflingzenithenergetic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://lajme-info.live/
Connection: keep-alive
Cookie: u_pl=17934259; uid_id2=b6e967c8-e9db-4f96-823f-fce7bbec4204:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecd8a51cee7a32b781d2723a6d87492cac=[3760946]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Mon, 05 Dec 2022 03:26:49 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
cdn.barscreative1.com/sb/interstitial/software/flashPlayer/mac/multi/1/index.html
45.133.44.4200 OK 0 B URL HTTP/2 cdn.barscreative1.com/sb/interstitial/software/flashPlayer/mac/multi/1/index.html
IP 45.133.44.4:0
ASN #39572 DataWeb Global Group B.V.
Analyzer Verdict Alert fortinet Phishing
GET /sb/interstitial/software/flashPlayer/mac/multi/1/index.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://lajme-info.live/
Origin: http://lajme-info.live
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 03:26:48 GMT
content-type: text/html; charset=utf-8
server: nginx/1.17.6
last-modified: Wed, 01 Sep 2021 12:22:33 GMT
etag: W/"612f7089-cfb"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Mon, 05 Dec 2022 04:26:48 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/mac/multi/1/img/close.svg
172.64.109.13200 OK 0 B URL HTTP/2 cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/mac/multi/1/img/close.svg
IP 172.64.109.13:0
GET /sb/interstitial/software/flashPlayer/mac/multi/1/img/close.svg HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 03:26:48 GMT
content-type: image/svg+xml
last-modified: Wed, 01 Sep 2021 12:22:39 GMT
etag: W/"612f708f-4ff"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 1690478
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5hRr%2BxOFTmc5Mws5o5KaW0HVVIi2Yp%2F0HZYKG1UShm33nqjpuMGumDS%2FSwQklVNxLJNB9S71EQYcpsaga3v4j7ay9XZwZPrR9TFPfFM1LXO3BHywF4UfQ2hY%2BbOk0SPUgmPO%2F61O4cI2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7749aeb12d6a75c5-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
pl18034679.highperformancecpmgate.com/09/a0/0d/09a00d0c991e7703a4b0783e14911aa8.js
192.243.61.225200 OK 0 B URL HTTP/1.1 pl18034679.highperformancecpmgate.com/09/a0/0d/09a00d0c991e7703a4b0783e14911aa8.js
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
Analyzer Verdict Alert quad9 Sinkholed
GET /09/a0/0d/09a00d0c991e7703a4b0783e14911aa8.js HTTP/1.1
Host: pl18034679.highperformancecpmgate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://lajme-info.live/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Mon, 05 Dec 2022 03:26:46 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d590848436321cfd30d4aa5d455e59f1
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/mac/multi/1/css/animate.css
172.64.109.13200 OK 0 B URL HTTP/2 cdn.creative-bars1.com/sb/interstitial/software/flashPlayer/mac/multi/1/css/animate.css
IP 172.64.109.13:0
GET /sb/interstitial/software/flashPlayer/mac/multi/1/css/animate.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://lajme-info.live/
Origin: http://lajme-info.live
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 03:26:48 GMT
content-type: text/css
last-modified: Wed, 01 Sep 2021 12:22:34 GMT
etag: W/"612f708a-13591"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OOojtpuj%2B0%2FSWrWbGV3usrKCPOYZyYadoUazg2viWRNV%2BDcZhDcKeJqZuMxhw0LikUBkmOmyvlhc5lYHJMK5CpDVfE4cOKc%2FX3mtiH1XJsB3vJZm1qwXGVG1l4XnK1vuXO9O3WTccWjA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7749aeb10d5e75c5-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2