mitaku.net/ero-cosplay/usatame-yor-forger/
104.21.89.91301 Moved Permanently 0 B URL HTTP/1.1 mitaku.net/ero-cosplay/usatame-yor-forger/
IP 104.21.89.91:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ero-cosplay/usatame-yor-forger/ HTTP/1.1
Host: mitaku.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Thu, 24 Nov 2022 23:16:05 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Fri, 25 Nov 2022 00:16:05 GMT
Location: https://mitaku.net/ero-cosplay/usatame-yor-forger/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H1pm9TJ8HI2eEhqzkVPwJIdwNxbDGBueRQXz4hQMVyqQB5fTqFzXmgGxUpXBWWyUlaMmh9s2c79T4OLtPu%2BsUBLr7gd0TkNQp1YfaFV6GytZ0fELbG2AVmnP71Ts"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f5d9ad2d47b4fd-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7c60904d097cde276e4e5632cef1b9f1
4f805026462589345d85e8df2d18eafba6237504
12af026999398f4976749e320667d43da3f99b7a2e8254aca7a410a964a106aa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "12AF026999398F4976749E320667D43DA3F99B7A2E8254ACA7A410A964A106AA"
Last-Modified: Thu, 24 Nov 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3121
Expires: Fri, 25 Nov 2022 00:08:06 GMT
Date: Thu, 24 Nov 2022 23:16:05 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash af40a2fcf8debb90c3608002da6c907a
3c75d6c0b557a3bd8d5db50155b8d896e852c145
555617a51ee3077552545a29a3baf0b43e8a82367e4c08110ee480ebedc8b523
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3732
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 23:16:05 GMT
Last-Modified: Thu, 24 Nov 2022 22:13:53 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 260e9998c20d831b66f1029c8f47aac9
716d630f647c54dc69a7f9c63a6cac294b3df7f7
c9951a909f354174f0075a01c01c3c3aa6960983040e328bfbbbea81aeb405c2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C9951A909F354174F0075A01C01C3C3AA6960983040E328BFBBBEA81AEB405C2"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13432
Expires: Fri, 25 Nov 2022 02:59:57 GMT
Date: Thu, 24 Nov 2022 23:16:05 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 8e3be5a406188132e971edce9a98c7ad
8f44a3f18936bc3741c51083500cd9a257285763
24a3471aa3adc29dcaa862aa14bc99fd27550ead121f0a369ba45d6c535d0793
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3712
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 23:16:05 GMT
Last-Modified: Thu, 24 Nov 2022 22:14:13 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 278
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 4d7e4eed097b9c4e5d509419f1cfc85a
290bb3d428a7c6330e2e3d73a952b16f820896c8
0dc9ca0f57af15adcd416035e92794711434e3d53a1feff21d8481d6d500986c
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Alert, Backoff, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 24 Nov 2022 22:17:20 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 3525
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: jYTDaJHHkTiMshoM6tVZr1VlCUBkO490OxC67LcaKSBacOg5I7J7FKXvQ4OU7Ni+uTuJQOhj44c=
x-amz-request-id: W7M818TXCADAF61F
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 24 Nov 2022 22:40:34 GMT
age: 2131
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 24 Nov 2022 23:16:05 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Cache-Control, ETag, Pragma, Expires, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 24 Nov 2022 23:11:11 GMT
cache-control: public,max-age=3600
age: 295
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fb6949e7abaa473393f7c604691de14f
599681bba3947709baa603bbae2dd7afd04059a4
36c5165526ea9d34de14d36655ed494d0cffaa11ca3271ee47824ac11246ba13
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5454
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 23:16:06 GMT
Last-Modified: Thu, 24 Nov 2022 21:45:12 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 8e3be5a406188132e971edce9a98c7ad
8f44a3f18936bc3741c51083500cd9a257285763
24a3471aa3adc29dcaa862aa14bc99fd27550ead121f0a369ba45d6c535d0793
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3713
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 23:16:06 GMT
Last-Modified: Thu, 24 Nov 2022 22:14:13 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 278
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 1.4 kB IP 142.250.74.3:0
Hash 99c0b61a0de021449a308e97bca51555
94596457cc9b7eb14e3d44ae85f1368b00fe1286
353ea0fcda425e317ed678b76d58a5b093350a78855054940bfd3a00cf965ff2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 23:16:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 2.1 kB IP 142.250.74.3:0
Hash fd823ae5fc92ecd2e07c2c90b617b9f3
40209f522f86b3dac014c9310938cb28afa7e154
be371187e7e1f4fd213f41af40bb66ae4c77e8ae75ab3e6dfec8f34e56b1c0ee
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 23:16:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
mitaku.net/ero-cosplay/usatame-yor-forger/
172.67.157.102200 OK 15 kB URL HTTP/2 mitaku.net/ero-cosplay/usatame-yor-forger/
IP 172.67.157.102:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8047), with CRLF, LF line terminators
Hash 9cfbaa935c3d5eb23d28b9fb6e9d9f7b
dcd10724ed508bb4408dd51e7901a623541919a9
d93c88fb993860c54162e742afd2b5ce16739e119583fe762e8ae12aa9053e5b
GET /ero-cosplay/usatame-yor-forger/ HTTP/1.1
Host: mitaku.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Thu, 24 Nov 2022 23:16:06 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding,Cookie
x-pingback: https://mitaku.net/xmlrpc.php
link: <https://mitaku.net/wp-json/>; rel="https://api.w.org/", <https://mitaku.net/wp-json/wp/v2/posts/113881>; rel="alternate"; type="application/json", <https://mitaku.net/?p=113881>; rel=shortlink
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v9DQSjQf0BtQjHmX3bUFXeTva44TWmTt%2BmhBcuhsboLpxyMk3hiShrfC2msHSIfKtCN3k2WCBwQp3UQ8HQGICSraTFsPR9%2BN%2BK8XySUYoJn9l%2FbMPFdwOT9QxLO6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f5d9afab47b4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
push.services.mozilla.com/
35.167.231.108101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.167.231.108:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: iEyv2yyovMBFFJs1ODUcrg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: G1KIdFadVDAM3+GcD+eN6QyhzfQ=
lcfooiqhro.com/solid.gif?z=1849638&abvar=0
62.122.171.6200 OK 13 kB URL HTTP/2 lcfooiqhro.com/solid.gif?z=1849638&abvar=0
IP 62.122.171.6:0
Hash 1b2b78b91c9bb87d2518a2b41f47f2ce
52cfa666032d82c6876cbe8dce8dfcff9f7e9d49
54f2c519b4d1060df22a4d7014a69f5eaeff879ab7df5adb3c84ef2778f0b49c
POST /solid.gif?z=1849638&abvar=0 HTTP/1.1
Host: lcfooiqhro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mitaku.net
Connection: keep-alive
Referer: https://mitaku.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 24 Nov 2022 23:16:07 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.tag.loaded
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 87de3dd2c7dce12b01a337d1554a222a
30e0bd68bbb78995aa8a0686ac02848fd5a7a699
533c21806ef66401ea5faeeb37366a33f19f0e9052b4fb06f22981ec73b21a59
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 23:16:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash aee1eaa2ef2d0edbb0bc5703979e6439
8baa6d1cdd85ce2c5b6e30bd7a60096eeafce4db
095cc1e6ce8241ba22f88cb66d752587909fea3dc66936a72c369ef74b3134f1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 23:16:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
216.58.207.195200 OK 17 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 16740, version 1.0\012- data
Hash e43b535855a4ae53bd5b07a6eeb3bf67
6507312d9491156036316484bf8dc41e8b52ddd9
b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681
GET /s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mitaku.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 16740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 21 Nov 2022 18:53:39 GMT
expires: Tue, 21 Nov 2023 18:53:39 GMT
cache-control: public, max-age=31536000
age: 274948
last-modified: Mon, 15 Aug 2022 18:14:44 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash aee1eaa2ef2d0edbb0bc5703979e6439
8baa6d1cdd85ce2c5b6e30bd7a60096eeafce4db
095cc1e6ce8241ba22f88cb66d752587909fea3dc66936a72c369ef74b3134f1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 23:16:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
216.58.207.195200 OK 49 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 216.58.207.195:0
Hash ccbccbb8a067672d4000258e7c76b0af
f0876b5bb4c6c2facc2b0956def21c87d6ab3dfb
d680b0d0d514617e0ba1263bb088613a55f3dcda8c46cc655f34f0f33035f47f
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mitaku.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Nov 2022 05:42:51 GMT
expires: Fri, 24 Nov 2023 05:42:51 GMT
cache-control: public, max-age=31536000
age: 63196
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash aee1eaa2ef2d0edbb0bc5703979e6439
8baa6d1cdd85ce2c5b6e30bd7a60096eeafce4db
095cc1e6ce8241ba22f88cb66d752587909fea3dc66936a72c369ef74b3134f1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 23:16:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 1.5 kB IP 142.250.74.3:0
Hash c9f1c1daa2b9d69d25534608818530f4
e62c4d0bdb06796d3888b50c20ebe69876cf6d99
9622bd4fd26787e72aca877d72884209c8a5fc34bdb28be4a08322cfd57f4f5e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 23:16:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=UA-119314669-1
142.250.74.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-119314669-1
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash e92a2919b4f43a7dce34a564b290ab56
b83c603d1f08868cc52e4b2d5b6fb81b598f7dbe
6ac5d0165f237a15512d26b612dc30cb361887ccca6f9f8a05cf0541cbcc2dc7
GET /gtag/js?id=UA-119314669-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mitaku.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 24 Nov 2022 23:16:07 GMT
expires: Thu, 24 Nov 2022 23:16:07 GMT
cache-control: private, max-age=900
last-modified: Thu, 24 Nov 2022 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43681
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash dd0dd96ca622aa07354fabdd0da767bf
a29eaa02a81dabed2c12be20a89d65a5a0417524
6a670e9031ec8c94bdc91c47a2d6a4ca2bd95fe032fec28888a8e6d7dc163cb4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 23:16:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
limurol.com/ssp/req/1849638/?pb=beefb696a6a7622e6fd6c7351547bdc91669338967&psp=suM5DabYjn7CA1hS9Y_jM64pfUNIR5lMbLWElJjjrqtIRi8Gqu6I_QDNgmBKyv-5RyXHUL-lp95sDj7iag_XXf96mlXhtiu5BM6QBBX8NNGlhBtZe275-3lQKTrwhPG2EgcenrZlvzpiyJUAxuSDcJ6jcdkM-DurrgLKEwkflRmwCRnAXvWlYWq228kHGyavLIHiGwd32YCBKFXy9SeEvpMILPIp5sV8vsqgthQ3FFAAl6U8SDE_rjajxnwtvJW-qkCGYuLbokKwk_LOTu1br2C_l_0UjauFJbA8GcBb1yy8K6tZo2D_VxNcskGUgk4s7R6F5ww3YsocEh4Bv4Owe7s4I7NrS6hptpTKM8GGqfMiUv6CBw-KP0NDfFUsJRchz0G_wYhgz08H2C5X4S9KELFpp1c7_qXJ5BS084DaTJp3_kRvY4-x-UnhdHaj1maVD70k8SGz6baaLDm220Dg_PMElFj5pdpYD1e3iq1Ds31TUTvsugcOHEbEj1kFR3i7iuJBCL1_RqkvEP3xcyMSrGrlFZoQjRpxniRNY2Ozof2g4lLuV1-oUmgjHLvf8oq6QPLY24rgNzCb67kaNP62ILOf&cb=_cllhhcuq8f59b22g554kmg&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24
62.122.171.6200 OK 93 B URL HTTP/2 limurol.com/ssp/req/1849638/?pb=beefb696a6a7622e6fd6c7351547bdc91669338967&psp=suM5DabYjn7CA1hS9Y_jM64pfUNIR5lMbLWElJjjrqtIRi8Gqu6I_QDNgmBKyv-5RyXHUL-lp95sDj7iag_XXf96mlXhtiu5BM6QBBX8NNGlhBtZe275-3lQKTrwhPG2EgcenrZlvzpiyJUAxuSDcJ6jcdkM-DurrgLKEwkflRmwCRnAXvWlYWq228kHGyavLIHiGwd32YCBKFXy9SeEvpMILPIp5sV8vsqgthQ3FFAAl6U8SDE_rjajxnwtvJW-qkCGYuLbokKwk_LOTu1br2C_l_0UjauFJbA8GcBb1yy8K6tZo2D_VxNcskGUgk4s7R6F5ww3YsocEh4Bv4Owe7s4I7NrS6hptpTKM8GGqfMiUv6CBw-KP0NDfFUsJRchz0G_wYhgz08H2C5X4S9KELFpp1c7_qXJ5BS084DaTJp3_kRvY4-x-UnhdHaj1maVD70k8SGz6baaLDm220Dg_PMElFj5pdpYD1e3iq1Ds31TUTvsugcOHEbEj1kFR3i7iuJBCL1_RqkvEP3xcyMSrGrlFZoQjRpxniRNY2Ozof2g4lLuV1-oUmgjHLvf8oq6QPLY24rgNzCb67kaNP62ILOf&cb=_cllhhcuq8f59b22g554kmg&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24
IP 62.122.171.6:0
Hash 09057ed5fc1495707f2e2710bf737697
863b259a95554ba6ec60991f833344e3ebd8787a
318eb72432b2547e8d8cf056929eb886c9ee48b79b8b81858f2b1d34336a4615
Analyzer Verdict Alert quad9 Sinkholed
GET /ssp/req/1849638/?pb=beefb696a6a7622e6fd6c7351547bdc91669338967&psp=suM5DabYjn7CA1hS9Y_jM64pfUNIR5lMbLWElJjjrqtIRi8Gqu6I_QDNgmBKyv-5RyXHUL-lp95sDj7iag_XXf96mlXhtiu5BM6QBBX8NNGlhBtZe275-3lQKTrwhPG2EgcenrZlvzpiyJUAxuSDcJ6jcdkM-DurrgLKEwkflRmwCRnAXvWlYWq228kHGyavLIHiGwd32YCBKFXy9SeEvpMILPIp5sV8vsqgthQ3FFAAl6U8SDE_rjajxnwtvJW-qkCGYuLbokKwk_LOTu1br2C_l_0UjauFJbA8GcBb1yy8K6tZo2D_VxNcskGUgk4s7R6F5ww3YsocEh4Bv4Owe7s4I7NrS6hptpTKM8GGqfMiUv6CBw-KP0NDfFUsJRchz0G_wYhgz08H2C5X4S9KELFpp1c7_qXJ5BS084DaTJp3_kRvY4-x-UnhdHaj1maVD70k8SGz6baaLDm220Dg_PMElFj5pdpYD1e3iq1Ds31TUTvsugcOHEbEj1kFR3i7iuJBCL1_RqkvEP3xcyMSrGrlFZoQjRpxniRNY2Ozof2g4lLuV1-oUmgjHLvf8oq6QPLY24rgNzCb67kaNP62ILOf&cb=_cllhhcuq8f59b22g554kmg&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24 HTTP/1.1
Host: limurol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mitaku.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 24 Nov 2022 23:16:07 GMT
content-type: text/javascript
content-length: 7
x-route-id: ssp.bet
set-cookie: UID=22112418164291eefb2e4146ec92eac61e18; Path=/; Expires=Fri, 24 Nov 2023 23:16:07 GMT; HttpOnly; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2712
Expires: Fri, 25 Nov 2022 00:01:19 GMT
Date: Thu, 24 Nov 2022 23:16:07 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2712
Expires: Fri, 25 Nov 2022 00:01:19 GMT
Date: Thu, 24 Nov 2022 23:16:07 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2712
Expires: Fri, 25 Nov 2022 00:01:19 GMT
Date: Thu, 24 Nov 2022 23:16:07 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2712
Expires: Fri, 25 Nov 2022 00:01:19 GMT
Date: Thu, 24 Nov 2022 23:16:07 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2712
Expires: Fri, 25 Nov 2022 00:01:19 GMT
Date: Thu, 24 Nov 2022 23:16:07 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4ba10698-9bc6-45a1-b97d-7209a0a31f7c.jpeg
34.120.237.76200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4ba10698-9bc6-45a1-b97d-7209a0a31f7c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7d0105e45becaf777227cac49e320321
d279a0b70061fe3d8268f1e69c515c0c4439dc80
ea9571213d9a57318cde036c108d4c973c627ce4cd225534ee246349ed4ba3a9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4ba10698-9bc6-45a1-b97d-7209a0a31f7c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5211
x-amzn-requestid: 706d0037-bbff-417a-9fa3-8ebbbf7b4df1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cIB8wFOToAMF12Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fe384-01b6908212b2ab9c5caa34a0;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:00 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: _FkuS0I2--xiqT4sOKa8ACg8BtI97R-bGe2UZ3o91wfqn_WgktspiQ==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 21:36:27 GMT
age: 5980
etag: "d279a0b70061fe3d8268f1e69c515c0c4439dc80"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3e55f70-58c6-4585-a420-ac74e1b8c6dd.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3e55f70-58c6-4585-a420-ac74e1b8c6dd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e2580ebded0a32ceecc3083ae1db2b37
2ec124224738807229328a3ade6ca493ccf4b287
010eeda33c923e2166851da1e131dcc21419d1f4f28995617ca93332ce4be08c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd3e55f70-58c6-4585-a420-ac74e1b8c6dd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10679
x-amzn-requestid: aec8d040-d4e6-4185-b71e-7c049617ebc5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b4J3VEM5IAMFtcg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637989c8-42b520ea3af2a2086ad416ad;Sampled=0
x-amzn-remapped-date: Sun, 20 Nov 2022 01:58:32 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: GkCprkFbPK6I-bo5k-rs37xaRDpqgUYbOydu2fd5-fTwqQ-d5lWlWw==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 05:15:46 GMT
age: 64821
etag: "2ec124224738807229328a3ade6ca493ccf4b287"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
34.120.237.76200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 841a4b110022a99ddea6f7bf66df0fa1
126771b86638108050cf57c0d12faa27f80f0edb
240fbffc1f9104433297d3ff7afba2d0b58d7f1b13d9a9260a1bad25216665db
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4309
x-amzn-requestid: a22b4d7e-e208-4bda-81c2-d13e6463380e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: blE0hGNioAMF_Tg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6371e81c-1b13846866f56a0e47675e56;Sampled=0
x-amzn-remapped-date: Mon, 14 Nov 2022 07:02:52 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 0sYKpJWi2Tv9Atz3PYXm5j7kmncAOxjcLcK4hgAkJ5b4pNMDmjdB6g==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 07:14:07 GMT
age: 57720
etag: "126771b86638108050cf57c0d12faa27f80f0edb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3ad933c0-8cbe-40eb-920c-38b8ae531c9f.jpeg
34.120.237.76200 OK 7.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3ad933c0-8cbe-40eb-920c-38b8ae531c9f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d43ec6824d4fdc4d31b8c245bf8c5849
81f85633fca39972d8e0bf9a4ec7cd999e54564f
b0e521b23879af86102f46a9ec412faf6345df31a97a7b58880f63f81fdcd0c6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3ad933c0-8cbe-40eb-920c-38b8ae531c9f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7900
x-amzn-requestid: a9d184b1-3b4a-4ca6-9ad2-ce3aac10f422
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cIB91H2IIAMFjGw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fe38b-5732361f36c023c22c922ee9;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:07 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: nVe_gcpscsmf4QGPseIR2poHwzxp_mfWODrAz8Oy0ePkMgnIREhCag==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 21:35:07 GMT
etag: "81f85633fca39972d8e0bf9a4ec7cd999e54564f"
content-type: image/jpeg
age: 6060
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e6e0ab1-c4cf-40e6-973b-bb3db1a860e8.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e6e0ab1-c4cf-40e6-973b-bb3db1a860e8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c6b9b5ebc32235ed8f3e15df013963f0
46ee95ebee3d60f64d2b7f568673b13ea27a42a3
4fdf6f239f6931442d93a00acd8af1f5192f77143885945c27e137ef3683338e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e6e0ab1-c4cf-40e6-973b-bb3db1a860e8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11586
x-amzn-requestid: df9d2675-0615-4993-83ab-87cdac30c05f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b8JyoGElIAMFh-g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637b2343-315ac9210f212c9134ffa103;Sampled=0
x-amzn-remapped-date: Mon, 21 Nov 2022 07:05:39 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: snfgherDVfBenP9XouMzFtaWfXLh4TeiwDmEb0hQh5L9Ww57Hkxl3g==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 548adcda884eed02304ba5d6a1d7f514.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 22:30:43 GMT
age: 2724
etag: "46ee95ebee3d60f64d2b7f568673b13ea27a42a3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44e0daff-bc52-4621-aa2f-d9c59da29c1c.jpeg
34.120.237.76200 OK 4.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44e0daff-bc52-4621-aa2f-d9c59da29c1c.jpeg
IP 34.120.237.76:0
Hash 91941c850798dbd5a506652ee784390c
28800170d1dcb78c58dc86af7d914b44bb3fde9e
2c857ecd3e040be57b56477fb873fc623840b506bdf9de9d0eca568170979aef
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44e0daff-bc52-4621-aa2f-d9c59da29c1c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3955
x-amzn-requestid: 42c8d309-a8d2-47cc-8d97-c7fa3a63f8cd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCM9NGJHoAMF4sQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637d8eba-2a06cda9346bd02c46955444;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 03:08:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 5MlzpHpq7auKLSAYikINuPAylXI11VJL3xxIJ9Dyub-7rjQaPfg0WQ==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 03:27:30 GMT
age: 71317
etag: "74cb2ccd6ae38b171bfbe5a74f0eccb09aa3836b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
limurol.com/ssp/req/1849638/?pb=beefb696a6a7622e6fd6c7351547bdc91669338967&psp=suM5DabYjn7CA1hS9Y_jM64pfUNIR5lMbLWElJjjrqtIRi8Gqu6I_QDNgmBKyv-5RyXHUL-lp95sDj7iag_XXf96mlXhtiu5BM6QBBX8NNGlhBtZe275-3lQKTrwhPG2EgcenrZlvzpiyJUAxuSDcJ6jcdkM-DurrgLKEwkflRmwCRnAXvWlYWq228kHGyavLIHiGwd32YCBKFXy9SeEvpMILPIp5sV8vsqgthQ3FFAAl6U8SDE_rjajxnwtvJW-qkCGYuLbokKwk_LOTu1br2C_l_0UjauFJbA8GcBb1yy8K6tZo2D_VxNcskGUgk4s7R6F5ww3YsocEh4Bv4Owe7s4I7NrS6hptpTKM8GGqfMiUv6CBw-KP0NDfFUsJRchz0G_wYhgz08H2C5X4S9KELFpp1c7_qXJ5BS084DaTJp3_kRvY4-x-UnhdHaj1maVD70k8SGz6baaLDm220Dg_PMElFj5pdpYD1e3iq1Ds31TUTvsugcOHEbEj1kFR3i7iuJBCL1_RqkvEP3xcyMSrGrlFZoQjRpxniRNY2Ozof2g4lLuV1-oUmgjHLvf8oq6QPLY24rgNzCb67kaNP62ILOf&cb=_cllhhcuq8f59b22g554kmg&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24
62.122.171.6200 OK 7 B URL HTTP/2 limurol.com/ssp/req/1849638/?pb=beefb696a6a7622e6fd6c7351547bdc91669338967&psp=suM5DabYjn7CA1hS9Y_jM64pfUNIR5lMbLWElJjjrqtIRi8Gqu6I_QDNgmBKyv-5RyXHUL-lp95sDj7iag_XXf96mlXhtiu5BM6QBBX8NNGlhBtZe275-3lQKTrwhPG2EgcenrZlvzpiyJUAxuSDcJ6jcdkM-DurrgLKEwkflRmwCRnAXvWlYWq228kHGyavLIHiGwd32YCBKFXy9SeEvpMILPIp5sV8vsqgthQ3FFAAl6U8SDE_rjajxnwtvJW-qkCGYuLbokKwk_LOTu1br2C_l_0UjauFJbA8GcBb1yy8K6tZo2D_VxNcskGUgk4s7R6F5ww3YsocEh4Bv4Owe7s4I7NrS6hptpTKM8GGqfMiUv6CBw-KP0NDfFUsJRchz0G_wYhgz08H2C5X4S9KELFpp1c7_qXJ5BS084DaTJp3_kRvY4-x-UnhdHaj1maVD70k8SGz6baaLDm220Dg_PMElFj5pdpYD1e3iq1Ds31TUTvsugcOHEbEj1kFR3i7iuJBCL1_RqkvEP3xcyMSrGrlFZoQjRpxniRNY2Ozof2g4lLuV1-oUmgjHLvf8oq6QPLY24rgNzCb67kaNP62ILOf&cb=_cllhhcuq8f59b22g554kmg&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24
IP 62.122.171.6:0
File type ASCII text, with no line terminators
Hash a97eb6fbe6f13b601d5d48c0eba8baae
736efb938caf3d0edec406932ada889f1a4f2268
a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821
Analyzer Verdict Alert quad9 Sinkholed
GET /ssp/req/1849638/?pb=beefb696a6a7622e6fd6c7351547bdc91669338967&psp=suM5DabYjn7CA1hS9Y_jM64pfUNIR5lMbLWElJjjrqtIRi8Gqu6I_QDNgmBKyv-5RyXHUL-lp95sDj7iag_XXf96mlXhtiu5BM6QBBX8NNGlhBtZe275-3lQKTrwhPG2EgcenrZlvzpiyJUAxuSDcJ6jcdkM-DurrgLKEwkflRmwCRnAXvWlYWq228kHGyavLIHiGwd32YCBKFXy9SeEvpMILPIp5sV8vsqgthQ3FFAAl6U8SDE_rjajxnwtvJW-qkCGYuLbokKwk_LOTu1br2C_l_0UjauFJbA8GcBb1yy8K6tZo2D_VxNcskGUgk4s7R6F5ww3YsocEh4Bv4Owe7s4I7NrS6hptpTKM8GGqfMiUv6CBw-KP0NDfFUsJRchz0G_wYhgz08H2C5X4S9KELFpp1c7_qXJ5BS084DaTJp3_kRvY4-x-UnhdHaj1maVD70k8SGz6baaLDm220Dg_PMElFj5pdpYD1e3iq1Ds31TUTvsugcOHEbEj1kFR3i7iuJBCL1_RqkvEP3xcyMSrGrlFZoQjRpxniRNY2Ozof2g4lLuV1-oUmgjHLvf8oq6QPLY24rgNzCb67kaNP62ILOf&cb=_cllhhcuq8f59b22g554kmg&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24 HTTP/1.1
Host: limurol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mitaku.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 24 Nov 2022 23:16:07 GMT
content-type: text/javascript
content-length: 7
x-route-id: ssp.bet
set-cookie: UID=2211241816d572fd952b38433ea4c092d0a9; Path=/; Expires=Fri, 24 Nov 2023 23:16:07 GMT; HttpOnly; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
limurol.com/ssp/req/1849638/?pb=beefb696a6a7622e6fd6c7351547bdc91669338967&psp=suM5DabYjn7CA1hS9Y_jM64pfUNIR5lMbLWElJjjrqtIRi8Gqu6I_QDNgmBKyv-5RyXHUL-lp95sDj7iag_XXf96mlXhtiu5BM6QBBX8NNGlhBtZe275-3lQKTrwhPG2EgcenrZlvzpiyJUAxuSDcJ6jcdkM-DurrgLKEwkflRmwCRnAXvWlYWq228kHGyavLIHiGwd32YCBKFXy9SeEvpMILPIp5sV8vsqgthQ3FFAAl6U8SDE_rjajxnwtvJW-qkCGYuLbokKwk_LOTu1br2C_l_0UjauFJbA8GcBb1yy8K6tZo2D_VxNcskGUgk4s7R6F5ww3YsocEh4Bv4Owe7s4I7NrS6hptpTKM8GGqfMiUv6CBw-KP0NDfFUsJRchz0G_wYhgz08H2C5X4S9KELFpp1c7_qXJ5BS084DaTJp3_kRvY4-x-UnhdHaj1maVD70k8SGz6baaLDm220Dg_PMElFj5pdpYD1e3iq1Ds31TUTvsugcOHEbEj1kFR3i7iuJBCL1_RqkvEP3xcyMSrGrlFZoQjRpxniRNY2Ozof2g4lLuV1-oUmgjHLvf8oq6QPLY24rgNzCb67kaNP62ILOf&cb=_cllhhcuq8f59b22g554kmg&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24
62.122.171.6200 OK 7 B URL HTTP/2 limurol.com/ssp/req/1849638/?pb=beefb696a6a7622e6fd6c7351547bdc91669338967&psp=suM5DabYjn7CA1hS9Y_jM64pfUNIR5lMbLWElJjjrqtIRi8Gqu6I_QDNgmBKyv-5RyXHUL-lp95sDj7iag_XXf96mlXhtiu5BM6QBBX8NNGlhBtZe275-3lQKTrwhPG2EgcenrZlvzpiyJUAxuSDcJ6jcdkM-DurrgLKEwkflRmwCRnAXvWlYWq228kHGyavLIHiGwd32YCBKFXy9SeEvpMILPIp5sV8vsqgthQ3FFAAl6U8SDE_rjajxnwtvJW-qkCGYuLbokKwk_LOTu1br2C_l_0UjauFJbA8GcBb1yy8K6tZo2D_VxNcskGUgk4s7R6F5ww3YsocEh4Bv4Owe7s4I7NrS6hptpTKM8GGqfMiUv6CBw-KP0NDfFUsJRchz0G_wYhgz08H2C5X4S9KELFpp1c7_qXJ5BS084DaTJp3_kRvY4-x-UnhdHaj1maVD70k8SGz6baaLDm220Dg_PMElFj5pdpYD1e3iq1Ds31TUTvsugcOHEbEj1kFR3i7iuJBCL1_RqkvEP3xcyMSrGrlFZoQjRpxniRNY2Ozof2g4lLuV1-oUmgjHLvf8oq6QPLY24rgNzCb67kaNP62ILOf&cb=_cllhhcuq8f59b22g554kmg&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24
IP 62.122.171.6:0
File type ASCII text, with no line terminators
Hash a97eb6fbe6f13b601d5d48c0eba8baae
736efb938caf3d0edec406932ada889f1a4f2268
a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821
Analyzer Verdict Alert quad9 Sinkholed
GET /ssp/req/1849638/?pb=beefb696a6a7622e6fd6c7351547bdc91669338967&psp=suM5DabYjn7CA1hS9Y_jM64pfUNIR5lMbLWElJjjrqtIRi8Gqu6I_QDNgmBKyv-5RyXHUL-lp95sDj7iag_XXf96mlXhtiu5BM6QBBX8NNGlhBtZe275-3lQKTrwhPG2EgcenrZlvzpiyJUAxuSDcJ6jcdkM-DurrgLKEwkflRmwCRnAXvWlYWq228kHGyavLIHiGwd32YCBKFXy9SeEvpMILPIp5sV8vsqgthQ3FFAAl6U8SDE_rjajxnwtvJW-qkCGYuLbokKwk_LOTu1br2C_l_0UjauFJbA8GcBb1yy8K6tZo2D_VxNcskGUgk4s7R6F5ww3YsocEh4Bv4Owe7s4I7NrS6hptpTKM8GGqfMiUv6CBw-KP0NDfFUsJRchz0G_wYhgz08H2C5X4S9KELFpp1c7_qXJ5BS084DaTJp3_kRvY4-x-UnhdHaj1maVD70k8SGz6baaLDm220Dg_PMElFj5pdpYD1e3iq1Ds31TUTvsugcOHEbEj1kFR3i7iuJBCL1_RqkvEP3xcyMSrGrlFZoQjRpxniRNY2Ozof2g4lLuV1-oUmgjHLvf8oq6QPLY24rgNzCb67kaNP62ILOf&cb=_cllhhcuq8f59b22g554kmg&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24 HTTP/1.1
Host: limurol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mitaku.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 24 Nov 2022 23:16:07 GMT
content-type: text/javascript
content-length: 7
x-route-id: ssp.bet
set-cookie: UID=221124181668062dfd6c8a4283aef556d77a; Path=/; Expires=Fri, 24 Nov 2023 23:16:07 GMT; HttpOnly; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9cbb9682225158c7b8b3f98b3e7ded6f
09cb5ba89d26edaa40e8efb7a4f3b9994bac3b1e
fac820b336a28c709f85308a72f1faca55dd44ad0b14a25eabf5126c47f6ddee
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FAC820B336A28C709F85308A72F1FACA55DD44AD0B14A25EABF5126C47F6DDEE"
Last-Modified: Wed, 23 Nov 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=793
Expires: Thu, 24 Nov 2022 23:29:21 GMT
Date: Thu, 24 Nov 2022 23:16:08 GMT
Connection: keep-alive
adventurouscomprehendhold.com/05/fb/bf/05fbbfa8471e61852a3df8bcfde7950c.js
192.243.61.225200 OK 13 kB URL HTTP/1.1 adventurouscomprehendhold.com/05/fb/bf/05fbbfa8471e61852a3df8bcfde7950c.js
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with very long lines (37132), with no line terminators
Hash f9c69c9c457770f0f3c3248646f52abc
9d2b0c951a90d414678cd2625d70530105754dc7
c0f25a81fd23b47fcd10b41da3178261ec6386240cdc192bdb6fe62f16e16e37
GET /05/fb/bf/05fbbfa8471e61852a3df8bcfde7950c.js HTTP/1.1
Host: adventurouscomprehendhold.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mitaku.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Thu, 24 Nov 2022 23:16:08 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 838a97b0de52f284743fa8e73215b1d4
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
e1.o.lencr.org/
23.36.76.226200 OK 11 kB IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash da611a8d9cef79232ff4462368af4e83
0a9993450d699d1e142b2bbebe97810fd09930b4
f3f978f367cc063b2b8748fa6e44f2223f5b463489745603c668e54b702b7183
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "3D745FBF6D7563DEEAC08EC38DE8DB388536FF113A89FD20E8E51D9FD6F200D1"
Last-Modified: Tue, 22 Nov 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2775
Expires: Fri, 25 Nov 2022 00:02:23 GMT
Date: Thu, 24 Nov 2022 23:16:08 GMT
Connection: keep-alive
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash 5348b4ee74a9c894db836c2b61cc7086
9a65195ea94f2f7326007ad86ca1675010f4c00e
d2c786795613bca9a9bee9143dc278307b828a07b40880cfa20e087895aa359a
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 24 Nov 2022 23:16:08 GMT
Last-Modified: Thu, 24 Nov 2022 23:07:55 GMT
Server: ECS (dcb/7F39)
X-Cache: Miss from cloudfront
Via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 7eO6T2hF1dX78FaSdEXpS8RAgSU9WsyopYLAphzKhnGQikzceVglOw==
Age: 493
simplewebanalysis.com/stats
52.28.211.11200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 52.28.211.11:0
File type ASCII text, with no line terminators
Hash 417e76a58f55002d4d04ba954f4c5d3c
91421fb483f5d29fe84df06b4270e2705bbf5c7d
a95319b50dd64d3e280e4a7a82c9d3d7a377e6af723abf040e7f46b0fb92a7b0
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mitaku.net
Connection: keep-alive
Referer: https://mitaku.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 23:16:08 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://mitaku.net
access-control-allow-credentials: true
set-cookie: uid_id2=715c74a9-5c44-4550-a559-764e4384d24f:1:1; expires=Sun, 21 Nov 2032 23:16:08 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash daedbf6ef8bc447ac2d08a42d4c4bf9f
2864128c9304bd42925932eda5b14ab62f805081
3d745fbf6d7563deeac08ec38de8db388536ff113a89fd20e8e51d9fd6f200d1
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "3D745FBF6D7563DEEAC08EC38DE8DB388536FF113A89FD20E8E51D9FD6F200D1"
Last-Modified: Tue, 22 Nov 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2775
Expires: Fri, 25 Nov 2022 00:02:23 GMT
Date: Thu, 24 Nov 2022 23:16:08 GMT
Connection: keep-alive
https-mitaku-net.disqus.com/count.js
151.101.84.134200 OK 871 B URL HTTP/1.1 https-mitaku-net.disqus.com/count.js
IP 151.101.84.134:0
File type ASCII text, with very long lines (528)
Hash a487039f9b553cb4f6928743872234e9
b3d835075d1983a8c2fe716285d173fcc3708f9c
364f622ba24e063adcee84f132da53c6e6071745f04a00d10937663deb24b822
GET /count.js HTTP/1.1
Host: https-mitaku-net.disqus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mitaku.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 871
Content-Type: application/javascript; charset=utf-8
Server: nginx
Last-Modified: Thu, 17 Nov 2022 15:05:16 GMT
ETag: "63764dac-367"
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Amz-Cf-Pop: DFW3-C1
X-Amz-Cf-Id: LWfy2FfEi2ZtlA-I5s7kYZRPm5MqV4W-F6U8t8L2xaTF9u8dIrU2gg==
Cache-Control: public, max-age=300
Date: Thu, 24 Nov 2022 23:16:08 GMT
Age: 163
Vary: Accept-Encoding
Strict-Transport-Security: max-age=300; includeSubdomains
Cross-Origin-Resource-Policy: cross-origin
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9dd99424d7fdef2ba07ed2df5e93e5ba
8cbad8b675aa34acf63f8244d9a35c4fe7a6e960
fb2c1e21824f9e5486f33c27233d69216011008c7055f590f2a5c8dcea468d47
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FB2C1E21824F9E5486F33C27233D69216011008C7055F590F2A5C8DCEA468D47"
Last-Modified: Thu, 24 Nov 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17309
Expires: Fri, 25 Nov 2022 04:04:39 GMT
Date: Thu, 24 Nov 2022 23:16:10 GMT
Connection: keep-alive
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mitaku.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Thu, 24 Nov 2022 22:41:08 GMT
expires: Fri, 25 Nov 2022 00:41:08 GMT
cache-control: public, max-age=7200
age: 2102
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
undefined.disqus.com/count-data.js?1=113881%20https%3A%2F%2Fmitaku.net%2F%3Fp%3D113881&1=24551%20https%3A%2F%2Fmitaku.net%2F%3Fp%3D24551&1=87473%20https%3A%2F%2Fmitaku.net%2F%3Fp%3D87473&1=8986%20https%3A%2F%2Fmitaku.net%2F%3Fp%3D8986
151.101.84.134200 OK 211 B URL HTTP/1.1 undefined.disqus.com/count-data.js?1=113881%20https%3A%2F%2Fmitaku.net%2F%3Fp%3D113881&1=24551%20https%3A%2F%2Fmitaku.net%2F%3Fp%3D24551&1=87473%20https%3A%2F%2Fmitaku.net%2F%3Fp%3D87473&1=8986%20https%3A%2F%2Fmitaku.net%2F%3Fp%3D8986
IP 151.101.84.134:0
Hash c3d6a758ab2f4f3335ee16aa5a232163
8f7a9244305d6fe4beafdbcac83185ef58690dfd
03b52231b1e57a823ab43deb8b981ffe0a9cd146898a7374c2bc6437748ebc78
GET /count-data.js?1=113881%20https%3A%2F%2Fmitaku.net%2F%3Fp%3D113881&1=24551%20https%3A%2F%2Fmitaku.net%2F%3Fp%3D24551&1=87473%20https%3A%2F%2Fmitaku.net%2F%3Fp%3D87473&1=8986%20https%3A%2F%2Fmitaku.net%2F%3Fp%3D8986 HTTP/1.1
Host: undefined.disqus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mitaku.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 211
Server: nginx
Content-Type: application/javascript; charset=UTF-8
X-Frame-Options: SAMEORIGIN
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=600
Date: Thu, 24 Nov 2022 23:16:10 GMT
Age: 20
Vary: Accept-Encoding
Strict-Transport-Security: max-age=300; includeSubdomains
Cross-Origin-Resource-Policy: cross-origin
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 6.8 kB IP 142.250.74.3:0
Hash 68e8c373c2d5abbae5c03adfdf87c375
512ddf146147570fb78aefcba0bf414a5eb111ec
f5c1245e47d9a687e82705b32b64762bfc3707666f19d87988d8b0dc8be568a3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 23:16:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-119314669-1&cid=1203956610.1669331770&jid=728715886&gjid=1039997999&_gid=1866113433.1669331770&_u=YEBAAUAAAAAAACAAI~&z=1229328631
142.250.150.155200 OK 1 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-119314669-1&cid=1203956610.1669331770&jid=728715886&gjid=1039997999&_gid=1866113433.1669331770&_u=YEBAAUAAAAAAACAAI~&z=1229328631
IP 142.250.150.155:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-119314669-1&cid=1203956610.1669331770&jid=728715886&gjid=1039997999&_gid=1866113433.1669331770&_u=YEBAAUAAAAAAACAAI~&z=1229328631 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://mitaku.net
Connection: keep-alive
Referer: https://mitaku.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://mitaku.net
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 24 Nov 2022 23:16:10 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash f86429279e19a89ba7fae87ba2406b4e
abfa5369a7feb4dfebf13f5eb902c3e860976238
76d03c181e150e7e3a61bfa8489231999fb562f6cb0b382c456b9a37da1106a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 23:16:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
parkingridiculous.com/sbar.json?key=05fbbfa8471e61852a3df8bcfde7950c&uuid=715c74a9-5c44-4550-a559-764e4384d24f%3A1%3A1
192.243.59.12200 OK 3.4 kB URL HTTP/1.1 parkingridiculous.com/sbar.json?key=05fbbfa8471e61852a3df8bcfde7950c&uuid=715c74a9-5c44-4550-a559-764e4384d24f%3A1%3A1
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type JSON data\012- , ASCII text, with very long lines (6078), with no line terminators
Hash c104017808e4332417648282960aeb58
42bf1424dbd73bf01d57bae23cf4fbd10737fce0
9e7fa259451d6c42b215988fdbea49a4a035d135e27081e1b3902a3e25907dd6
Analyzer Verdict Alert quad9 Sinkholed
GET /sbar.json?key=05fbbfa8471e61852a3df8bcfde7950c&uuid=715c74a9-5c44-4550-a559-764e4384d24f%3A1%3A1 HTTP/1.1
Host: parkingridiculous.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mitaku.net
Connection: keep-alive
Referer: https://mitaku.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Thu, 24 Nov 2022 23:16:10 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://mitaku.net
Access-Control-Allow-Origin: https://mitaku.net
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=16689414; expires=Fri, 25 Nov 2022 23:16:10 GMT; secure; SameSite=None
uid_id2=715c74a9-5c44-4550-a559-764e4384d24f:1:1; expires=Thu, 01 Dec 2022 23:16:10 GMT; secure; SameSite=None
pdhtkv=true; expires=Fri, 25 Nov 2022 23:16:10 GMT; secure; SameSite=None
uncs=1; expires=Fri, 25 Nov 2022 23:16:10 GMT; secure; SameSite=None
pdhtkv29=true; expires=Fri, 25 Nov 2022 23:16:10 GMT; secure; SameSite=None
uncs29=1; expires=Fri, 25 Nov 2022 23:16:10 GMT; secure; SameSite=None
slec05fbbfa8471e61852a3df8bcfde7950c=[3789940]; expires=Thu, 24 Nov 2022 23:16:15 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 876ab34fd307fde2962dc393a8680a21
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 1.2 kB IP 93.184.220.29:0
Hash f10b101c0f5d810ff98e3d33e2640d8e
6ed53cb0b929c34ea506106db550a135f422bb5a
ed8e1c27e674151fd007613c974bb4fa0fadd8d2948b4ea357afee7e2c480292
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3708
Cache-Control: max-age=159054
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 23:16:10 GMT
Etag: "637fb70c-117"
Expires: Sat, 26 Nov 2022 19:27:04 GMT
Last-Modified: Thu, 24 Nov 2022 18:25:16 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 279
parkingridiculous.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRitTlYPelERREGZQw4K7mz3TPfOTHJYjDESjNkliezV6qrq2XKqu5qq7unZ9eBiIOzBw3jy18HeN7tZEoOYP0Ajs3qQkUBGQRbJ%2FgkiBnMRRGZ2YPGDqu%2Breu%2Fw3qu6vp0fEhc5PVh5W29IpehCUHUrL6%2FKhOvCVi5drXhu1T1TWZXJon%2Bm0ptspnvac4Oq%2B0rlTcE6eqHmeq7ruV7lvDQi0r2FKQqZ3m551ZZb9WtVL%2FDRM%2F8%2F29yBpQ5495A8A8nHj639dAeSDZHE35wTtpPp9NU34lzRTBt0%2Bd47SSfRRYL4eIyMgyjZm7Gh7ZiQT09AJ3szB9DdnYkDhHJMnN88hMneTCbC7u6R0lBBJAj5kyi6Qwg1hKRDMH0Nkt8nAOO4tIwkvnFJm4KuH6F0go7J3KOHkMWYzD14Fkn89Vkle5UrWuWZ1IlFLyohe0PI9hBpvo9sw4Es9sGyDyH5PbLw6CKSeGfZKg3JD041vIA1fNqaD5jvz%2FtB4M7TIGjNNxZ94debPq%2F50TQiKYeQ0RBK9EGtg3yypIM8cpCnDmJ%2BUKFBK3LdRhRG9XrTZ4zV64wFzUUe8LrfjFzkbOKhjyztg6k%2BmNlEajbRkX2Y%2FHvYtRKWO7AZQZeXKARBYQkKSlBIgiIjKLrlLle2ZssbXNk89Ga9Nuv1cqCz9jbd1VlbJGQ7PSRPT4P79%2Bbj6IiDihtEYRjRpt%2FwxKLXDGq0zqNmyCIuGq3AZbCyhLQnpjY35Jg8d%2FILpHJM5tJ7COk%2BrNoHk0%2BB5i%2BCFoNGzQVdG%2FhNFxvJrVhmtJNXE5GB6xJpNods3dlWh%2BT5qYrWrxkEGy39%2FdmkPgczJVJT4j35A0FbbQ0u64LsXNaFJXeW00zGcoNOnvZKRjMxd%2BstsV5owy%2Bcs%2F2br7EJMBlvXxU2u0gTLpO2JV%2BdlZwLc14bJsi3F%2ByqCFdyu3Y2N0meXlx5%2FfyFODXCWqmTIai8%2F%2B5dMDkmT8TXp5%2F2pd%2B3IM0QJi8R5yMyK0i9D5ZuwqajpT9OPVh44cvvYDWBUcecMHVQ5OXA1MLjSyXHpPbwRygxWvqEjn7%2B66P3QcMSVhzHEIrR3T%2BP%2BNt2C23jgGbXkMQluqZEV5Wgqg%2BbnxxkqRkt%2FVKfFkLlDEJlnJ1QGfXxUbxWHlREELmRcGsijFph1KAub0V%2BK6QtTzTCgHrI7Jh98M%2Fp%2FwAAAP%2F%2FAQAA%2F%2F8zKamzkAQAAA%3D%3D
192.243.59.12200 OK 7 B URL HTTP/1.1 parkingridiculous.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRitTlYPelERREGZQw4K7mz3TPfOTHJYjDESjNkliezV6qrq2XKqu5qq7unZ9eBiIOzBw3jy18HeN7tZEoOYP0Ajs3qQkUBGQRbJ%2FgkiBnMRRGZ2YPGDqu%2Breu%2Fw3qu6vp0fEhc5PVh5W29IpehCUHUrL6%2FKhOvCVi5drXhu1T1TWZXJon%2Bm0ptspnvac4Oq%2B0rlTcE6eqHmeq7ruV7lvDQi0r2FKQqZ3m551ZZb9WtVL%2FDRM%2F8%2F29yBpQ5495A8A8nHj639dAeSDZHE35wTtpPp9NU34lzRTBt0%2Bd47SSfRRYL4eIyMgyjZm7Gh7ZiQT09AJ3szB9DdnYkDhHJMnN88hMneTCbC7u6R0lBBJAj5kyi6Qwg1hKRDMH0Nkt8nAOO4tIwkvnFJm4KuH6F0go7J3KOHkMWYzD14Fkn89Vkle5UrWuWZ1IlFLyohe0PI9hBpvo9sw4Es9sGyDyH5PbLw6CKSeGfZKg3JD041vIA1fNqaD5jvz%2FtB4M7TIGjNNxZ94debPq%2F50TQiKYeQ0RBK9EGtg3yypIM8cpCnDmJ%2BUKFBK3LdRhRG9XrTZ4zV64wFzUUe8LrfjFzkbOKhjyztg6k%2BmNlEajbRkX2Y%2FHvYtRKWO7AZQZeXKARBYQkKSlBIgiIjKLrlLle2ZssbXNk89Ga9Nuv1cqCz9jbd1VlbJGQ7PSRPT4P79%2Bbj6IiDihtEYRjRpt%2FwxKLXDGq0zqNmyCIuGq3AZbCyhLQnpjY35Jg8d%2FILpHJM5tJ7COk%2BrNoHk0%2BB5i%2BCFoNGzQVdG%2FhNFxvJrVhmtJNXE5GB6xJpNods3dlWh%2BT5qYrWrxkEGy39%2FdmkPgczJVJT4j35A0FbbQ0u64LsXNaFJXeW00zGcoNOnvZKRjMxd%2BstsV5owy%2Bcs%2F2br7EJMBlvXxU2u0gTLpO2JV%2BdlZwLc14bJsi3F%2ByqCFdyu3Y2N0meXlx5%2FfyFODXCWqmTIai8%2F%2B5dMDkmT8TXp5%2F2pd%2B3IM0QJi8R5yMyK0i9D5ZuwqajpT9OPVh44cvvYDWBUcecMHVQ5OXA1MLjSyXHpPbwRygxWvqEjn7%2B66P3QcMSVhzHEIrR3T%2BP%2BNt2C23jgGbXkMQluqZEV5Wgqg%2BbnxxkqRkt%2FVKfFkLlDEJlnJ1QGfXxUbxWHlREELmRcGsijFph1KAub0V%2BK6QtTzTCgHrI7Jh98M%2Fp%2FwAAAP%2F%2FAQAA%2F%2F8zKamzkAQAAA%3D%3D
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRitTlYPelERREGZQw4K7mz3TPfOTHJYjDESjNkliezV6qrq2XKqu5qq7unZ9eBiIOzBw3jy18HeN7tZEoOYP0Ajs3qQkUBGQRbJ%2FgkiBnMRRGZ2YPGDqu%2Breu%2Fw3qu6vp0fEhc5PVh5W29IpehCUHUrL6%2FKhOvCVi5drXhu1T1TWZXJon%2Bm0ptspnvac4Oq%2B0rlTcE6eqHmeq7ruV7lvDQi0r2FKQqZ3m551ZZb9WtVL%2FDRM%2F8%2F29yBpQ5495A8A8nHj639dAeSDZHE35wTtpPp9NU34lzRTBt0%2Bd47SSfRRYL4eIyMgyjZm7Gh7ZiQT09AJ3szB9DdnYkDhHJMnN88hMneTCbC7u6R0lBBJAj5kyi6Qwg1hKRDMH0Nkt8nAOO4tIwkvnFJm4KuH6F0go7J3KOHkMWYzD14Fkn89Vkle5UrWuWZ1IlFLyohe0PI9hBpvo9sw4Es9sGyDyH5PbLw6CKSeGfZKg3JD041vIA1fNqaD5jvz%2FtB4M7TIGjNNxZ94debPq%2F50TQiKYeQ0RBK9EGtg3yypIM8cpCnDmJ%2BUKFBK3LdRhRG9XrTZ4zV64wFzUUe8LrfjFzkbOKhjyztg6k%2BmNlEajbRkX2Y%2FHvYtRKWO7AZQZeXKARBYQkKSlBIgiIjKLrlLle2ZssbXNk89Ga9Nuv1cqCz9jbd1VlbJGQ7PSRPT4P79%2Bbj6IiDihtEYRjRpt%2FwxKLXDGq0zqNmyCIuGq3AZbCyhLQnpjY35Jg8d%2FILpHJM5tJ7COk%2BrNoHk0%2BB5i%2BCFoNGzQVdG%2FhNFxvJrVhmtJNXE5GB6xJpNods3dlWh%2BT5qYrWrxkEGy39%2FdmkPgczJVJT4j35A0FbbQ0u64LsXNaFJXeW00zGcoNOnvZKRjMxd%2BstsV5owy%2Bcs%2F2br7EJMBlvXxU2u0gTLpO2JV%2BdlZwLc14bJsi3F%2ByqCFdyu3Y2N0meXlx5%2FfyFODXCWqmTIai8%2F%2B5dMDkmT8TXp5%2F2pd%2B3IM0QJi8R5yMyK0i9D5ZuwqajpT9OPVh44cvvYDWBUcecMHVQ5OXA1MLjSyXHpPbwRygxWvqEjn7%2B66P3QcMSVhzHEIrR3T%2BP%2BNt2C23jgGbXkMQluqZEV5Wgqg%2BbnxxkqRkt%2FVKfFkLlDEJlnJ1QGfXxUbxWHlREELmRcGsijFph1KAub0V%2BK6QtTzTCgHrI7Jh98M%2Fp%2FwAAAP%2F%2FAQAA%2F%2F8zKamzkAQAAA%3D%3D HTTP/1.1
Host: parkingridiculous.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mitaku.net/
Cookie: u_pl=16689414; uid_id2=715c74a9-5c44-4550-a559-764e4384d24f:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec05fbbfa8471e61852a3df8bcfde7950c=[3789940]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Thu, 24 Nov 2022 23:16:10 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 6021b0140d9bfa94dba95689cf94db81
Strict-Transport-Security: max-age=0; includeSubdomains
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 666f0822fa3b2bd37642dc6f1f9b95ea
b082ce304fa32d1afd9eee2c00c4d751d444f730
ea0fd5b59bc464c03f64e107247d245f8b9e65b5ad6593400952e0f978ba5251
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "EA0FD5B59BC464C03F64E107247D245F8B9E65B5AD6593400952E0F978BA5251"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11408
Expires: Fri, 25 Nov 2022 02:26:19 GMT
Date: Thu, 24 Nov 2022 23:16:11 GMT
Connection: keep-alive
parkingridiculous.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.yourwebbars.com%2Fsb%2Finterstitial%2Fgames%2Fnutaku%2Fmulti%2Fhot-trio%2Fmain%2F2%2Findex.html&l=1679&fd=639
192.243.59.12200 OK 0 B URL HTTP/1.1 parkingridiculous.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.yourwebbars.com%2Fsb%2Finterstitial%2Fgames%2Fnutaku%2Fmulti%2Fhot-trio%2Fmain%2F2%2Findex.html&l=1679&fd=639
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.yourwebbars.com%2Fsb%2Finterstitial%2Fgames%2Fnutaku%2Fmulti%2Fhot-trio%2Fmain%2F2%2Findex.html&l=1679&fd=639 HTTP/1.1
Host: parkingridiculous.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mitaku.net/
Cookie: u_pl=16689414; uid_id2=715c74a9-5c44-4550-a559-764e4384d24f:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec05fbbfa8471e61852a3df8bcfde7950c=[3789940]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Thu, 24 Nov 2022 23:16:11 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
e1.o.lencr.org/
23.36.76.226200 OK 2.3 kB IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 17911c11ad8242ea8acacc3e019c74ce
d7dffced85af3e6da224751303aa5061ee779c2c
f9f0039f4fba202530b0d12ec9926fed356474588a1c9de1dd148f0605ec48db
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "EA0FD5B59BC464C03F64E107247D245F8B9E65B5AD6593400952E0F978BA5251"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11408
Expires: Fri, 25 Nov 2022 02:26:19 GMT
Date: Thu, 24 Nov 2022 23:16:11 GMT
Connection: keep-alive
parkingridiculous.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Finterstitial%2Fgames%2Fnutaku%2Fmulti%2Fhot-trio%2Fmain%2F2%2Fcss%2Fstyle.css&l=20823&fd=125
192.243.59.12200 OK 0 B URL HTTP/1.1 parkingridiculous.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Finterstitial%2Fgames%2Fnutaku%2Fmulti%2Fhot-trio%2Fmain%2F2%2Fcss%2Fstyle.css&l=20823&fd=125
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Finterstitial%2Fgames%2Fnutaku%2Fmulti%2Fhot-trio%2Fmain%2F2%2Fcss%2Fstyle.css&l=20823&fd=125 HTTP/1.1
Host: parkingridiculous.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mitaku.net/
Cookie: u_pl=16689414; uid_id2=715c74a9-5c44-4550-a559-764e4384d24f:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec05fbbfa8471e61852a3df8bcfde7950c=[3789940]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Thu, 24 Nov 2022 23:16:11 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
parkingridiculous.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Finterstitial%2Fgames%2Fnutaku%2Fmulti%2Fhot-trio%2Fmain%2F2%2Fimages%2Flanding%2Fcss%2Fstyles.css&l=3801&fd=364
192.243.59.12200 OK 0 B URL HTTP/1.1 parkingridiculous.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Finterstitial%2Fgames%2Fnutaku%2Fmulti%2Fhot-trio%2Fmain%2F2%2Fimages%2Flanding%2Fcss%2Fstyles.css&l=3801&fd=364
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Finterstitial%2Fgames%2Fnutaku%2Fmulti%2Fhot-trio%2Fmain%2F2%2Fimages%2Flanding%2Fcss%2Fstyles.css&l=3801&fd=364 HTTP/1.1
Host: parkingridiculous.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mitaku.net/
Cookie: u_pl=16689414; uid_id2=715c74a9-5c44-4550-a559-764e4384d24f:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec05fbbfa8471e61852a3df8bcfde7950c=[3789940]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Thu, 24 Nov 2022 23:16:11 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
cdn.yourwebbars.com/sb/interstitial/games/nutaku/multi/hot-trio/main/2/index.html
104.26.7.19200 OK 21 kB URL HTTP/2 cdn.yourwebbars.com/sb/interstitial/games/nutaku/multi/hot-trio/main/2/index.html
IP 104.26.7.19:0
File type HTML document, ASCII text
Hash 41c4c35d8f130d0afd646e4e3a6bec90
0204b450639d7a917e98c1740e6095874604d37c
74d23f4a5a9f608e110334388218cf93a93f1fec2e2f4338e29da0b98a93aaa9
GET /sb/interstitial/games/nutaku/multi/hot-trio/main/2/index.html HTTP/1.1
Host: cdn.yourwebbars.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mitaku.net
Connection: keep-alive
Referer: https://mitaku.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 23:16:11 GMT
content-type: text/html
last-modified: Thu, 18 Aug 2022 11:41:23 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F0jLZm6NmQRx0oAENWg2PetQz4y80BNj8aECrSW7bZYmkpetYnv28O4aYthtIcZ2T8Sk9sDZahnjSa%2FJf45v12ET3sAfxsDU8fN%2FQ75h%2F2g1Y1qEbrPjMVsQZ%2Bbpcy4nmymTQxQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f5d9ce8dbf0b3d-OSL
content-encoding: br
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
216.58.207.195200 OK 17 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 216.58.207.195:0
Hash 39493c6c531301d6da790a544b42f91e
1361e4d2ec64d5f4dfc02f555aada8952a1a3fb8
fcce27ac408ad057298dadd4f77d9d97181e6507d77b0993d019aff3bd96f121
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mitaku.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 18:53:49 GMT
expires: Thu, 23 Nov 2023 18:53:49 GMT
cache-control: public, max-age=31536000
age: 102142
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
parkingridiculous.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Finterstitial%2Fgames%2Fnutaku%2Fmulti%2Fhot-trio%2Fmain%2F2%2Fjs%2Fscript.js&l=7726&fd=267
192.243.59.12200 OK 0 B URL HTTP/1.1 parkingridiculous.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Finterstitial%2Fgames%2Fnutaku%2Fmulti%2Fhot-trio%2Fmain%2F2%2Fjs%2Fscript.js&l=7726&fd=267
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Finterstitial%2Fgames%2Fnutaku%2Fmulti%2Fhot-trio%2Fmain%2F2%2Fjs%2Fscript.js&l=7726&fd=267 HTTP/1.1
Host: parkingridiculous.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mitaku.net/
Cookie: u_pl=16689414; uid_id2=715c74a9-5c44-4550-a559-764e4384d24f:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec05fbbfa8471e61852a3df8bcfde7950c=[3789940]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Thu, 24 Nov 2022 23:16:11 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
cdn.creative-bars1.com/sb/interstitial/games/nutaku/multi/hot-trio/main/2/images/landing/css/styles.css
172.64.108.13200 OK 56 kB URL HTTP/2 cdn.creative-bars1.com/sb/interstitial/games/nutaku/multi/hot-trio/main/2/images/landing/css/styles.css
IP 172.64.108.13:0
File type ASCII text, with very long lines (3797)
Hash 1bb00f531f4ad81823d3f4d4c20679f3
3572094f98215c0ecdcef616b96ea8b2e3a2a551
d4f84bc4489d106510669d1d95df04f26d74ceb693d55b1270c3581f6507909a
GET /sb/interstitial/games/nutaku/multi/hot-trio/main/2/images/landing/css/styles.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mitaku.net
Connection: keep-alive
Referer: https://mitaku.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 23:16:11 GMT
content-type: text/css
last-modified: Thu, 18 Aug 2022 11:41:29 GMT
etag: W/"62fe2569-ed9"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8lMfU8fPbQB7GKBZXeu%2FOW%2BOQ5M2m%2BYyPO5oDUzQpdLtA6IuLKCVP25SqZClgXa9Ln4RTjzVbpWWO3AwfOT%2BDj9%2F43i%2BUd1bw3HbyZnTdQ9cUGInpN8x2LkW0QyVVcoNzzkgGgLWWQBj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f5d9d31ba574c5-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/interstitial/games/nutaku/multi/hot-trio/main/2/images/close.svg
172.64.108.13200 OK 96 kB URL HTTP/2 cdn.creative-bars1.com/sb/interstitial/games/nutaku/multi/hot-trio/main/2/images/close.svg
IP 172.64.108.13:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text
Hash b53ba78586d266912238a05e6fd5b8a7
ade2ce51e90eb7fb9119659728cfe622cc16bd3f
a0ee0ef5c3f4be1437c6d9e9d3b993bbcc8881f2b13f6df299702b71fd71b958
GET /sb/interstitial/games/nutaku/multi/hot-trio/main/2/images/close.svg HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 23:16:11 GMT
content-type: image/svg+xml
last-modified: Thu, 18 Aug 2022 11:41:27 GMT
etag: W/"62fe2567-4ff"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 811228
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LE8cZJ%2Bb%2FhkPc2J%2F6DcVlYYupnW3eX5UAgyLM%2F30g41WRp0%2FyjAndXL9VOUj%2ByY3pOUc8tWermLXi4ZHjXEusPFL1q88MBvT3OoagvWwidJi6TuufNAuNWb1O8ksIETP5yapq%2FDGAxTP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f5d9d33b65886d-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
parkingridiculous.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRitTlYPelERREGZQw4K7mz3TPfOTHJYjDESjNkliezV6qrq2XKqu5qq7unZ9eBiIOzBw3jy18HeN7tZEoOYP0Ajs3qQkUBGQRbJ%2FgkiBnMRRGZ2YPGDqu%2Breu%2Fw3qu6vp0fEhc5PVh5W29IpehCUHUrL6%2FKhOvCVi5drXhu1T1TWZXJon%2Bm0ptspnvac4Oq%2B0rlTcE6eqHmeq7ruV7lvDQi0r2FKQqZ3m551ZZb9WtVL%2FDRM%2F8%2F29yBpQ5495A8A8nHj639dAeSDZHE35wTtpPp9NU34lzRTBt0%2Bd47SSfRRYL4eIyMgyjZm7Gh7ZiQT09AJ3szB9DdnYkDhHJMnN88hMneTCbC7u6R0lBBJAj5kyi6Qwg1hKRDMH0Nkt8nAOO4tIwkvnFJm4KuH6F0go7J3KOHkMWYzD14Fkn89Vkle5UrWuWZ1IlFLyohe0PI9hBpvo9sw4Es9sGyDyH5PbLw6CKSeGfZKg3JD041vIA1fNqaD5jvz%2FtB4M7TIGjNNxZ94debPq%2F50TQiKYeQ0RBK9EGtg3yypIM8cpCnDmJ%2BUKFBK3LdRhRG9XrTZ4zV64wFzUUe8LrfjFzkbOKhjyztg6k%2BmNlEajbRkX2Y%2FHvYtRKWO7AZQZeXKARBYQkKSlBIgiIjKLrlLle2ZssbXNk89Ga9Nuv1cqCz9jbd1VlbJGQ7PSRPT4P79%2Bbj6IiDihtEYRjRpt%2FwxKLXDGq0zqNmyCIuGq3AZbCyhLQnpjY35Jg8d%2FILpHJM5tJ7COk%2BrNoHk0%2BB5i%2BCFoNGzQVdG%2FhNFxvJrVhmtJNXE5GB6xJpNods3dlWh%2BT5qYrWrxkEGy39%2FdmkPgczJVJT4j35A0FbbQ0u64LsXNaFJXeW00zGcoNOnvZKRjMxd%2BstsV5owy%2Bcs%2F2br7EJMBlvXxU2u0gTLpO2JV%2BdlZwLc14bJsi3F%2ByqCFdyu3Y2N0meXlx5%2FfyFODXCWqmTIai8%2F%2B5dMDkmT8TXp5%2F2pd%2B3IM0QJi8R5yMyK0i9D5ZuwqajpT9OPVh44cvvYDWBUcecMHVQ5OXA1MLjSyXHpPbwRygxWvqEjn7%2B66P3QcMSVhzHEIrR3T%2BP%2BNt2C23jgGbXkMQluqZEV5Wgqg%2BbnxxkqRkt%2FVKfFkLlDEJlnJ1QGfXxUbxWHlQCzxfNsNlgnIeCca9Rqzfrrlvj3G%2B0hNdCZsfsg39O%2FwcAAP%2F%2FAQAA%2F%2F8nISdVkAQAAA%3D%3D
192.243.59.12200 OK 7 B URL HTTP/1.1 parkingridiculous.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRitTlYPelERREGZQw4K7mz3TPfOTHJYjDESjNkliezV6qrq2XKqu5qq7unZ9eBiIOzBw3jy18HeN7tZEoOYP0Ajs3qQkUBGQRbJ%2FgkiBnMRRGZ2YPGDqu%2Breu%2Fw3qu6vp0fEhc5PVh5W29IpehCUHUrL6%2FKhOvCVi5drXhu1T1TWZXJon%2Bm0ptspnvac4Oq%2B0rlTcE6eqHmeq7ruV7lvDQi0r2FKQqZ3m551ZZb9WtVL%2FDRM%2F8%2F29yBpQ5495A8A8nHj639dAeSDZHE35wTtpPp9NU34lzRTBt0%2Bd47SSfRRYL4eIyMgyjZm7Gh7ZiQT09AJ3szB9DdnYkDhHJMnN88hMneTCbC7u6R0lBBJAj5kyi6Qwg1hKRDMH0Nkt8nAOO4tIwkvnFJm4KuH6F0go7J3KOHkMWYzD14Fkn89Vkle5UrWuWZ1IlFLyohe0PI9hBpvo9sw4Es9sGyDyH5PbLw6CKSeGfZKg3JD041vIA1fNqaD5jvz%2FtB4M7TIGjNNxZ94debPq%2F50TQiKYeQ0RBK9EGtg3yypIM8cpCnDmJ%2BUKFBK3LdRhRG9XrTZ4zV64wFzUUe8LrfjFzkbOKhjyztg6k%2BmNlEajbRkX2Y%2FHvYtRKWO7AZQZeXKARBYQkKSlBIgiIjKLrlLle2ZssbXNk89Ga9Nuv1cqCz9jbd1VlbJGQ7PSRPT4P79%2Bbj6IiDihtEYRjRpt%2FwxKLXDGq0zqNmyCIuGq3AZbCyhLQnpjY35Jg8d%2FILpHJM5tJ7COk%2BrNoHk0%2BB5i%2BCFoNGzQVdG%2FhNFxvJrVhmtJNXE5GB6xJpNods3dlWh%2BT5qYrWrxkEGy39%2FdmkPgczJVJT4j35A0FbbQ0u64LsXNaFJXeW00zGcoNOnvZKRjMxd%2BstsV5owy%2Bcs%2F2br7EJMBlvXxU2u0gTLpO2JV%2BdlZwLc14bJsi3F%2ByqCFdyu3Y2N0meXlx5%2FfyFODXCWqmTIai8%2F%2B5dMDkmT8TXp5%2F2pd%2B3IM0QJi8R5yMyK0i9D5ZuwqajpT9OPVh44cvvYDWBUcecMHVQ5OXA1MLjSyXHpPbwRygxWvqEjn7%2B66P3QcMSVhzHEIrR3T%2BP%2BNt2C23jgGbXkMQluqZEV5Wgqg%2BbnxxkqRkt%2FVKfFkLlDEJlnJ1QGfXxUbxWHlQCzxfNsNlgnIeCca9Rqzfrrlvj3G%2B0hNdCZsfsg39O%2FwcAAP%2F%2FAQAA%2F%2F8nISdVkAQAAA%3D%3D
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRitTlYPelERREGZQw4K7mz3TPfOTHJYjDESjNkliezV6qrq2XKqu5qq7unZ9eBiIOzBw3jy18HeN7tZEoOYP0Ajs3qQkUBGQRbJ%2FgkiBnMRRGZ2YPGDqu%2Breu%2Fw3qu6vp0fEhc5PVh5W29IpehCUHUrL6%2FKhOvCVi5drXhu1T1TWZXJon%2Bm0ptspnvac4Oq%2B0rlTcE6eqHmeq7ruV7lvDQi0r2FKQqZ3m551ZZb9WtVL%2FDRM%2F8%2F29yBpQ5495A8A8nHj639dAeSDZHE35wTtpPp9NU34lzRTBt0%2Bd47SSfRRYL4eIyMgyjZm7Gh7ZiQT09AJ3szB9DdnYkDhHJMnN88hMneTCbC7u6R0lBBJAj5kyi6Qwg1hKRDMH0Nkt8nAOO4tIwkvnFJm4KuH6F0go7J3KOHkMWYzD14Fkn89Vkle5UrWuWZ1IlFLyohe0PI9hBpvo9sw4Es9sGyDyH5PbLw6CKSeGfZKg3JD041vIA1fNqaD5jvz%2FtB4M7TIGjNNxZ94debPq%2F50TQiKYeQ0RBK9EGtg3yypIM8cpCnDmJ%2BUKFBK3LdRhRG9XrTZ4zV64wFzUUe8LrfjFzkbOKhjyztg6k%2BmNlEajbRkX2Y%2FHvYtRKWO7AZQZeXKARBYQkKSlBIgiIjKLrlLle2ZssbXNk89Ga9Nuv1cqCz9jbd1VlbJGQ7PSRPT4P79%2Bbj6IiDihtEYRjRpt%2FwxKLXDGq0zqNmyCIuGq3AZbCyhLQnpjY35Jg8d%2FILpHJM5tJ7COk%2BrNoHk0%2BB5i%2BCFoNGzQVdG%2FhNFxvJrVhmtJNXE5GB6xJpNods3dlWh%2BT5qYrWrxkEGy39%2FdmkPgczJVJT4j35A0FbbQ0u64LsXNaFJXeW00zGcoNOnvZKRjMxd%2BstsV5owy%2Bcs%2F2br7EJMBlvXxU2u0gTLpO2JV%2BdlZwLc14bJsi3F%2ByqCFdyu3Y2N0meXlx5%2FfyFODXCWqmTIai8%2F%2B5dMDkmT8TXp5%2F2pd%2B3IM0QJi8R5yMyK0i9D5ZuwqajpT9OPVh44cvvYDWBUcecMHVQ5OXA1MLjSyXHpPbwRygxWvqEjn7%2B66P3QcMSVhzHEIrR3T%2BP%2BNt2C23jgGbXkMQluqZEV5Wgqg%2BbnxxkqRkt%2FVKfFkLlDEJlnJ1QGfXxUbxWHlQCzxfNsNlgnIeCca9Rqzfrrlvj3G%2B0hNdCZsfsg39O%2FwcAAP%2F%2FAQAA%2F%2F8nISdVkAQAAA%3D%3D HTTP/1.1
Host: parkingridiculous.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mitaku.net/
Cookie: u_pl=16689414; uid_id2=715c74a9-5c44-4550-a559-764e4384d24f:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec05fbbfa8471e61852a3df8bcfde7950c=[3789940]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Thu, 24 Nov 2022 23:16:11 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: cc658dc406317b4f8bdc476549e9ef88
Strict-Transport-Security: max-age=0; includeSubdomains
cdn.creative-bars1.com/sb/interstitial/games/nutaku/multi/hot-trio/main/2/css/style.css
172.64.108.13200 OK 3.4 kB URL HTTP/2 cdn.creative-bars1.com/sb/interstitial/games/nutaku/multi/hot-trio/main/2/css/style.css
IP 172.64.108.13:0
File type ASCII text, with no line terminators
Hash f1b8d536c1cd9dd331047e565e5b2b53
c3fbb0dc930bf0c6e5277c3b77be839f0cfe770f
82341770ea472c1b24f773ecb9585dfc7ebae69d9283ff903adec73b09c33077
GET /sb/interstitial/games/nutaku/multi/hot-trio/main/2/css/style.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mitaku.net
Connection: keep-alive
Referer: https://mitaku.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 23:16:11 GMT
content-type: text/css
last-modified: Wed, 14 Sep 2022 12:59:44 GMT
etag: W/"6321d040-5157"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 30343
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tw73kkOe9KWfsrrk%2BJINcNGVf1fFvqS6BizJuWElmdOlgoRdLJT5hKMk9nRkohfQizuaJbPeUcpvoPvAslxdhcg%2FjYsY%2BUmXOhaEh6V5cp59w9AxuZQefVQx%2B9xbiK8ShbptjG2PxmOh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f5d9d31ba474c5-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open+Sans%3A400%2C600&ver=2.0.6
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans%3A400%2C600&ver=2.0.6
IP 142.250.74.10:0
GET /css?family=Open+Sans%3A400%2C600&ver=2.0.6 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mitaku.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 24 Nov 2022 23:16:06 GMT
date: Thu, 24 Nov 2022 23:16:06 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
friendshipmale.com/sfp.js
104.21.234.93200 OK 0 B URL HTTP/2 friendshipmale.com/sfp.js
IP 104.21.234.93:0
GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mitaku.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 23:16:08 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 3767cc9836b89ae27c0ab5b5f9a5b553
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Thu, 24 Nov 2022 23:16:08 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3WdT9Ltw%2BdbQFrRohQKyn8CYDqlOCIty4cbG9Fdm8o0%2B8o92J7gUv15NXn9DIEvkmfqmJpXauj2YiXXQ9T1A64t8NGdI7Yq9WdK7hm15EPq4ZW9SvGzxwGkA4Z%2F6%2BVWmxMtL0QI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f5d9c0d8d871f3-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/interstitial/games/nutaku/multi/hot-trio/main/2/js/jquery.min.js
172.64.108.13200 OK 0 B URL HTTP/2 cdn.creative-bars1.com/sb/interstitial/games/nutaku/multi/hot-trio/main/2/js/jquery.min.js
IP 172.64.108.13:0
GET /sb/interstitial/games/nutaku/multi/hot-trio/main/2/js/jquery.min.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 24 Nov 2022 23:16:11 GMT
content-type: application/javascript
last-modified: Thu, 18 Aug 2022 11:41:36 GMT
etag: W/"62fe2570-149b8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 811228
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Prh6BxgtZsQOMabtE38GO4VHFeEEG59LjkPcFVUS%2FofQ39KeB3%2FhcsjjFKh7%2BS7gkNn4BYOGGj4hZmXCQ0b9uGi62scGBw01Kp6I2xB0pljXBSQmZCaRXxPqn%2F%2FAVUligi%2BY5rtgVydt"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f5d9d33b6b886d-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
lcfooiqhro.com/get/1849638?zoneid=1849638&jp=_clk8ebbmey2pxxrwi4hqof&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=3205626070461688
62.122.171.6200 OK 0 B URL HTTP/2 lcfooiqhro.com/get/1849638?zoneid=1849638&jp=_clk8ebbmey2pxxrwi4hqof&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=3205626070461688
IP 62.122.171.6:0
GET /get/1849638?zoneid=1849638&jp=_clk8ebbmey2pxxrwi4hqof&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=3205626070461688 HTTP/1.1
Host: lcfooiqhro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mitaku.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 24 Nov 2022 23:16:07 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-route-id: config
set-cookie: UID=2211241816a3d8205638194cc7aca1f2827b; Path=/; Expires=Fri, 24 Nov 2023 23:16:07 GMT; HttpOnly; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open+Sans&display=swap
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans&display=swap
IP 142.250.74.10:0
GET /css?family=Open+Sans&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mitaku.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 24 Nov 2022 23:16:06 GMT
date: Thu, 24 Nov 2022 23:16:06 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lcfooiqhro.com/t/9/fret/meow4/1849638/brt.js
62.122.171.6200 OK 0 B URL HTTP/2 lcfooiqhro.com/t/9/fret/meow4/1849638/brt.js
IP 62.122.171.6:0
GET /t/9/fret/meow4/1849638/brt.js HTTP/1.1
Host: lcfooiqhro.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mitaku.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 24 Nov 2022 23:16:06 GMT
content-type: application/javascript
last-modified: Tue, 15 Nov 2022 12:20:41 GMT
vary: Accept-Encoding
etag: W/"63738419-10f52"
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/interstitial/games/nutaku/multi/hot-trio/main/2/css/animate.css
172.64.108.13200 OK 0 B URL HTTP/2 cdn.creative-bars1.com/sb/interstitial/games/nutaku/multi/hot-trio/main/2/css/animate.css
IP 172.64.108.13:0
GET /sb/interstitial/games/nutaku/multi/hot-trio/main/2/css/animate.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 24 Nov 2022 23:16:11 GMT
content-type: text/css
last-modified: Thu, 18 Aug 2022 11:41:24 GMT
etag: W/"62fe2564-ec8b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 811228
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ib0upEOYndA8Rc27Hoh60Lz3WTxdOZg1UmhRbSt%2FyWIcABAO7wMX2UY4UN37I6OZPBKwgNUFZ9mg%2F9urJXjKq3lTEEFurCODkGKadztysWhwpr8SqvL9HJFB5tPwxkFJ4ZE5b0SJRxEs"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f5d9d31b38886d-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2