anonymous-links.com/l/c3504431-24e6-4db8-bf9a-bd0202910253
104.21.33.70301 Moved Permanently 0 B URL HTTP/1.1 anonymous-links.com/l/c3504431-24e6-4db8-bf9a-bd0202910253
IP 104.21.33.70:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /l/c3504431-24e6-4db8-bf9a-bd0202910253 HTTP/1.1
Host: anonymous-links.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sun, 04 Dec 2022 13:20:51 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sun, 04 Dec 2022 14:20:51 GMT
Location: https://anonymous-links.com/l/c3504431-24e6-4db8-bf9a-bd0202910253
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IEw6ERQllykrpVj%2FBY5JBsUpZEUH0veOIIqFrFxDzEsZ9LnEJsQx9ygTwEoXU10tMHMvk71nlcBR4iY%2Ba87ph82qw7IqimqzGTUNG0WGyPkGiwA2taYAjzk%2FXcblOkkuwEhPZsC%2B"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7744d7833cbab503-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash cfec3d7283a9b66d2be426ce54d210f3
808c1feb1ba918951d1928c1f6bfc0c253262774
1bad6c06aa3e88dcbc125fc98a6cb753eb2b18d2c8dd61da21d12209aeeda3f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2930
Expires: Sun, 04 Dec 2022 14:09:41 GMT
Date: Sun, 04 Dec 2022 13:20:51 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fb2c0697c6d9a96a5411dd2952947458
79e57f831ec396bbdaa5bfe9472a05e6c9fb31f4
3fd7edcc349ab4402f62e54a142be6b4cecf0e7ee3f431d3168bdf0643ba4d92
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1733
Cache-Control: max-age=164358
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 13:20:52 GMT
Etag: "638c76f5-1d7"
Expires: Tue, 06 Dec 2022 11:00:10 GMT
Last-Modified: Sun, 04 Dec 2022 10:31:17 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 04 Dec 2022 13:18:24 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 148
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 1ea206ac3c440825741687351f8c6e4e
2f38dafd8c43dcce2411a0590bc5c02cd6286735
7d7232c8c91bcd18161ba2c9d23e3bff159604e058bd5b3fc1c7fcbcd03a7ee3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7074
Expires: Sun, 04 Dec 2022 15:18:46 GMT
Date: Sun, 04 Dec 2022 13:20:52 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: WReKDw8izEwN5iNpxvqBFlcuGI9DAU1JOXYXSdzljTkIremEaa5BxXQlE65KIvAhLbi05egcLe0=
x-amz-request-id: T2P9A88BKY7CVVT0
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 04 Dec 2022 12:47:33 GMT
age: 1999
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash bb9ebc6d19befb83c8a1a2ddf22be18e
755b39e6b7d9d53808286b004295895ce3ec5109
66be77e890e3032e4e257b7631c49383e9acd82b61f15d09d266acdbf5a84a74
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=169827
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 13:20:52 GMT
Etag: "638c9317-118"
Expires: Tue, 06 Dec 2022 12:31:19 GMT
Last-Modified: Sun, 04 Dec 2022 12:31:19 GMT
Server: nginx
Content-Length: 280
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 13:20:52 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash bb9ebc6d19befb83c8a1a2ddf22be18e
755b39e6b7d9d53808286b004295895ce3ec5109
66be77e890e3032e4e257b7631c49383e9acd82b61f15d09d266acdbf5a84a74
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: max-age=169827
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 13:20:52 GMT
Etag: "638c9317-118"
Expires: Tue, 06 Dec 2022 12:31:19 GMT
Last-Modified: Sun, 04 Dec 2022 12:31:19 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 280
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 122124f83967c12700f5a6f5546b0f1f
d7acd2db61ad811c388a44b7bd407fa5f4aea8ee
b6b9e0b6c241b4eeb5161b1c297dec2aa6188032017074ee7f8e5533fab87a4d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 13:20:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 3c4319f54a5675ee9acda96c58f97ac6
210ea86db1836d430b321d59b4bd1b016c914f22
cb20ad3ec895ed3a2ae9b1a90dda6b7cc174d8851f3a15ba054a435746cbdc65
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 13:20:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 7c9e0bb25e8c28e8b10038806b0a7190
9fa6097aeb8eacde8ba7c9ab80a7a7d2405ae2bc
f4864000960be2f888ed7d2467f74130231fed6f56ad48ff15861f5769e95a58
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 13:20:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 7c9e0bb25e8c28e8b10038806b0a7190
9fa6097aeb8eacde8ba7c9ab80a7a7d2405ae2bc
f4864000960be2f888ed7d2467f74130231fed6f56ad48ff15861f5769e95a58
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 13:20:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api.js?render=explicit
142.250.74.132200 OK 554 B URL HTTP/2 www.google.com/recaptcha/api.js?render=explicit
IP 142.250.74.132:0
File type ASCII text, with very long lines (852), with no line terminators
Hash 0a628b8a14a877262721824930709597
31bbb380c04a4229a099a1fb6dea09cf717bcb5f
6c63432c24b1f8eed67f792c68214710fd6444ede5c28f56202e966770d20121
GET /recaptcha/api.js?render=explicit HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymous-links.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Sun, 04 Dec 2022 13:20:52 GMT
date: Sun, 04 Dec 2022 13:20:52 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 554
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/recaptcha/api.js
142.250.74.132200 OK 553 B URL HTTP/2 www.google.com/recaptcha/api.js
IP 142.250.74.132:0
File type ASCII text, with very long lines (850), with no line terminators
Hash 1309ff133720d219cc98090d66a051ed
b96fc5a893e42be16d687d7abdecdb13d348a019
358683c66634ea5ee3021c93111d8621d583880bcbbfadf3ec2ff87a15ea1038
GET /recaptcha/api.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymous-links.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Sun, 04 Dec 2022 13:20:52 GMT
date: Sun, 04 Dec 2022 13:20:52 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 553
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-40698397-6
142.250.74.168200 OK 45 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-40698397-6
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash 8b0298d344c5b5b0629ffa5b73a62db6
b397c274d49dceb9cc57740eb390fab71948204a
18752557c77e0d2f780b851033f50c315eb68b36826c77189b707eb446c385db
GET /gtag/js?id=UA-40698397-6 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymous-links.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 04 Dec 2022 13:20:52 GMT
expires: Sun, 04 Dec 2022 13:20:52 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44716
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 122124f83967c12700f5a6f5546b0f1f
d7acd2db61ad811c388a44b7bd407fa5f4aea8ee
b6b9e0b6c241b4eeb5161b1c297dec2aa6188032017074ee7f8e5533fab87a4d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 13:20:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 3c4319f54a5675ee9acda96c58f97ac6
210ea86db1836d430b321d59b4bd1b016c914f22
cb20ad3ec895ed3a2ae9b1a90dda6b7cc174d8851f3a15ba054a435746cbdc65
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 13:20:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash f54a71942ab5d7fdc54672cf84aa76db
e03db706ad371c93ddd3cc4a3e4c329777bb5f4b
87453ee6a206085c9b82594123a30bf59f7354733d19f21e388dea70768198c9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 13:20:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 04 Dec 2022 13:08:58 GMT
cache-control: public,max-age=3600
age: 714
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 31b129c94a90b1e695b21395cb54e378
a3cae46b48d469cc61ab0581303bcd5f5b654db9
fac3f681be358a20f78958dff10c89b7a91365c5114c81246c1bc34c1362ba1e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1720
Cache-Control: max-age=159279
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 13:20:52 GMT
Etag: "638c632b-1d7"
Expires: Tue, 06 Dec 2022 09:35:31 GMT
Last-Modified: Sun, 04 Dec 2022 09:06:51 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash dbeb27ac1835ad48e73c518f0f6e978a
d313a809d94a4aaab96fe37f79c927a32c2ff4fe
fc5df8ea36e24117f7bdf3d5fa36f9bc739a94b7fa7b555c0b800879d0811cf5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FC5DF8EA36E24117F7BDF3D5FA36F9BC739A94B7FA7B555C0B800879D0811CF5"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=652
Expires: Sun, 04 Dec 2022 13:31:45 GMT
Date: Sun, 04 Dec 2022 13:20:53 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 0024c3bf663d6d15504945f1895a3387
0b52297c24680a9cd218401b11c6be6cf11315d0
0991fe053f0da723a0a7b5a34441c8887ac92b2b6a9228157142cd34fd068f05
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0991FE053F0DA723A0A7B5A34441C8887AC92B2B6A9228157142CD34FD068F05"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13125
Expires: Sun, 04 Dec 2022 16:59:38 GMT
Date: Sun, 04 Dec 2022 13:20:53 GMT
Connection: keep-alive
push.services.mozilla.com/
35.162.142.194101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.162.142.194:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: KwC2wI0rFVB5texXG+RSIg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: kM+t7EP0102Jd+ZdxFVo+9pt8/s=
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash dbeb27ac1835ad48e73c518f0f6e978a
d313a809d94a4aaab96fe37f79c927a32c2ff4fe
fc5df8ea36e24117f7bdf3d5fa36f9bc739a94b7fa7b555c0b800879d0811cf5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FC5DF8EA36E24117F7BDF3D5FA36F9BC739A94B7FA7B555C0B800879D0811CF5"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Sun, 04 Dec 2022 19:20:53 GMT
Date: Sun, 04 Dec 2022 13:20:53 GMT
Connection: keep-alive
www.responserver.com/ddc60eba1ed6403aa79015a6fe99c20b/invoke.js
173.233.137.52200 OK 470 B URL HTTP/1.1 www.responserver.com/ddc60eba1ed6403aa79015a6fe99c20b/invoke.js
IP 173.233.137.52:0
File type ASCII text, with very long lines (983), with no line terminators
Hash 9f4d82f854eab3d26a535b886546c7d6
18af4da357722f1bfc91c382d7cd9f3144c5246e
9fe8f6b012e72d0f2db8751d13b6026119e40fd0074b3f117da2686882166cc7
GET /ddc60eba1ed6403aa79015a6fe99c20b/invoke.js HTTP/1.1
Host: www.responserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymous-links.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 04 Dec 2022 13:20:53 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: daa7dcc517290c85a86a279a22ceff82
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
pl15295879.gatetotrustednetwork.com/71/74/78/717478d856975fe5aa0d9cfd3bde9076.js
173.233.139.164200 OK 21 kB URL HTTP/1.1 pl15295879.gatetotrustednetwork.com/71/74/78/717478d856975fe5aa0d9cfd3bde9076.js
IP 173.233.139.164:0
File type HTML document, ASCII text, with very long lines (60174), with no line terminators
Hash cbf47bf4e4dfafb2e91a58e4898f8ac4
a0b7d29719be8bab0624c66260b87ccde1f24d16
f1774388112107edb69ffb9e82007f1e7872204d8b49a2fd2b5e87d3ef11e091
GET /71/74/78/717478d856975fe5aa0d9cfd3bde9076.js HTTP/1.1
Host: pl15295879.gatetotrustednetwork.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymous-links.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 04 Dec 2022 13:20:53 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 1a4fdfce2aa84cfdf08b009263a00211
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
pl15320021.gatetotrustednetwork.com/f0cef6ca89e9b3e1c2d3098ba09ad1db/invoke.js
192.243.61.227200 OK 9.3 kB URL HTTP/1.1 pl15320021.gatetotrustednetwork.com/f0cef6ca89e9b3e1c2d3098ba09ad1db/invoke.js
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type Unicode text, UTF-8 text, with very long lines (25158), with no line terminators
Hash d589f163faed560a4ed898aba9a16973
9fe990dc417758f8cfdb71c520a72b8a9b1c81ed
ece6d20aea7d501ca785e0bc3dc942aa0e5e8fb67f2a4fb1d77f97bce858514c
GET /f0cef6ca89e9b3e1c2d3098ba09ad1db/invoke.js HTTP/1.1
Host: pl15320021.gatetotrustednetwork.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymous-links.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sun, 04 Dec 2022 13:20:53 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: b26f0fa7a5dc44f12c693f8e0e63ff1e
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash da9700d928847bca71f73dc9ca89bd1c
2f156a1557a7504da776ed9a82dc52563662be6f
428ed39905a42b1fc7aaf84f2144caf58ddcb53ac2fbda9af61784ca7394a344
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 13:20:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash da9700d928847bca71f73dc9ca89bd1c
2f156a1557a7504da776ed9a82dc52563662be6f
428ed39905a42b1fc7aaf84f2144caf58ddcb53ac2fbda9af61784ca7394a344
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 13:20:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash da9700d928847bca71f73dc9ca89bd1c
2f156a1557a7504da776ed9a82dc52563662be6f
428ed39905a42b1fc7aaf84f2144caf58ddcb53ac2fbda9af61784ca7394a344
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 13:20:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
142.250.74.35200 OK 8.0 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 8000, version 1.0\012- data
Hash 72993dddf88a63e8f226656f7de88e57
179f97ec0275f09603a8db94d4380eb584d81cd5
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
GET /s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://anonymous-links.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 8000
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:28:50 GMT
expires: Thu, 30 Nov 2023 19:28:50 GMT
cache-control: public, max-age=31536000
age: 323523
last-modified: Wed, 27 Apr 2022 16:59:07 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/rubik/v21/iJWKBXyIfDnIV7nBrXw.woff2
142.250.74.35200 OK 34 kB URL HTTP/2 fonts.gstatic.com/s/rubik/v21/iJWKBXyIfDnIV7nBrXw.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 33580, version 1.0\012- data
Hash 848cd2ecd011428969dc6b90431bc482
6b1a7b562a56bd54510e0f6f95e26babca331a1b
981307dcbbd348f6fb4e3eab184077392f9ee15097ea868f630debefad9044e9
GET /s/rubik/v21/iJWKBXyIfDnIV7nBrXw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://anonymous-links.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 33580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 18:32:08 GMT
expires: Wed, 29 Nov 2023 18:32:08 GMT
cache-control: public, max-age=31536000
age: 413325
last-modified: Mon, 18 Jul 2022 19:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash da9700d928847bca71f73dc9ca89bd1c
2f156a1557a7504da776ed9a82dc52563662be6f
428ed39905a42b1fc7aaf84f2144caf58ddcb53ac2fbda9af61784ca7394a344
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 13:20:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 02ec2ba36a3b4c14eacb8a050607631e
e81359cf3d522422b4a145f23902212aa9bd8dca
4dab53e804cb7731c5926d9e929ca7929fd971751ed056c389878e6e154d935a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4DAB53E804CB7731C5926D9E929CA7929FD971751ED056C389878E6E154D935A"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1152
Expires: Sun, 04 Dec 2022 13:40:05 GMT
Date: Sun, 04 Dec 2022 13:20:53 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 2aecb4f85e02ebc697bb91bb67456d82
2ef35add95a18ac5846ee32df0dd0a63700a2133
4bc2f398453e4555768605e037634156176592626df384f881d782e85b316ca9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4BC2F398453E4555768605E037634156176592626DF384F881D782E85B316CA9"
Last-Modified: Fri, 02 Dec 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2695
Expires: Sun, 04 Dec 2022 14:05:48 GMT
Date: Sun, 04 Dec 2022 13:20:53 GMT
Connection: keep-alive
region1.google-analytics.com/g/collect?v=2&tid=G-4Z9T9TGMWX>m=2oebu0&_p=469279767&cid=1877581928.1670160051&ul=en-us&sr=1280x1024&_s=1&sid=1670160050&sct=1&seg=0&dl=https%3A%2F%2Fanonymous-links.com%2Fl%2Fc3504431-24e6-4db8-bf9a-bd0202910253&dt=%5BPC-WIN%5D%20Lumion%20Pro%2012%20ITA%20%2B%20Crack%20(Torrent)%20-%20Anonymous%20Links&en=page_view&_fv=1&_nsi=1&_ss=1
216.239.34.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-4Z9T9TGMWX>m=2oebu0&_p=469279767&cid=1877581928.1670160051&ul=en-us&sr=1280x1024&_s=1&sid=1670160050&sct=1&seg=0&dl=https%3A%2F%2Fanonymous-links.com%2Fl%2Fc3504431-24e6-4db8-bf9a-bd0202910253&dt=%5BPC-WIN%5D%20Lumion%20Pro%2012%20ITA%20%2B%20Crack%20(Torrent)%20-%20Anonymous%20Links&en=page_view&_fv=1&_nsi=1&_ss=1
IP 216.239.34.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-4Z9T9TGMWX>m=2oebu0&_p=469279767&cid=1877581928.1670160051&ul=en-us&sr=1280x1024&_s=1&sid=1670160050&sct=1&seg=0&dl=https%3A%2F%2Fanonymous-links.com%2Fl%2Fc3504431-24e6-4db8-bf9a-bd0202910253&dt=%5BPC-WIN%5D%20Lumion%20Pro%2012%20ITA%20%2B%20Crack%20(Torrent)%20-%20Anonymous%20Links&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anonymous-links.com
Connection: keep-alive
Referer: https://anonymous-links.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://anonymous-links.com
date: Sun, 04 Dec 2022 13:20:53 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 3ac233072203aa898099a9f19d5c89f1
49e15a39534a9dadb3a87e90295a1f568e6665d3
025c971b8163c8429372f5be9fed72e934b3c68d6050412f425c08acac55747f
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=87846
Date: Sun, 04 Dec 2022 13:20:53 GMT
Etag: "638b4f9a-1d7"
Expires: Mon, 05 Dec 2022 13:44:59 GMT
Last-Modified: Sat, 03 Dec 2022 13:31:06 GMT
Server: ECS (nyb/1D25)
X-Cache: Miss from cloudfront
Via: 1.1 80d21802b1b80c40e55ccf83433b8eac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: d9pKndQwPTx65V0kWc9TNgfIJm-zE3u1nKcBS1_Dv8LPyczkzytOBQ==
Age: 833
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 3ac233072203aa898099a9f19d5c89f1
49e15a39534a9dadb3a87e90295a1f568e6665d3
025c971b8163c8429372f5be9fed72e934b3c68d6050412f425c08acac55747f
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=88177
Date: Sun, 04 Dec 2022 13:20:53 GMT
Etag: "638b4f9a-1d7"
Expires: Mon, 05 Dec 2022 13:50:30 GMT
Last-Modified: Sat, 03 Dec 2022 13:31:06 GMT
Server: ECS (nyb/1D15)
X-Cache: Miss from cloudfront
Via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 7_rdvyMM-NRK5BHFp3cdhfI_fTSM0HsVvLxZNFMem7Gn5NmOqbZG_A==
Age: 1165
simplewebanalysis.com/stats
18.185.190.54200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 18.185.190.54:0
File type ASCII text, with no line terminators
Hash 21dc7576aada2d972cfc81b18fdc49b1
4f9516663cfec75fea65a67872f13d691a18eb1a
9ce546fb9a463625b2fba6e61ffbd979fabfa61a2da6d72e403e4846bd2ca1b6
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anonymous-links.com
Connection: keep-alive
Referer: https://anonymous-links.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 13:20:53 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://anonymous-links.com
access-control-allow-credentials: true
set-cookie: uid_id2=31c6e9c5-b1d4-4411-9975-39f9cc6cc82b:3:1; expires=Wed, 01 Dec 2032 13:20:53 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
18.185.190.54200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 18.185.190.54:0
File type ASCII text, with no line terminators
Hash 14b924be214c38377a949e79a6e2fbbb
f134e51e09cec3edf5f17dc2b3e6b69d85c57d56
593328e5318312e923dbcaec0b36e25c82e49787d50ef1692419ad7cb102a8cd
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anonymous-links.com
Connection: keep-alive
Referer: https://anonymous-links.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 13:20:53 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://anonymous-links.com
access-control-allow-credentials: true
set-cookie: uid_id2=56ce49a8-a96f-4b1d-83e2-bcef0b609864:3:1; expires=Wed, 01 Dec 2032 13:20:53 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
wastedinvaluable.com/46/a4/46/46a446d94b4311a1b5b07a84968edb73.js
192.243.59.20200 OK 13 kB URL HTTP/1.1 wastedinvaluable.com/46/a4/46/46a446d94b4311a1b5b07a84968edb73.js
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with very long lines (37146), with no line terminators
Hash 5856fd98aad1b14bb5df1dbe21f235be
3e3d2174a48d841b90cd8ecfebd35b6a1713c369
068fc3134319bb472c80640b185f5b4da2e8cf4da5386faf7805761a48c3f027
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /46/a4/46/46a446d94b4311a1b5b07a84968edb73.js HTTP/1.1
Host: wastedinvaluable.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymous-links.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Sun, 04 Dec 2022 13:20:53 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 736fb6a12905c80c6a9106e1d9abdcd3
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
organexpectationsmaintain.com/pixel/purst?dl=0&th=0&sc=0&rs=1642&rd=1642&fd=935&bv=22.10.v.9&tmpl=70
192.243.59.13200 OK 0 B URL HTTP/1.1 organexpectationsmaintain.com/pixel/purst?dl=0&th=0&sc=0&rs=1642&rd=1642&fd=935&bv=22.10.v.9&tmpl=70
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/purst?dl=0&th=0&sc=0&rs=1642&rd=1642&fd=935&bv=22.10.v.9&tmpl=70 HTTP/1.1
Host: organexpectationsmaintain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymous-links.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sun, 04 Dec 2022 13:20:53 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
e1.o.lencr.org/
23.33.119.27200 OK 344 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 4190c26f01184c51aed2d771ad1429ec
35e2db991eaca4dbe44e4158feb9eddbccba0a4c
4dfbbd61f47a45a39622f70938f29114fe41648e5f74c0aad269d4a0252de5e6
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "4DFBBD61F47A45A39622F70938F29114FE41648E5F74C0AAD269D4A0252DE5E6"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3373
Expires: Sun, 04 Dec 2022 14:17:06 GMT
Date: Sun, 04 Dec 2022 13:20:53 GMT
Connection: keep-alive
e1.o.lencr.org/
23.33.119.27200 OK 344 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 4190c26f01184c51aed2d771ad1429ec
35e2db991eaca4dbe44e4158feb9eddbccba0a4c
4dfbbd61f47a45a39622f70938f29114fe41648e5f74c0aad269d4a0252de5e6
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "4DFBBD61F47A45A39622F70938F29114FE41648E5F74C0AAD269D4A0252DE5E6"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3373
Expires: Sun, 04 Dec 2022 14:17:06 GMT
Date: Sun, 04 Dec 2022 13:20:53 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 4d1162fd1d9bf3c91aac27ba197fd1d8
f2d0e147d3076e0055d729dd7904e22dbb78e04a
ba7e84e5f7d32f56721816b009b5d84ec852f5a0dbcb6188b30b21924dbf710b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BA7E84E5F7D32F56721816B009B5D84EC852F5A0DBCB6188B30B21924DBF710B"
Last-Modified: Fri, 02 Dec 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5948
Expires: Sun, 04 Dec 2022 15:00:02 GMT
Date: Sun, 04 Dec 2022 13:20:54 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 6ddd743262cc2727e40e84514b13c68a
a9e579263bdb29ebc08ed46d9af5d8308f0bf6ea
e927bd50b4fad2320c331c115457c053cf542096113a7668afe3590e1635d911
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E927BD50B4FAD2320C331C115457C053CF542096113A7668AFE3590E1635D911"
Last-Modified: Sun, 04 Dec 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3159
Expires: Sun, 04 Dec 2022 14:13:33 GMT
Date: Sun, 04 Dec 2022 13:20:54 GMT
Connection: keep-alive
www.google-analytics.com/analytics.js
142.250.74.110200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.110:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymous-links.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Sun, 04 Dec 2022 12:41:08 GMT
expires: Sun, 04 Dec 2022 14:41:08 GMT
cache-control: public, max-age=7200
age: 2386
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2dabd839729e9b0fb2558253d850126b
64f617aa0afb52168ef3519a4cf9829ac61ee007
1a47e4d0efdac6fbec990e3e168bfdfe615ff8953158773e8b1940d4d91eee18
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 13:20:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js
216.58.211.3200 OK 163 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js
IP 216.58.211.3:0
File type ASCII text, with very long lines (730)
Size 163 kB (162976 bytes)
Hash 79d18cf4265108d7cecca1bf4ada6109
e51d0285a545381d4c39e9e0292a650ffeeecbb9
59ce7253f371df0833c3f72d4748ef812002b90a49413c56d0ca7c40bb5a0ab6
GET /recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anonymous-links.com
Connection: keep-alive
Referer: https://anonymous-links.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 162976
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 28 Nov 2022 19:09:57 GMT
expires: Tue, 28 Nov 2023 19:09:57 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 14 Nov 2022 03:01:59 GMT
content-type: text/javascript
age: 497457
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2dabd839729e9b0fb2558253d850126b
64f617aa0afb52168ef3519a4cf9829ac61ee007
1a47e4d0efdac6fbec990e3e168bfdfe615ff8953158773e8b1940d4d91eee18
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 13:20:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
simultaneouslyagreeingcontradiction.com/ntv.json?key=f0cef6ca89e9b3e1c2d3098ba09ad1db&vstc=4
192.243.61.227200 OK 17 kB URL HTTP/1.1 simultaneouslyagreeingcontradiction.com/ntv.json?key=f0cef6ca89e9b3e1c2d3098ba09ad1db&vstc=4
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type JSON data\012- , ASCII text, with very long lines (16911), with no line terminators
Hash aa440cc997503ea23106d9b15d2e1c12
057e12d2011335e18380164d688335ecc6510903
3f425f5cf05f715deffd3b98fdab6d76a859700b5359ec20db3193f90060bd79
Analyzer Verdict Alert quad9 Sinkholed
GET /ntv.json?key=f0cef6ca89e9b3e1c2d3098ba09ad1db&vstc=4 HTTP/1.1
Host: simultaneouslyagreeingcontradiction.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anonymous-links.com
Connection: keep-alive
Referer: https://anonymous-links.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sun, 04 Dec 2022 13:20:54 GMT
Content-Type: application/json
Content-Length: 16911
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://anonymous-links.com
Access-Control-Allow-Origin: https://anonymous-links.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=15219522; expires=Mon, 05 Dec 2022 13:20:54 GMT; secure; SameSite=None
pdhtkv=true; expires=Mon, 05 Dec 2022 13:20:54 GMT; secure; SameSite=None
uncs=1; expires=Mon, 05 Dec 2022 13:20:54 GMT; secure; SameSite=None
pdhtkv49=true; expires=Mon, 05 Dec 2022 13:20:54 GMT; secure; SameSite=None
uncs49=1; expires=Mon, 05 Dec 2022 13:20:54 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 4942362c563c3f8a459f487eb020e6b4
Strict-Transport-Security: max-age=0; includeSubdomains
banquetunarmedgrater.com/advertisers.js
192.243.59.13200 OK 0 B URL HTTP/1.1 banquetunarmedgrater.com/advertisers.js
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /advertisers.js HTTP/1.1
Host: banquetunarmedgrater.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymous-links.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sun, 04 Dec 2022 13:20:54 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 3a8d0d43bbf13cf6fc0f9bf31b48f2bf
Strict-Transport-Security: max-age=0; includeSubdomains
googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html
142.250.74.98200 OK 4.2 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html
IP 142.250.74.98:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2579)
Hash 2fb3574102373e2e076cfa2ff90cdf25
d06c985183def975546d6e47ab6369c11dcf7195
e61cbc207f7fc2f429deceff11e7a339a3d9a9574da6d035054eba02ee381345
GET /pagead/html/r20221110/r20190131/zrt_lookup.html HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymous-links.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 4242
x-xss-protection: 0
date: Sat, 03 Dec 2022 15:24:16 GMT
expires: Sat, 17 Dec 2022 15:24:16 GMT
cache-control: public, max-age=1209600
age: 78998
etag: 10353107486223812946
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3615
Expires: Sun, 04 Dec 2022 14:21:09 GMT
Date: Sun, 04 Dec 2022 13:20:54 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd528f6ee-d348-431d-8220-5c8b154b2941.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd528f6ee-d348-431d-8220-5c8b154b2941.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash db1701b7b9d161a0c935bb6e10b17893
22a8c4bd58c729c1abcf794466e8f3231dfb034b
b495524a33e5b1d3ba34cfbe867ada0da956c061370b1fcde06b23a6194a9787
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd528f6ee-d348-431d-8220-5c8b154b2941.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8315
x-amzn-requestid: f1bcc33b-aad9-4d3b-b1f9-49282f2d4fb9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clsAMGVboAMFfxg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc067-13472a097177d4751c8f7a8c;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:23 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 6UQ_BhPmpVpe9w6gsExB-EpNq_syeCCK6fr4Y1FFK1jDJh_n1Sd0Eg==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:52:47 GMT
age: 55687
etag: "22a8c4bd58c729c1abcf794466e8f3231dfb034b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3615
Expires: Sun, 04 Dec 2022 14:21:09 GMT
Date: Sun, 04 Dec 2022 13:20:54 GMT
Connection: keep-alive
simultaneouslyagreeingcontradiction.com/ren.gif?sid=H4sIAAAAAAAC%2F1RST4gcxRutzm%2FyA%2FWkeBE8zEkUdbZ7%2FuxOm4O4xmhw3V2TyJ6rq6pny6muaqq6p2f3tBiQHDyM4EFzkN43u1mMQQxCboLMegkBYfug7ME9Si56EYIHDzKTgdEPur%2F3vleH976qj%2FfzM%2BIjp6eb75ldqRRd6jT8%2BotbUnNTuPr6tXrgN%2FwL9S2pl9sX6sPpzw5eC%2FxOw3%2Bp%2FrZgfbPU9APfD%2FygfklaEZvh0kyFTO%2BEQSP0G%2B1mI%2Bi0MbT%2F5S734KgHPjgjz0Dy6vz2%2FbuQbAKdfHtRuH5m0lfeSnJFM2Mx4Ecf6L42hUaygLH1EOuj%2BWkYVxHy%2BTkYfTRPADM4mCZAJCvi%2FRIg0kdzm4gGh4%2BdRgpCI%2BJPoRhMINQEkk7AzHVIfkIAxrG%2BAZ3cWje2oDuPVTpVK1J79CdkUZHar89CJ9%2BsKjmsXzUqz6TRDsO4hBxOIHsTpPkxsl0PsjgGyz6C5D%2BRpUdr0MnBhlMGkpez9FJOIOMJlBiBOg%2F59JMe8thDnnpI%2BGmddsLY91fiKG61um3GWKvFWKe7zDu81e7GPnI2tTdClo7A1AjM7iG1e%2BjLT0%2B832HzH%2BC2SzjuwWUV8d7fw4CXKARB4QgKSlBIgiIjKAblIVeu6cpbXLk8Cua9Oe%2Btcmyy3j49NFlPaLKfnpGnZ6t5eGEVfXFaj30m4mVGu6EIo5YIWJO3%2FLAbUT%2BkPOARnCwh3blZ2l1ZkSfe%2BRuprMg5dxsRPYZTx2Dyf6B5AFqMV5o%2B6Pa43fWxq7%2Bj2uidxOTuVSV13zWYScBNiTSrIdvx9tUZeW5mZ%2Fl8CsEekHmB2RKpLfGh%2FJGgp26Mr5iCHFwxhSN3N9JMJnKXTm%2FxakYz8f%2Fb74qdwlh%2B%2BaIbffUGmwpTeOeacNka1VzqniNfr0rOhb1kLBPk%2B8tuS0Sbudteza3O07XNNy9dTlIrnJNGT0DlycZfYNO86cPZ%2B3x%2BYwnSTmDzEkm%2BcCrNBCzdg0sXM2cIrFrwKPVQ5OXYNqPFUEkCJRacRiXcv3i0wPvuBnq2Bppdh05KDGyJgSpB1Qguf3KcpfbB6%2Fe%2FmNZNRKo2jpStHUTKqs9mq63IC%2Fd%2BrsjLN8OKtP%2F4DU6e1kUn9mPhN0UUh1G8Qn0exu0womEgVqIODZC5in3y5b1%2FAAAA%2F%2F8BAAD%2F%2Fy%2FCijmGBAAA
192.243.61.227200 OK 7 B URL HTTP/1.1 simultaneouslyagreeingcontradiction.com/ren.gif?sid=H4sIAAAAAAAC%2F1RST4gcxRutzm%2FyA%2FWkeBE8zEkUdbZ7%2FuxOm4O4xmhw3V2TyJ6rq6pny6muaqq6p2f3tBiQHDyM4EFzkN43u1mMQQxCboLMegkBYfug7ME9Si56EYIHDzKTgdEPur%2F3vleH976qj%2FfzM%2BIjp6eb75ldqRRd6jT8%2BotbUnNTuPr6tXrgN%2FwL9S2pl9sX6sPpzw5eC%2FxOw3%2Bp%2FrZgfbPU9APfD%2FygfklaEZvh0kyFTO%2BEQSP0G%2B1mI%2Bi0MbT%2F5S734KgHPjgjz0Dy6vz2%2FbuQbAKdfHtRuH5m0lfeSnJFM2Mx4Ecf6L42hUaygLH1EOuj%2BWkYVxHy%2BTkYfTRPADM4mCZAJCvi%2FRIg0kdzm4gGh4%2BdRgpCI%2BJPoRhMINQEkk7AzHVIfkIAxrG%2BAZ3cWje2oDuPVTpVK1J79CdkUZHar89CJ9%2BsKjmsXzUqz6TRDsO4hBxOIHsTpPkxsl0PsjgGyz6C5D%2BRpUdr0MnBhlMGkpez9FJOIOMJlBiBOg%2F59JMe8thDnnpI%2BGmddsLY91fiKG61um3GWKvFWKe7zDu81e7GPnI2tTdClo7A1AjM7iG1e%2BjLT0%2B832HzH%2BC2SzjuwWUV8d7fw4CXKARB4QgKSlBIgiIjKAblIVeu6cpbXLk8Cua9Oe%2Btcmyy3j49NFlPaLKfnpGnZ6t5eGEVfXFaj30m4mVGu6EIo5YIWJO3%2FLAbUT%2BkPOARnCwh3blZ2l1ZkSfe%2BRuprMg5dxsRPYZTx2Dyf6B5AFqMV5o%2B6Pa43fWxq7%2Bj2uidxOTuVSV13zWYScBNiTSrIdvx9tUZeW5mZ%2Fl8CsEekHmB2RKpLfGh%2FJGgp26Mr5iCHFwxhSN3N9JMJnKXTm%2FxakYz8f%2Fb74qdwlh%2B%2BaIbffUGmwpTeOeacNka1VzqniNfr0rOhb1kLBPk%2B8tuS0Sbudteza3O07XNNy9dTlIrnJNGT0DlycZfYNO86cPZ%2B3x%2BYwnSTmDzEkm%2BcCrNBCzdg0sXM2cIrFrwKPVQ5OXYNqPFUEkCJRacRiXcv3i0wPvuBnq2Bppdh05KDGyJgSpB1Qguf3KcpfbB6%2Fe%2FmNZNRKo2jpStHUTKqs9mq63IC%2Fd%2BrsjLN8OKtP%2F4DU6e1kUn9mPhN0UUh1G8Qn0exu0womEgVqIODZC5in3y5b1%2FAAAA%2F%2F8BAAD%2F%2Fy%2FCijmGBAAA
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RST4gcxRutzm%2FyA%2FWkeBE8zEkUdbZ7%2FuxOm4O4xmhw3V2TyJ6rq6pny6muaqq6p2f3tBiQHDyM4EFzkN43u1mMQQxCboLMegkBYfug7ME9Si56EYIHDzKTgdEPur%2F3vleH976qj%2FfzM%2BIjp6eb75ldqRRd6jT8%2BotbUnNTuPr6tXrgN%2FwL9S2pl9sX6sPpzw5eC%2FxOw3%2Bp%2FrZgfbPU9APfD%2FygfklaEZvh0kyFTO%2BEQSP0G%2B1mI%2Bi0MbT%2F5S734KgHPjgjz0Dy6vz2%2FbuQbAKdfHtRuH5m0lfeSnJFM2Mx4Ecf6L42hUaygLH1EOuj%2BWkYVxHy%2BTkYfTRPADM4mCZAJCvi%2FRIg0kdzm4gGh4%2BdRgpCI%2BJPoRhMINQEkk7AzHVIfkIAxrG%2BAZ3cWje2oDuPVTpVK1J79CdkUZHar89CJ9%2BsKjmsXzUqz6TRDsO4hBxOIHsTpPkxsl0PsjgGyz6C5D%2BRpUdr0MnBhlMGkpez9FJOIOMJlBiBOg%2F59JMe8thDnnpI%2BGmddsLY91fiKG61um3GWKvFWKe7zDu81e7GPnI2tTdClo7A1AjM7iG1e%2BjLT0%2B832HzH%2BC2SzjuwWUV8d7fw4CXKARB4QgKSlBIgiIjKAblIVeu6cpbXLk8Cua9Oe%2Btcmyy3j49NFlPaLKfnpGnZ6t5eGEVfXFaj30m4mVGu6EIo5YIWJO3%2FLAbUT%2BkPOARnCwh3blZ2l1ZkSfe%2BRuprMg5dxsRPYZTx2Dyf6B5AFqMV5o%2B6Pa43fWxq7%2Bj2uidxOTuVSV13zWYScBNiTSrIdvx9tUZeW5mZ%2Fl8CsEekHmB2RKpLfGh%2FJGgp26Mr5iCHFwxhSN3N9JMJnKXTm%2FxakYz8f%2Fb74qdwlh%2B%2BaIbffUGmwpTeOeacNka1VzqniNfr0rOhb1kLBPk%2B8tuS0Sbudteza3O07XNNy9dTlIrnJNGT0DlycZfYNO86cPZ%2B3x%2BYwnSTmDzEkm%2BcCrNBCzdg0sXM2cIrFrwKPVQ5OXYNqPFUEkCJRacRiXcv3i0wPvuBnq2Bppdh05KDGyJgSpB1Qguf3KcpfbB6%2Fe%2FmNZNRKo2jpStHUTKqs9mq63IC%2Fd%2BrsjLN8OKtP%2F4DU6e1kUn9mPhN0UUh1G8Qn0exu0womEgVqIODZC5in3y5b1%2FAAAA%2F%2F8BAAD%2F%2Fy%2FCijmGBAAA HTTP/1.1
Host: simultaneouslyagreeingcontradiction.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymous-links.com/
Cookie: u_pl=15219522; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sun, 04 Dec 2022 13:20:54 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 344e03e848a548a2a3c04d480e66a307
Strict-Transport-Security: max-age=0; includeSubdomains
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg
34.120.237.76200 OK 4.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c01fe1cccdb3b672bbade6d98217ffe9
a9a529dc9894827f6243a1bf57f81caa4fe88fc2
c43da6212c79a08e22e78e04e99e8f5422e64b4b0a87f30b7907f1b4bc675c71
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4666
x-amzn-requestid: 850d341f-5ccb-453c-8adf-a8194f8fbdad
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clr_-GiboAMFwww=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc066-766293f2526e637235067aca;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: z5uqgjB-Bsl0U55a8aFi37cpJ65Vnbjm6bJ2GnMpaO7RXsMZsOCbPQ==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:44:01 GMT
age: 56213
etag: "a9a529dc9894827f6243a1bf57f81caa4fe88fc2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 921edf4719d00fc9e787f0163dad9917
d174b6498bf23f64df69f917124059bec7a46b3e
ca7f94b946a5920f873661c61d48722c96c0e453363551045b3f788f35c9c885
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CA7F94B946A5920F873661C61D48722C96C0E453363551045B3F788F35C9C885"
Last-Modified: Sat, 03 Dec 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4707
Expires: Sun, 04 Dec 2022 14:39:21 GMT
Date: Sun, 04 Dec 2022 13:20:54 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 921edf4719d00fc9e787f0163dad9917
d174b6498bf23f64df69f917124059bec7a46b3e
ca7f94b946a5920f873661c61d48722c96c0e453363551045b3f788f35c9c885
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CA7F94B946A5920F873661C61D48722C96C0E453363551045B3F788F35C9C885"
Last-Modified: Sat, 03 Dec 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4707
Expires: Sun, 04 Dec 2022 14:39:21 GMT
Date: Sun, 04 Dec 2022 13:20:54 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d571e0e-b14e-436b-8156-2e49aad75d4f.png
34.120.237.76200 OK 16 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d571e0e-b14e-436b-8156-2e49aad75d4f.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 14dcca2a9c4792d835ee709bcd947402
1d702df3a64258628f4124eafd580695f2d350af
da01dcd8fef7c50bdb6f7a8a6a4955694092f479df3dba72f7fa69d7280d07b2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d571e0e-b14e-436b-8156-2e49aad75d4f.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 16143
x-amzn-requestid: dc86fad4-4e53-42c9-9b0a-5e4d2cfcd087
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cdGyLGqmoAMFnaA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638851a7-0ea324b31e8c6578098b8ab9;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 07:03:03 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: kRs3oBWnSs5asyPdvz6kkooy7pqm2Yr8R_2x8EXCVn3dBz_aEJurRQ==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 07:26:41 GMT
age: 21253
etag: "1d702df3a64258628f4124eafd580695f2d350af"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3615
Expires: Sun, 04 Dec 2022 14:21:09 GMT
Date: Sun, 04 Dec 2022 13:20:54 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3615
Expires: Sun, 04 Dec 2022 14:21:09 GMT
Date: Sun, 04 Dec 2022 13:20:54 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3615
Expires: Sun, 04 Dec 2022 14:21:09 GMT
Date: Sun, 04 Dec 2022 13:20:54 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp
34.120.237.76200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 43309032a892c486f9985ef520df696e
36f4682ca6a33ff80ee02129c77e6f27e996ede0
24225ff504f30405d9ec3feb2555c738fcca0d6b265f285aa9c73a64c78a496e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5681
x-amzn-requestid: 8f0d66b8-d532-48d9-9a29-74540cd6ab3a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cltXnEotIAMFqkA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc296-27349a376ff819ab63b04a81;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:41:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Uz-wJTZjej3sjP-O68BQ4hB_kkAecG0o7GkeZUan90ZgV87g0Cg_ZA==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:52:38 GMT
age: 55696
etag: "36f4682ca6a33ff80ee02129c77e6f27e996ede0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19c9bb39-be15-49f9-aad9-2cc511601111.jpeg
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19c9bb39-be15-49f9-aad9-2cc511601111.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a6e7b32ac999cf3c899a234c621fa91a
fc5d4f3163ebb9faf85968cbb1d194e8e68418be
f12db3aed126006fee00649aba0b3eaae900de200b85b9523866a90b5494f18e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19c9bb39-be15-49f9-aad9-2cc511601111.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8989
x-amzn-requestid: abce0b01-f70c-42ad-b242-5a24735fe4c2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cltl4Gk2oAMFSWQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc2f2-1cccffff5199dffe70264a95;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:43:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: PFl7VUrzRkMFNnTiIw_cbGCyrEFn43eUSlZfT0nUhUmjjyXT7JfjMA==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:50:01 GMT
age: 55853
etag: "fc5d4f3163ebb9faf85968cbb1d194e8e68418be"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3af2e495-85ff-410f-8418-e683c7f84bcd.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3af2e495-85ff-410f-8418-e683c7f84bcd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 027480c06cd67621f373c6765dafee4d
9f80bb7ca6f699d88eaec2248dec508c589fe994
f69a0d6bd6e79d8fa7f2f15df11237c0a8b04d45af3cd5870eeef86d18f553bf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3af2e495-85ff-410f-8418-e683c7f84bcd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7728
x-amzn-requestid: 9f37e7a6-1f00-4a81-9b14-962fd0b6cdf4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clsAMEJxoAMFchQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc067-4a4cce217327b44525ea1e98;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:23 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ztC4S0WeA3ft_9JafrL6fInXo4jwkb0cTWUx4Z8L2uz3EWQS-d6F5A==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 22:02:47 GMT
age: 55087
etag: "9f80bb7ca6f699d88eaec2248dec508c589fe994"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
simultaneouslyagreeingcontradiction.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSP2wcxRud9e%2Fyk4CKPw3dNSAQcN69P%2FYdKRAmGCyMbZIg17Mzs%2BfhZmdWM7u3Z1cWkVAKigNRQAq0fmfHIkSICCkdEjrTRJGQvAXIBS4RDTRIEUUKdJeTDj5p93vve1O89818dJCdEx8ZPdt61%2BxJpehiq%2BZXX9iWmpvcVTeuVgO%2F5l%2Bsbku91LxYHUx%2Btv9q4Ldq%2FovVtwTrmcW6H%2Fh%2B4AfVVWlFZAaLUxUyud0Jah2%2F1qzXglYTA%2Ftf7jIPjnrg%2FXPyFCQvL%2BzcuwPJxtDxt5eE66UmefnNOFM0NRZ9fvy%2B7mmTa8RzGFkPkT6enYZxJSGfL8Do41kCmP7hJAFCWRLvlwChPp7ZRNg%2FeuQ0VBAaIX8CeX8MocaQdAxmrkHyUwIwjo1N6PjmhrE53X2k0olaksqDvyDzklR%2BfQY6%2FmZFyUH1ilFZKo12GEQF5GAM2R0jyU6Q7nmQ%2BQlY%2BiEk%2F4ksPliHjg83nTKQvJiml3IMGY2hxBDUecgmn%2FSQRR6yxEPMz6q01Yl8fzkKo0aj3WSMNRqMtdpLvMUbzXbkI2MTe0OkyRBMDcHsPhK7j5785NT7Azb7AW6ngOMeXFoS77199HmBXBDkjiCnBLkkyFOCvF8cceXqrrjJlcvCYNbrs94oRibtHtAjk3aFJgfJOXlyuprfL66gJ86qkc9EtMRouyM6YUMErM4bfqcdUr9DecBDOFlAuoVp2j1ZksfefohElmTB3UJIT%2BDUCZj8H2gWgOaj5boPujNqtn3s6e%2BoNno3Npl7RUndczVmYnBTIEkrSHe9A3VOnp3aef7uzxDsPpkVmC2Q2AIfyB8Juur66LLJyeFlkztyZzNJZSz36OQWr6Q0Ff%2B%2F9Y7YzY3la5fc8KvX2USYwNtXhUvXqeZSdx35ekVyLuyqsUyQ79fctgi3MrezklmdJetbb6yuxYkVzkmjx6DydPNvMFmSCw8%2Fnb7Ppzefg7Rj2KxAnM2dSjMGS%2FbhkvnMGQKr5jxMFpBnxcjWw%2FlQSQIl5pyGBdy%2FeDjHB%2B46urYCml6Djgv0bYG%2BKkDVEC57fJQm9v5r976Y1A2EqjIKla0chsqqz0qydCGZ7rckL93olKT5529w8qzaCpqiHbaXGeehYDxYrjfaDd%2Bvc95c7oigg9SV7OMv7%2F4DAAD%2F%2FwEAAP%2F%2FHD6lcIYEAAA%3D
192.243.61.227200 OK 7 B URL HTTP/1.1 simultaneouslyagreeingcontradiction.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSP2wcxRud9e%2Fyk4CKPw3dNSAQcN69P%2FYdKRAmGCyMbZIg17Mzs%2BfhZmdWM7u3Z1cWkVAKigNRQAq0fmfHIkSICCkdEjrTRJGQvAXIBS4RDTRIEUUKdJeTDj5p93vve1O89818dJCdEx8ZPdt61%2BxJpehiq%2BZXX9iWmpvcVTeuVgO%2F5l%2Bsbku91LxYHUx%2Btv9q4Ldq%2FovVtwTrmcW6H%2Fh%2B4AfVVWlFZAaLUxUyud0Jah2%2F1qzXglYTA%2Ftf7jIPjnrg%2FXPyFCQvL%2BzcuwPJxtDxt5eE66UmefnNOFM0NRZ9fvy%2B7mmTa8RzGFkPkT6enYZxJSGfL8Do41kCmP7hJAFCWRLvlwChPp7ZRNg%2FeuQ0VBAaIX8CeX8MocaQdAxmrkHyUwIwjo1N6PjmhrE53X2k0olaksqDvyDzklR%2BfQY6%2FmZFyUH1ilFZKo12GEQF5GAM2R0jyU6Q7nmQ%2BQlY%2BiEk%2F4ksPliHjg83nTKQvJiml3IMGY2hxBDUecgmn%2FSQRR6yxEPMz6q01Yl8fzkKo0aj3WSMNRqMtdpLvMUbzXbkI2MTe0OkyRBMDcHsPhK7j5785NT7Azb7AW6ngOMeXFoS77199HmBXBDkjiCnBLkkyFOCvF8cceXqrrjJlcvCYNbrs94oRibtHtAjk3aFJgfJOXlyuprfL66gJ86qkc9EtMRouyM6YUMErM4bfqcdUr9DecBDOFlAuoVp2j1ZksfefohElmTB3UJIT%2BDUCZj8H2gWgOaj5boPujNqtn3s6e%2BoNno3Npl7RUndczVmYnBTIEkrSHe9A3VOnp3aef7uzxDsPpkVmC2Q2AIfyB8Juur66LLJyeFlkztyZzNJZSz36OQWr6Q0Ff%2B%2F9Y7YzY3la5fc8KvX2USYwNtXhUvXqeZSdx35ekVyLuyqsUyQ79fctgi3MrezklmdJetbb6yuxYkVzkmjx6DydPNvMFmSCw8%2Fnb7Ppzefg7Rj2KxAnM2dSjMGS%2FbhkvnMGQKr5jxMFpBnxcjWw%2FlQSQIl5pyGBdy%2FeDjHB%2B46urYCml6Djgv0bYG%2BKkDVEC57fJQm9v5r976Y1A2EqjIKla0chsqqz0qydCGZ7rckL93olKT5529w8qzaCpqiHbaXGeehYDxYrjfaDd%2Bvc95c7oigg9SV7OMv7%2F4DAAD%2F%2FwEAAP%2F%2FHD6lcIYEAAA%3D
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSP2wcxRud9e%2Fyk4CKPw3dNSAQcN69P%2FYdKRAmGCyMbZIg17Mzs%2BfhZmdWM7u3Z1cWkVAKigNRQAq0fmfHIkSICCkdEjrTRJGQvAXIBS4RDTRIEUUKdJeTDj5p93vve1O89818dJCdEx8ZPdt61%2BxJpehiq%2BZXX9iWmpvcVTeuVgO%2F5l%2Bsbku91LxYHUx%2Btv9q4Ldq%2FovVtwTrmcW6H%2Fh%2B4AfVVWlFZAaLUxUyud0Jah2%2F1qzXglYTA%2Ftf7jIPjnrg%2FXPyFCQvL%2BzcuwPJxtDxt5eE66UmefnNOFM0NRZ9fvy%2B7mmTa8RzGFkPkT6enYZxJSGfL8Do41kCmP7hJAFCWRLvlwChPp7ZRNg%2FeuQ0VBAaIX8CeX8MocaQdAxmrkHyUwIwjo1N6PjmhrE53X2k0olaksqDvyDzklR%2BfQY6%2FmZFyUH1ilFZKo12GEQF5GAM2R0jyU6Q7nmQ%2BQlY%2BiEk%2F4ksPliHjg83nTKQvJiml3IMGY2hxBDUecgmn%2FSQRR6yxEPMz6q01Yl8fzkKo0aj3WSMNRqMtdpLvMUbzXbkI2MTe0OkyRBMDcHsPhK7j5785NT7Azb7AW6ngOMeXFoS77199HmBXBDkjiCnBLkkyFOCvF8cceXqrrjJlcvCYNbrs94oRibtHtAjk3aFJgfJOXlyuprfL66gJ86qkc9EtMRouyM6YUMErM4bfqcdUr9DecBDOFlAuoVp2j1ZksfefohElmTB3UJIT%2BDUCZj8H2gWgOaj5boPujNqtn3s6e%2BoNno3Npl7RUndczVmYnBTIEkrSHe9A3VOnp3aef7uzxDsPpkVmC2Q2AIfyB8Juur66LLJyeFlkztyZzNJZSz36OQWr6Q0Ff%2B%2F9Y7YzY3la5fc8KvX2USYwNtXhUvXqeZSdx35ekVyLuyqsUyQ79fctgi3MrezklmdJetbb6yuxYkVzkmjx6DydPNvMFmSCw8%2Fnb7Ppzefg7Rj2KxAnM2dSjMGS%2FbhkvnMGQKr5jxMFpBnxcjWw%2FlQSQIl5pyGBdy%2FeDjHB%2B46urYCml6Djgv0bYG%2BKkDVEC57fJQm9v5r976Y1A2EqjIKla0chsqqz0qydCGZ7rckL93olKT5529w8qzaCpqiHbaXGeehYDxYrjfaDd%2Bvc95c7oigg9SV7OMv7%2F4DAAD%2F%2FwEAAP%2F%2FHD6lcIYEAAA%3D HTTP/1.1
Host: simultaneouslyagreeingcontradiction.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymous-links.com/
Cookie: u_pl=15219522; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sun, 04 Dec 2022 13:20:54 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 16adad94fc9af7a432a8122b44b6e9d9
Strict-Transport-Security: max-age=0; includeSubdomains
cdn.cloudimagesb.com/bi/3d/51/b8/3d51b857e914944d2df0d5967c28e130/1625657010.jpg
45.133.44.10200 OK 90 kB URL HTTP/2 cdn.cloudimagesb.com/bi/3d/51/b8/3d51b857e914944d2df0d5967c28e130/1625657010.jpg
IP 45.133.44.10:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, baseline, precision 8, 320x240, components 3\012- data
Hash f229e66da1cc93e1c029866c72c920cc
654ccfe811c4b709816826ac959d57271220aad3
55f0219a4ca1a310966b62814f4f93ff833faf298088c0295fcecf5922f94e5e
GET /bi/3d/51/b8/3d51b857e914944d2df0d5967c28e130/1625657010.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymous-links.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 13:20:54 GMT
content-type: image/jpeg
content-length: 90011
server: nginx/1.17.6
last-modified: Wed, 07 Jul 2021 11:23:39 GMT
etag: "60e58ebb-15f9b"
expires: Tue, 06 Dec 2022 13:20:54 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.cloudimagesb.com/cti/e2/a5/da/e2a5da31bdd801ede7d420f5dea31129/1657624933.jpg
45.133.44.10200 OK 15 kB URL HTTP/2 cdn.cloudimagesb.com/cti/e2/a5/da/e2a5da31bdd801ede7d420f5dea31129/1657624933.jpg
IP 45.133.44.10:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 320x240, components 3\012- data
Hash 57dc7cd55805fb3d838aa9d7ee760309
b01f5ede7dc6025161a82abb08e81acee60081ca
4a4ea9fa2fefd939e7277638b89b36acbd2f534c297fabd7b582a64126261c95
GET /cti/e2/a5/da/e2a5da31bdd801ede7d420f5dea31129/1657624933.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymous-links.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 13:20:54 GMT
content-type: image/jpeg
content-length: 15029
server: nginx/1.17.6
last-modified: Tue, 12 Jul 2022 11:22:21 GMT
etag: "62cd596d-3ab5"
expires: Tue, 06 Dec 2022 13:20:54 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.cloudimagesb.com/cti/da/23/da/da23dacb6b0a1e4010839a07ed3d5ec8/1606977837.jpeg
45.133.44.10200 OK 32 kB URL HTTP/2 cdn.cloudimagesb.com/cti/da/23/da/da23dacb6b0a1e4010839a07ed3d5ec8/1606977837.jpeg
IP 45.133.44.10:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 320x240, components 3\012- data
Hash d75e2cd92289db781a91a6f13b9a6bd7
b39b549b647fa8d204af1e14ad498cc6540ab564
6a9f314429a5ec52da36f7f6a6a0a44e7f55727d502473f1a7f4f748ff318adb
GET /cti/da/23/da/da23dacb6b0a1e4010839a07ed3d5ec8/1606977837.jpeg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymous-links.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 13:20:54 GMT
content-type: image/jpeg
content-length: 31722
server: nginx/1.17.6
last-modified: Thu, 03 Dec 2020 06:44:05 GMT
etag: "5fc88935-7bea"
expires: Tue, 06 Dec 2022 13:20:54 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.cloudimagesb.com/bi/ad/c3/04/adc3047712bf9937dcc230b873bd5022/1654684566.jpg
45.133.44.10200 OK 15 kB URL HTTP/2 cdn.cloudimagesb.com/bi/ad/c3/04/adc3047712bf9937dcc230b873bd5022/1654684566.jpg
IP 45.133.44.10:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, resolutionunit=2], baseline, precision 8, 300x250, components 3\012- data
Hash 3a98a86f8be901720df94832c6e6c558
257f401ec9788f521b9543175ba0d031cfa77150
40991f7a3a8d634c839a0b4859d3459385b3c1dfede63e513ea6f01611376556
GET /bi/ad/c3/04/adc3047712bf9937dcc230b873bd5022/1654684566.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymous-links.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 13:20:54 GMT
content-type: image/jpeg
content-length: 14830
server: nginx/1.17.6
last-modified: Wed, 08 Jun 2022 10:36:15 GMT
etag: "62a07b9f-39ee"
expires: Tue, 06 Dec 2022 13:20:54 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 47b644210e1185da967b593c2fb4f3df
e80aff46867604ff4b94607ea082361940b89715
244f29ea97060fe1a6746bbc12e7d8b288cb0820c85213f1f13628b19c8d05a9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "244F29EA97060FE1A6746BBC12E7D8B288CB0820C85213F1F13628B19C8D05A9"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3783
Expires: Sun, 04 Dec 2022 14:23:57 GMT
Date: Sun, 04 Dec 2022 13:20:54 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash f54a71942ab5d7fdc54672cf84aa76db
e03db706ad371c93ddd3cc4a3e4c329777bb5f4b
87453ee6a206085c9b82594123a30bf59f7354733d19f21e388dea70768198c9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 13:20:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 663979bbd831a40bec8611cfac8d77af
aa43c96676a33100f244e6772e37adc2b6f89b76
60c21027da288e857f546b531dd226d81206bfa85a35985b0e1587a68dec4d5b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 13:20:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.com/adsid/integrator.js?domain=anonymous-links.com
142.250.74.98200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=anonymous-links.com
IP 142.250.74.98:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=anonymous-links.com HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymous-links.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sun, 04 Dec 2022 13:20:54 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.no/adsid/integrator.js?domain=anonymous-links.com
142.250.74.34200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=anonymous-links.com
IP 142.250.74.34:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=anonymous-links.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymous-links.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sun, 04 Dec 2022 13:20:54 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
simultaneouslyagreeingcontradiction.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSP2wcxRud9e%2Fyk4CKPw3dNSAQcN69P%2FYtKRAmBCJCbJIg17Mzs%2BfhZmdWM7u3Z1cWkVAKigNRQAq0fmfHIkSICCkdEjrTRJGQvAXIBS4RDTRIEUUKdJeTDj5p93vve1O89818tJefEh85Pdl41%2BxIpehyp%2BHXX9iUmpvC1S9drQd%2Bwz9b35R6pX22Ppz%2B7ODVwO80%2FBfrbwnWN8tNP%2FD9wA%2Fq56UVsRkuz1TI9HYYNEK%2F0W42gk4bQ%2Ftf7nIPjnrgg1PyFCSvzmzduwPJJtDJt%2BeE62cmffnNJFc0MxYDfvi%2B7mtTaCQLGFsPsT6cn4ZxFSGfL8How3kCmMH%2BNAEiWRHvlwCRPpzbRDQ4eOQ0UhAaEX8CxWACoSaQdAJmrkHyYwIwjkvr0MnNS8YWdPuRSqdqRWoP%2FoIsKlL79Rno5Js1JYf1K0blmTTaYRiXkMMJZG%2BCND9CtuNBFkdg2YeQ%2FCey%2FOAidLK%2F7pSB5OUsvZQTyHgCJUagzkM%2B%2FaSHPPaQpx4SflKnnTD2%2FdU4ilutbpsx1mox1umu8A5vtbuxj5xN7Y2QpSMwNQKzu0jtLvryk2PvD9j8B7itEo57cFlFvPd2MeAlCkFQOIKCEhSSoMgIikF5wJVruvImVy6PgnlvznurHJust0cPTNYTmuylp%2BTJ2Wp%2BP7uGvjipxz4T8Qqj3VCEUUsErMlbftiNqB9SHvAITpaQbmmWdkdW5LG3HyKVFVlytxDRIzh1BCb%2FB5oHoMV4temDbo3bXR87%2Bjuqjd5OTO5eUVL3XYOZBNyUSLMasm1vT52SZ2d2nr%2F7MwS7T%2BYFZkuktsQH8keCnro%2BvmwKsn%2FZFI7cWU8zmcgdOr3FKxnNxP9vvSO2C2P5hXNu9NXrbCpM4e2rwmUXqeZS9xz5ek1yLux5Y5kg319wmyLayN3WWm51nl7ceOP8hSS1wjlp9ARUHq%2F%2FDSYrcubhp7P3%2BfT6c5B2ApuXSPKFU2kmYOkuXLqYOUNg1YJH6RKKvBzbZrQYKkmgxILTqIT7F48WeM9dR8%2FWQLNr0EmJgS0xUCWoGsHlj4%2Bz1N5%2F7d4X07qBSNXGkbK1%2FUhZ9VlFVs6ks%2F1W5KUbYUXaf%2F4GJ0%2FqohP7sfCbIorDKF6lPg%2FjdhjRMBCrUYcGyFzFPv7y7j8AAAD%2F%2FwEAAP%2F%2FCDYrloYEAAA%3D
192.243.61.227200 OK 7 B URL HTTP/1.1 simultaneouslyagreeingcontradiction.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSP2wcxRud9e%2Fyk4CKPw3dNSAQcN69P%2FYtKRAmBCJCbJIg17Mzs%2BfhZmdWM7u3Z1cWkVAKigNRQAq0fmfHIkSICCkdEjrTRJGQvAXIBS4RDTRIEUUKdJeTDj5p93vve1O89818tJefEh85Pdl41%2BxIpehyp%2BHXX9iUmpvC1S9drQd%2Bwz9b35R6pX22Ppz%2B7ODVwO80%2FBfrbwnWN8tNP%2FD9wA%2Fq56UVsRkuz1TI9HYYNEK%2F0W42gk4bQ%2Ftf7nIPjnrgg1PyFCSvzmzduwPJJtDJt%2BeE62cmffnNJFc0MxYDfvi%2B7mtTaCQLGFsPsT6cn4ZxFSGfL8How3kCmMH%2BNAEiWRHvlwCRPpzbRDQ4eOQ0UhAaEX8CxWACoSaQdAJmrkHyYwIwjkvr0MnNS8YWdPuRSqdqRWoP%2FoIsKlL79Rno5Js1JYf1K0blmTTaYRiXkMMJZG%2BCND9CtuNBFkdg2YeQ%2FCey%2FOAidLK%2F7pSB5OUsvZQTyHgCJUagzkM%2B%2FaSHPPaQpx4SflKnnTD2%2FdU4ilutbpsx1mox1umu8A5vtbuxj5xN7Y2QpSMwNQKzu0jtLvryk2PvD9j8B7itEo57cFlFvPd2MeAlCkFQOIKCEhSSoMgIikF5wJVruvImVy6PgnlvznurHJust0cPTNYTmuylp%2BTJ2Wp%2BP7uGvjipxz4T8Qqj3VCEUUsErMlbftiNqB9SHvAITpaQbmmWdkdW5LG3HyKVFVlytxDRIzh1BCb%2FB5oHoMV4temDbo3bXR87%2Bjuqjd5OTO5eUVL3XYOZBNyUSLMasm1vT52SZ2d2nr%2F7MwS7T%2BYFZkuktsQH8keCnro%2BvmwKsn%2FZFI7cWU8zmcgdOr3FKxnNxP9vvSO2C2P5hXNu9NXrbCpM4e2rwmUXqeZS9xz5ek1yLux5Y5kg319wmyLayN3WWm51nl7ceOP8hSS1wjlp9ARUHq%2F%2FDSYrcubhp7P3%2BfT6c5B2ApuXSPKFU2kmYOkuXLqYOUNg1YJH6RKKvBzbZrQYKkmgxILTqIT7F48WeM9dR8%2FWQLNr0EmJgS0xUCWoGsHlj4%2Bz1N5%2F7d4X07qBSNXGkbK1%2FUhZ9VlFVs6ks%2F1W5KUbYUXaf%2F4GJ0%2FqohP7sfCbIorDKF6lPg%2FjdhjRMBCrUYcGyFzFPv7y7j8AAAD%2F%2FwEAAP%2F%2FCDYrloYEAAA%3D
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSP2wcxRud9e%2Fyk4CKPw3dNSAQcN69P%2FYtKRAmBCJCbJIg17Mzs%2BfhZmdWM7u3Z1cWkVAKigNRQAq0fmfHIkSICCkdEjrTRJGQvAXIBS4RDTRIEUUKdJeTDj5p93vve1O89818tJefEh85Pdl41%2BxIpehyp%2BHXX9iUmpvC1S9drQd%2Bwz9b35R6pX22Ppz%2B7ODVwO80%2FBfrbwnWN8tNP%2FD9wA%2Fq56UVsRkuz1TI9HYYNEK%2F0W42gk4bQ%2Ftf7nIPjnrgg1PyFCSvzmzduwPJJtDJt%2BeE62cmffnNJFc0MxYDfvi%2B7mtTaCQLGFsPsT6cn4ZxFSGfL8How3kCmMH%2BNAEiWRHvlwCRPpzbRDQ4eOQ0UhAaEX8CxWACoSaQdAJmrkHyYwIwjkvr0MnNS8YWdPuRSqdqRWoP%2FoIsKlL79Rno5Js1JYf1K0blmTTaYRiXkMMJZG%2BCND9CtuNBFkdg2YeQ%2FCey%2FOAidLK%2F7pSB5OUsvZQTyHgCJUagzkM%2B%2FaSHPPaQpx4SflKnnTD2%2FdU4ilutbpsx1mox1umu8A5vtbuxj5xN7Y2QpSMwNQKzu0jtLvryk2PvD9j8B7itEo57cFlFvPd2MeAlCkFQOIKCEhSSoMgIikF5wJVruvImVy6PgnlvznurHJust0cPTNYTmuylp%2BTJ2Wp%2BP7uGvjipxz4T8Qqj3VCEUUsErMlbftiNqB9SHvAITpaQbmmWdkdW5LG3HyKVFVlytxDRIzh1BCb%2FB5oHoMV4temDbo3bXR87%2Bjuqjd5OTO5eUVL3XYOZBNyUSLMasm1vT52SZ2d2nr%2F7MwS7T%2BYFZkuktsQH8keCnro%2BvmwKsn%2FZFI7cWU8zmcgdOr3FKxnNxP9vvSO2C2P5hXNu9NXrbCpM4e2rwmUXqeZS9xz5ek1yLux5Y5kg319wmyLayN3WWm51nl7ceOP8hSS1wjlp9ARUHq%2F%2FDSYrcubhp7P3%2BfT6c5B2ApuXSPKFU2kmYOkuXLqYOUNg1YJH6RKKvBzbZrQYKkmgxILTqIT7F48WeM9dR8%2FWQLNr0EmJgS0xUCWoGsHlj4%2Bz1N5%2F7d4X07qBSNXGkbK1%2FUhZ9VlFVs6ks%2F1W5KUbYUXaf%2F4GJ0%2FqohP7sfCbIorDKF6lPg%2FjdhjRMBCrUYcGyFzFPv7y7j8AAAD%2F%2FwEAAP%2F%2FCDYrloYEAAA%3D HTTP/1.1
Host: simultaneouslyagreeingcontradiction.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymous-links.com/
Cookie: u_pl=15219522; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sun, 04 Dec 2022 13:20:54 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 6664cbd8f2c026ab3fe88bd55acf9893
Strict-Transport-Security: max-age=0; includeSubdomains
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 663979bbd831a40bec8611cfac8d77af
aa43c96676a33100f244e6772e37adc2b6f89b76
60c21027da288e857f546b531dd226d81206bfa85a35985b0e1587a68dec4d5b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 13:20:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
simultaneouslyagreeingcontradiction.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSTWgkRRit3p0V1JOiB29zEkWddM9PMuMexLhGgzGJuyvBY3VV9aSc6qqmqnt6klNwQfbgYRQPugfpvEk2uC7iIuxNkImXZUFIH5QczFG8KKiwJw8yswOjH3R%2F732vDu99VR%2FuZ2fER0ZPN982u1IputCq%2BdXntqTmJnfV9avVwK%2F5F6tbUi82L1YHk5%2Ftvxz4rZr%2FfPUNwXpmoe4Hvh%2F4QXVFWhGZwcJUhUxud4Jax68167Wg1cTA%2Fp%2B7zIOjHnj%2FjDwJycsL2%2FfuQLIxdPzNJeF6qUlefD3OFE2NRZ8fvat72uQa8RxG1kOkj2anYVxJyGfnYPTRLAFM%2F2CSAKEsifdzgFAfzWwi7B8%2BdBoqCI2QP468P4ZQY0g6BjPXIPkJARjH%2BgZ0fHPd2JzuPFTpRC1J5cHfkHlJKr88BR1%2FvazkoHrFqCyVRjsMogJyMIbsjpFkx0h3Pcj8GCz9AJL%2FSBYerEHHBxtOGUheTNNLOYaMxlBiCOo8ZJNPesgiD1niIeanVdrqRL6%2FFIVRo9FuMsYaDcZa7UXe4o1mO%2FKRsYm9IdJkCKaGYHYPid1DT3584v0Om30Pt13AcQ8uLYn3zh76vEAuCHJHkFOCXBLkKUHeLw65cnVX3OTKZWEw6%2FVZbxQjk3b36aFJu0KT%2FeSMPDFdzW8Xl9ETp9XIZyJaZLTdEZ2wIQJW5w2%2F0w6p36E84CGcLCDduWnaXVmSR9%2F8B4ksyTl3CyE9hlPHYPI8aBaA5qOlug%2B6PWq2fezqb6k2eic2mXtJSd1zNWZicFMgSStId7x9dUaemdp54UYHgt0nswKzBRJb4H35A0FXXR9dNjk5uGxyR%2B5sJKmM5S6d3OKVlKbikVtviZ3cWL56yQ2%2FfJVNhAm8fVW4dI1qLnXXka%2BWJefCrhjLBPlu1W2JcDNz28uZ1VmytvnaymqcWOGcNHoMKk%2Fe%2BwRMluSCOJq%2Bz6f%2F%2FAvSjmGzAnE2dyrNGCzZg0vmM2cIrJrzMDmPPCtGth7Oh0oSKDHnNCzg%2FsPDOd5319G1FdD0GnRcoG8L9FUBqoZw2WOjNLH3X7n3%2BaRuIFSVUahs5SBUVn1aksULSUmevfvTdMklaf7xK5w8rbaCpmiH7SXGeSgYD5bqjXbD9%2BucN5c6IuggdSX76Iu7%2FwIAAP%2F%2FAQAA%2F%2F%2FsNQschgQAAA%3D%3D
192.243.61.227200 OK 7 B URL HTTP/1.1 simultaneouslyagreeingcontradiction.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSTWgkRRit3p0V1JOiB29zEkWddM9PMuMexLhGgzGJuyvBY3VV9aSc6qqmqnt6klNwQfbgYRQPugfpvEk2uC7iIuxNkImXZUFIH5QczFG8KKiwJw8yswOjH3R%2F732vDu99VR%2FuZ2fER0ZPN982u1IputCq%2BdXntqTmJnfV9avVwK%2F5F6tbUi82L1YHk5%2Ftvxz4rZr%2FfPUNwXpmoe4Hvh%2F4QXVFWhGZwcJUhUxud4Jax68167Wg1cTA%2Fp%2B7zIOjHnj%2FjDwJycsL2%2FfuQLIxdPzNJeF6qUlefD3OFE2NRZ8fvat72uQa8RxG1kOkj2anYVxJyGfnYPTRLAFM%2F2CSAKEsifdzgFAfzWwi7B8%2BdBoqCI2QP468P4ZQY0g6BjPXIPkJARjH%2BgZ0fHPd2JzuPFTpRC1J5cHfkHlJKr88BR1%2FvazkoHrFqCyVRjsMogJyMIbsjpFkx0h3Pcj8GCz9AJL%2FSBYerEHHBxtOGUheTNNLOYaMxlBiCOo8ZJNPesgiD1niIeanVdrqRL6%2FFIVRo9FuMsYaDcZa7UXe4o1mO%2FKRsYm9IdJkCKaGYHYPid1DT3584v0Om30Pt13AcQ8uLYn3zh76vEAuCHJHkFOCXBLkKUHeLw65cnVX3OTKZWEw6%2FVZbxQjk3b36aFJu0KT%2FeSMPDFdzW8Xl9ETp9XIZyJaZLTdEZ2wIQJW5w2%2F0w6p36E84CGcLCDduWnaXVmSR9%2F8B4ksyTl3CyE9hlPHYPI8aBaA5qOlug%2B6PWq2fezqb6k2eic2mXtJSd1zNWZicFMgSStId7x9dUaemdp54UYHgt0nswKzBRJb4H35A0FXXR9dNjk5uGxyR%2B5sJKmM5S6d3OKVlKbikVtviZ3cWL56yQ2%2FfJVNhAm8fVW4dI1qLnXXka%2BWJefCrhjLBPlu1W2JcDNz28uZ1VmytvnaymqcWOGcNHoMKk%2Fe%2BwRMluSCOJq%2Bz6f%2F%2FAvSjmGzAnE2dyrNGCzZg0vmM2cIrJrzMDmPPCtGth7Oh0oSKDHnNCzg%2FsPDOd5319G1FdD0GnRcoG8L9FUBqoZw2WOjNLH3X7n3%2BaRuIFSVUahs5SBUVn1aksULSUmevfvTdMklaf7xK5w8rbaCpmiH7SXGeSgYD5bqjXbD9%2BucN5c6IuggdSX76Iu7%2FwIAAP%2F%2FAQAA%2F%2F%2FsNQschgQAAA%3D%3D
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSTWgkRRit3p0V1JOiB29zEkWddM9PMuMexLhGgzGJuyvBY3VV9aSc6qqmqnt6klNwQfbgYRQPugfpvEk2uC7iIuxNkImXZUFIH5QczFG8KKiwJw8yswOjH3R%2F732vDu99VR%2FuZ2fER0ZPN982u1IputCq%2BdXntqTmJnfV9avVwK%2F5F6tbUi82L1YHk5%2Ftvxz4rZr%2FfPUNwXpmoe4Hvh%2F4QXVFWhGZwcJUhUxud4Jax68167Wg1cTA%2Fp%2B7zIOjHnj%2FjDwJycsL2%2FfuQLIxdPzNJeF6qUlefD3OFE2NRZ8fvat72uQa8RxG1kOkj2anYVxJyGfnYPTRLAFM%2F2CSAKEsifdzgFAfzWwi7B8%2BdBoqCI2QP468P4ZQY0g6BjPXIPkJARjH%2BgZ0fHPd2JzuPFTpRC1J5cHfkHlJKr88BR1%2FvazkoHrFqCyVRjsMogJyMIbsjpFkx0h3Pcj8GCz9AJL%2FSBYerEHHBxtOGUheTNNLOYaMxlBiCOo8ZJNPesgiD1niIeanVdrqRL6%2FFIVRo9FuMsYaDcZa7UXe4o1mO%2FKRsYm9IdJkCKaGYHYPid1DT3584v0Om30Pt13AcQ8uLYn3zh76vEAuCHJHkFOCXBLkKUHeLw65cnVX3OTKZWEw6%2FVZbxQjk3b36aFJu0KT%2FeSMPDFdzW8Xl9ETp9XIZyJaZLTdEZ2wIQJW5w2%2F0w6p36E84CGcLCDduWnaXVmSR9%2F8B4ksyTl3CyE9hlPHYPI8aBaA5qOlug%2B6PWq2fezqb6k2eic2mXtJSd1zNWZicFMgSStId7x9dUaemdp54UYHgt0nswKzBRJb4H35A0FXXR9dNjk5uGxyR%2B5sJKmM5S6d3OKVlKbikVtviZ3cWL56yQ2%2FfJVNhAm8fVW4dI1qLnXXka%2BWJefCrhjLBPlu1W2JcDNz28uZ1VmytvnaymqcWOGcNHoMKk%2Fe%2BwRMluSCOJq%2Bz6f%2F%2FAvSjmGzAnE2dyrNGCzZg0vmM2cIrJrzMDmPPCtGth7Oh0oSKDHnNCzg%2FsPDOd5319G1FdD0GnRcoG8L9FUBqoZw2WOjNLH3X7n3%2BaRuIFSVUahs5SBUVn1aksULSUmevfvTdMklaf7xK5w8rbaCpmiH7SXGeSgYD5bqjXbD9%2BucN5c6IuggdSX76Iu7%2FwIAAP%2F%2FAQAA%2F%2F%2FsNQschgQAAA%3D%3D HTTP/1.1
Host: simultaneouslyagreeingcontradiction.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymous-links.com/
Cookie: u_pl=15219522; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sun, 04 Dec 2022 13:20:54 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 47c4d1156c08595cb4bb30df427c624d
Strict-Transport-Security: max-age=0; includeSubdomains
simultaneouslyagreeingcontradiction.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSTYgcRRitTiaCelL04G1Ooqiz3fOzO20O4hqjwZhdk8jisbqqerac6qqmqnt6dk%2BLAcnBwygeNAfpfbObxRjEIOQmyKyXEBC2D8oe3KN4UVAhJw8yk4HRD7q%2F975Xh%2Fe%2Bqg938xPiI6fH62%2BbbakUXeo0%2FPpzG1JzU7j6pav1wG%2F4Z%2BsbUi%2B3z9aH058dvBz4nYb%2FfP0NwfpmqekHvh%2F4Qf28tCI2w6WZCpneDoNG6DfazUbQaWNo%2F89d7sFRD3xwQp6E5NWZzXt3INkEOvnmnHD9zKQvvp7kimbGYsAP3tV9bQqNZAFj6yHWB%2FPTMK4i5LNTMPpgngBmsDdNgEhWxPs5QKQP5jYRDfYfOo0UhEbEH0cxmECoCSSdgJlrkPyIAIzj0hp0cvOSsQXdeqjSqVqR2oO%2FIYuK1H55Cjr5elXJYf2KUXkmjXYYxiXkcALZmyDND5Fte5DFIVj2AST%2FkSw9uAid7K05ZSB5OUsv5QQynkCJEajzkE8%2F6SGPPeSph4Qf12knjH1%2FJY7iVqvbZoy1Wox1usu8w1vtbuwjZ1N7I2TpCEyNwOwOUruDvvz4yPsdNv8ebrOE4x5cVhHvnR0MeIlCEBSOoKAEhSQoMoJiUO5z5ZquvMmVy6Ng3pvz3irHJuvt0n2T9YQmu%2BkJeWK2mt%2FOrqIvjuuxz0S8zGg3FGHUEgFr8pYfdiPqh5QHPIKTJaQ7NUu7LSvy6Jv%2FIJUVOeVuIaKHcOoQTJ4GzQPQYrzS9EE3x%2B2uj239LdVGbyUmdy8pqfuuwUwCbkqkWQ3ZlrerTsgzMzsv3Agh2H0yLzBbIrUl3pc%2FEPTU9fFlU5C9y6Zw5M5amslEbtPpLV7JaCYeufWW2CqM5RfOudGXr7KpMIW3rwqXXaSaS91z5KtVybmw541lgnx3wW2IaD13m6u51Xl6cf218xeS1ArnpNETUHn03idgsiJnxMHsfT7951%2BQdgKbl0jyhVNpJmDpDly6mDlDYNWCR%2BlpFHk5ts1oMVSSQIkFp1EJ9x8eLfCuu46erYFm16CTEgNbYqBKUDWCyx8bZ6m9%2F8q9z6d1A5GqjSNla3uRsurTiiyfSSvy7N2fZkuuSPuPX%2BHkcV10Yj8WflNEcRjFK9TnYdwOIxoGYiXq0ACZq9hHX9z9FwAA%2F%2F8BAAD%2F%2F%2Fg9hfqGBAAA
192.243.61.227200 OK 7 B URL HTTP/1.1 simultaneouslyagreeingcontradiction.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSTYgcRRitTiaCelL04G1Ooqiz3fOzO20O4hqjwZhdk8jisbqqerac6qqmqnt6dk%2BLAcnBwygeNAfpfbObxRjEIOQmyKyXEBC2D8oe3KN4UVAhJw8yk4HRD7q%2F975Xh%2Fe%2Bqg938xPiI6fH62%2BbbakUXeo0%2FPpzG1JzU7j6pav1wG%2F4Z%2BsbUi%2B3z9aH058dvBz4nYb%2FfP0NwfpmqekHvh%2F4Qf28tCI2w6WZCpneDoNG6DfazUbQaWNo%2F89d7sFRD3xwQp6E5NWZzXt3INkEOvnmnHD9zKQvvp7kimbGYsAP3tV9bQqNZAFj6yHWB%2FPTMK4i5LNTMPpgngBmsDdNgEhWxPs5QKQP5jYRDfYfOo0UhEbEH0cxmECoCSSdgJlrkPyIAIzj0hp0cvOSsQXdeqjSqVqR2oO%2FIYuK1H55Cjr5elXJYf2KUXkmjXYYxiXkcALZmyDND5Fte5DFIVj2AST%2FkSw9uAid7K05ZSB5OUsv5QQynkCJEajzkE8%2F6SGPPeSph4Qf12knjH1%2FJY7iVqvbZoy1Wox1usu8w1vtbuwjZ1N7I2TpCEyNwOwOUruDvvz4yPsdNv8ebrOE4x5cVhHvnR0MeIlCEBSOoKAEhSQoMoJiUO5z5ZquvMmVy6Ng3pvz3irHJuvt0n2T9YQmu%2BkJeWK2mt%2FOrqIvjuuxz0S8zGg3FGHUEgFr8pYfdiPqh5QHPIKTJaQ7NUu7LSvy6Jv%2FIJUVOeVuIaKHcOoQTJ4GzQPQYrzS9EE3x%2B2uj239LdVGbyUmdy8pqfuuwUwCbkqkWQ3ZlrerTsgzMzsv3Agh2H0yLzBbIrUl3pc%2FEPTU9fFlU5C9y6Zw5M5amslEbtPpLV7JaCYeufWW2CqM5RfOudGXr7KpMIW3rwqXXaSaS91z5KtVybmw541lgnx3wW2IaD13m6u51Xl6cf218xeS1ArnpNETUHn03idgsiJnxMHsfT7951%2BQdgKbl0jyhVNpJmDpDly6mDlDYNWCR%2BlpFHk5ts1oMVSSQIkFp1EJ9x8eLfCuu46erYFm16CTEgNbYqBKUDWCyx8bZ6m9%2F8q9z6d1A5GqjSNla3uRsurTiiyfSSvy7N2fZkuuSPuPX%2BHkcV10Yj8WflNEcRjFK9TnYdwOIxoGYiXq0ACZq9hHX9z9FwAA%2F%2F8BAAD%2F%2F%2Fg9hfqGBAAA
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSTYgcRRitTiaCelL04G1Ooqiz3fOzO20O4hqjwZhdk8jisbqqerac6qqmqnt6dk%2BLAcnBwygeNAfpfbObxRjEIOQmyKyXEBC2D8oe3KN4UVAhJw8yk4HRD7q%2F975Xh%2Fe%2Bqg938xPiI6fH62%2BbbakUXeo0%2FPpzG1JzU7j6pav1wG%2F4Z%2BsbUi%2B3z9aH058dvBz4nYb%2FfP0NwfpmqekHvh%2F4Qf28tCI2w6WZCpneDoNG6DfazUbQaWNo%2F89d7sFRD3xwQp6E5NWZzXt3INkEOvnmnHD9zKQvvp7kimbGYsAP3tV9bQqNZAFj6yHWB%2FPTMK4i5LNTMPpgngBmsDdNgEhWxPs5QKQP5jYRDfYfOo0UhEbEH0cxmECoCSSdgJlrkPyIAIzj0hp0cvOSsQXdeqjSqVqR2oO%2FIYuK1H55Cjr5elXJYf2KUXkmjXYYxiXkcALZmyDND5Fte5DFIVj2AST%2FkSw9uAid7K05ZSB5OUsv5QQynkCJEajzkE8%2F6SGPPeSph4Qf12knjH1%2FJY7iVqvbZoy1Wox1usu8w1vtbuwjZ1N7I2TpCEyNwOwOUruDvvz4yPsdNv8ebrOE4x5cVhHvnR0MeIlCEBSOoKAEhSQoMoJiUO5z5ZquvMmVy6Ng3pvz3irHJuvt0n2T9YQmu%2BkJeWK2mt%2FOrqIvjuuxz0S8zGg3FGHUEgFr8pYfdiPqh5QHPIKTJaQ7NUu7LSvy6Jv%2FIJUVOeVuIaKHcOoQTJ4GzQPQYrzS9EE3x%2B2uj239LdVGbyUmdy8pqfuuwUwCbkqkWQ3ZlrerTsgzMzsv3Agh2H0yLzBbIrUl3pc%2FEPTU9fFlU5C9y6Zw5M5amslEbtPpLV7JaCYeufWW2CqM5RfOudGXr7KpMIW3rwqXXaSaS91z5KtVybmw541lgnx3wW2IaD13m6u51Xl6cf218xeS1ArnpNETUHn03idgsiJnxMHsfT7951%2BQdgKbl0jyhVNpJmDpDly6mDlDYNWCR%2BlpFHk5ts1oMVSSQIkFp1EJ9x8eLfCuu46erYFm16CTEgNbYqBKUDWCyx8bZ6m9%2F8q9z6d1A5GqjSNla3uRsurTiiyfSSvy7N2fZkuuSPuPX%2BHkcV10Yj8WflNEcRjFK9TnYdwOIxoGYiXq0ACZq9hHX9z9FwAA%2F%2F8BAAD%2F%2F%2Fg9hfqGBAAA HTTP/1.1
Host: simultaneouslyagreeingcontradiction.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymous-links.com/
Cookie: u_pl=15219522; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sun, 04 Dec 2022 13:20:54 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: b87d1e66921c9f1db136d2dd486b2547
Strict-Transport-Security: max-age=0; includeSubdomains
simultaneouslyagreeingcontradiction.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSTYgcRRitjhNBPSlexMucRFFnu%2Bdnd9ocxDVGgzFZk8jisbqqerac6qqmqnt6di8uBiQHhVE8mByk981uFmMQg5CbILNeQkDYPih7cI%2FiRS9CTh5kZgdGP%2Bj%2B3vteHd77qj7eyY%2BJj5werb1jtqRSdKnT8OvPr0vNTeHqF6%2FWA7%2Fhn6mvS73cPlMfTn928Ergdxr%2BC%2FU3BeubpaYf%2BH7gB%2FVz0orYDJdmKmR6Jwwaod9oNxtBp42h%2FT93uQdHPfDBMXkKklenN%2B7fhWQT6OS7s8L1M5O%2B9EaSK5oZiwHff0%2F3tSk0kgWMrYdY789Pw7iKkC9Pwej9eQKYwe40ASJZEe%2FXAJHen9tENNg7cRopCI2IP4FiMIFQE0g6ATPXIPkhARjHxUvQya2LxhZ080SlU7UitYd%2FQxYVqf32NHTy7aqSw%2FoVo%2FJMGu0wjEvI4QSyN0GaHyDb8iCLA7DsI0j%2BM1l6eAE62b3klIHk5Sy9lBPIeAIlRqDOQz79pIc89pCnHhJ%2BVKedMPb9lTiKW61umzHWajHW6S7zDm%2B1u7GPnE3tjZClIzA1ArPbSO02%2BvKzQ%2B9P2PxHuI0SjntwWUW8d7cx4CUKQVA4goISFJKgyAiKQbnHlWu68hZXLo%2BCeW%2FOe6scm6y3Q%2FdM1hOa7KTH5MnZav44s4q%2BOKrHPhPxMqPdUIRRSwSsyVt%2B2I2oH1Ie8AhOlpDu1CztlqzIY2%2F9g1RW5JS7jYgewKkDMPkIaB6AFuOVpg%2B6MW53fWzp76k2ejMxuXtZSd13DWYScFMizWrINr0ddUyemdlp%2F%2FU7BHtA5gVmS6S2xAfyJ4Keuj6%2BbAqye9kUjty9lGYykVt0eotXMpqJR2%2B%2FLTYLY%2Fn5s2709WtsKkzhnavCZReo5lL3HPlmVXIu7DljmSA%2FnHfrIlrL3cZqbnWeXlh7%2Fdz5JLXCOWn0BFQevv85mKzIafHh7H0%2Be%2BNTSDuBzUsk%2BcKpNBOwdBsuXcycIbBqwaO0hiIvx7YZLYZKEiix4DQq4f7DowXecdfRszXQ7Bp0UmJgSwxUCapGcPnj4yy1D169f2NaNxGp2jhStrYbKau%2BqMjy6bQiz937pSIv3gxPNu3kUV10Yj8WflNEcRjFK9TnYdwOIxoGYiXq0ACZq9gnX937FwAA%2F%2F8BAAD%2F%2FzxDxkyGBAAA
192.243.61.227200 OK 7 B URL HTTP/1.1 simultaneouslyagreeingcontradiction.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSTYgcRRitjhNBPSlexMucRFFnu%2Bdnd9ocxDVGgzFZk8jisbqqerac6qqmqnt6di8uBiQHhVE8mByk981uFmMQg5CbILNeQkDYPih7cI%2FiRS9CTh5kZgdGP%2Bj%2B3vteHd77qj7eyY%2BJj5werb1jtqRSdKnT8OvPr0vNTeHqF6%2FWA7%2Fhn6mvS73cPlMfTn928Ergdxr%2BC%2FU3BeubpaYf%2BH7gB%2FVz0orYDJdmKmR6Jwwaod9oNxtBp42h%2FT93uQdHPfDBMXkKklenN%2B7fhWQT6OS7s8L1M5O%2B9EaSK5oZiwHff0%2F3tSk0kgWMrYdY789Pw7iKkC9Pwej9eQKYwe40ASJZEe%2FXAJHen9tENNg7cRopCI2IP4FiMIFQE0g6ATPXIPkhARjHxUvQya2LxhZ080SlU7UitYd%2FQxYVqf32NHTy7aqSw%2FoVo%2FJMGu0wjEvI4QSyN0GaHyDb8iCLA7DsI0j%2BM1l6eAE62b3klIHk5Sy9lBPIeAIlRqDOQz79pIc89pCnHhJ%2BVKedMPb9lTiKW61umzHWajHW6S7zDm%2B1u7GPnE3tjZClIzA1ArPbSO02%2BvKzQ%2B9P2PxHuI0SjntwWUW8d7cx4CUKQVA4goISFJKgyAiKQbnHlWu68hZXLo%2BCeW%2FOe6scm6y3Q%2FdM1hOa7KTH5MnZav44s4q%2BOKrHPhPxMqPdUIRRSwSsyVt%2B2I2oH1Ie8AhOlpDu1CztlqzIY2%2F9g1RW5JS7jYgewKkDMPkIaB6AFuOVpg%2B6MW53fWzp76k2ejMxuXtZSd13DWYScFMizWrINr0ddUyemdlp%2F%2FU7BHtA5gVmS6S2xAfyJ4Keuj6%2BbAqye9kUjty9lGYykVt0eotXMpqJR2%2B%2FLTYLY%2Fn5s2709WtsKkzhnavCZReo5lL3HPlmVXIu7DljmSA%2FnHfrIlrL3cZqbnWeXlh7%2Fdz5JLXCOWn0BFQevv85mKzIafHh7H0%2Be%2BNTSDuBzUsk%2BcKpNBOwdBsuXcycIbBqwaO0hiIvx7YZLYZKEiix4DQq4f7DowXecdfRszXQ7Bp0UmJgSwxUCapGcPnj4yy1D169f2NaNxGp2jhStrYbKau%2BqMjy6bQiz937pSIv3gxPNu3kUV10Yj8WflNEcRjFK9TnYdwOIxoGYiXq0ACZq9gnX937FwAA%2F%2F8BAAD%2F%2FzxDxkyGBAAA
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSTYgcRRitjhNBPSlexMucRFFnu%2Bdnd9ocxDVGgzFZk8jisbqqerac6qqmqnt6di8uBiQHhVE8mByk981uFmMQg5CbILNeQkDYPih7cI%2FiRS9CTh5kZgdGP%2Bj%2B3vteHd77qj7eyY%2BJj5werb1jtqRSdKnT8OvPr0vNTeHqF6%2FWA7%2Fhn6mvS73cPlMfTn928Ergdxr%2BC%2FU3BeubpaYf%2BH7gB%2FVz0orYDJdmKmR6Jwwaod9oNxtBp42h%2FT93uQdHPfDBMXkKklenN%2B7fhWQT6OS7s8L1M5O%2B9EaSK5oZiwHff0%2F3tSk0kgWMrYdY789Pw7iKkC9Pwej9eQKYwe40ASJZEe%2FXAJHen9tENNg7cRopCI2IP4FiMIFQE0g6ATPXIPkhARjHxUvQya2LxhZ080SlU7UitYd%2FQxYVqf32NHTy7aqSw%2FoVo%2FJMGu0wjEvI4QSyN0GaHyDb8iCLA7DsI0j%2BM1l6eAE62b3klIHk5Sy9lBPIeAIlRqDOQz79pIc89pCnHhJ%2BVKedMPb9lTiKW61umzHWajHW6S7zDm%2B1u7GPnE3tjZClIzA1ArPbSO02%2BvKzQ%2B9P2PxHuI0SjntwWUW8d7cx4CUKQVA4goISFJKgyAiKQbnHlWu68hZXLo%2BCeW%2FOe6scm6y3Q%2FdM1hOa7KTH5MnZav44s4q%2BOKrHPhPxMqPdUIRRSwSsyVt%2B2I2oH1Ie8AhOlpDu1CztlqzIY2%2F9g1RW5JS7jYgewKkDMPkIaB6AFuOVpg%2B6MW53fWzp76k2ejMxuXtZSd13DWYScFMizWrINr0ddUyemdlp%2F%2FU7BHtA5gVmS6S2xAfyJ4Keuj6%2BbAqye9kUjty9lGYykVt0eotXMpqJR2%2B%2FLTYLY%2Fn5s2709WtsKkzhnavCZReo5lL3HPlmVXIu7DljmSA%2FnHfrIlrL3cZqbnWeXlh7%2Fdz5JLXCOWn0BFQevv85mKzIafHh7H0%2Be%2BNTSDuBzUsk%2BcKpNBOwdBsuXcycIbBqwaO0hiIvx7YZLYZKEiix4DQq4f7DowXecdfRszXQ7Bp0UmJgSwxUCapGcPnj4yy1D169f2NaNxGp2jhStrYbKau%2BqMjy6bQiz937pSIv3gxPNu3kUV10Yj8WflNEcRjFK9TnYdwOIxoGYiXq0ACZq9gnX937FwAA%2F%2F8BAAD%2F%2FzxDxkyGBAAA HTTP/1.1
Host: simultaneouslyagreeingcontradiction.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymous-links.com/
Cookie: u_pl=15219522; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sun, 04 Dec 2022 13:20:54 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: c74259c61196c801d5744e3753a13a12
Strict-Transport-Security: max-age=0; includeSubdomains
simultaneouslyagreeingcontradiction.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSTWgkRRitXmcF9aR4ES9zEkWddM9PMuMexLiuBmMSd1eCx%2Bqq6kk51VVNVff0JBeDC7IHhVE8uHuQzptkg%2BsiLsLeBJl4WRaE9EHJwRzFi16EPXmQmQyMftD9vfe9Orz3VX28l50SHxk92XjH7Eil6EKr5lef35Sam9xV165WA7%2FmX6huSr3YvFAdTH62%2F0rgt2r%2BC9U3BeuZhbof%2BH7gB9VL0orIDBamKmRypxPUOn6tWa8FrSYG9v%2FcZR4c9cD7p%2BQpSF6e37p%2FF5KNoePvLgrXS03y0htxpmhqLPr88D3d0ybXiOcwsh4ifTg7DeNKQr48B6MPZwlg%2BvuTBAhlSbxfA4T6cGYTYf%2FgzGmoIDRC%2FgTy%2FhhCjSHpGMxcg%2BTHBGAca%2BvQ8a01Y3O6fabSiVqSysO%2FIfOSVH57Gjr%2BdlnJQfWKUVkqjXYYRAXkYAzZHSPJjpDueJD5EVj6EST%2FmSw8XIWO99edMpC8mKaXcgwZjaHEENR5yCaf9JBFHrLEQ8xPqrTViXx%2FKQqjRqPdZIw1Goy12ou8xRvNduQjYxN7Q6TJEEwNwewuEruLnvzs2PsTNvsRbquA4x5cWhLv3V30eYFcEOSOIKcEuSTIU4K8Xxxw5equuMWVy8Jg1uuz3ihGJu3u0QOTdoUme8kpeXK6mj8uLKMnTqqRz0S0yGi7IzphQwSszht%2Bpx1Sv0N5wEM4WUC6c9O0O7Ikj731DxJZknPuNkJ6BKeOwOQjoFkAmo%2BW6j7o1qjZ9rGjv6fa6O3YZO5lJXXP1ZiJwU2BJK0g3fb21Cl5Zmqn%2BdfvEOwBmRWYLZDYAh%2FInwi66vrossnJ%2FmWTO3J3PUllLHfo5BavpDQVj95%2BW2znxvKVi2749WtsIkzgnavCpatUc6m7jnyzLDkX9pKxTJAfVtymCDcyt7WcWZ0lqxuvX1qJEyuck0aPQeXx%2B5%2BDyZKcFx9O3%2BezNz6FtGPYrECczZ1KMwZLduGS%2BcwZAqvmPEwqyLNiZOvhfKgkgRJzTsMC7j88nOM9dx1dWwFNr0HHBfq2QF8VoGoIlz0%2BShP74NX7NyZ1E6GqjEJlK%2FuhsuqLkiyeT0ry3L1fSvLizc7Zpp08qbaCpmiH7SXGeSgYD5bqjXbD9%2BucN5c6IuggdSX75Kt7%2FwIAAP%2F%2FAQAA%2F%2F8oS0iqhgQAAA%3D%3D
192.243.61.227200 OK 7 B URL HTTP/1.1 simultaneouslyagreeingcontradiction.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSTWgkRRitXmcF9aR4ES9zEkWddM9PMuMexLiuBmMSd1eCx%2Bqq6kk51VVNVff0JBeDC7IHhVE8uHuQzptkg%2BsiLsLeBJl4WRaE9EHJwRzFi16EPXmQmQyMftD9vfe9Orz3VX28l50SHxk92XjH7Eil6EKr5lef35Sam9xV165WA7%2FmX6huSr3YvFAdTH62%2F0rgt2r%2BC9U3BeuZhbof%2BH7gB9VL0orIDBamKmRypxPUOn6tWa8FrSYG9v%2FcZR4c9cD7p%2BQpSF6e37p%2FF5KNoePvLgrXS03y0htxpmhqLPr88D3d0ybXiOcwsh4ifTg7DeNKQr48B6MPZwlg%2BvuTBAhlSbxfA4T6cGYTYf%2FgzGmoIDRC%2FgTy%2FhhCjSHpGMxcg%2BTHBGAca%2BvQ8a01Y3O6fabSiVqSysO%2FIfOSVH57Gjr%2BdlnJQfWKUVkqjXYYRAXkYAzZHSPJjpDueJD5EVj6EST%2FmSw8XIWO99edMpC8mKaXcgwZjaHEENR5yCaf9JBFHrLEQ8xPqrTViXx%2FKQqjRqPdZIw1Goy12ou8xRvNduQjYxN7Q6TJEEwNwewuEruLnvzs2PsTNvsRbquA4x5cWhLv3V30eYFcEOSOIKcEuSTIU4K8Xxxw5equuMWVy8Jg1uuz3ihGJu3u0QOTdoUme8kpeXK6mj8uLKMnTqqRz0S0yGi7IzphQwSszht%2Bpx1Sv0N5wEM4WUC6c9O0O7Ikj731DxJZknPuNkJ6BKeOwOQjoFkAmo%2BW6j7o1qjZ9rGjv6fa6O3YZO5lJXXP1ZiJwU2BJK0g3fb21Cl5Zmqn%2BdfvEOwBmRWYLZDYAh%2FInwi66vrossnJ%2FmWTO3J3PUllLHfo5BavpDQVj95%2BW2znxvKVi2749WtsIkzgnavCpatUc6m7jnyzLDkX9pKxTJAfVtymCDcyt7WcWZ0lqxuvX1qJEyuck0aPQeXx%2B5%2BDyZKcFx9O3%2BezNz6FtGPYrECczZ1KMwZLduGS%2BcwZAqvmPEwqyLNiZOvhfKgkgRJzTsMC7j88nOM9dx1dWwFNr0HHBfq2QF8VoGoIlz0%2BShP74NX7NyZ1E6GqjEJlK%2FuhsuqLkiyeT0ry3L1fSvLizc7Zpp08qbaCpmiH7SXGeSgYD5bqjXbD9%2BucN5c6IuggdSX75Kt7%2FwIAAP%2F%2FAQAA%2F%2F8oS0iqhgQAAA%3D%3D
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSTWgkRRitXmcF9aR4ES9zEkWddM9PMuMexLiuBmMSd1eCx%2Bqq6kk51VVNVff0JBeDC7IHhVE8uHuQzptkg%2BsiLsLeBJl4WRaE9EHJwRzFi16EPXmQmQyMftD9vfe9Orz3VX28l50SHxk92XjH7Eil6EKr5lef35Sam9xV165WA7%2FmX6huSr3YvFAdTH62%2F0rgt2r%2BC9U3BeuZhbof%2BH7gB9VL0orIDBamKmRypxPUOn6tWa8FrSYG9v%2FcZR4c9cD7p%2BQpSF6e37p%2FF5KNoePvLgrXS03y0htxpmhqLPr88D3d0ybXiOcwsh4ifTg7DeNKQr48B6MPZwlg%2BvuTBAhlSbxfA4T6cGYTYf%2FgzGmoIDRC%2FgTy%2FhhCjSHpGMxcg%2BTHBGAca%2BvQ8a01Y3O6fabSiVqSysO%2FIfOSVH57Gjr%2BdlnJQfWKUVkqjXYYRAXkYAzZHSPJjpDueJD5EVj6EST%2FmSw8XIWO99edMpC8mKaXcgwZjaHEENR5yCaf9JBFHrLEQ8xPqrTViXx%2FKQqjRqPdZIw1Goy12ou8xRvNduQjYxN7Q6TJEEwNwewuEruLnvzs2PsTNvsRbquA4x5cWhLv3V30eYFcEOSOIKcEuSTIU4K8Xxxw5equuMWVy8Jg1uuz3ihGJu3u0QOTdoUme8kpeXK6mj8uLKMnTqqRz0S0yGi7IzphQwSszht%2Bpx1Sv0N5wEM4WUC6c9O0O7Ikj731DxJZknPuNkJ6BKeOwOQjoFkAmo%2BW6j7o1qjZ9rGjv6fa6O3YZO5lJXXP1ZiJwU2BJK0g3fb21Cl5Zmqn%2BdfvEOwBmRWYLZDYAh%2FInwi66vrossnJ%2FmWTO3J3PUllLHfo5BavpDQVj95%2BW2znxvKVi2749WtsIkzgnavCpatUc6m7jnyzLDkX9pKxTJAfVtymCDcyt7WcWZ0lqxuvX1qJEyuck0aPQeXx%2B5%2BDyZKcFx9O3%2BezNz6FtGPYrECczZ1KMwZLduGS%2BcwZAqvmPEwqyLNiZOvhfKgkgRJzTsMC7j88nOM9dx1dWwFNr0HHBfq2QF8VoGoIlz0%2BShP74NX7NyZ1E6GqjEJlK%2FuhsuqLkiyeT0ry3L1fSvLizc7Zpp08qbaCpmiH7SXGeSgYD5bqjXbD9%2BucN5c6IuggdSX75Kt7%2FwIAAP%2F%2FAQAA%2F%2F8oS0iqhgQAAA%3D%3D HTTP/1.1
Host: simultaneouslyagreeingcontradiction.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymous-links.com/
Cookie: u_pl=15219522; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sun, 04 Dec 2022 13:20:54 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 39b60965e8a7a0b7602302c5b7d7dadc
Strict-Transport-Security: max-age=0; includeSubdomains
simultaneouslyagreeingcontradiction.com/impr.gif?sid=H4sIAAAAAAAC%2F1RST2gkxRutzm%2F2B%2BpJ8SJ4mJMo6qR7%2FiQz5iDGNRqMSdxdybm6qnpSTnVVU9U9PckpuCB78DCCB92DdN4kG1wXcRH2JsjEy7IgpA9KDuYoe9GLsHjwIDM7MPpB9%2Ffe9%2Brw3lf18WF2QXxk9Hz7PbMvlaKLrZpffXFHam5yV928Vg38mr9S3ZF6qblSHUx%2Btv9a4Ldq%2FkvVtwXrmcW6H%2Fh%2B4AfVNWlFZAaLUxUyudMJah2%2F1qzXglYTA%2Ftf7jIPjnrg%2FQvyDCQvL%2B3evwvJxtDxt5eF66UmeeWtOFM0NRZ9fvKB7mmTa8RzGFkPkT6ZnYZxJSGfL8Dok1kCmP7RJAFCWRLvlwChPpnZRNg%2Ffuw0VBAaIX8KeX8MocaQdAxmrkPyMwIwjs0t6PjWprE53Xus0olaksqjPyHzklR%2BfRY6%2FmZVyUH1qlFZKo12GEQF5GAM2R0jyU6R7nuQ%2BSlY%2BhEk%2F4ksPtqAjo%2B2nDKQvJiml3IMGY2hxBDUecgmn%2FSQRR6yxEPMz6u01Yl8fzkKo0aj3WSMNRqMtdpLvMUbzXbkI2MTe0OkyRBMDcHsARJ7gJ789Mz7HTb7AW63gOMeXFoS7%2F0D9HmBXBDkjiCnBLkkyFOCvF8cc%2BXqrrjFlcvCYNbrs94oRibtHtJjk3aFJofJBXl6upqHK6voifNq5DMRLTHa7ohO2BABq%2FOG32mH1O9QHvAQThaQbmGadl%2BW5Il3%2FkYiS7LgbiOkp3DqFEz%2BDzQLQPPRct0H3R012z729XdUG70Xm8y9qqTuuRozMbgpkKQVpHveobogz03tLF1KINgDMiswWyCxBT6UPxJ01Y3RFZOToysmd%2BTuVpLKWO7TyS1eTWkq%2Fn%2F7XbGXG8vXL7vhV2%2BwiTCBd64Jl25QzaXuOvL1quRc2DVjmSDfr7sdEW5nbnc1szpLNrbfXFuPEyuck0aPQeXZ1l9gk7zJw%2Bn7fH5rEdKOYbMCcTZ3Ks0YLDmAS%2BYzZwismvMw8ZBnxcjWw%2FlQSQIl5pyGBdy%2FeDjHh%2B4GurYCml6Hjgv0bYG%2BKkDVEC57cpQm9sHr97%2BY1E2EqjIKla0chcqqz6arLckL934uycs3OyVp%2FvEbnDyvtoKmaIftZcZ5KBgPluuNdsP365w3lzsi6CB1Jfvky3v%2FAAAA%2F%2F8BAAD%2F%2FzvKBN%2BGBAAA
192.243.61.227200 OK 7 B URL HTTP/1.1 simultaneouslyagreeingcontradiction.com/impr.gif?sid=H4sIAAAAAAAC%2F1RST2gkxRutzm%2F2B%2BpJ8SJ4mJMo6qR7%2FiQz5iDGNRqMSdxdybm6qnpSTnVVU9U9PckpuCB78DCCB92DdN4kG1wXcRH2JsjEy7IgpA9KDuYoe9GLsHjwIDM7MPpB9%2Ffe9%2Brw3lf18WF2QXxk9Hz7PbMvlaKLrZpffXFHam5yV928Vg38mr9S3ZF6qblSHUx%2Btv9a4Ldq%2FkvVtwXrmcW6H%2Fh%2B4AfVNWlFZAaLUxUyudMJah2%2F1qzXglYTA%2Ftf7jIPjnrg%2FQvyDCQvL%2B3evwvJxtDxt5eF66UmeeWtOFM0NRZ9fvKB7mmTa8RzGFkPkT6ZnYZxJSGfL8Dok1kCmP7RJAFCWRLvlwChPpnZRNg%2Ffuw0VBAaIX8KeX8MocaQdAxmrkPyMwIwjs0t6PjWprE53Xus0olaksqjPyHzklR%2BfRY6%2FmZVyUH1qlFZKo12GEQF5GAM2R0jyU6R7nuQ%2BSlY%2BhEk%2F4ksPtqAjo%2B2nDKQvJiml3IMGY2hxBDUecgmn%2FSQRR6yxEPMz6u01Yl8fzkKo0aj3WSMNRqMtdpLvMUbzXbkI2MTe0OkyRBMDcHsARJ7gJ789Mz7HTb7AW63gOMeXFoS7%2F0D9HmBXBDkjiCnBLkkyFOCvF8cc%2BXqrrjFlcvCYNbrs94oRibtHtJjk3aFJofJBXl6upqHK6voifNq5DMRLTHa7ohO2BABq%2FOG32mH1O9QHvAQThaQbmGadl%2BW5Il3%2FkYiS7LgbiOkp3DqFEz%2BDzQLQPPRct0H3R012z729XdUG70Xm8y9qqTuuRozMbgpkKQVpHveobogz03tLF1KINgDMiswWyCxBT6UPxJ01Y3RFZOToysmd%2BTuVpLKWO7TyS1eTWkq%2Fn%2F7XbGXG8vXL7vhV2%2BwiTCBd64Jl25QzaXuOvL1quRc2DVjmSDfr7sdEW5nbnc1szpLNrbfXFuPEyuck0aPQeXZ1l9gk7zJw%2Bn7fH5rEdKOYbMCcTZ3Ks0YLDmAS%2BYzZwismvMw8ZBnxcjWw%2FlQSQIl5pyGBdy%2FeDjHh%2B4GurYCml6Hjgv0bYG%2BKkDVEC57cpQm9sHr97%2BY1E2EqjIKla0chcqqz6arLckL934uycs3OyVp%2FvEbnDyvtoKmaIftZcZ5KBgPluuNdsP365w3lzsi6CB1Jfvky3v%2FAAAA%2F%2F8BAAD%2F%2FzvKBN%2BGBAAA
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RST2gkxRutzm%2F2B%2BpJ8SJ4mJMo6qR7%2FiQz5iDGNRqMSdxdybm6qnpSTnVVU9U9PckpuCB78DCCB92DdN4kG1wXcRH2JsjEy7IgpA9KDuYoe9GLsHjwIDM7MPpB9%2Ffe9%2Brw3lf18WF2QXxk9Hz7PbMvlaKLrZpffXFHam5yV928Vg38mr9S3ZF6qblSHUx%2Btv9a4Ldq%2FkvVtwXrmcW6H%2Fh%2B4AfVNWlFZAaLUxUyudMJah2%2F1qzXglYTA%2Ftf7jIPjnrg%2FQvyDCQvL%2B3evwvJxtDxt5eF66UmeeWtOFM0NRZ9fvKB7mmTa8RzGFkPkT6ZnYZxJSGfL8Dok1kCmP7RJAFCWRLvlwChPpnZRNg%2Ffuw0VBAaIX8KeX8MocaQdAxmrkPyMwIwjs0t6PjWprE53Xus0olaksqjPyHzklR%2BfRY6%2FmZVyUH1qlFZKo12GEQF5GAM2R0jyU6R7nuQ%2BSlY%2BhEk%2F4ksPtqAjo%2B2nDKQvJiml3IMGY2hxBDUecgmn%2FSQRR6yxEPMz6u01Yl8fzkKo0aj3WSMNRqMtdpLvMUbzXbkI2MTe0OkyRBMDcHsARJ7gJ789Mz7HTb7AW63gOMeXFoS7%2F0D9HmBXBDkjiCnBLkkyFOCvF8cc%2BXqrrjFlcvCYNbrs94oRibtHtJjk3aFJofJBXl6upqHK6voifNq5DMRLTHa7ohO2BABq%2FOG32mH1O9QHvAQThaQbmGadl%2BW5Il3%2FkYiS7LgbiOkp3DqFEz%2BDzQLQPPRct0H3R012z729XdUG70Xm8y9qqTuuRozMbgpkKQVpHveobogz03tLF1KINgDMiswWyCxBT6UPxJ01Y3RFZOToysmd%2BTuVpLKWO7TyS1eTWkq%2Fn%2F7XbGXG8vXL7vhV2%2BwiTCBd64Jl25QzaXuOvL1quRc2DVjmSDfr7sdEW5nbnc1szpLNrbfXFuPEyuck0aPQeXZ1l9gk7zJw%2Bn7fH5rEdKOYbMCcTZ3Ks0YLDmAS%2BYzZwismvMw8ZBnxcjWw%2FlQSQIl5pyGBdy%2FeDjHh%2B4GurYCml6Hjgv0bYG%2BKkDVEC57cpQm9sHr97%2BY1E2EqjIKla0chcqqz6arLckL934uycs3OyVp%2FvEbnDyvtoKmaIftZcZ5KBgPluuNdsP365w3lzsi6CB1Jfvky3v%2FAAAA%2F%2F8BAAD%2F%2FzvKBN%2BGBAAA HTTP/1.1
Host: simultaneouslyagreeingcontradiction.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymous-links.com/
Cookie: u_pl=15219522; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sun, 04 Dec 2022 13:20:54 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 64c2db097030aafd25e28365b2ab6843
Strict-Transport-Security: max-age=0; includeSubdomains
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash a2365b2356f35547e7a8a0eeac1a5e71
f070192cf1ad964c90dd00bdf6b04fa598618d61
50415514239bdc4345cb6f75e5aba42fe0f093aaf21de22276aaeceab84c0450
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 13:20:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
specialistinsensitive.com/sbar.json?key=46a446d94b4311a1b5b07a84968edb73&uuid=56ce49a8-a96f-4b1d-83e2-bcef0b609864%3A3%3A1
192.243.59.12200 OK 4.3 kB URL HTTP/1.1 specialistinsensitive.com/sbar.json?key=46a446d94b4311a1b5b07a84968edb73&uuid=56ce49a8-a96f-4b1d-83e2-bcef0b609864%3A3%3A1
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (6094), with no line terminators
Hash c814c5e9b37ce91a3d6f24ccc5dc198e
c211ecee2c4c4b4015104deb55bec5dd93ce8974
2f8c6a9e1ff1c3145b1caccc3bcba50c71566a1fabbaa8d226d915d9fe516070
Analyzer Verdict Alert quad9 Sinkholed
GET /sbar.json?key=46a446d94b4311a1b5b07a84968edb73&uuid=56ce49a8-a96f-4b1d-83e2-bcef0b609864%3A3%3A1 HTTP/1.1
Host: specialistinsensitive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anonymous-links.com
Connection: keep-alive
Referer: https://anonymous-links.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sun, 04 Dec 2022 13:20:54 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://anonymous-links.com
Access-Control-Allow-Origin: https://anonymous-links.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=16051846; expires=Mon, 05 Dec 2022 13:20:54 GMT; secure; SameSite=None
uid_id2=56ce49a8-a96f-4b1d-83e2-bcef0b609864:3:1; expires=Sun, 11 Dec 2022 13:20:54 GMT; secure; SameSite=None
pdhtkv=true; expires=Mon, 05 Dec 2022 13:20:54 GMT; secure; SameSite=None
uncs=1; expires=Mon, 05 Dec 2022 13:20:54 GMT; secure; SameSite=None
pdhtkv29=true; expires=Mon, 05 Dec 2022 13:20:54 GMT; secure; SameSite=None
uncs29=1; expires=Mon, 05 Dec 2022 13:20:54 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 6d30234d75968e3bbc075eff3bcfb718
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
partner.googleadservices.com/gampad/cookie.js?domain=anonymous-links.com&callback=_gfp_s_&client=ca-pub-5020772266602511&gpid_exp=1
142.250.74.34200 OK 258 B URL HTTP/2 partner.googleadservices.com/gampad/cookie.js?domain=anonymous-links.com&callback=_gfp_s_&client=ca-pub-5020772266602511&gpid_exp=1
IP 142.250.74.34:0
File type ASCII text, with very long lines (405), with no line terminators
Hash 0ea6d02a9d3a67538ff1a2fd6b8adf59
d791565e59709c0a99d31a426505ace2e2da5748
e53318369e35cc9a1f6471bbbd62b762ed5fb028774d17a201659e27f0a6102f
GET /gampad/cookie.js?domain=anonymous-links.com&callback=_gfp_s_&client=ca-pub-5020772266602511&gpid_exp=1 HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymous-links.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sun, 04 Dec 2022 13:20:55 GMT
server: cafe
cache-control: private
content-length: 258
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash a2365b2356f35547e7a8a0eeac1a5e71
f070192cf1ad964c90dd00bdf6b04fa598618d61
50415514239bdc4345cb6f75e5aba42fe0f093aaf21de22276aaeceab84c0450
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 13:20:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
specialistinsensitive.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSv48bRRidTUJBKBAICgqQCwqQON%2BuvfZ5iVBECIGI%2FFISlJb5tXeDZ2dWM7te31URkaIUEXI6KrT3fMmJECEiJDok5KNBkRAxRXQF9x9AA0pFgeyzZPiK%2Bb437yveezM3t8sDEqKk%2B5fO2y2lNV3tNMPGG9eUEbbyjQtXG1HYDE80rinTjU80hrPDDd6Owk4zfLPxgeR9u9oKozCMwqhxRjmZ2uHqnIXKHyRRMwmbcasZdWIM3f%2BxLwN4GkAMDsiLUGL6zMbPD6H4BCb79rT0%2FcLmb72flZoW1mEgdj82fWMrg2w5pi5AanYX27B%2BSsgXR2DN7sIB7GBn5gBMTUnwJAIzuwuZYIO7h0qZhjRg4jlUgwmknkDRCbi9ASUeE4ALXLgIk927YF1FNw9ZOmOn5NjTv6CqKTn2%2B0sw2TentBo2rlhdFsoaj2FaQw0nUOsT5OUeiq0AqtoDLz6DEr%2BQ1afnYLKdi15bKLH%2FeqfLZZzQ3gpNuulKzCKx0mvL1grjMg1ZN0x63XgekVITqHQCLUeg%2FihKH6BUAco0QJkHyMR%2Bg3aSNAzXUpa2272Yc95uc97pdUVHtONeGqLkMw8jFPkIXI%2FA3XXk7jr66s7j4A%2B48kf4jRpeBPAFwUDUqCRB5QkqSlApgqogqAb1XaF9y9f3hPYlixa9tejtemyL9W161xbr0pDt%2FIC8MM%2Fu7z9voi%2F3G3GXxnFXJDGL21FEI9Zh4RrtxUm3JwVba8OrGsofAfUBttSUPPvhP8jVlBzx98HoHrzeA1cvg5avglbjtVYIujGOeyG2zHfUWLOZ2dKvaGX6vsltBmFr5MUxFJvBtj4gr8zlJOxzSP7o5K%2FjJ8ffyXfAXY3c1fhU%2FUSwrm%2BNL9uK7Fy2lScPL%2BaFytQWnT3zlYIW8uj9j%2BRmZZ04e9qPvnqXz4jZ%2BOCq9MU5aoQy6558fUoJId0Z67gkP5z11yS7VPqNU6UzZX7u0ntnzma5k94rayag6vEnz4OrKTl%2BPph%2F4Ndur0C5CVxZIysfkUVB2Ql4fh0%2BX6r3lsDp5Q7LA1RlPXYttrzUikDLJaashv8PZst529%2FCugtAixswWY2BqzHQNagewZdHx0XuHp38rT0vMB2MmXbBDtNO3zmM1qv9huykYSrDlmRpwtI1GookjRNGk0iusQ6NUPgpv%2F3l9%2F8CAAD%2F%2FwEAAP%2F%2FclJjRZgEAAA%3D
192.243.59.12200 OK 7 B URL HTTP/1.1 specialistinsensitive.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSv48bRRidTUJBKBAICgqQCwqQON%2BuvfZ5iVBECIGI%2FFISlJb5tXeDZ2dWM7te31URkaIUEXI6KrT3fMmJECEiJDok5KNBkRAxRXQF9x9AA0pFgeyzZPiK%2Bb437yveezM3t8sDEqKk%2B5fO2y2lNV3tNMPGG9eUEbbyjQtXG1HYDE80rinTjU80hrPDDd6Owk4zfLPxgeR9u9oKozCMwqhxRjmZ2uHqnIXKHyRRMwmbcasZdWIM3f%2BxLwN4GkAMDsiLUGL6zMbPD6H4BCb79rT0%2FcLmb72flZoW1mEgdj82fWMrg2w5pi5AanYX27B%2BSsgXR2DN7sIB7GBn5gBMTUnwJAIzuwuZYIO7h0qZhjRg4jlUgwmknkDRCbi9ASUeE4ALXLgIk927YF1FNw9ZOmOn5NjTv6CqKTn2%2B0sw2TentBo2rlhdFsoaj2FaQw0nUOsT5OUeiq0AqtoDLz6DEr%2BQ1afnYLKdi15bKLH%2FeqfLZZzQ3gpNuulKzCKx0mvL1grjMg1ZN0x63XgekVITqHQCLUeg%2FihKH6BUAco0QJkHyMR%2Bg3aSNAzXUpa2272Yc95uc97pdUVHtONeGqLkMw8jFPkIXI%2FA3XXk7jr66s7j4A%2B48kf4jRpeBPAFwUDUqCRB5QkqSlApgqogqAb1XaF9y9f3hPYlixa9tejtemyL9W161xbr0pDt%2FIC8MM%2Fu7z9voi%2F3G3GXxnFXJDGL21FEI9Zh4RrtxUm3JwVba8OrGsofAfUBttSUPPvhP8jVlBzx98HoHrzeA1cvg5avglbjtVYIujGOeyG2zHfUWLOZ2dKvaGX6vsltBmFr5MUxFJvBtj4gr8zlJOxzSP7o5K%2FjJ8ffyXfAXY3c1fhU%2FUSwrm%2BNL9uK7Fy2lScPL%2BaFytQWnT3zlYIW8uj9j%2BRmZZ04e9qPvnqXz4jZ%2BOCq9MU5aoQy6558fUoJId0Z67gkP5z11yS7VPqNU6UzZX7u0ntnzma5k94rayag6vEnz4OrKTl%2BPph%2F4Ndur0C5CVxZIysfkUVB2Ql4fh0%2BX6r3lsDp5Q7LA1RlPXYttrzUikDLJaashv8PZst529%2FCugtAixswWY2BqzHQNagewZdHx0XuHp38rT0vMB2MmXbBDtNO3zmM1qv9huykYSrDlmRpwtI1GookjRNGk0iusQ6NUPgpv%2F3l9%2F8CAAD%2F%2FwEAAP%2F%2FclJjRZgEAAA%3D
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSv48bRRidTUJBKBAICgqQCwqQON%2BuvfZ5iVBECIGI%2FFISlJb5tXeDZ2dWM7te31URkaIUEXI6KrT3fMmJECEiJDok5KNBkRAxRXQF9x9AA0pFgeyzZPiK%2Bb437yveezM3t8sDEqKk%2B5fO2y2lNV3tNMPGG9eUEbbyjQtXG1HYDE80rinTjU80hrPDDd6Owk4zfLPxgeR9u9oKozCMwqhxRjmZ2uHqnIXKHyRRMwmbcasZdWIM3f%2BxLwN4GkAMDsiLUGL6zMbPD6H4BCb79rT0%2FcLmb72flZoW1mEgdj82fWMrg2w5pi5AanYX27B%2BSsgXR2DN7sIB7GBn5gBMTUnwJAIzuwuZYIO7h0qZhjRg4jlUgwmknkDRCbi9ASUeE4ALXLgIk927YF1FNw9ZOmOn5NjTv6CqKTn2%2B0sw2TentBo2rlhdFsoaj2FaQw0nUOsT5OUeiq0AqtoDLz6DEr%2BQ1afnYLKdi15bKLH%2FeqfLZZzQ3gpNuulKzCKx0mvL1grjMg1ZN0x63XgekVITqHQCLUeg%2FihKH6BUAco0QJkHyMR%2Bg3aSNAzXUpa2272Yc95uc97pdUVHtONeGqLkMw8jFPkIXI%2FA3XXk7jr66s7j4A%2B48kf4jRpeBPAFwUDUqCRB5QkqSlApgqogqAb1XaF9y9f3hPYlixa9tejtemyL9W161xbr0pDt%2FIC8MM%2Fu7z9voi%2F3G3GXxnFXJDGL21FEI9Zh4RrtxUm3JwVba8OrGsofAfUBttSUPPvhP8jVlBzx98HoHrzeA1cvg5avglbjtVYIujGOeyG2zHfUWLOZ2dKvaGX6vsltBmFr5MUxFJvBtj4gr8zlJOxzSP7o5K%2FjJ8ffyXfAXY3c1fhU%2FUSwrm%2BNL9uK7Fy2lScPL%2BaFytQWnT3zlYIW8uj9j%2BRmZZ04e9qPvnqXz4jZ%2BOCq9MU5aoQy6558fUoJId0Z67gkP5z11yS7VPqNU6UzZX7u0ntnzma5k94rayag6vEnz4OrKTl%2BPph%2F4Ndur0C5CVxZIysfkUVB2Ql4fh0%2BX6r3lsDp5Q7LA1RlPXYttrzUikDLJaashv8PZst529%2FCugtAixswWY2BqzHQNagewZdHx0XuHp38rT0vMB2MmXbBDtNO3zmM1qv9huykYSrDlmRpwtI1GookjRNGk0iusQ6NUPgpv%2F3l9%2F8CAAD%2F%2FwEAAP%2F%2FclJjRZgEAAA%3D HTTP/1.1
Host: specialistinsensitive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymous-links.com/
Cookie: u_pl=16051846; uid_id2=56ce49a8-a96f-4b1d-83e2-bcef0b609864:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sun, 04 Dec 2022 13:20:55 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 16b0fadc1bff787e3e83fa27a8b84703
Strict-Transport-Security: max-age=0; includeSubdomains
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 91cf1caf5d662df9de8d658cac5b6513
5fc2a66b8681bb1e2ae29aa106a4f101ad31d4ca
5f51b547c0c938514c9ff19953f33c5d88091906b603564f632431d375bfd20e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5F51B547C0C938514C9FF19953F33C5D88091906B603564F632431D375BFD20E"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3327
Expires: Sun, 04 Dec 2022 14:16:22 GMT
Date: Sun, 04 Dec 2022 13:20:55 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 23f1ec29a14f983b6fa0170bdce4323d
10fadccb355b39f04546ac7d44abb9845ca08834
a2146fce0eed75e5febefe9a194ddfedbabc78bf54b96b8a57995b4e8571f7a6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A2146FCE0EED75E5FEBEFE9A194DDFEDBABC78BF54B96B8A57995B4E8571F7A6"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8568
Expires: Sun, 04 Dec 2022 15:43:43 GMT
Date: Sun, 04 Dec 2022 13:20:55 GMT
Connection: keep-alive
e1.o.lencr.org/
23.33.119.27200 OK 346 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash a9ff5fa0b5c4765b050f2381f57f5520
0ce842b0fbaef98e256cc66eff4615df094b9d51
95e33b8d7c38a952cbc353b5e2587cd1154da32d9ba29f010bd4b70a4ff2c487
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "95E33B8D7C38A952CBC353B5E2587CD1154DA32D9BA29F010BD4B70A4FF2C487"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15920
Expires: Sun, 04 Dec 2022 17:46:15 GMT
Date: Sun, 04 Dec 2022 13:20:55 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 23f1ec29a14f983b6fa0170bdce4323d
10fadccb355b39f04546ac7d44abb9845ca08834
a2146fce0eed75e5febefe9a194ddfedbabc78bf54b96b8a57995b4e8571f7a6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A2146FCE0EED75E5FEBEFE9A194DDFEDBABC78BF54B96B8A57995B4E8571F7A6"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8568
Expires: Sun, 04 Dec 2022 15:43:43 GMT
Date: Sun, 04 Dec 2022 13:20:55 GMT
Connection: keep-alive
cdn.barscreative1.com/sb/au/e1/6f/bb/e16fbbe9f31c82c23d1d57f9726b5fc7/1654616215.html
45.133.44.3200 OK 390 B URL HTTP/2 cdn.barscreative1.com/sb/au/e1/6f/bb/e16fbbe9f31c82c23d1d57f9726b5fc7/1654616215.html
IP 45.133.44.3:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document, ASCII text
Hash cbb78bf7ab5737a77e6c667aa5f81da3
8c6e1351f884124b085a0890077c4322221af277
f0faab56c3b5126179d5e4656ebe57515d8895efc6e87350151d497683f54bf0
Analyzer Verdict Alert fortinet Phishing
GET /sb/au/e1/6f/bb/e16fbbe9f31c82c23d1d57f9726b5fc7/1654616215.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anonymous-links.com
Connection: keep-alive
Referer: https://anonymous-links.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 13:20:55 GMT
content-type: text/html; charset=utf-8
server: nginx/1.17.6
last-modified: Tue, 07 Jun 2022 15:37:00 GMT
etag: W/"629f709c-40e"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Sun, 04 Dec 2022 14:20:55 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2
cdn.cloudimagesb.com/si/43/94/9a/43949af366edd391dabe71709e8b2d9c/1667273539.png
45.133.44.10200 OK 98 kB URL HTTP/2 cdn.cloudimagesb.com/si/43/94/9a/43949af366edd391dabe71709e8b2d9c/1667273539.png
IP 45.133.44.10:0
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash da015fb8eb04c10681a2fb720baf17dd
bb47582a7db580264a4fef631f1b98a14207a639
b50651cc101a0cfb97c23116535a4d033041c546e20ee4d1897fb57b3a948db1
GET /si/43/94/9a/43949af366edd391dabe71709e8b2d9c/1667273539.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 13:20:55 GMT
content-type: image/png
content-length: 98058
server: nginx/1.17.6
last-modified: Tue, 01 Nov 2022 03:32:27 GMT
etag: "6360934b-17f0a"
expires: Tue, 06 Dec 2022 13:20:55 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/ssp/in-page_push/os/android/2/img/close.png
172.64.109.13200 OK 2.0 kB URL HTTP/2 cdn.creative-bars1.com/sb/ssp/in-page_push/os/android/2/img/close.png
IP 172.64.109.13:0
File type PNG image data, 19 x 19, 8-bit/color RGBA, non-interlaced\012- data
Hash 2cecae5111d5ff932a996679215ad573
f4c63abb5dc373aba5bc144c3831d98516cc7cc9
31f6aad6a88eca32f245dc6d0e030ef422f306b4f8479855b30e59b6dc134ebc
GET /sb/ssp/in-page_push/os/android/2/img/close.png HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 13:20:55 GMT
content-type: image/png
content-length: 2005
last-modified: Wed, 11 May 2022 09:01:03 GMT
etag: "627b7b4f-7d5"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 1639761
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xz13cgD9j7js6VHwjeogik3FDTLBFe2N23JaG1LJkei%2BjNtShUsE6DkJ70M91tYOM3VqvDvs0ha5dp4MsSvIuCGURt9YCg5%2B2CmY7iVSti0sEIhiaMoKMHwvs8pu8HIs%2FU%2FV%2FRc%2BBcvu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7744d79ccfcf777f-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.33.119.27200 OK 346 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash a9ff5fa0b5c4765b050f2381f57f5520
0ce842b0fbaef98e256cc66eff4615df094b9d51
95e33b8d7c38a952cbc353b5e2587cd1154da32d9ba29f010bd4b70a4ff2c487
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "95E33B8D7C38A952CBC353B5E2587CD1154DA32D9BA29F010BD4B70A4FF2C487"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15920
Expires: Sun, 04 Dec 2022 17:46:15 GMT
Date: Sun, 04 Dec 2022 13:20:55 GMT
Connection: keep-alive
unseenreport.com/pxf.gif?uuid=56ce49a8-a96f-4b1d-83e2-bcef0b609864&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=717478d856975fe5aa0d9cfd3bde9076&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=13
192.243.59.13200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=56ce49a8-a96f-4b1d-83e2-bcef0b609864&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=717478d856975fe5aa0d9cfd3bde9076&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=13
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=56ce49a8-a96f-4b1d-83e2-bcef0b609864&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=717478d856975fe5aa0d9cfd3bde9076&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=13 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymous-links.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sun, 04 Dec 2022 13:20:55 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 6dd78d83d841814bd8ab61d8ca7dd051
Strict-Transport-Security: max-age=0; includeSubdomains
unseenreport.com/pxf.gif?uuid=56ce49a8-a96f-4b1d-83e2-bcef0b609864&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=46a446d94b4311a1b5b07a84968edb73&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=13
192.243.59.13200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=56ce49a8-a96f-4b1d-83e2-bcef0b609864&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=46a446d94b4311a1b5b07a84968edb73&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=13
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=56ce49a8-a96f-4b1d-83e2-bcef0b609864&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=46a446d94b4311a1b5b07a84968edb73&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=13 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymous-links.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sun, 04 Dec 2022 13:20:55 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: afae2a4e4ab062da5e4745f0197907ea
Strict-Transport-Security: max-age=0; includeSubdomains
specialistinsensitive.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Fin-page_push%2Fos%2Fandroid%2F2%2Fcss%2Fanimate.css&l=79245&fd=351
192.243.59.12200 OK 0 B URL HTTP/1.1 specialistinsensitive.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Fin-page_push%2Fos%2Fandroid%2F2%2Fcss%2Fanimate.css&l=79245&fd=351
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Fin-page_push%2Fos%2Fandroid%2F2%2Fcss%2Fanimate.css&l=79245&fd=351 HTTP/1.1
Host: specialistinsensitive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymous-links.com/
Cookie: u_pl=16051846; uid_id2=56ce49a8-a96f-4b1d-83e2-bcef0b609864:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sun, 04 Dec 2022 13:20:56 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.35200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://anonymous-links.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:33:54 GMT
expires: Thu, 30 Nov 2023 19:33:54 GMT
cache-control: public, max-age=31536000
age: 323222
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
142.250.74.35200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15740, version 1.0\012- data
Hash b9c29351c46f3e8c8631c4002457f48a
e57e59c5780995ff2937ab2b511a769212974a87
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://anonymous-links.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:34:15 GMT
expires: Thu, 30 Nov 2023 19:34:15 GMT
cache-control: public, max-age=31536000
age: 323201
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
specialistinsensitive.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Fin-page_push%2Fos%2Fandroid%2F2%2Fjs%2Fscript.js&l=404&fd=362
192.243.59.12200 OK 0 B URL HTTP/1.1 specialistinsensitive.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Fin-page_push%2Fos%2Fandroid%2F2%2Fjs%2Fscript.js&l=404&fd=362
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Fin-page_push%2Fos%2Fandroid%2F2%2Fjs%2Fscript.js&l=404&fd=362 HTTP/1.1
Host: specialistinsensitive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymous-links.com/
Cookie: u_pl=16051846; uid_id2=56ce49a8-a96f-4b1d-83e2-bcef0b609864:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sun, 04 Dec 2022 13:20:56 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
specialistinsensitive.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRitTuLBeBBFDx6UOXhQcGe7p3tmegwSjDEazC%2BSSK7Wr94tt7qqqeqe3t1TMBByCLK5eZLeN5ssxiAGwZsgs14kIGY8hD24%2F4FelJw8yMwOjH6H%2Br5X7zu896publcHJERF9y%2Bdt5tKa7rcbYetN64pI2ztWxeutqKwHZ5oXVOml5xorU8PN3w7Crvt8M3WB5Kv2eVOGIVhFEatM8rJzK4vz1io4sEgag%2FCdtJpR90E6%2B7%2F2FcBPA0ghgfkRSgxeWb154dQfAyTf3ta%2BrXSFm%2B9n1ealtZhKHY%2FNmvG1gb5YsxcgMzszrdh%2FYSQL47Amt25A9jhztQBmJqQ4EkEZnbnMsGGdw%2BVMg1pwMRzqIdjSD2GomNwewNKPCYAF7hwESa%2Fd8G6mm4csnTKTsixp39B1RNy7PeXYPJvTmm13rpidVUqazzWswZqfQy1MkZR7aHcDKDqPfDyMyjxC1l%2Beg4m37notYUS%2B693e1wmA5ou0UEvW0pYJJbSWHaWGJdZyHrhIO0ls4iUGkNlY2i5BeqPovIBKhWgygJURYBc7Ldod5CFYT9jWRynCec8jjnvpj3RFXGSZiEqPvWwhbLYAtdb4O46Cncda%2BrO4%2BAPuOpH%2BNUGXgTwJcFQNKglQe0JakpQK4K6JKiHzV2hfcc394T2FYvmvTPvcTOy5co2vWvLFWnIdnFAXphl9%2FefN7Em91tJjyZJTwwSlsRRRCPWZWGfpsmgl0rB%2BjG8aqD8EVAfYFNNyLMf%2FoNCTcgRfx%2BM7sHrPXD1Mmj1Kmg96ndC0NVRkobYNN9RY81Gbiu%2FpJVZ821ucwjboCiPodwItvUBeWUmZ8A%2Bh%2BSPTv46enL8nWIH3DUoXINP1U8EK%2FrW6LKtyc5lW3vy8GJRqlxt0ukzXylpKY%2Fe%2F0hu1NaJs6f91lfv8ikxHR9clb48R41QZsWTr08pIaQ7Yx2X5Iez%2Fppklyq%2FeqpypirOXXrvzNm8cNJ7Zc0YVD3%2B5HlwNSHHzwezD%2Fza7SUoN4arGuTVIzIvKDsGL67DFwv13hI4vdhhRYC6akauwxaXWhFoucCUNfD%2FwWwxb%2FtbWHEBaHkDJm8wdA2GugHVW%2FDV0VFZuEcnf4tnBaaDEdMu2GHa6TuH0Xq13%2BpGiUxZ2udCMMlF1O%2FEaRyGHSGS%2FkBGA5R%2Bwm9%2F%2Bf2%2FAAAA%2F%2F8BAAD%2F%2F2Za7aOYBAAA
192.243.59.12200 OK 7 B URL HTTP/1.1 specialistinsensitive.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRitTuLBeBBFDx6UOXhQcGe7p3tmegwSjDEazC%2BSSK7Wr94tt7qqqeqe3t1TMBByCLK5eZLeN5ssxiAGwZsgs14kIGY8hD24%2F4FelJw8yMwOjH6H%2Br5X7zu896publcHJERF9y%2Bdt5tKa7rcbYetN64pI2ztWxeutqKwHZ5oXVOml5xorU8PN3w7Crvt8M3WB5Kv2eVOGIVhFEatM8rJzK4vz1io4sEgag%2FCdtJpR90E6%2B7%2F2FcBPA0ghgfkRSgxeWb154dQfAyTf3ta%2BrXSFm%2B9n1ealtZhKHY%2FNmvG1gb5YsxcgMzszrdh%2FYSQL47Amt25A9jhztQBmJqQ4EkEZnbnMsGGdw%2BVMg1pwMRzqIdjSD2GomNwewNKPCYAF7hwESa%2Fd8G6mm4csnTKTsixp39B1RNy7PeXYPJvTmm13rpidVUqazzWswZqfQy1MkZR7aHcDKDqPfDyMyjxC1l%2Beg4m37notYUS%2B693e1wmA5ou0UEvW0pYJJbSWHaWGJdZyHrhIO0ls4iUGkNlY2i5BeqPovIBKhWgygJURYBc7Ldod5CFYT9jWRynCec8jjnvpj3RFXGSZiEqPvWwhbLYAtdb4O46Cncda%2BrO4%2BAPuOpH%2BNUGXgTwJcFQNKglQe0JakpQK4K6JKiHzV2hfcc394T2FYvmvTPvcTOy5co2vWvLFWnIdnFAXphl9%2FefN7Em91tJjyZJTwwSlsRRRCPWZWGfpsmgl0rB%2BjG8aqD8EVAfYFNNyLMf%2FoNCTcgRfx%2BM7sHrPXD1Mmj1Kmg96ndC0NVRkobYNN9RY81Gbiu%2FpJVZ821ucwjboCiPodwItvUBeWUmZ8A%2Bh%2BSPTv46enL8nWIH3DUoXINP1U8EK%2FrW6LKtyc5lW3vy8GJRqlxt0ukzXylpKY%2Fe%2F0hu1NaJs6f91lfv8ikxHR9clb48R41QZsWTr08pIaQ7Yx2X5Iez%2Fppklyq%2FeqpypirOXXrvzNm8cNJ7Zc0YVD3%2B5HlwNSHHzwezD%2Fza7SUoN4arGuTVIzIvKDsGL67DFwv13hI4vdhhRYC6akauwxaXWhFoucCUNfD%2FwWwxb%2FtbWHEBaHkDJm8wdA2GugHVW%2FDV0VFZuEcnf4tnBaaDEdMu2GHa6TuH0Xq13%2BpGiUxZ2udCMMlF1O%2FEaRyGHSGS%2FkBGA5R%2Bwm9%2F%2Bf2%2FAAAA%2F%2F8BAAD%2F%2F2Za7aOYBAAA
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRitTuLBeBBFDx6UOXhQcGe7p3tmegwSjDEazC%2BSSK7Wr94tt7qqqeqe3t1TMBByCLK5eZLeN5ssxiAGwZsgs14kIGY8hD24%2F4FelJw8yMwOjH6H%2Br5X7zu896publcHJERF9y%2Bdt5tKa7rcbYetN64pI2ztWxeutqKwHZ5oXVOml5xorU8PN3w7Crvt8M3WB5Kv2eVOGIVhFEatM8rJzK4vz1io4sEgag%2FCdtJpR90E6%2B7%2F2FcBPA0ghgfkRSgxeWb154dQfAyTf3ta%2BrXSFm%2B9n1ealtZhKHY%2FNmvG1gb5YsxcgMzszrdh%2FYSQL47Amt25A9jhztQBmJqQ4EkEZnbnMsGGdw%2BVMg1pwMRzqIdjSD2GomNwewNKPCYAF7hwESa%2Fd8G6mm4csnTKTsixp39B1RNy7PeXYPJvTmm13rpidVUqazzWswZqfQy1MkZR7aHcDKDqPfDyMyjxC1l%2Beg4m37notYUS%2B693e1wmA5ou0UEvW0pYJJbSWHaWGJdZyHrhIO0ls4iUGkNlY2i5BeqPovIBKhWgygJURYBc7Ldod5CFYT9jWRynCec8jjnvpj3RFXGSZiEqPvWwhbLYAtdb4O46Cncda%2BrO4%2BAPuOpH%2BNUGXgTwJcFQNKglQe0JakpQK4K6JKiHzV2hfcc394T2FYvmvTPvcTOy5co2vWvLFWnIdnFAXphl9%2FefN7Em91tJjyZJTwwSlsRRRCPWZWGfpsmgl0rB%2BjG8aqD8EVAfYFNNyLMf%2FoNCTcgRfx%2BM7sHrPXD1Mmj1Kmg96ndC0NVRkobYNN9RY81Gbiu%2FpJVZ821ucwjboCiPodwItvUBeWUmZ8A%2Bh%2BSPTv46enL8nWIH3DUoXINP1U8EK%2FrW6LKtyc5lW3vy8GJRqlxt0ukzXylpKY%2Fe%2F0hu1NaJs6f91lfv8ikxHR9clb48R41QZsWTr08pIaQ7Yx2X5Iez%2Fppklyq%2FeqpypirOXXrvzNm8cNJ7Zc0YVD3%2B5HlwNSHHzwezD%2Fza7SUoN4arGuTVIzIvKDsGL67DFwv13hI4vdhhRYC6akauwxaXWhFoucCUNfD%2FwWwxb%2FtbWHEBaHkDJm8wdA2GugHVW%2FDV0VFZuEcnf4tnBaaDEdMu2GHa6TuH0Xq13%2BpGiUxZ2udCMMlF1O%2FEaRyGHSGS%2FkBGA5R%2Bwm9%2F%2Bf2%2FAAAA%2F%2F8BAAD%2F%2F2Za7aOYBAAA HTTP/1.1
Host: specialistinsensitive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymous-links.com/
Cookie: u_pl=16051846; uid_id2=56ce49a8-a96f-4b1d-83e2-bcef0b609864:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sun, 04 Dec 2022 13:20:56 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 0edf32d87a81baa532b5a4055af71afe
Strict-Transport-Security: max-age=0; includeSubdomains
specialistinsensitive.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Fin-page_push%2Fos%2Fandroid%2F2%2Fcss%2Fstyle.css&l=4716&fd=382
192.243.59.12200 OK 0 B URL HTTP/1.1 specialistinsensitive.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Fin-page_push%2Fos%2Fandroid%2F2%2Fcss%2Fstyle.css&l=4716&fd=382
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fssp%2Fin-page_push%2Fos%2Fandroid%2F2%2Fcss%2Fstyle.css&l=4716&fd=382 HTTP/1.1
Host: specialistinsensitive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymous-links.com/
Cookie: u_pl=16051846; uid_id2=56ce49a8-a96f-4b1d-83e2-bcef0b609864:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sun, 04 Dec 2022 13:20:56 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
specialistinsensitive.com/pixel/sbs?c=1
192.243.59.12200 OK 0 B URL HTTP/1.1 specialistinsensitive.com/pixel/sbs?c=1
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbs?c=1 HTTP/1.1
Host: specialistinsensitive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymous-links.com/
Cookie: u_pl=16051846; uid_id2=56ce49a8-a96f-4b1d-83e2-bcef0b609864:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sun, 04 Dec 2022 13:20:56 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
cdn.creative-bars1.com/sb/ssp/in-page_push/os/android/2/js/script.js
172.64.109.13200 OK 669 B URL HTTP/2 cdn.creative-bars1.com/sb/ssp/in-page_push/os/android/2/js/script.js
IP 172.64.109.13:0
Hash be83c3f0577d1d5e1f035a1c2bdbfacd
2a19cde3922b6ac059bc8977d1e8b3b264a20282
730cd0871cffb9bc00ec3488caca380669dfcd1f18035f1236fbbb6340b1b785
GET /sb/ssp/in-page_push/os/android/2/js/script.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anonymous-links.com
Connection: keep-alive
Referer: https://anonymous-links.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 13:20:55 GMT
content-type: application/javascript
last-modified: Wed, 11 May 2022 09:01:04 GMT
etag: W/"627b7b50-194"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZS0DEe2RvsZv5243sM7I9uaoVArtzUFzt7B%2BmMdkFzsnhPAgzCYqxNfiLhii%2Bgo%2B6T%2BIzL1AEvmLt8%2BwxToK7KdFAYG8XeptLJ5ceWZnDNJr%2Ft4O46Ey%2BMDkIbGx0KTesCDx7NSB1Jns"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7744d79c587a7467-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
tpc.googlesyndication.com/sodar/sodar2.js
172.217.21.161200 OK 6.4 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2.js
IP 172.217.21.161:0
File type ASCII text, with very long lines (1321)
Hash ac906814ed812c4ecdbb624a3bd2f6c3
8e4547eaffaa66a1ee61b36028dbcd7091d0e7de
8ab8cef6156022c4547455defd8252b48b6bcb8b734072849345bb99758705fe
GET /sodar/sodar2.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymous-links.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 6386
date: Sun, 04 Dec 2022 13:20:56 GMT
expires: Sun, 04 Dec 2022 13:20:56 GMT
cache-control: private, max-age=3000
etag: "1637097310169751"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tpc.googlesyndication.com/sodar/sodar2/225/runner.html
172.217.21.161200 OK 5.0 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2/225/runner.html
IP 172.217.21.161:0
File type HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2020)
Hash f530c16b248be97e10df228df6a41c24
ca3c3a38bbeef6906682b3e0b2a7be40c08b0925
f45287dcfd79a2411e79f98c834c6f7eff8a281a9b4fdba0124be9d204987786
GET /sodar/sodar2/225/runner.html HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymous-links.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Dec 2022 15:08:26 GMT
expires: Fri, 01 Dec 2023 15:08:26 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 252750
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Nunito
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Nunito
IP 142.250.74.106:0
GET /css?family=Nunito HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymous-links.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 04 Dec 2022 13:20:52 GMT
date: Sun, 04 Dec 2022 13:20:52 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
friendshipmale.com/sfp.js
172.64.162.31200 OK 0 B URL HTTP/2 friendshipmale.com/sfp.js
IP 172.64.162.31:0
GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://anonymous-links.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 13:20:53 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: ce75c2b0b841577074b4ab43715ed2cf
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Sun, 04 Dec 2022 13:20:53 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XsjnvmV2SCezglrYI8ZgVGfq7T6YcbkK7bswe5BF0Ifql%2BwZxBlbxkUVO%2FBGXB%2B95uzTTxRIm%2BF%2FMHE9QGVIang%2B4yjkVqlDFUtYh55UmQphcYA2E2A8AMvI66R1umi7wmFs%2BQs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7744d7907c0d88a4-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/ssp/in-page_push/os/android/2/css/animate.css
172.64.109.13200 OK 0 B URL HTTP/2 cdn.creative-bars1.com/sb/ssp/in-page_push/os/android/2/css/animate.css
IP 172.64.109.13:0
GET /sb/ssp/in-page_push/os/android/2/css/animate.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anonymous-links.com
Connection: keep-alive
Referer: https://anonymous-links.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 13:20:55 GMT
content-type: text/css
last-modified: Wed, 11 May 2022 09:01:02 GMT
etag: W/"627b7b4e-1358d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9CKOG4%2Bon4eOVGYLONghDOmLGWyDG7wPjEzXIxjqkGXX9o%2B%2BbMsQF5nd8ACRMylcZWOsT698uWAJpcsML5h3UIuobmSF6iDM8t5E9MoT4G%2F1OYnfCA%2BnzeXX%2BVBNzZyGyM8NPUalIHvZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7744d79c283b7467-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/ssp/in-page_push/os/android/2/css/style.css
172.64.109.13200 OK 0 B URL HTTP/2 cdn.creative-bars1.com/sb/ssp/in-page_push/os/android/2/css/style.css
IP 172.64.109.13:0
GET /sb/ssp/in-page_push/os/android/2/css/style.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://anonymous-links.com
Connection: keep-alive
Referer: https://anonymous-links.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 13:20:55 GMT
content-type: text/css
last-modified: Wed, 11 May 2022 09:01:01 GMT
etag: W/"627b7b4d-126c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nqq6BelbYNhvp%2B5PD%2FvOkAhmbF95Os%2BDW5hZQuu9uhkKv45zn4m1LynuSYFvn8u%2BCnWz5UObPluXzozBzIfHY0namZg9El1RsYnhlikuB%2FiEaTB6io5IF9qSoPKfgT3FYe8GvXJT%2F1eD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7744d79c58837467-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
anonymous-links.com/l/c3504431-24e6-4db8-bf9a-bd0202910253
172.67.159.137200 OK 0 B URL HTTP/2 anonymous-links.com/l/c3504431-24e6-4db8-bf9a-bd0202910253
IP 172.67.159.137:0
GET /l/c3504431-24e6-4db8-bf9a-bd0202910253 HTTP/1.1
Host: anonymous-links.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Sun, 04 Dec 2022 13:20:52 GMT
content-type: text/html; charset=UTF-8
cache-control: no-cache, private
set-cookie: XSRF-TOKEN=eyJpdiI6IkdCNGg1YlRLWEkrclNRNlJQdmV4MUE9PSIsInZhbHVlIjoieXo0aWwvKzB1WmVRaGNsY0JabzEvZlRyaUxMYUs4WkNhN1RXdmdVRSt5SW1SS2E4VythY29JTEt3QS9DeVcyMkJQdnd3VnRVNFFWU0R6MTJkUVZHWDVJRk1GVlh0ZzhrRlJTeUpVTGtnN2RGYWxKeXVCMEZzS29YemE0Nk1ER1kiLCJtYWMiOiI1M2M4NGEzOTU2YzA1ODZhZjljYmYxNDY0NGZmYmMxMzIyZjIyMTRlNTNmNzBmNGQ4YjkzMjhmZjZjY2MxZWFhIiwidGFnIjoiIn0%3D; expires=Sun, 04 Dec 2022 15:20:52 GMT; Max-Age=7200; path=/
anonymous_links_session=eyJpdiI6IjFRbnVLS2hpRThsaWdmdE9ZeVZ0ZlE9PSIsInZhbHVlIjoicmVqUFJQNDJOWE43NlphMUhFbFc5YU1Ud3IzK2ZTamJJMHFiLzFPdndxMDYvVUlWbnZHZURjOVVYM0t2ZjNqZEQrckZUUTlqZ0RNMkhZd3BhUmJCQU5vTFJrUDFEckdxa3NjSHZIWWxiWEp5VS9BSEVRK1F4aWJQcGFGZitzaEYiLCJtYWMiOiJhMzRmYzg5ZmU4NWYyZjkyMWNmMDRjOTYyZGY0ODkyNWY5YWVhY2NhNjYwMWQyNWI0YzY3Mjk3ZWUzODFhNjdmIiwidGFnIjoiIn0%3D; expires=Sun, 04 Dec 2022 15:20:52 GMT; Max-Age=7200; path=/; httponly
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hdi6PN3BTEmjc6oIoKAwqjQrgXqqrBwkjIst%2F%2FnCu5fesHwEOb5tGElxCWCsCo7OG8HP7%2F5%2F69SZiziCLPQao2fJ9wStYzElikGchFGaunD4EW1rP1Di47s7Ny%2FL3rzpg2TQpZkM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7744d785cb73b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2