r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7181eff9c60e83eb0004ece591e47dca
0fd8cd0c9d10b0547938982e57d2c43e2d98679f
89c5c0e2d6890798644174a8e31976aec03a1b3deb03812afbb520e5ed68f522
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "89C5C0E2D6890798644174A8E31976AEC03A1B3DEB03812AFBB520E5ED68F522"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2447
Expires: Thu, 08 Dec 2022 07:13:58 GMT
Date: Thu, 08 Dec 2022 06:33:11 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 388f6fea5bafa378266622b72311a6ee
447f102dc12172ce1ba44c5e94e1d7bb49d43372
a597afb4d4f7f3c82f0f2857322226fc69dc92e099bfd0605f7a0cd562be9d21
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A597AFB4D4F7F3C82F0F2857322226FC69DC92E099BFD0605F7A0CD562BE9D21"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4945
Expires: Thu, 08 Dec 2022 07:55:36 GMT
Date: Thu, 08 Dec 2022 06:33:11 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 00e7703bd74975689fc9050356aaca6b
9788fe6a36d6f278e8da329ebc5dd87bcd212317
593bc437ff8a8233516c62613d50220fcb25b9f967ed5fb384c253f0db135103
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "593BC437FF8A8233516C62613D50220FCB25B9F967ED5FB384C253F0DB135103"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13579
Expires: Thu, 08 Dec 2022 10:19:30 GMT
Date: Thu, 08 Dec 2022 06:33:11 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 08 Dec 2022 06:08:09 GMT
content-type: application/json
age: 1502
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 5UtZ9RwFgvxhEgPYDydojep0exWuqU5oYqPUe4+BD1c5qREx8JO/4BZJalAKcMtLGNFEu3AVdDA=
x-amz-request-id: 15BW95QZG6NSJRB5
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 08 Dec 2022 05:49:40 GMT
age: 2611
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 06:33:11 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
kittyland.ws/
103.109.100.248200 OK 8.0 kB IP 103.109.100.248:0
ASN #206264 Amarutu Technology Ltd
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1144), with CRLF, LF line terminators
Hash b614ff079d26eb9a6fbbae091ce69267
ba8d774b28f7c3949e7a568eaafa551e655191ee
3792e60f906f71c963ddaa5ee8ac505fa9d7b818ce0f61f215f7d1ecacc91222
GET / HTTP/1.1
Host: kittyland.ws
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Dec 2022 06:33:11 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 8001
Connection: keep-alive
Set-Cookie: mybb[lastvisit]=1670481191; expires=Fri, 08-Dec-2023 06:33:11 GMT; path=/; domain=.kittyland.ws
mybb[lastactive]=1670481191; expires=Fri, 08-Dec-2023 06:33:11 GMT; path=/; domain=.kittyland.ws
sid=20f28b08d00b024603cedd118e12b958; path=/; domain=.kittyland.ws; HttpOnly
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PHP/7.0.33, PleskLin
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 6ec5f6261a8262e9f94b29627f54cefe
7ac766cf2ac8c2d960ec033388a767ff8a7d45e2
5f6ee11d840909fc5272c2c32f7874d55f49d831abc88d527e35562d218890f9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 06:33:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash c7a5f887bbc7d30b9cfe15163c3d8ddb
21d65790a1d10a06d198b54218365aa474126e1c
2a2e7930f967d947cc5293c95221913e24596773577bbf56ff402db6236bbda1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 06:33:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=UA-135448172-1
172.217.21.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-135448172-1
IP 172.217.21.168:0
File type ASCII text, with very long lines (1921)
Hash 35958b4b87f066cabbffa078d3f6c9a4
5bd5932dff68367e1043bf2eec76d0a3e4cb3494
70dc48225a18d286333cfca2822eff76bef403bceef0b3cf447eec5ebd6b17a0
GET /gtag/js?id=UA-135448172-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kittyland.ws/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 08 Dec 2022 06:33:11 GMT
expires: Thu, 08 Dec 2022 06:33:11 GMT
cache-control: private, max-age=900
last-modified: Thu, 08 Dec 2022 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43635
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 61e3d9d6a1d8215a72262cabeeba48a7
9bae804c95bc7930bfd4223c01eaecd249f56f59
194e20346762205c87deb74d2f1b2ff6143fbdf3ce3542dc4049f7071a03ac89
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5273
Cache-Control: max-age=111693
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 06:33:11 GMT
Etag: "639081db-117"
Expires: Fri, 09 Dec 2022 13:34:44 GMT
Last-Modified: Wed, 07 Dec 2022 12:06:51 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 6ec5f6261a8262e9f94b29627f54cefe
7ac766cf2ac8c2d960ec033388a767ff8a7d45e2
5f6ee11d840909fc5272c2c32f7874d55f49d831abc88d527e35562d218890f9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 06:33:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash c7a5f887bbc7d30b9cfe15163c3d8ddb
21d65790a1d10a06d198b54218365aa474126e1c
2a2e7930f967d947cc5293c95221913e24596773577bbf56ff402db6236bbda1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 06:33:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 08 Dec 2022 06:07:58 GMT
age: 1513
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 61e3d9d6a1d8215a72262cabeeba48a7
9bae804c95bc7930bfd4223c01eaecd249f56f59
194e20346762205c87deb74d2f1b2ff6143fbdf3ce3542dc4049f7071a03ac89
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5273
Cache-Control: max-age=111693
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 06:33:11 GMT
Etag: "639081db-117"
Expires: Fri, 09 Dec 2022 13:34:44 GMT
Last-Modified: Wed, 07 Dec 2022 12:06:51 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 053aff7451e55d4269dd9610ab070f3f
b3376256d11d159b0c7280ba1515b78d7d9e12ca
24114ca560fe70d03185bd66985603fd5a03dc310aa9a8ea7a7b3723ed46ce3e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6052
Cache-Control: max-age=101670
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 06:33:12 GMT
Etag: "639057aa-1d7"
Expires: Fri, 09 Dec 2022 10:47:42 GMT
Last-Modified: Wed, 07 Dec 2022 09:06:50 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471
kittyland.ws/jscripts/jquery.plugins.min.js?ver=1820
103.109.100.248200 OK 24 kB URL HTTP/1.1 kittyland.ws/jscripts/jquery.plugins.min.js?ver=1820
IP 103.109.100.248:0
ASN #206264 Amarutu Technology Ltd
File type ASCII text, with very long lines (23521), with no line terminators
Hash e94aaa8d2ae5c69287d9f693a3134d15
36b5272e62b12eec3e8345a68350369e61b875e0
8c18ebcc8fdcbc4296e86684bf4d6c668aaa415cad2c3be0c1304a9d69eb8b81
GET /jscripts/jquery.plugins.min.js?ver=1820 HTTP/1.1
Host: kittyland.ws
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kittyland.ws/
Cookie: mybb[lastvisit]=1670481191; mybb[lastactive]=1670481191; sid=20f28b08d00b024603cedd118e12b958
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Dec 2022 06:33:11 GMT
Content-Type: application/javascript
Content-Length: 23521
Last-Modified: Fri, 13 Sep 2019 05:35:18 GMT
Connection: keep-alive
ETag: "5d7b2a96-5be1"
X-Powered-By: PleskLin
Accept-Ranges: bytes
kittyland.ws/cache/themes/theme11/navigation.css
103.109.100.248200 OK 3.4 kB URL HTTP/1.1 kittyland.ws/cache/themes/theme11/navigation.css
IP 103.109.100.248:0
ASN #206264 Amarutu Technology Ltd
File type ASCII text, with CRLF, LF line terminators
Hash 2b523c4d47e4511121bba561171d6d8b
105723ef6ac00beb388ec1f370bde9dd173f04d2
fb303efa70a1cbf2218c2abf30a3319ab1bb9665f815f86d859922ded0554149
GET /cache/themes/theme11/navigation.css HTTP/1.1
Host: kittyland.ws
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kittyland.ws/
Cookie: mybb[lastvisit]=1670481191; mybb[lastactive]=1670481191; sid=20f28b08d00b024603cedd118e12b958
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Dec 2022 06:33:12 GMT
Content-Type: text/css
Content-Length: 3356
Last-Modified: Sun, 15 Sep 2019 16:30:26 GMT
Connection: keep-alive
ETag: "5d7e6722-d1c"
X-Powered-By: PleskLin
Accept-Ranges: bytes
kittyland.ws/cache/themes/theme11/css3.css
103.109.100.248200 OK 3.3 kB URL HTTP/1.1 kittyland.ws/cache/themes/theme11/css3.css
IP 103.109.100.248:0
ASN #206264 Amarutu Technology Ltd
File type ASCII text, with CRLF, LF line terminators
Hash 10aab34a1453c64b284046a6e9a3ecdb
a63e194e84887b8e1643548507fc9018dd186c6d
b7e527ffd36053b01ec0deffafea3079546d5cd50c41a7b94f9be45013c96a27
GET /cache/themes/theme11/css3.css HTTP/1.1
Host: kittyland.ws
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kittyland.ws/
Cookie: mybb[lastvisit]=1670481191; mybb[lastactive]=1670481191; sid=20f28b08d00b024603cedd118e12b958
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Dec 2022 06:33:12 GMT
Content-Type: text/css
Content-Length: 3264
Last-Modified: Sat, 14 Sep 2019 01:13:38 GMT
Connection: keep-alive
ETag: "5d7c3ec2-cc0"
X-Powered-By: PleskLin
Accept-Ranges: bytes
terminusbedsexchanged.com/a2/89/ce/a289cea0efc01ecc6d483b54b6e14570.js
192.243.59.12200 OK 17 kB URL HTTP/1.1 terminusbedsexchanged.com/a2/89/ce/a289cea0efc01ecc6d483b54b6e14570.js
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with very long lines (53755), with no line terminators
Hash 12baa973a758411fc0e6816df0d0cb0d
ac60da1025d0f01fb25642d8b78fa574aab2c941
b491bef926e823d8355809327bdbe57ed2519f8fd762df70b5ffae31a54c2567
GET /a2/89/ce/a289cea0efc01ecc6d483b54b6e14570.js HTTP/1.1
Host: terminusbedsexchanged.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kittyland.ws/
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Thu, 08 Dec 2022 06:33:12 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: e4c1505239b28f1cd88cf4bbde57079a
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
fonts.googleapis.com/css?family=Lobster
142.250.74.106200 OK 475 B URL HTTP/2 fonts.googleapis.com/css?family=Lobster
IP 142.250.74.106:0
Hash 052078379486febdd7abd6cccd23933d
c738cfc95d8be90b950511799c3695e7671b0ed8
39c9062d6c0e08b5b81bf49b953f6dcac7cfec6f5150632cdde96e2904e5f7bb
GET /css?family=Lobster HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kittyland.ws/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 08 Dec 2022 06:33:11 GMT
date: Thu, 08 Dec 2022 06:33:11 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
kittyland.ws/cache/themes/theme11/color_green.css
103.109.100.248200 OK 1.5 kB URL HTTP/1.1 kittyland.ws/cache/themes/theme11/color_green.css
IP 103.109.100.248:0
ASN #206264 Amarutu Technology Ltd
File type ASCII text, with CRLF line terminators
Hash 2ebe5c4b1f87556173fcd89cbccdfd64
f942af7effe01b85eb5e62cdb28ab435e4cff737
291e20afe6ad5201c5129f0129fdb8b40c42725fcb4b8732c4225e50a29a49fe
GET /cache/themes/theme11/color_green.css HTTP/1.1
Host: kittyland.ws
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kittyland.ws/
Cookie: mybb[lastvisit]=1670481191; mybb[lastactive]=1670481191; sid=20f28b08d00b024603cedd118e12b958
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Dec 2022 06:33:12 GMT
Content-Type: text/css
Content-Length: 1463
Last-Modified: Sun, 15 Sep 2019 16:31:06 GMT
Connection: keep-alive
ETag: "5d7e674a-5b7"
X-Powered-By: PleskLin
Accept-Ranges: bytes
kittyland.ws/jscripts/general.js?ver=1817
103.109.100.248200 OK 14 kB URL HTTP/1.1 kittyland.ws/jscripts/general.js?ver=1817
IP 103.109.100.248:0
ASN #206264 Amarutu Technology Ltd
File type ASCII text, with very long lines (322)
Hash 1ceee3d93269eec42d3deeff783f2b87
cabe55334c28136b5c8cc843c1fc2caed2666130
a67789463ec702f1ad2f23abedd1eab92965b6b6c97c061702c9b87c1370e004
GET /jscripts/general.js?ver=1817 HTTP/1.1
Host: kittyland.ws
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kittyland.ws/
Cookie: mybb[lastvisit]=1670481191; mybb[lastactive]=1670481191; sid=20f28b08d00b024603cedd118e12b958
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Dec 2022 06:33:12 GMT
Content-Type: application/javascript
Content-Length: 14480
Last-Modified: Fri, 13 Sep 2019 05:35:20 GMT
Connection: keep-alive
ETag: "5d7b2a98-3890"
X-Powered-By: PleskLin
Accept-Ranges: bytes
kittyland.ws/cache/themes/theme11/global.css
103.109.100.248200 OK 36 kB URL HTTP/1.1 kittyland.ws/cache/themes/theme11/global.css
IP 103.109.100.248:0
ASN #206264 Amarutu Technology Ltd
File type ASCII text, with CRLF line terminators
Hash 21ba6b824cebc1f0139885c11bc712d7
3d8dd1386f8919c2f81012095f65685150dd1acd
49aa06230cabf9a720dc98c17573c301a7f0ef032a08359479e7f09dd5a192ad
GET /cache/themes/theme11/global.css HTTP/1.1
Host: kittyland.ws
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kittyland.ws/
Cookie: mybb[lastvisit]=1670481191; mybb[lastactive]=1670481191; sid=20f28b08d00b024603cedd118e12b958
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Dec 2022 06:33:12 GMT
Content-Type: text/css
Content-Length: 36334
Last-Modified: Thu, 17 Oct 2019 15:49:01 GMT
Connection: keep-alive
ETag: "5da88d6d-8dee"
X-Powered-By: PleskLin
Accept-Ranges: bytes
kittyland.ws/jscripts/jquery.js?ver=1820
103.109.100.248200 OK 97 kB URL HTTP/1.1 kittyland.ws/jscripts/jquery.js?ver=1820
IP 103.109.100.248:0
ASN #206264 Amarutu Technology Ltd
File type ASCII text, with very long lines (32077)
Hash 4f252523d4af0b478c810c2547a63e19
5a9dcfbef655a2668e78baebeaa8dc6f41d8dabb
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
GET /jscripts/jquery.js?ver=1820 HTTP/1.1
Host: kittyland.ws
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kittyland.ws/
Cookie: mybb[lastvisit]=1670481191; mybb[lastactive]=1670481191; sid=20f28b08d00b024603cedd118e12b958
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Dec 2022 06:33:11 GMT
Content-Type: application/javascript
Content-Length: 97163
Last-Modified: Fri, 13 Sep 2019 05:35:20 GMT
Connection: keep-alive
ETag: "5d7b2a98-17b8b"
X-Powered-By: PleskLin
Accept-Ranges: bytes
kittyland.ws/2eddb609da.php
103.109.100.248200 OK 1.4 kB URL HTTP/1.1 kittyland.ws/2eddb609da.php
IP 103.109.100.248:0
ASN #206264 Amarutu Technology Ltd
File type ASCII text, with very long lines (9878), with no line terminators
Hash bc0c9c8c92beca59a06144a3ab898222
a9231f355ba33f98d6bd8f279c24d932d08b2085
3818821cc44027553de3ecddefa3d7e8c0b4e5ce9f18d391d0db705af3cf9872
GET /2eddb609da.php HTTP/1.1
Host: kittyland.ws
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kittyland.ws/
Cookie: mybb[lastvisit]=1670481191; mybb[lastactive]=1670481191; sid=20f28b08d00b024603cedd118e12b958
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Dec 2022 06:33:12 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 1409
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PHP/7.0.33, PleskLin
i.imgur.com/DcHg2p9.jpg
151.101.244.193200 OK 34 kB IP 151.101.244.193:0
File type JPEG image data, progressive, precision 8, 468x60, components 3\012- data
Hash 2a79130b4ba1136e696b4b36f115b29c
eb8658ab5b046ed3b1e7baf10df40bd2b28c750f
a91f53939225509f2d1c7a0ae49ad3bed703746e26605dfcd15a67477c79fa24
GET /DcHg2p9.jpg HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kittyland.ws/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Sat, 23 Oct 2021 00:58:56 GMT
etag: "2a79130b4ba1136e696b4b36f115b29c"
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Thu, 08 Dec 2022 06:33:12 GMT
age: 15811885
x-served-by: cache-iad-kiad7000096-IAD, cache-hel1410024-HEL
x-cache: HIT, HIT
x-cache-hits: 8, 94
x-timer: S1670481193.603932,VS0,VE0
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 33958
X-Firefox-Spdy: h2
i.imgur.com/eGAPiV3.jpg
151.101.244.193200 OK 30 kB IP 151.101.244.193:0
File type JPEG image data, progressive, precision 8, 468x60, components 3\012- data
Hash d9897ee1e7b8410064cfeda76e85f00a
9a7748d890f28d678ee285d03bc4bf965feb3aee
8ffa5f10a26db6f85fb5a4a0ade16389cca0d63f2e341388036b5fde1c0f19d1
GET /eGAPiV3.jpg HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kittyland.ws/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Thu, 23 Jul 2020 00:59:14 GMT
etag: "d9897ee1e7b8410064cfeda76e85f00a"
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Thu, 08 Dec 2022 06:33:12 GMT
age: 2484055
x-served-by: cache-iad-kcgs7200149-IAD, cache-hel1410024-HEL
x-cache: HIT, HIT
x-cache-hits: 31016, 7
x-timer: S1670481193.606464,VS0,VE0
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 30540
X-Firefox-Spdy: h2
i.imgur.com/QMlh9xK.png
151.101.244.193200 OK 98 kB IP 151.101.244.193:0
File type PNG image data, 728 x 90, 8-bit/color RGBA, non-interlaced\012- data
Hash 4372b0d9947e29db3cb5e6f3f06beb80
ee5bd644788d39f97966fbe23b82a4f93f25823e
217234b460c615adc8f4863a1764b250145ee21db520699acb1419d95a76df2b
GET /QMlh9xK.png HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kittyland.ws/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Mon, 26 Sep 2022 17:51:05 GMT
etag: "4372b0d9947e29db3cb5e6f3f06beb80"
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Thu, 08 Dec 2022 06:33:12 GMT
age: 2048929
x-served-by: cache-iad-kiad7000047-IAD, cache-hel1410024-HEL
x-cache: HIT, HIT
x-cache-hits: 19725, 2
x-timer: S1670481193.607619,VS0,VE0
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 98245
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 0e9eef4ed41ef94e9ea175ad243e294e
b6f83e508270413dabe55e2884b5409ca7978e24
0e741ca8d92717128bca7aed937bca43519a8d20a9d3dd8670da656ad51a695e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 06:33:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
parchedscrew.pro/c.D/9y6/bS2/5Pl-SlWKQQ9nNFD_Et3/MtzLIk3GMUwP
188.72.219.36301 Moved Permanently 162 B URL HTTP/1.1 parchedscrew.pro/c.D/9y6/bS2/5Pl-SlWKQQ9nNFD_Et3/MtzLIk3GMUwP
IP 188.72.219.36:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
Analyzer Verdict Alert quad9 Sinkholed
GET /c.D/9y6/bS2/5Pl-SlWKQQ9nNFD_Et3/MtzLIk3GMUwP HTTP/1.1
Host: parchedscrew.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kittyland.ws/
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 08 Dec 2022 06:33:12 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://parchedscrew.pro/c.D/9y6/bS2/5Pl-SlWKQQ9nNFD_Et3/MtzLIk3GMUwP
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Content-Type-Options: nosniff
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7a21a0bd01f6c3236151d87e87c520f8
19a7d8935147b1af26b9810011910a00a2742633
b4d01ae4644b8433f09d140e6c6e390d8b7b073c0a9468dc852faef81b7fbb42
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B4D01AE4644B8433F09D140E6C6E390D8B7B073C0A9468DC852FAEF81B7FBB42"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5843
Expires: Thu, 08 Dec 2022 08:10:35 GMT
Date: Thu, 08 Dec 2022 06:33:12 GMT
Connection: keep-alive
fonts.gstatic.com/s/lobster/v28/neILzCirqoswsqX9zoKmMw.woff2
142.250.74.35200 OK 33 kB URL HTTP/2 fonts.gstatic.com/s/lobster/v28/neILzCirqoswsqX9zoKmMw.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 33436, version 1.0\012- data
Hash b9b4c932ef89c39525bfe1b604cda3a1
767246e4c7df1b6c32f590c16c135808382b1aba
9a932e49823b59769330d1ce8ef9f1b90e5ae8ecd5f2bb388d19bf684cdb7ebd
GET /s/lobster/v28/neILzCirqoswsqX9zoKmMw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://kittyland.ws
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 33436
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Dec 2022 17:49:38 GMT
expires: Wed, 06 Dec 2023 17:49:38 GMT
cache-control: public, max-age=31536000
age: 132214
last-modified: Tue, 26 Apr 2022 15:01:13 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/UPLqyfpVwpM
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/UPLqyfpVwpM
IP 142.250.74.131:0
Hash 3d9140900e94f0b2caf9ce9c783a3d9c
ea8086d5230e09400458a77c3043e8ce30b48014
b033fbd1f0b630d5fa36685042f33dedbe8ee1a77a4b0a06cd477a3fa5e1dfb0
POST /s/gts1p5/UPLqyfpVwpM HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 06:33:12 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
use.fontawesome.com/releases/v5.5.0/webfonts/fa-solid-900.woff2
172.64.133.15200 OK 74 kB URL HTTP/2 use.fontawesome.com/releases/v5.5.0/webfonts/fa-solid-900.woff2
IP 172.64.133.15:0
File type Web Open Font Format (Version 2), TrueType, length 73852, version 1.0\012- data
Hash fb493903265cad425ccdf8e04fc2de61
fef2f08d60e907750df0bc41ce64a7139642ddf0
7798165ee5a3c6809310d8261dcbe7c8d0c12d795b7b09a71af3eb86ec8f33f2
GET /releases/v5.5.0/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://kittyland.ws
Connection: keep-alive
Referer: https://use.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 08 Dec 2022 06:33:12 GMT
content-type: font/woff2
content-length: 73852
x-amz-id-2: NcVVWRcP6ZfjYXyJItBqRJTpEbB9ftFwu3pavtfDPG7ufHwsJSJlqYo4LB5NLNKwiyGAHmMC1nQ=
x-amz-request-id: VAFCPTQNPG56AB61
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:43:51 GMT
etag: "fb493903265cad425ccdf8e04fc2de61"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 983428
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nl%2BOiwFTukD2IHu%2BYWdN0W%2BDlIYrogl5AaWKZnmRSTPaQHfmKdHigmVv1YAkSm5SnxrQ4eGjHI%2BFpcElaMsWoafVXDQMkOpVx4r2ffajp3u%2BH8vSVTcqNgJR3z7EUwIZMEib2Lrz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 776377de3a4a7777-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 0e9eef4ed41ef94e9ea175ad243e294e
b6f83e508270413dabe55e2884b5409ca7978e24
0e741ca8d92717128bca7aed937bca43519a8d20a9d3dd8670da656ad51a695e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 06:33:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
addresseepaper.com/sfp.js
34.160.73.230200 OK 2.6 kB URL HTTP/1.1 addresseepaper.com/sfp.js
IP 34.160.73.230:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2551), with no line terminators
Hash 41f66bb0ac50f2d851236170e7c71341
59bcec216302151922219b51be8ad8ab6d0b8384
ec99cca58b612ce268e6ada818dfcec0acc22dd1bbe372487be9abbdd07ce073
GET /sfp.js HTTP/1.1
Host: addresseepaper.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kittyland.ws/
HTTP/1.1 200 OK
Server: openresty
Date: Thu, 08 Dec 2022 06:33:12 GMT
Content-Type: text/html
Content-Length: 2551
Last-Modified: Tue, 06 Dec 2022 22:15:37 GMT
ETag: "638fbf09-9f7"
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_ksH1sTc9EjXCmWZup74uFSR+dkwy0KAqHyDjqCX5+b0zeGjsBDwHGeUXqHO1YTnGXNMqi9DZqRg/7nsDREvaAw
Cache-Control: no-cache
X-Content-Type-Options: nosniff
Set-Cookie: caf_ipaddr=91.90.42.154;Path=/;Max-Age=86400;
country=NO;Path=/;Max-Age=86400;
city="";Path=/;Max-Age=86400;
expiry_partner=enom.EXPIRED.305E185C-5D0C-4AD0-86FE-5F99F413CC83;Path=/;Max-Age=86400;
Accept-Ranges: bytes
Via: 1.1 google
primejb.top/images/banner.jpg
188.114.96.1200 OK 46 kB URL HTTP/2 primejb.top/images/banner.jpg
IP 188.114.96.1:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=81, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=640], progressive, precision 8, 468x60, components 3\012- data
Hash 4c0a26a7c2f61094bc42b21d93f577a1
9f8ea928bb5487d4401784f1defddbb4f6a40ce3
d6e84160752fc3634eb3dc68f6ab8c682dc206ba396ec907288208f843150c2e
GET /images/banner.jpg HTTP/1.1
Host: primejb.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kittyland.ws/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Dec 2022 06:33:12 GMT
content-type: image/jpeg
content-length: 46115
last-modified: Tue, 27 Sep 2022 17:35:52 GMT
etag: "63333478-b423"
x-powered-by: PleskLin
cache-control: max-age=14400
cf-cache-status: HIT
age: 564
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t8vxiQQP2MUVpw8ex7vjlcFzXSFFh9%2FwGSua9JiD6CqzrEoGiVF7jmpRsTZLdlyJR7E4rf5uj7hs1LtAsXKWlt%2BvFgIhJ47%2FUh9NWsBpDU6GIDHO5nayYpUxguMIAg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 776377deaa28b4f9-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
kittyland.ws/images/collapse.png
103.109.100.248200 OK 369 B URL HTTP/1.1 kittyland.ws/images/collapse.png
IP 103.109.100.248:0
ASN #206264 Amarutu Technology Ltd
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 6af553ac5e86504743b02f220405abdd
c07e8d586443c0ace4d91eea0d46476845b6baec
408e40949e493302b9fd79a82e68c13509ba6370f04be5088ccd7503a4d1f94c
GET /images/collapse.png HTTP/1.1
Host: kittyland.ws
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kittyland.ws/
Cookie: mybb[lastvisit]=1670481191; mybb[lastactive]=1670481191; sid=20f28b08d00b024603cedd118e12b958
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Dec 2022 06:33:12 GMT
Content-Type: image/png
Content-Length: 369
Connection: keep-alive
X-Accel-Version: 0.01
Last-Modified: Fri, 13 Sep 2019 05:34:32 GMT
ETag: "171-592689bd16a00"
Accept-Ranges: bytes
X-Powered-By: PleskLin
kittyland.ws/images/kittyland_logo.png
103.109.100.248200 OK 51 kB URL HTTP/1.1 kittyland.ws/images/kittyland_logo.png
IP 103.109.100.248:0
ASN #206264 Amarutu Technology Ltd
File type PNG image data, 330 x 116, 8-bit/color RGBA, non-interlaced\012- data
Hash 9ef84d514d84be50579b37b8eea23513
bf5253c09376a483a8bb7579fc34afbfe90a20e4
cd444c8e03c6b3729bde000c8da0e6e5821391452fb3f70b5df129f5ecb42d19
GET /images/kittyland_logo.png HTTP/1.1
Host: kittyland.ws
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kittyland.ws/
Cookie: mybb[lastvisit]=1670481191; mybb[lastactive]=1670481191; sid=20f28b08d00b024603cedd118e12b958
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Dec 2022 06:33:12 GMT
Content-Type: image/png
Content-Length: 51412
Last-Modified: Mon, 16 Nov 2020 17:55:46 GMT
Connection: keep-alive
ETag: "5fb2bd22-c8d4"
X-Powered-By: PleskLin
Accept-Ranges: bytes
jbworld.ws/images/banner.jpg
185.126.237.166200 OK 31 kB URL HTTP/2 jbworld.ws/images/banner.jpg
IP 185.126.237.166:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=60, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=468], progressive, precision 8, 468x60, components 3\012- data
Hash e75815489a7bac8d98ddaf28dfa7dffd
d0c9ee7b82b4ed0943856a10086beed429e01f9a
0a7d6d5f25f93a3bdec9b0838364451867ea309e434875cd76b9323f3beeda42
GET /images/banner.jpg HTTP/1.1
Host: jbworld.ws
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kittyland.ws/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 06:33:12 GMT
content-type: image/jpeg
content-length: 30880
last-modified: Sun, 28 Aug 2022 18:25:47 GMT
etag: "630bb32b-78a0"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
kittyland.ws/images/focus/pattern.png
103.109.100.248404 Not Found 808 B URL HTTP/1.1 kittyland.ws/images/focus/pattern.png
IP 103.109.100.248:0
ASN #206264 Amarutu Technology Ltd
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a943672a32297727bab01c3e76977550
3a667c4b7a457ef6c586cc581d533c128737bf53
b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187
GET /images/focus/pattern.png HTTP/1.1
Host: kittyland.ws
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kittyland.ws/cache/themes/theme11/global.css
Cookie: mybb[lastvisit]=1670481191; mybb[lastactive]=1670481191; sid=20f28b08d00b024603cedd118e12b958; 149b4=bm9yZWZ8fHwxfDB8MHxub25lfDA6; 149b4b=1670481191
HTTP/1.1 404 Not Found
Server: nginx
Date: Thu, 08 Dec 2022 06:33:12 GMT
Content-Type: text/html
Content-Length: 808
Connection: keep-alive
Last-Modified: Sun, 24 Oct 2021 23:56:16 GMT
ETag: "328-5cf21fd70b29e"
Accept-Ranges: bytes
kittyland.ws/images/forum_icon_sprite.png
103.109.100.248200 OK 1.1 kB URL HTTP/1.1 kittyland.ws/images/forum_icon_sprite.png
IP 103.109.100.248:0
ASN #206264 Amarutu Technology Ltd
File type PNG image data, 30 x 120, 8-bit colormap, non-interlaced\012- data
Hash 212f6e3895ee44bf54b31cf39a162611
7d1f15044536b4f243495c47b03b2334b5493b4f
b95e7d7fb4d9efd1e305194cd5ec83f0b16a02baad62b355c66f1af8688a528b
GET /images/forum_icon_sprite.png HTTP/1.1
Host: kittyland.ws
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kittyland.ws/cache/themes/theme11/global.css
Cookie: mybb[lastvisit]=1670481191; mybb[lastactive]=1670481191; sid=20f28b08d00b024603cedd118e12b958; 149b4=bm9yZWZ8fHwxfDB8MHxub25lfDA6; 149b4b=1670481191
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Dec 2022 06:33:12 GMT
Content-Type: image/png
Content-Length: 1130
Last-Modified: Fri, 13 Sep 2019 05:34:30 GMT
Connection: keep-alive
ETag: "5d7b2a66-46a"
X-Powered-By: PleskLin
Accept-Ranges: bytes
ocsp.pki.goog/s/gts1p5/UPLqyfpVwpM
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/UPLqyfpVwpM
IP 142.250.74.131:0
Hash 3d9140900e94f0b2caf9ce9c783a3d9c
ea8086d5230e09400458a77c3043e8ce30b48014
b033fbd1f0b630d5fa36685042f33dedbe8ee1a77a4b0a06cd477a3fa5e1dfb0
POST /s/gts1p5/UPLqyfpVwpM HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 06:33:12 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fairfaxgeorgianayourself.com/43/75/f7/4375f70441eacfde85e17f2cc1e0a66f.js
192.243.61.227200 OK 13 kB URL HTTP/1.1 fairfaxgeorgianayourself.com/43/75/f7/4375f70441eacfde85e17f2cc1e0a66f.js
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with very long lines (37128), with no line terminators
Hash 7f6cb9468e65947f477011a7c81eac99
02e0f6d169ffcca943a486688a333846ac2f0467
c570503175ba86dd8dcdb558db6237f17c72bb5f2a72b56c8582283d3cdde53b
Analyzer Verdict Alert quad9 Sinkholed
GET /43/75/f7/4375f70441eacfde85e17f2cc1e0a66f.js HTTP/1.1
Host: fairfaxgeorgianayourself.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kittyland.ws/
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 08 Dec 2022 06:33:12 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: f3912e36e6fea74f3a1185709701514a
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
www.google.com/s2/favicons?domain=bodyxxx.top
216.58.207.228301 Moved Permanently 331 B URL HTTP/1.1 www.google.com/s2/favicons?domain=bodyxxx.top
IP 216.58.207.228:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash c010b8f93b900106d9124599bf8e376c
b9ab70fdb6eb3b65b0eda52feb9b21342e3e3b95
fa6b6f47f8b7bec2f174cbedd614574e5857dc69f18dfef5d82fb60af30dc358
GET /s2/favicons?domain=bodyxxx.top HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kittyland.ws/
HTTP/1.1 301 Moved Permanently
Location: https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://bodyxxx.top&size=16
X-Content-Type-Options: nosniff
Server: sffe
Content-Length: 331
X-XSS-Protection: 0
Date: Thu, 08 Dec 2022 06:23:46 GMT
Expires: Thu, 08 Dec 2022 06:53:46 GMT
Cache-Control: public, max-age=1800
Content-Type: text/html; charset=UTF-8
Age: 567
www.google.com/s2/favicons?domain=jviral.buzz
216.58.207.228301 Moved Permanently 331 B URL HTTP/1.1 www.google.com/s2/favicons?domain=jviral.buzz
IP 216.58.207.228:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash b7030ae9f2aab1e94faa4aeb5ffc54e4
0feabba9fc3dcbab797207c145c4d7f7dd040674
6b56382a2eebf221a5937e57c51efe1a69345ee0c3f40e63a1c0e925326aa7ca
GET /s2/favicons?domain=jviral.buzz HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kittyland.ws/
HTTP/1.1 301 Moved Permanently
Location: https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://jviral.buzz&size=16
X-Content-Type-Options: nosniff
Server: sffe
Content-Length: 331
X-XSS-Protection: 0
Date: Thu, 08 Dec 2022 06:23:46 GMT
Expires: Thu, 08 Dec 2022 06:53:46 GMT
Cache-Control: public, max-age=1800
Content-Type: text/html; charset=UTF-8
Age: 567
www.google.com/s2/favicons?domain=fap18.net
216.58.207.228301 Moved Permanently 329 B URL HTTP/1.1 www.google.com/s2/favicons?domain=fap18.net
IP 216.58.207.228:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 27216c4b9efc6e9ad820999ed394b90f
12fb31e42b3fd13780e08ef592454a850a52d023
61114d9e54756e9e9d69d528fb9f74408c8f3b6618b748c31aea7457773e8f6b
GET /s2/favicons?domain=fap18.net HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kittyland.ws/
HTTP/1.1 301 Moved Permanently
Location: https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://fap18.net&size=16
X-Content-Type-Options: nosniff
Server: sffe
Content-Length: 329
X-XSS-Protection: 0
Date: Thu, 08 Dec 2022 06:23:45 GMT
Expires: Thu, 08 Dec 2022 06:53:45 GMT
Cache-Control: public, max-age=1800
Content-Type: text/html; charset=UTF-8
Age: 568
www.google.com/s2/favicons?domain=jlove.pw
216.58.207.228301 Moved Permanently 328 B URL HTTP/1.1 www.google.com/s2/favicons?domain=jlove.pw
IP 216.58.207.228:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 4e8372e82f64661ac50fc64481f62fe5
7ef63bf5ca83cd9cf3eae9b36530105039652322
f4b4466c870a2a2ee9ad9c15dff42c634ed1c793d038dd9e7f6b67dae5abcb09
GET /s2/favicons?domain=jlove.pw HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kittyland.ws/
HTTP/1.1 301 Moved Permanently
Location: https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://jlove.pw&size=16
X-Content-Type-Options: nosniff
Server: sffe
Content-Length: 328
X-XSS-Protection: 0
Date: Thu, 08 Dec 2022 06:23:45 GMT
Expires: Thu, 08 Dec 2022 06:53:45 GMT
Cache-Control: public, max-age=1800
Content-Type: text/html; charset=UTF-8
Age: 568
www.google.com/s2/favicons?domain=lilibox.top
216.58.207.228301 Moved Permanently 331 B URL HTTP/1.1 www.google.com/s2/favicons?domain=lilibox.top
IP 216.58.207.228:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 5170e0d1bed9d10daa046ed2d1ff1404
7d4511756e6adddc709141e09dfa563619df5b7f
f485f14267bdea5874fe1074294e4269fcafc88428926fcc67fe4cdd1c434e39
GET /s2/favicons?domain=lilibox.top HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kittyland.ws/
HTTP/1.1 301 Moved Permanently
Location: https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://lilibox.top&size=16
X-Content-Type-Options: nosniff
Server: sffe
Content-Length: 331
X-XSS-Protection: 0
Date: Thu, 08 Dec 2022 06:23:45 GMT
Expires: Thu, 08 Dec 2022 06:53:45 GMT
Cache-Control: public, max-age=1800
Content-Type: text/html; charset=UTF-8
Age: 568
www.google.com/s2/favicons?domain=tubepornstars.tv
216.58.207.228301 Moved Permanently 336 B URL HTTP/1.1 www.google.com/s2/favicons?domain=tubepornstars.tv
IP 216.58.207.228:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash ce1bc6ea40f3e983e301b472cb9e9b53
b5c75f2650a0b903b52675376dbacccf88913a3d
d99fa100e7cb2e9fbaccb9e730088ba957b681f551e69084cd2a35e0a6c7c31a
GET /s2/favicons?domain=tubepornstars.tv HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kittyland.ws/
HTTP/1.1 301 Moved Permanently
Location: https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://tubepornstars.tv&size=16
X-Content-Type-Options: nosniff
Server: sffe
Content-Length: 336
X-XSS-Protection: 0
Date: Thu, 08 Dec 2022 06:23:45 GMT
Expires: Thu, 08 Dec 2022 06:53:45 GMT
Cache-Control: public, max-age=1800
Content-Type: text/html; charset=UTF-8
Age: 568
www.google.com/s2/favicons?domain=niceporn.tv
216.58.207.228301 Moved Permanently 331 B URL HTTP/1.1 www.google.com/s2/favicons?domain=niceporn.tv
IP 216.58.207.228:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 194cad92655d348f97b156325e82bddf
c04c12a4b52ba8f6b3e8c337597a09ed962a4334
a983a82856fa7c159203e49c13b1468b44c95e2088786a2ca7adadf808cecbd5
GET /s2/favicons?domain=niceporn.tv HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kittyland.ws/
HTTP/1.1 301 Moved Permanently
Location: https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://niceporn.tv&size=16
X-Content-Type-Options: nosniff
Server: sffe
Content-Length: 331
X-XSS-Protection: 0
Date: Thu, 08 Dec 2022 06:23:45 GMT
Expires: Thu, 08 Dec 2022 06:53:45 GMT
Cache-Control: public, max-age=1800
Content-Type: text/html; charset=UTF-8
Age: 568
www.google.com/s2/favicons?domain=sybilleporn.com
216.58.207.228301 Moved Permanently 335 B URL HTTP/1.1 www.google.com/s2/favicons?domain=sybilleporn.com
IP 216.58.207.228:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash f1ae652700d296f0308ff40d56e32de5
3138318d0a28cad8e64d798196261b3fad429378
3d429d23026d0c77ce0eaeeca8248a89f482fded36b0aa052d190adb2fb44c91
GET /s2/favicons?domain=sybilleporn.com HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kittyland.ws/
HTTP/1.1 301 Moved Permanently
Location: https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://sybilleporn.com&size=16
X-Content-Type-Options: nosniff
Server: sffe
Content-Length: 335
X-XSS-Protection: 0
Date: Thu, 08 Dec 2022 06:23:46 GMT
Expires: Thu, 08 Dec 2022 06:53:46 GMT
Cache-Control: public, max-age=1800
Content-Type: text/html; charset=UTF-8
Age: 567
www.google.com/s2/favicons?domain=hdsextube.tv
216.58.207.228301 Moved Permanently 332 B URL HTTP/1.1 www.google.com/s2/favicons?domain=hdsextube.tv
IP 216.58.207.228:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 73e2b8e11da75f24e0c0587d4604e5b1
230ee88c4c81d7e4f8fb17bffe44abb197ebffc3
6e8c748ad9db17a4a52b94ddafa156e87ae34335fb80ff8ca30b34b9b9635d36
GET /s2/favicons?domain=hdsextube.tv HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kittyland.ws/
HTTP/1.1 301 Moved Permanently
Location: https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://hdsextube.tv&size=16
X-Content-Type-Options: nosniff
Server: sffe
Content-Length: 332
X-XSS-Protection: 0
Date: Thu, 08 Dec 2022 06:23:46 GMT
Expires: Thu, 08 Dec 2022 06:53:46 GMT
Cache-Control: public, max-age=1800
Content-Type: text/html; charset=UTF-8
Age: 567
www.google.com/s2/favicons?domain=24porn.tv
216.58.207.228301 Moved Permanently 329 B URL HTTP/1.1 www.google.com/s2/favicons?domain=24porn.tv
IP 216.58.207.228:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 493df9b2f257cc238b2c41fb8feba4b0
b971d1b1644520ae21971d93e3234967741af96e
c709ed0b1d69c3fcd309b232cb0f33755eb0b07ce6f3e5eacf10feda3e474a6e
GET /s2/favicons?domain=24porn.tv HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kittyland.ws/
HTTP/1.1 301 Moved Permanently
Location: https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://24porn.tv&size=16
X-Content-Type-Options: nosniff
Server: sffe
Content-Length: 329
X-XSS-Protection: 0
Date: Thu, 08 Dec 2022 06:23:46 GMT
Expires: Thu, 08 Dec 2022 06:53:46 GMT
Cache-Control: public, max-age=1800
Content-Type: text/html; charset=UTF-8
Age: 567
www.google.com/s2/favicons?domain=sexyhouse.top
216.58.207.228301 Moved Permanently 333 B URL HTTP/1.1 www.google.com/s2/favicons?domain=sexyhouse.top
IP 216.58.207.228:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash ab3108013be0d91604757bf285ea3442
94fcb0cac14ea48cc63d33d7062a0299d49ded26
82ba504151328f802c4ae042f02e20a5f6554d062f21f56884ba5ed29a874f7e
GET /s2/favicons?domain=sexyhouse.top HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kittyland.ws/
HTTP/1.1 301 Moved Permanently
Location: https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://sexyhouse.top&size=16
X-Content-Type-Options: nosniff
Server: sffe
Content-Length: 333
X-XSS-Protection: 0
Date: Thu, 08 Dec 2022 06:23:46 GMT
Expires: Thu, 08 Dec 2022 06:53:46 GMT
Cache-Control: public, max-age=1800
Content-Type: text/html; charset=UTF-8
Age: 567
www.google.com/s2/favicons?domain=blackdaddy.top
216.58.207.228301 Moved Permanently 334 B URL HTTP/1.1 www.google.com/s2/favicons?domain=blackdaddy.top
IP 216.58.207.228:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 236f18e77869bc1f384626dd73ea9f4c
90b29035a48224e055a2a5e92ea0d30342d51d16
6f12390257203c671d2083a6c88abcfd695b1cf0e8afced5eca798e4b00a994e
GET /s2/favicons?domain=blackdaddy.top HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kittyland.ws/
HTTP/1.1 301 Moved Permanently
Location: https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://blackdaddy.top&size=16
X-Content-Type-Options: nosniff
Server: sffe
Content-Length: 334
X-XSS-Protection: 0
Date: Thu, 08 Dec 2022 06:23:46 GMT
Expires: Thu, 08 Dec 2022 06:53:46 GMT
Cache-Control: public, max-age=1800
Content-Type: text/html; charset=UTF-8
Age: 567
parchedscrew.pro/c.D/9y6/bS2/5Pl-SlWKQQ9nNFD_Et3/MtzLIk3GMUwP
188.72.219.36200 OK 15 kB URL HTTP/2 parchedscrew.pro/c.D/9y6/bS2/5Pl-SlWKQQ9nNFD_Et3/MtzLIk3GMUwP
IP 188.72.219.36:0
File type Unicode text, UTF-8 text, with very long lines (5600)
Hash ea4fd03839a4ba414c1027f2696fa324
2747bdd4783d1403cc0d88f7f4e3df2733e36f3c
13006d26b899824953247b33be44b248d6bf3194bd876e1f22c7ea78cd800169
Analyzer Verdict Alert quad9 Sinkholed
GET /c.D/9y6/bS2/5Pl-SlWKQQ9nNFD_Et3/MtzLIk3GMUwP HTTP/1.1
Host: parchedscrew.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://kittyland.ws/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 08 Dec 2022 06:33:12 GMT
content-type: application/javascript
vary: Accept-Encoding
expires: Mon, 26 Jul 2011 05:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64
access-control-allow-origin: *
last-modified: Thu, 08 Dec 2022 06:33:12 GMT
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET
set-cookie: kadSlcJ=eyJ0aW1lU3RhbXAiOjE2NzA0ODExOTIsInpvbmVzIjp7IjQxNzMyNzMiOls0MTczMjczLDEsMTY3MDQ4MTE5Ml0sIjQ1ODk4MDQiOls0NTg5ODA0LDEsMTY3MDM5ODkwNF19fQ==; max-age=1702017192; path=/
x-content-type-options: nosniff
content-encoding: br
X-Firefox-Spdy: h2
www.google.com/s2/favicons?domain=candyhub.ga
216.58.207.228301 Moved Permanently 331 B URL HTTP/1.1 www.google.com/s2/favicons?domain=candyhub.ga
IP 216.58.207.228:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 1dad130805ed5b61ba64b492d2d5bd64
9d77fea034e8ee63b22b027020784e205949de6e
d5a31bbec6d9f6f8ca712acf86f8786b2755bbe309810bdae28fd26acc4019cc
GET /s2/favicons?domain=candyhub.ga HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kittyland.ws/
HTTP/1.1 301 Moved Permanently
Location: https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://candyhub.ga&size=16
X-Content-Type-Options: nosniff
Server: sffe
Content-Length: 331
X-XSS-Protection: 0
Date: Thu, 08 Dec 2022 06:23:46 GMT
Expires: Thu, 08 Dec 2022 06:53:46 GMT
Cache-Control: public, max-age=1800
Content-Type: text/html; charset=UTF-8
Age: 567
www.google.com/s2/favicons?domain=hdpornfree.tv
216.58.207.228301 Moved Permanently 333 B URL HTTP/1.1 www.google.com/s2/favicons?domain=hdpornfree.tv
IP 216.58.207.228:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash a62434e450f2fd1ce2721c179c9b04e2
90a84dae0c23e97f6b9c2e8dcee1a09226db51da
50bb2ce049b8435a7ac0e3853db630a95e61fb0a6123b5467778cf8e9f29b20b
GET /s2/favicons?domain=hdpornfree.tv HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kittyland.ws/
HTTP/1.1 301 Moved Permanently
Location: https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://hdpornfree.tv&size=16
X-Content-Type-Options: nosniff
Server: sffe
Content-Length: 333
X-XSS-Protection: 0
Date: Thu, 08 Dec 2022 06:23:46 GMT
Expires: Thu, 08 Dec 2022 06:53:46 GMT
Cache-Control: public, max-age=1800
Content-Type: text/html; charset=UTF-8
Age: 567
www.google.com/s2/favicons?domain=anyxxx.me
216.58.207.228301 Moved Permanently 329 B URL HTTP/1.1 www.google.com/s2/favicons?domain=anyxxx.me
IP 216.58.207.228:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 88cd9c552d498637b5331dfd48da3c80
77b69f05ff147e03c8289c4ba07cc15191c17640
0fc8dbb3a39ca3e54055b4c4ba79198ae24bf73fc9f8c3bc324de95be9cb0b82
GET /s2/favicons?domain=anyxxx.me HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kittyland.ws/
HTTP/1.1 301 Moved Permanently
Location: https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://anyxxx.me&size=16
X-Content-Type-Options: nosniff
Server: sffe
Content-Length: 329
X-XSS-Protection: 0
Date: Thu, 08 Dec 2022 06:23:47 GMT
Expires: Thu, 08 Dec 2022 06:53:47 GMT
Cache-Control: public, max-age=1800
Content-Type: text/html; charset=UTF-8
Age: 566
www.google.com/s2/favicons?domain=fap18.tv
216.58.207.228301 Moved Permanently 328 B URL HTTP/1.1 www.google.com/s2/favicons?domain=fap18.tv
IP 216.58.207.228:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash a708b11f2e20580263b409e67a1811ee
bafb886d2c4d3644827ec88a58322f93cce0f17f
58375e4a26411c153248613484def3b02902fcd9c1b9ecb67956732396d38365
GET /s2/favicons?domain=fap18.tv HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kittyland.ws/
HTTP/1.1 301 Moved Permanently
Location: https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://fap18.tv&size=16
X-Content-Type-Options: nosniff
Server: sffe
Content-Length: 328
X-XSS-Protection: 0
Date: Thu, 08 Dec 2022 06:23:46 GMT
Expires: Thu, 08 Dec 2022 06:53:46 GMT
Cache-Control: public, max-age=1800
Content-Type: text/html; charset=UTF-8
Age: 567
www.google.com/s2/favicons?domain=24porn.pro
216.58.207.228301 Moved Permanently 330 B URL HTTP/1.1 www.google.com/s2/favicons?domain=24porn.pro
IP 216.58.207.228:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 4176c9a9e53413ad22af057e640de979
bb4caeb148836d4d37c47cb39bc456355e918416
e9d0f2eababd2c80b544f47e0c75b277b6efaca3e7cda4510a3a11bf5d16d371
GET /s2/favicons?domain=24porn.pro HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kittyland.ws/
HTTP/1.1 301 Moved Permanently
Location: https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://24porn.pro&size=16
X-Content-Type-Options: nosniff
Server: sffe
Content-Length: 330
X-XSS-Protection: 0
Date: Thu, 08 Dec 2022 06:23:46 GMT
Expires: Thu, 08 Dec 2022 06:53:46 GMT
Cache-Control: public, max-age=1800
Content-Type: text/html; charset=UTF-8
Age: 567
www.google.com/s2/favicons?domain=jrice.buzz
216.58.207.228301 Moved Permanently 330 B URL HTTP/1.1 www.google.com/s2/favicons?domain=jrice.buzz
IP 216.58.207.228:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 62a0f48f88f418ebb82887b7689a2f32
238238d695fa660fc9873eeb2f5bd377ac4d4cde
a6977c3c9282ac980c5ef26abe5487eabdd899e254490b9d333d7edc150bab12
GET /s2/favicons?domain=jrice.buzz HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kittyland.ws/
HTTP/1.1 301 Moved Permanently
Location: https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://jrice.buzz&size=16
X-Content-Type-Options: nosniff
Server: sffe
Content-Length: 330
X-XSS-Protection: 0
Date: Thu, 08 Dec 2022 06:23:47 GMT
Expires: Thu, 08 Dec 2022 06:53:47 GMT
Cache-Control: public, max-age=1800
Content-Type: text/html; charset=UTF-8
Age: 566
www.google.com/s2/favicons?domain=jbslist.top
216.58.207.228301 Moved Permanently 331 B URL HTTP/1.1 www.google.com/s2/favicons?domain=jbslist.top
IP 216.58.207.228:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash b3bfd372f52f0e1846c2f12cfb4c0f6a
c1f68754a0632699122e5d7527b670dcc65f352a
1060013f389a27485aac30c84b79c0fdc9c9cf67a17111262389ca2c42c75280
GET /s2/favicons?domain=jbslist.top HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kittyland.ws/
HTTP/1.1 301 Moved Permanently
Location: https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://jbslist.top&size=16
X-Content-Type-Options: nosniff
Server: sffe
Content-Length: 331
X-XSS-Protection: 0
Date: Thu, 08 Dec 2022 06:23:46 GMT
Expires: Thu, 08 Dec 2022 06:53:46 GMT
Cache-Control: public, max-age=1800
Content-Type: text/html; charset=UTF-8
Age: 567
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 0c89743226644fddacbe5d50c110b950
b343ae9eb9047cf764b518083d612ffd3652b209
1bf675bb6e12e913a98cd8849c1af9a0c50b0bb8bfa670c86419b41782e06e47
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 06:33:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/analytics.js
142.250.74.46200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.46:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kittyland.ws/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Thu, 08 Dec 2022 04:46:55 GMT
expires: Thu, 08 Dec 2022 06:46:55 GMT
cache-control: public, max-age=7200
age: 6378
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 0c89743226644fddacbe5d50c110b950
b343ae9eb9047cf764b518083d612ffd3652b209
1bf675bb6e12e913a98cd8849c1af9a0c50b0bb8bfa670c86419b41782e06e47
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 06:33:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash 2b30426b2ebadaeefe42e0df47296748
921c1e9f523c4ce527d56b6115c9ed68d5916757
abce6391e73f193d1338618d44d1e83403aeca6b58a280f08a6a6fa5baf6223a
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 08 Dec 2022 06:33:13 GMT
Last-Modified: Thu, 08 Dec 2022 05:20:31 GMT
Server: ECS (nyb/1D35)
X-Cache: Miss from cloudfront
Via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 2NUzMtrAVHenUj4_TonUuvgAAQT3bN4ppEBs63V1mhZ1maa4fD31wg==
Age: 4362
simplewebanalysis.com/stats
18.185.190.54200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 18.185.190.54:0
File type ASCII text, with no line terminators
Hash 99bac1e0a89ab02af0dc7101de5b8f4f
82172710e570e30925386f734529f8291c7d9bd3
72085693097d7b5f692124fef19434d171e32516c6c1d580da0eacbd3dbcb897
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://kittyland.ws
Connection: keep-alive
Referer: http://kittyland.ws/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Dec 2022 06:33:13 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: http://kittyland.ws
access-control-allow-credentials: true
set-cookie: uid_id2=3538cdeb-7980-4520-b427-bd8500bb578a:2:1; expires=Sun, 05 Dec 2032 06:33:13 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
kittyland.ws/favicon.ico
103.109.100.248200 OK 801 B IP 103.109.100.248:0
ASN #206264 Amarutu Technology Ltd
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash b7f2dffaa88cad48dde72cd70b61b82b
04a8b696763c6d0186aca72fd7c48cd51b4d9e97
62151b674703a300dd668ccad9550335d2b687b12a9cda00a53581c3c83c2868
GET /favicon.ico HTTP/1.1
Host: kittyland.ws
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kittyland.ws/
Cookie: mybb[lastvisit]=1670481191; mybb[lastactive]=1670481191; sid=20f28b08d00b024603cedd118e12b958; 149b4=bm9yZWZ8fHwxfDB8MHxub25lfDA6; 149b4b=1670481191
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 08 Dec 2022 06:33:13 GMT
Content-Type: image/vnd.microsoft.icon
Content-Length: 801
Connection: keep-alive
X-Accel-Version: 0.01
Last-Modified: Fri, 13 Sep 2019 05:33:54 GMT
ETag: "321-59268998d9480"
Accept-Ranges: bytes
X-Powered-By: PleskLin
d24ak3f2b.top/advertisers.js
142.0.204.220301 Moved Permanently 169 B URL HTTP/1.1 d24ak3f2b.top/advertisers.js
IP 142.0.204.220:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash b67ff43c74c409b92738a1ffb1f475d1
a2412a605ea6acb486140efeaa8724437f1ca2d4
ed0e3abc38200f1ac27c81af2b64db537ceb7379bf2554b7cb6d697aa7daf014
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /advertisers.js HTTP/1.1
Host: d24ak3f2b.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kittyland.ws/
HTTP/1.1 301 Moved Permanently
Server: nginx/1.17.6
Date: Thu, 08 Dec 2022 06:33:13 GMT
Content-Type: text/html
Content-Length: 169
Connection: keep-alive
Location: https://d24ak3f2b.top/advertisers.js
friendshipmale.com/sfp.js
172.64.163.31200 OK 28 kB URL HTTP/1.1 friendshipmale.com/sfp.js
IP 172.64.163.31:0
File type Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Hash b1fa950e77a7db5425f9a5257af02e9c
2d5580451f34ad96218f8b97edf9708f9ee1be87
d999c4320df27dc4a1d3de5aec22bb3ef201560b47a7eff3f28f4133c1997a14
GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kittyland.ws/
HTTP/1.1 200 OK
Date: Thu, 08 Dec 2022 06:33:13 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: max-age=14400
X-Request-ID: 136ed43bf0ec6db4dfee99cb9377bc0b
Strict-Transport-Security: max-age=0; includeSubdomains
CF-Cache-Status: EXPIRED
Last-Modified: Thu, 08 Dec 2022 06:33:12 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YUN4DPzANspW%2FI%2B1oR0s5fdDahIUKkzKxO6Ml7afBbw5tQin2s9NocGnJ5kg6Kt1rBgxZfuuyF7YzcCE31U%2FSHckfln1aSilal8Ev7SwJt7q3OszWzb5Sa1pkhAtE1hqwM8O1XQ%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 776377e0cf278883-LHR
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 263ca544cd4b5754750843819004e83e
9b8b22cbf5b383aae2dc99743e2029d2ad7229d3
0277254d5e315b05b9ef35bcd9e8ec314509f931d4dfe29c2eeb1e789cdad6ed
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0277254D5E315B05B9EF35BCD9E8EC314509F931D4DFE29C2EEB1E789CDAD6ED"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2991
Expires: Thu, 08 Dec 2022 07:23:04 GMT
Date: Thu, 08 Dec 2022 06:33:13 GMT
Connection: keep-alive
t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://fap18.net&size=16
142.250.74.100200 OK 197 B URL HTTP/2 t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://fap18.net&size=16
IP 142.250.74.100:0
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Hash fb740dfe49db60aa09da13a9c09877f0
0ebf5258a7b9983b4bba7754b1d97708158b6fc6
640460f159316f2a5f3a4768230f84401b82cee298634819eb42d43621089e81
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://fap18.net&size=16 HTTP/1.1
Host: t2.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://kittyland.ws/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-location: https://fap18.net/favicon.ico
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 197
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Dec 2022 13:06:42 GMT
expires: Thu, 08 Dec 2022 13:06:42 GMT
cache-control: public, max-age=604800
age: 581191
last-modified: Wed, 29 Nov 2017 12:34:19 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://sexyhouse.top&size=16
142.250.74.100200 OK 565 B URL HTTP/2 t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://sexyhouse.top&size=16
IP 142.250.74.100:0
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Hash 63f22f1ceefc11f583c1ef226bc113bc
03c1ad8c4ef751dab23658a66e1f70fe5a364558
3247333430d523ab8e1e023b9f2e1f5a7e592e705fb911940cfd2262cce78719
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://sexyhouse.top&size=16 HTTP/1.1
Host: t2.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://kittyland.ws/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-location: https://sexyhouse.top/favicon.ico
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 565
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 04 Dec 2022 10:56:31 GMT
expires: Sun, 11 Dec 2022 10:56:31 GMT
cache-control: public, max-age=604800
age: 329802
last-modified: Sun, 05 Jul 2020 03:07:18 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://24porn.pro&size=16
142.250.74.100200 OK 276 B URL HTTP/2 t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://24porn.pro&size=16
IP 142.250.74.100:0
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Hash c53cd36e5c2e30ee797e90c6a9795bb3
b21981ff3828dc30b8a8db43679dbdcae73e12ce
3668974c9c95935a9ef62cbb92e8e4c50a2d149fb13029b89be20c70e140f0a4
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://24porn.pro&size=16 HTTP/1.1
Host: t2.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://kittyland.ws/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-location: https://24porn.pro/i/favicon/apple-icon-57x57.png
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 276
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Dec 2022 10:09:56 GMT
expires: Wed, 14 Dec 2022 10:09:56 GMT
cache-control: public, max-age=604800
age: 73397
last-modified: Fri, 27 Aug 2021 19:26:29 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://hdpornmax.net&size=16
142.250.74.100200 OK 218 B URL HTTP/2 t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://hdpornmax.net&size=16
IP 142.250.74.100:0
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Hash 23e7c74eb1c0d8c317fd1e522496a999
8b5f32b58d0e610aff161adb60c201066a4760b5
02c4e5409423f4284363cb06f5108d7234cdd15d15ab9377d16067fe981423fe
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://hdpornmax.net&size=16 HTTP/1.1
Host: t2.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://kittyland.ws/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-location: https://hdpornmax.net/i/favicon/apple-icon-57x57.png
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 218
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Dec 2022 19:36:06 GMT
expires: Wed, 14 Dec 2022 19:36:06 GMT
cache-control: public, max-age=604800
age: 39427
last-modified: Sun, 16 Aug 2020 18:06:23 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 38ab64c8d5e963bd13caddb191950d94
b2aeb62771557e894a0c7a8e4e46dc13cc4c7f84
d1d95cac0816e3a1ed1fdc7e944029c805cd863e658ba87338436cd66d969cca
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 06:33:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 38ab64c8d5e963bd13caddb191950d94
b2aeb62771557e894a0c7a8e4e46dc13cc4c7f84
d1d95cac0816e3a1ed1fdc7e944029c805cd863e658ba87338436cd66d969cca
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 06:33:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://sybilleporn.com&size=16
142.250.74.100404 Not Found 726 B URL HTTP/2 t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://sybilleporn.com&size=16
IP 142.250.74.100:0
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash b8a0bf372c762e966cc99ede8682bc71
2d7c9b60d1e2b4f4726141de2e4ab738110b9287
59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://sybilleporn.com&size=16 HTTP/1.1
Host: t2.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://kittyland.ws/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
cross-origin-resource-policy: cross-origin
content-type: image/png
x-content-type-options: nosniff
date: Thu, 08 Dec 2022 06:33:13 GMT
server: sffe
content-length: 726
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://blackdaddy.top&size=16
142.250.74.100404 Not Found 726 B URL HTTP/2 t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://blackdaddy.top&size=16
IP 142.250.74.100:0
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash b8a0bf372c762e966cc99ede8682bc71
2d7c9b60d1e2b4f4726141de2e4ab738110b9287
59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://blackdaddy.top&size=16 HTTP/1.1
Host: t3.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://kittyland.ws/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
cross-origin-resource-policy: cross-origin
content-type: image/png
x-content-type-options: nosniff
date: Thu, 08 Dec 2022 06:33:13 GMT
server: sffe
content-length: 726
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://jrice.buzz&size=16
142.250.74.100404 Not Found 726 B URL HTTP/2 t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://jrice.buzz&size=16
IP 142.250.74.100:0
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash b8a0bf372c762e966cc99ede8682bc71
2d7c9b60d1e2b4f4726141de2e4ab738110b9287
59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://jrice.buzz&size=16 HTTP/1.1
Host: t3.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://kittyland.ws/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
cross-origin-resource-policy: cross-origin
content-type: image/png
x-content-type-options: nosniff
date: Thu, 08 Dec 2022 06:33:13 GMT
server: sffe
content-length: 726
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://hdsextube.tv&size=16
142.250.74.100200 OK 225 B URL HTTP/2 t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://hdsextube.tv&size=16
IP 142.250.74.100:0
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Hash 698f5b42114422890362881124e590c7
95c0a0d9e12d8ef4581734799ae72befb7134354
a59cc0779b9c9c887e8f3ac12eeacefcc4d2945d5f4a8ff21ac52b787ce67a6e
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://hdsextube.tv&size=16 HTTP/1.1
Host: t3.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://kittyland.ws/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-location: https://hdsextube.tv/i/favicon/apple-icon-57x57.png
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 225
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Dec 2022 11:30:46 GMT
expires: Wed, 14 Dec 2022 11:30:46 GMT
cache-control: public, max-age=604800
last-modified: Sat, 09 Oct 2021 06:09:40 GMT
content-type: image/png
age: 68547
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://fap18.tv&size=16
142.250.74.36200 OK 248 B URL HTTP/2 t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://fap18.tv&size=16
IP 142.250.74.36:0
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Hash 8e6ba5af4906e0f7e0278ffeb02bdedc
907b0b3dd605218b7f84c0eb8cc16edceb0ebe20
000bb8316fbe3758f43c20aa99c67cb869cfe42de916afdcdcb71d4f72449c6c
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://fap18.tv&size=16 HTTP/1.1
Host: t1.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://kittyland.ws/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-location: https://fap18.tv/i/favicon/apple-icon-57x57.png
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 248
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Dec 2022 10:11:58 GMT
expires: Thu, 08 Dec 2022 10:11:58 GMT
cache-control: public, max-age=604800
age: 591675
last-modified: Tue, 07 Dec 2021 12:56:04 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://niceporn.tv&size=16
142.250.74.100200 OK 205 B URL HTTP/2 t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://niceporn.tv&size=16
IP 142.250.74.100:0
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Hash 1225e3807d6f671d1c728aa090b8afca
bc6b16cbdcc786788df549928c503e944737072b
48a22e814a57399c87d77d1f0b2de40e4426425a37ba63338ad610644d1364eb
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://niceporn.tv&size=16 HTTP/1.1
Host: t3.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://kittyland.ws/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-location: https://niceporn.tv/i/favicon/apple-icon-57x57.png
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 205
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Dec 2022 00:19:04 GMT
expires: Tue, 13 Dec 2022 00:19:04 GMT
cache-control: public, max-age=604800
age: 195249
last-modified: Sat, 16 Nov 2019 04:54:39 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://hdpornfree.tv&size=16
142.250.74.36200 OK 413 B URL HTTP/2 t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://hdpornfree.tv&size=16
IP 142.250.74.36:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 16x16, components 3\012- data
Hash 9d84b798ec786a0f39557740f90dbed5
3c598cebc1eb1947499741e023dc4716f04f6e8f
6b87bc8e850b520a9ce6c99b9e6f9782296a320de1460b52ff7fc574ab6bf3df
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://hdpornfree.tv&size=16 HTTP/1.1
Host: t1.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://kittyland.ws/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-location: https://hdpornfree.tv/i/favicon/apple-icon-57x57.png
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 413
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Dec 2022 20:41:21 GMT
expires: Tue, 13 Dec 2022 20:41:21 GMT
cache-control: public, max-age=604800
age: 121912
last-modified: Mon, 17 Aug 2020 04:03:03 GMT
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://24porn.tv&size=16
142.250.74.36200 OK 283 B URL HTTP/2 t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://24porn.tv&size=16
IP 142.250.74.36:0
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Hash c5b1698c4d26c2d63bbfc124b0681b71
844d2dee7415a3cae8350499ec0b12add789e156
d38e45cf8affd70e0de47b9b36c37fc23a510ea14faf40b614c16bd0c37cdf1a
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://24porn.tv&size=16 HTTP/1.1
Host: t1.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://kittyland.ws/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-location: https://24porn.tv/i/favicon/apple-icon-57x57.png
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 283
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Dec 2022 20:41:21 GMT
expires: Tue, 13 Dec 2022 20:41:21 GMT
cache-control: public, max-age=604800
age: 121912
last-modified: Sat, 25 Jul 2020 09:55:50 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://candyhub.ga&size=16
142.250.74.36404 Not Found 726 B URL HTTP/2 t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://candyhub.ga&size=16
IP 142.250.74.36:0
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash b8a0bf372c762e966cc99ede8682bc71
2d7c9b60d1e2b4f4726141de2e4ab738110b9287
59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://candyhub.ga&size=16 HTTP/1.1
Host: t1.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://kittyland.ws/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
cross-origin-resource-policy: cross-origin
content-type: image/png
x-content-type-options: nosniff
date: Thu, 08 Dec 2022 06:33:13 GMT
server: sffe
content-length: 726
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://bodyxxx.top&size=16
142.250.74.100404 Not Found 726 B URL HTTP/2 t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://bodyxxx.top&size=16
IP 142.250.74.100:0
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash b8a0bf372c762e966cc99ede8682bc71
2d7c9b60d1e2b4f4726141de2e4ab738110b9287
59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://bodyxxx.top&size=16 HTTP/1.1
Host: t3.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://kittyland.ws/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
cross-origin-resource-policy: cross-origin
content-type: image/png
x-content-type-options: nosniff
date: Thu, 08 Dec 2022 06:33:13 GMT
server: sffe
content-length: 726
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://anyxxx.me&size=16
142.250.74.132200 OK 279 B URL HTTP/2 t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://anyxxx.me&size=16
IP 142.250.74.132:0
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Hash 867b7763cb66e3b52e1cab9f44e457ed
1286d804ffe272238c8c7ed575c64e9c67f0814b
f973e57a107e1664720b3a88ce9a55afea5338e2caca4a1bd5c4e3edac091437
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://anyxxx.me&size=16 HTTP/1.1
Host: t0.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://kittyland.ws/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-location: https://anyxxx.me/i/favicon/apple-icon-60x60.png
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 279
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Dec 2022 23:17:37 GMT
expires: Wed, 14 Dec 2022 23:17:37 GMT
cache-control: public, max-age=604800
age: 26136
last-modified: Sun, 26 Jul 2020 15:31:28 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://lilibox.top&size=16
142.250.74.36200 OK 565 B URL HTTP/2 t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://lilibox.top&size=16
IP 142.250.74.36:0
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Hash 63f22f1ceefc11f583c1ef226bc113bc
03c1ad8c4ef751dab23658a66e1f70fe5a364558
3247333430d523ab8e1e023b9f2e1f5a7e592e705fb911940cfd2262cce78719
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://lilibox.top&size=16 HTTP/1.1
Host: t1.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://kittyland.ws/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-location: https://lilibox.top/favicon.ico
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 565
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Dec 2022 19:14:34 GMT
expires: Tue, 13 Dec 2022 19:14:34 GMT
cache-control: public, max-age=604800
age: 127119
last-modified: Sun, 05 Jul 2020 03:07:18 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://jbslist.top&size=16
142.250.74.100200 OK 690 B URL HTTP/2 t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://jbslist.top&size=16
IP 142.250.74.100:0
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 60071760c88670cbaeebbd793fec5a88
2cf1582f9da6c2e0aac3debe5768be31c63df3f6
4d8b81e2b4a3309a4867ceebb9aa434d35bc323976d190a6a2146beda40e5bf1
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://jbslist.top&size=16 HTTP/1.1
Host: t2.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://kittyland.ws/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-location: http://jbslist.top/images/focus/favicon.ico
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 690
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Dec 2022 15:56:12 GMT
expires: Wed, 14 Dec 2022 15:56:12 GMT
cache-control: public, max-age=604800
age: 52621
last-modified: Sat, 20 Apr 2019 09:44:17 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://jviral.buzz&size=16
142.250.74.132404 Not Found 726 B URL HTTP/2 t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://jviral.buzz&size=16
IP 142.250.74.132:0
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash b8a0bf372c762e966cc99ede8682bc71
2d7c9b60d1e2b4f4726141de2e4ab738110b9287
59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://jviral.buzz&size=16 HTTP/1.1
Host: t0.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://kittyland.ws/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
cross-origin-resource-policy: cross-origin
content-type: image/png
x-content-type-options: nosniff
date: Thu, 08 Dec 2022 06:33:13 GMT
server: sffe
content-length: 726
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://tubepornstars.tv&size=16
142.250.74.36200 OK 311 B URL HTTP/2 t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://tubepornstars.tv&size=16
IP 142.250.74.36:0
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Hash c2909676a97b1fdabd860e42061291f7
a0a396b2972582da6a8755bf83ecaf786d7595cb
5663a817552e2624296bf8f86aea6c8f444b80f314376d675154247ac9dd8e6e
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://tubepornstars.tv&size=16 HTTP/1.1
Host: t1.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://kittyland.ws/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-location: https://tubepornstars.tv/i/favicon/apple-icon-57x57.png
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 311
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Dec 2022 15:56:08 GMT
expires: Tue, 13 Dec 2022 15:56:08 GMT
cache-control: public, max-age=604800
age: 139025
last-modified: Mon, 09 Nov 2020 21:21:25 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://jlove.pw&size=16
142.250.74.100404 Not Found 726 B URL HTTP/2 t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://jlove.pw&size=16
IP 142.250.74.100:0
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash b8a0bf372c762e966cc99ede8682bc71
2d7c9b60d1e2b4f4726141de2e4ab738110b9287
59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://jlove.pw&size=16 HTTP/1.1
Host: t3.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://kittyland.ws/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
cross-origin-resource-policy: cross-origin
content-type: image/png
x-content-type-options: nosniff
date: Thu, 08 Dec 2022 06:33:13 GMT
server: sffe
content-length: 726
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 48c90992f0837a58e0a36118a27dae6a
3d238fed35e6d247bddbba92864e6b92e6aed9b6
cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7863
Expires: Thu, 08 Dec 2022 08:44:16 GMT
Date: Thu, 08 Dec 2022 06:33:13 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 48c90992f0837a58e0a36118a27dae6a
3d238fed35e6d247bddbba92864e6b92e6aed9b6
cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7863
Expires: Thu, 08 Dec 2022 08:44:16 GMT
Date: Thu, 08 Dec 2022 06:33:13 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 48c90992f0837a58e0a36118a27dae6a
3d238fed35e6d247bddbba92864e6b92e6aed9b6
cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7863
Expires: Thu, 08 Dec 2022 08:44:16 GMT
Date: Thu, 08 Dec 2022 06:33:13 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 48c90992f0837a58e0a36118a27dae6a
3d238fed35e6d247bddbba92864e6b92e6aed9b6
cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7863
Expires: Thu, 08 Dec 2022 08:44:16 GMT
Date: Thu, 08 Dec 2022 06:33:13 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb9f5f2e2-f4e8-4ddc-9a23-4327bb79769a.jpeg
34.120.237.76200 OK 4.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb9f5f2e2-f4e8-4ddc-9a23-4327bb79769a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 00cdac5a7f801c10e53b8651ceb94c46
d83d7a30038bbf534c531c3786c3458c66d6504a
4d767e2c8aee11a230ecbb4c5c2339a65ca380e87b713f2ad6c1efc02df07238
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb9f5f2e2-f4e8-4ddc-9a23-4327bb79769a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4565
x-amzn-requestid: 153e9d72-d9e1-498e-b74b-f4fad27f4efd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cy3_pHs4oAMFYYg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639106ca-44aa3006114060145bd0b16d;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 21:34:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ZsZPiQ026zur9XITdqX8eyH813-2rXyG6RrSLF4pZ4Wtk4mQJZd1SA==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 36810aa1793ee589dc8c194860296078.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 21:51:32 GMT
age: 31301
etag: "d83d7a30038bbf534c531c3786c3458c66d6504a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 48c90992f0837a58e0a36118a27dae6a
3d238fed35e6d247bddbba92864e6b92e6aed9b6
cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7863
Expires: Thu, 08 Dec 2022 08:44:16 GMT
Date: Thu, 08 Dec 2022 06:33:13 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3236488e-3e39-44b6-b864-0f7ede8ee3f5.jpeg
34.120.237.76200 OK 9.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3236488e-3e39-44b6-b864-0f7ede8ee3f5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3cbac0c7e45d3f33c38dbf3af4de05ba
e9106fec14ddda290951c61eda64a69ada9a244a
98d3785eb167ea6bbba3782ab3cfd8cc9c7715f493265ac6d59494c00d3b002e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3236488e-3e39-44b6-b864-0f7ede8ee3f5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9376
x-amzn-requestid: bf2f33a6-7f13-4f5b-ba9c-da33282135b2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ctERHFRSoAMFgYA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638eb406-121af6ba1b7b6a3066ffa103;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 03:16:22 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: yTLFIBUWHjudn2h6VKM79RUnXfuUTmQBkYSCFrRuY7_biVW5bEKZfA==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 17:39:05 GMT
age: 46448
etag: "e9106fec14ddda290951c61eda64a69ada9a244a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0d5b6cef-6b79-466f-a8bf-5f3864c9b0e7.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0d5b6cef-6b79-466f-a8bf-5f3864c9b0e7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c9f7b9c77a99173619ee85d0cfa8e2f8
05ba0fab4533b9837dd8558ffa5eb168e974d2b3
17184aca15041d2770fe14397fc0ab87e5f8e9f910b557031ba7fbf1349b0b9c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0d5b6cef-6b79-466f-a8bf-5f3864c9b0e7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11464
x-amzn-requestid: 04d9e95d-563e-4258-934e-add82f95a638
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cdGysEDmIAMFSIQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638851aa-426e37fb562dc25b3449311b;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 07:03:06 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: RspslnJzOcAHAL--VTgFJkFxb1PvLM6OHJmJUsdOKocI5ZPmJSLdoA==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 07:16:43 GMT
age: 83790
etag: "05ba0fab4533b9837dd8558ffa5eb168e974d2b3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9519925e-95b7-4e66-b317-84c1708c7f84.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9519925e-95b7-4e66-b317-84c1708c7f84.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b87d6543345f73653ed4a49b37d7c959
c4f26846b8b72293368ff16915d49297cf12bbb9
aee6aa42e4b5b83b81f74801ff8f0039fc6d38036f42ee81875813c856cf5eef
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9519925e-95b7-4e66-b317-84c1708c7f84.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8659
x-amzn-requestid: 6f420d07-65d5-4bb2-9f1f-e56025de497b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: czFSYFArIAMF46w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63911c0f-0a295e5c48228d5806b4f107;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 23:04:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: TSh1BNzzIPhWCfYEiqvQJckSPAyhHobe-HK6msEVeEJ1ruX-_rMSSA==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 23:33:19 GMT
age: 25194
etag: "c4f26846b8b72293368ff16915d49297cf12bbb9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2dbe127a-1d23-4c1b-b13e-cd024e5fd5de.jpeg
34.120.237.76200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2dbe127a-1d23-4c1b-b13e-cd024e5fd5de.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d2d14fc1b5d2e6d6f4751a2fe741b990
86cd1428b2fd21ccb9d80c7f6be4d1e6221e97ef
bfe88cb97ccec5af627853d0bbc02f4799c4b8a25a995c8578365cb5a2914d6a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2dbe127a-1d23-4c1b-b13e-cd024e5fd5de.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8626
x-amzn-requestid: c5f3e36b-87f1-4938-819c-7b1a6ec6bfeb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cy4BXHJ0oAMFaKQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639106d5-15635f9a10d25d8c1d702bbd;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 21:34:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: zQXtGXxwwTmn7gMQQj5wM69mPzAmYXRyfTbYfgUovTGsS0y048GZDg==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 21:51:32 GMT
age: 31301
etag: "86cd1428b2fd21ccb9d80c7f6be4d1e6221e97ef"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0d27bcd3-7b4f-4d99-8f0d-b7b98bfaa8d7.jpeg
34.120.237.76200 OK 5.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0d27bcd3-7b4f-4d99-8f0d-b7b98bfaa8d7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ce35df4fe4f77c950e40dc44b311bab4
aadf97d040e3577599581e892ee20f88d191bf91
f9c4cfc384213f77c0bbb252f3d6fbc22be60e1ecc158eece857d5050c8ced3c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0d27bcd3-7b4f-4d99-8f0d-b7b98bfaa8d7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5620
x-amzn-requestid: fadda084-c7fc-4ec0-bad0-27e97b8349d6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cy4gHGIMIAMFy_g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6391079a-5dc824963fe82ab927205128;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 21:37:30 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ITQgs0jVosYx5zvT7j4YLqGZ1HEmsNgartV3g8uaNuJHs4VqVs50OQ==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 21:47:24 GMT
age: 31549
etag: "aadf97d040e3577599581e892ee20f88d191bf91"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 38ab64c8d5e963bd13caddb191950d94
b2aeb62771557e894a0c7a8e4e46dc13cc4c7f84
d1d95cac0816e3a1ed1fdc7e944029c805cd863e658ba87338436cd66d969cca
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Dec 2022 06:33:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
d24ak3f2b.top/advertisers.js
142.0.204.220200 OK 0 B URL HTTP/1.1 d24ak3f2b.top/advertisers.js
IP 142.0.204.220:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /advertisers.js HTTP/1.1
Host: d24ak3f2b.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://kittyland.ws/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Thu, 08 Dec 2022 06:33:13 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
unseenreport.com/pxf.gif?uuid=3538cdeb-7980-4520-b427-bd8500bb578a&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1053&b_frame=0&pk=a289cea0efc01ecc6d483b54b6e14570&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=6
192.243.59.20200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=3538cdeb-7980-4520-b427-bd8500bb578a&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1053&b_frame=0&pk=a289cea0efc01ecc6d483b54b6e14570&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=6
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=3538cdeb-7980-4520-b427-bd8500bb578a&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1053&b_frame=0&pk=a289cea0efc01ecc6d483b54b6e14570&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=6 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kittyland.ws/
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Thu, 08 Dec 2022 06:33:14 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 5bd3d669336cd7a46da167602bf860d5
Strict-Transport-Security: max-age=0; includeSubdomains
unseenreport.com/pxf.gif?uuid=3538cdeb-7980-4520-b427-bd8500bb578a&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1053&b_frame=0&pk=4375f70441eacfde85e17f2cc1e0a66f&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=6
192.243.59.20200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=3538cdeb-7980-4520-b427-bd8500bb578a&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1053&b_frame=0&pk=4375f70441eacfde85e17f2cc1e0a66f&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=6
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=3538cdeb-7980-4520-b427-bd8500bb578a&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1053&b_frame=0&pk=4375f70441eacfde85e17f2cc1e0a66f&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=6 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kittyland.ws/
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Thu, 08 Dec 2022 06:33:14 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a8bbb863c1d659d6cfccdb3674b9e91f
Strict-Transport-Security: max-age=0; includeSubdomains
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 20c99b6f90e79527529e55e3812a4a5f
0b246fcec861ad64893a04ece533921f2128f486
b23981d5a39c404350e87073a259ba44ada4962bb356ac8c488536407356bace
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B23981D5A39C404350E87073A259BA44ADA4962BB356AC8C488536407356BACE"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13572
Expires: Thu, 08 Dec 2022 10:19:30 GMT
Date: Thu, 08 Dec 2022 06:33:18 GMT
Connection: keep-alive
entitledbalcony.com/sbar.json?key=4375f70441eacfde85e17f2cc1e0a66f&uuid=3538cdeb-7980-4520-b427-bd8500bb578a%3A2%3A1
173.233.137.52403 Forbidden 0 B URL HTTP/1.1 entitledbalcony.com/sbar.json?key=4375f70441eacfde85e17f2cc1e0a66f&uuid=3538cdeb-7980-4520-b427-bd8500bb578a%3A2%3A1
IP 173.233.137.52:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /sbar.json?key=4375f70441eacfde85e17f2cc1e0a66f&uuid=3538cdeb-7980-4520-b427-bd8500bb578a%3A2%3A1 HTTP/1.1
Host: entitledbalcony.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://kittyland.ws
Connection: keep-alive
Referer: http://kittyland.ws/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 403 Forbidden
Server: nginx/1.19.5
Date: Thu, 08 Dec 2022 06:33:18 GMT
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
entitledbalcony.com/pixel/sbe?t=1&error=timeout
173.233.137.52200 OK 0 B URL HTTP/1.1 entitledbalcony.com/pixel/sbe?t=1&error=timeout
IP 173.233.137.52:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbe?t=1&error=timeout HTTP/1.1
Host: entitledbalcony.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kittyland.ws/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 08 Dec 2022 06:33:18 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
www.hestuthygro.pro/dde112/beec558ea0a6.js
67.216.89.41200 OK 0 B URL HTTP/2 www.hestuthygro.pro/dde112/beec558ea0a6.js
IP 67.216.89.41:0
GET /dde112/beec558ea0a6.js HTTP/1.1
Host: www.hestuthygro.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kittyland.ws/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: ucdn/1.22.1
date: Thu, 08 Dec 2022 06:33:13 GMT
content-type: application/javascript
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315358007, public
x-ureq-id: XDrrrzssYKy7XniAYHDaCxO/1BtQYlPAo1HVcwFLMsrP7jnHS8YSuPjrkuTCVphpWXyPtXW95OS25mdhT/tjlLzkaYNmrg9SuE75YfLGFQLXMUUgDK1cmv9wCy21yoe6
x-served-from: l1
x-vhostid: 120, 21689
content-encoding: br
X-Firefox-Spdy: h2
use.fontawesome.com/releases/v5.5.0/css/all.css
172.64.133.15200 OK 0 B URL HTTP/2 use.fontawesome.com/releases/v5.5.0/css/all.css
IP 172.64.133.15:0
GET /releases/v5.5.0/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://kittyland.ws
Connection: keep-alive
Referer: http://kittyland.ws/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Dec 2022 06:33:11 GMT
content-type: text/css
x-amz-id-2: wZ9BtsRgr5gZ2v6YayPSG+L4OUC88JpTz+G8bQtF+0KHbphgqr/wfFTOUBA/WkSbskwBhBVjqz4=
x-amz-request-id: 3JAS5C4QMC17M595
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:43:32 GMT
etag: W/"1cc6c92172d124fbd305ba3d8e263333"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 983747
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zVHEzwf7hP1c8cbXNn4wq578%2FKlfrUkmISa550NIvfvi57e8pZdFqvuNUOeGVhWcmbdeASp5KTCqDYgDmdypu9S7OGITTNY9vewXiMJ8Oek%2FN232Z2SuPCvViLywy3Bf9UlWoFAr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 776377d93eab7777-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
i.imgur.com/VJtJxdE.jpg
151.101.244.193200 OK 0 B IP 151.101.244.193:0
GET /VJtJxdE.jpg HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kittyland.ws/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Mon, 26 Sep 2022 17:45:51 GMT
etag: "a8d7bc442b2474a75351d7becbf0d65a"
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Thu, 08 Dec 2022 06:33:12 GMT
age: 4382753
x-served-by: cache-iad-kcgs7200131-IAD, cache-hel1410024-HEL
x-cache: HIT, HIT
x-cache-hits: 25052, 2
x-timer: S1670481193.610663,VS0,VE0
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 42562
X-Firefox-Spdy: h2
www.hestuthygro.pro/dde112/beec558ea0a6.js
67.216.89.41200 OK 0 B URL HTTP/2 www.hestuthygro.pro/dde112/beec558ea0a6.js
IP 67.216.89.41:0
GET /dde112/beec558ea0a6.js HTTP/1.1
Host: www.hestuthygro.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: text/plain
Origin: http://kittyland.ws
Connection: keep-alive
Referer: http://kittyland.ws/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: ucdn/1.22.1
date: Thu, 08 Dec 2022 06:33:13 GMT
content-type: application/javascript
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315358007, public
x-ureq-id: XDrrrzssYKy7XniAYHDaCxO/1BtQYlPAo1HVcwFLMsrP7jnHS8YSuPjrkuTCVphpWXyPtXW95OS25mdhT/tjlLzkaYNmrg9SuE75YfLGFQLXMUUgDK1cmv9wCy21yoe6
x-served-from: l1
x-vhostid: 120, 21834
content-encoding: br
X-Firefox-Spdy: h2