btcnations.eu/login.php
92.204.221.14200 OK 3.0 kB IP 92.204.221.14:0
ASN #21499 Host Europe GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (353)
Hash 25c211e08e31603473f45789810b9f52
3c02068458901d7a94e7aaa7c5f55bc03c50732e
7b2e72ffdaf10261e5e5a60150ab230f768e18e76f9e4a36a987ea025e66e9ad
GET /login.php HTTP/1.1
Host: btcnations.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 16:28:56 GMT
Server: Apache
X-Powered-By: PHP/7.3.33
Set-Cookie: refsite=Unknown; expires=Mon, 05-Dec-2022 18:28:56 GMT; Max-Age=7200; path=/
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2961
Keep-Alive: timeout=5
Content-Type: text/html; charset=UTF-8
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash cfec3d7283a9b66d2be426ce54d210f3
808c1feb1ba918951d1928c1f6bfc0c253262774
1bad6c06aa3e88dcbc125fc98a6cb753eb2b18d2c8dd61da21d12209aeeda3f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2811
Expires: Mon, 05 Dec 2022 17:15:47 GMT
Date: Mon, 05 Dec 2022 16:28:56 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ee088fab9b287e174cfd1f2c735a909f
25c3335b514a36ad1a24d00413d60c3d394f5161
494e96358ff12366213d7cc0f9197648c6c62ec14fa0d2c78732a683fa26b192
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 415
Cache-Control: max-age=151758
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 16:28:56 GMT
Etag: "638dc877-1d7"
Expires: Wed, 07 Dec 2022 10:38:14 GMT
Last-Modified: Mon, 05 Dec 2022 10:31:19 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 1ea206ac3c440825741687351f8c6e4e
2f38dafd8c43dcce2411a0590bc5c02cd6286735
7d7232c8c91bcd18161ba2c9d23e3bff159604e058bd5b3fc1c7fcbcd03a7ee3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8818
Expires: Mon, 05 Dec 2022 18:55:54 GMT
Date: Mon, 05 Dec 2022 16:28:56 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 05 Dec 2022 16:20:17 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 519
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: H+7bvkFhy8xnqcBvaOuvHAvTJ7xChXzt3TO3m/I66VC0+FY7jh8AEcavV1GB/wjONLZynEMVXE0=
x-amz-request-id: W30C0G5HQEPSWAJK
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 05 Dec 2022 15:47:28 GMT
age: 2488
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/raphael/2.1.0/raphael-min.js
104.17.24.14200 OK 32 kB URL HTTP/1.1 cdnjs.cloudflare.com/ajax/libs/raphael/2.1.0/raphael-min.js
IP 104.17.24.14:0
File type Unicode text, UTF-8 text, with very long lines (64322)
Hash 36e4ebe59b3a173e6caf278e94017c37
198e113106ed9477c78a612d7fc38efe9363af59
38e56300fe661f610ecd9632e0dcf5f147d57bbd8939a402c4c9964e8ec22c46
GET /ajax/libs/raphael/2.1.0/raphael-min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://btcnations.eu/
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 16:28:57 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 31507
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=30672000
Content-Encoding: gzip
ETag: "5eb03fb4-16217"
Last-Modified: Mon, 04 May 2020 16:15:48 GMT
cf-cdnjs-via: cfworker/kv
Cross-Origin-Resource-Policy: cross-origin
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
CF-Cache-Status: HIT
Age: 71928
Expires: Sat, 25 Nov 2023 16:28:57 GMT
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hyq%2BBvyK2wgAwHhVytlyVNt0Mpd%2BTVIARZ9d%2FkVclJ0CoT4jF2Dtdejmqb%2B3e9OiM%2BG5g0nTp6baZO%2FriM8cNUIiwckYjJUXR5PMvacRhT1Z9Ti2X9WCWzOu9IYVE3zGzgBs4f7f"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 774e2868a850b4f7-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
ajax.googleapis.com/ajax/libs/jquery/1.9.0/jquery.min.js
142.250.74.138200 OK 33 kB URL HTTP/1.1 ajax.googleapis.com/ajax/libs/jquery/1.9.0/jquery.min.js
IP 142.250.74.138:0
File type ASCII text, with very long lines (32132)
Hash 19367efa6245eafdd8c6111a367da696
901ec681692d88afa09c28cee299ba120ca33a8b
cb11ee5a06892d5ffea634705118e1cc48f276c6d18fa20605c9bf5b9c33dc32
GET /ajax/libs/jquery/1.9.0/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://btcnations.eu/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="hosted-libraries-pushers"
Report-To: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Timing-Allow-Origin: *
Content-Length: 33140
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Fri, 02 Dec 2022 17:23:29 GMT
Expires: Sat, 02 Dec 2023 17:23:29 GMT
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
Content-Type: text/javascript; charset=UTF-8
Age: 255928
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 16:28:57 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js
143.204.55.101301 Moved Permanently 167 B URL HTTP/1.1 widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js
IP 143.204.55.101:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash f5d40b7259645010f9a248858ad14178
b3051d17a6ec8c9e166bf09a62b48261ab86957b
7f5007068d2b56ea9735e2490d60cff2e72cae312024ac1f6c91158eba47d05d
GET /bootstrap/v5/tp.widget.bootstrap.min.js HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://btcnations.eu/
HTTP/1.1 301 Moved Permanently
Server: CloudFront
Date: Mon, 05 Dec 2022 16:28:57 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Location: https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js
X-Cache: Redirect from cloudfront
Via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: bveXQtkfUT6bIHD08pvCw4jtVnVb1Sy_k8zLcQyS89qUFTSeIUOw4Q==
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 1245db08bc06bdc452fdb41b8e959f26
ba2fa041fbea0e124b6fd418724a46225fac0089
d591926f6495b722a0b545d292f16a342cba87889fd7d4f5ca448c3613760be6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1377
Cache-Control: max-age=101943
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 16:28:57 GMT
Etag: "638d021f-116"
Expires: Tue, 06 Dec 2022 20:48:00 GMT
Last-Modified: Sun, 04 Dec 2022 20:25:03 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 278
translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
216.58.211.14301 Moved Permanently 0 B URL HTTP/1.1 translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
IP 216.58.211.14:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /translate_a/element.js?cb=googleTranslateElementInit HTTP/1.1
Host: translate.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://btcnations.eu/
HTTP/1.1 301 Moved Permanently
Content-Type: application/binary
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Mon, 05 Dec 2022 16:28:57 GMT
Location: https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
Cross-Origin-Opener-Policy: same-origin-allow-popups
Server: ESF
Content-Length: 0
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
btcnations.eu/vendor/jquery/jquery.min.js
92.204.221.14200 OK 31 kB URL HTTP/1.1 btcnations.eu/vendor/jquery/jquery.min.js
IP 92.204.221.14:0
ASN #21499 Host Europe GmbH
File type ASCII text, with very long lines (65451)
Hash c65598a79e692c79f732ea0b099f9da7
5459de784144478c4a5088437bf5da4690dbae5f
653cc57da3a15e7ba824119d448c287f3c1a9a0afb400970ed3658d48765984a
GET /vendor/jquery/jquery.min.js HTTP/1.1
Host: btcnations.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://btcnations.eu/login.php
Cookie: refsite=Unknown
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 16:28:57 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Fri, 14 May 2021 16:25:16 GMT
ETag: "5040dab-15851-5c24cb0669211-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 30677
Keep-Alive: timeout=5
Content-Type: application/javascript
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta2/css/all.min.css
104.17.24.14200 OK 14 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta2/css/all.min.css
IP 104.17.24.14:0
File type ASCII text, with very long lines (65345)
Hash 642445b86596bdeaa98e92faa2064fc6
6c5539660bf533d34e37b917973c941d1c963374
4a5a39e9f325c5578dccd880c1d516eae190ee39f7539f4a6c6c52d2eee4cbdf
GET /ajax/libs/font-awesome/6.0.0-beta2/css/all.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://btcnations.eu
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 16:28:57 GMT
content-type: text/css; charset=utf-8
content-length: 14374
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "61498362-3826"
last-modified: Tue, 21 Sep 2021 07:01:54 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 11137655
expires: Sat, 25 Nov 2023 16:28:57 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cwcPqz8RmaMTs9fAyhqTYDvWuib63k96OWR52QvJyJoB4mPXogYIYW0%2B8ORdHs8416TxG19QqEFrS%2FdmedYqeZrXnByfdilFv1jojXqLyCg40JgyktVbGEogN2QGt%2FZf3o553OT9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 774e28691e64b529-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
code.jquery.com/jquery-3.4.1.min.js
69.16.175.42200 OK 31 kB URL HTTP/2 code.jquery.com/jquery-3.4.1.min.js
IP 69.16.175.42:0
File type ASCII text, with very long lines (65451)
Hash 9abb42735168ac9e960b770179b642aa
11475bf8c7244af7a820108b7762e7a3f95aa52c
df53c09a6546b3d23dc0b2d0d92c39808c5663a75f4bf1f8d035fd11b7c81243
GET /jquery-3.4.1.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://btcnations.eu
Connection: keep-alive
Referer: http://btcnations.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 16:28:57 GMT
content-encoding: gzip
content-length: 30638
content-type: application/javascript; charset=utf-8
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-15851"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1670257737.dop232.sk1.t,1670257737.cds254.sk1.hn,1670257737.cds201.sk1.c
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/morris.js/0.5.1/morris.min.js
104.17.24.14200 OK 10 kB URL HTTP/1.1 cdnjs.cloudflare.com/ajax/libs/morris.js/0.5.1/morris.min.js
IP 104.17.24.14:0
File type ASCII text, with very long lines (32182)
Hash 4389a4a4b24e803dc57a969c8aee14b0
4a67083cb72f68526203bc2f2920ebaf8a257e13
4708249faf6fd19381d8f100b53df3696ce1dfc177b69af187b5c738bcaf54dc
GET /ajax/libs/morris.js/0.5.1/morris.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://btcnations.eu/
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 16:28:57 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 10013
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=30672000
Content-Encoding: gzip
ETag: "5eb03f29-8b44"
Last-Modified: Mon, 04 May 2020 16:13:29 GMT
cf-cdnjs-via: cfworker/kv
Cross-Origin-Resource-Policy: cross-origin
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
CF-Cache-Status: MISS
Expires: Sat, 25 Nov 2023 16:28:57 GMT
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lYNuXqKvIc6c5j%2B7vFokr%2Bu5x7arJIBTf2mnRq%2BTJdT1kt9fu%2BhQHht9BR3koAneLqOGQNt6EMq%2FBzgTktN5BdHhlUt999wk%2FFlW8mTC2%2FHE0SXLX7LCiY06l36lwqyCYlxOp97T"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 774e2868ac6bb515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cdnjs.cloudflare.com/ajax/libs/morris.js/0.5.1/morris.css
104.17.24.14200 OK 256 B URL HTTP/1.1 cdnjs.cloudflare.com/ajax/libs/morris.js/0.5.1/morris.css
IP 104.17.24.14:0
File type ASCII text, with very long lines (342)
Hash 6cfdd78e64a32a11bd451a7ceffac4ab
b7a59ffab8f6718a21df0569055acc8f7348c257
16e321d497e683b8060d690046577ac2c9ba77f4a6faad12e80374eb17974419
GET /ajax/libs/morris.js/0.5.1/morris.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://btcnations.eu/
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 16:28:57 GMT
Content-Type: text/css; charset=utf-8
Content-Length: 256
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=30672000
Content-Encoding: gzip
ETag: "5eb03f29-1b1"
Last-Modified: Mon, 04 May 2020 16:13:29 GMT
cf-cdnjs-via: cfworker/kv
Cross-Origin-Resource-Policy: cross-origin
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
CF-Cache-Status: MISS
Expires: Sat, 25 Nov 2023 16:28:57 GMT
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cvSExPjnviwB%2BlDbIo9qlPLyK1dG%2BjEGEFy3Vs4RKL%2BcKIIvBVtIMRfRjZK8ig4YRgtk6eyIbnHi6yFkyhT6L4c9239c855I9m1GWg8peu7kTOCldvtJyU%2BJ8YK0rTVuHF7buHla"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 774e2868ad98b50f-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cdn.jsdelivr.net/npm/bootstrap@5.0.0-beta2/dist/css/bootstrap.min.css
151.101.65.229200 OK 23 kB URL HTTP/2 cdn.jsdelivr.net/npm/bootstrap@5.0.0-beta2/dist/css/bootstrap.min.css
IP 151.101.65.229:0
File type Unicode text, UTF-8 text, with very long lines (65300)
Hash 580ca5c569a553233eca871c9b60b866
04e97fbdbb2320eedf3821c8fc9fa07f71ae181e
e67e97480f8c73f37461fa37ed046bdfae991654ac3c630a2ee45735b3c2ef28
GET /npm/bootstrap@5.0.0-beta2/dist/css/bootstrap.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://btcnations.eu
Connection: keep-alive
Referer: http://btcnations.eu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 5.0.0-beta2
x-jsd-version-type: version
etag: W/"2573a-gqO6J5BRckWFq3N+rstGLiN6o34"
content-encoding: gzip
accept-ranges: bytes
date: Mon, 05 Dec 2022 16:28:57 GMT
age: 19123997
x-served-by: cache-fra19179-FRA, cache-bma1667-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 22646
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 1245db08bc06bdc452fdb41b8e959f26
ba2fa041fbea0e124b6fd418724a46225fac0089
d591926f6495b722a0b545d292f16a342cba87889fd7d4f5ca448c3613760be6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1377
Cache-Control: max-age=101943
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 16:28:57 GMT
Etag: "638d021f-116"
Expires: Tue, 06 Dec 2022 20:48:00 GMT
Last-Modified: Sun, 04 Dec 2022 20:25:03 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 278
cdn.jsdelivr.net/npm/bootstrap@5.0.0-beta2/dist/js/bootstrap.bundle.min.js
151.101.65.229200 OK 22 kB URL HTTP/2 cdn.jsdelivr.net/npm/bootstrap@5.0.0-beta2/dist/js/bootstrap.bundle.min.js
IP 151.101.65.229:0
File type ASCII text, with very long lines (65293)
Hash 74ddddc18da82655b3b74a7459f30585
7dba7c63d15456b432ac9506a8b64fc1b906ddb4
7416bb24a78a6197ce5557852829d54f6fdbcb69cf0be341cfae189c508560e7
GET /npm/bootstrap@5.0.0-beta2/dist/js/bootstrap.bundle.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://btcnations.eu
Connection: keep-alive
Referer: http://btcnations.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 5.0.0-beta2
x-jsd-version-type: version
etag: W/"13959-wU1JYET6lDtu5Q6aYn/N6BT6oLY"
content-encoding: gzip
accept-ranges: bytes
date: Mon, 05 Dec 2022 16:28:57 GMT
age: 8716761
x-served-by: cache-fra19129-FRA, cache-bma1667-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 22064
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 5ba2e3daf1ba29dc1ece8283677fcfd9
6e153df973cb27d9cd614f51399041192a36d87d
24a77f897d7b53e0112b1ef3471c254d6856fa9133f10365428fb64e0b338113
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "24A77F897D7B53E0112B1EF3471C254D6856FA9133F10365428FB64E0B338113"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4000
Expires: Mon, 05 Dec 2022 17:35:37 GMT
Date: Mon, 05 Dec 2022 16:28:57 GMT
Connection: keep-alive
e1.o.lencr.org/
23.33.119.27200 OK 345 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash a892e182d20d4feef31a099d8318ff6b
56d3a2a680efb4fe42d59cbfd43399e7e4a0ef7a
14fa9cec73261806b9d3550097d58cf8c7f75291e95fa5301d5bb11708d49ce8
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "14FA9CEC73261806B9D3550097D58CF8C7F75291E95FA5301D5BB11708D49CE8"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8439
Expires: Mon, 05 Dec 2022 18:49:36 GMT
Date: Mon, 05 Dec 2022 16:28:57 GMT
Connection: keep-alive
widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js
143.204.55.101200 OK 6.1 kB URL HTTP/2 widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js
IP 143.204.55.101:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (19239)
Hash 5add60196e5f96a414fb4b9586764e5d
633f471b3c2fcedeef9cad90cb5bf56f5fe55588
5370f4ba91dda790c7cae92817b812fcbd1ab367cbb4862f5669960ae4e2c9e0
GET /bootstrap/v5/tp.widget.bootstrap.min.js HTTP/1.1
Host: widget.trustpilot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://btcnations.eu/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/x-javascript
content-length: 6124
last-modified: Mon, 30 May 2022 14:38:02 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
accept-ranges: bytes
server: AmazonS3
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
date: Mon, 05 Dec 2022 01:28:24 GMT
cache-control: max-age=86400
etag: "5add60196e5f96a414fb4b9586764e5d"
x-cache: Hit from cloudfront
via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: xvAQqjFH1SI_Sp6ePoEu_aXnxR-F6pb7XrhdeVlhSXDR2UlxIvWcvA==
age: 54034
X-Firefox-Spdy: h2
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP 104.18.21.226:0
Hash ad8f52748539b21dcc2a93b9705d499d
098f0dea80ad88f4118ea281cfb1729d8399ddf7
eb1a55eee55919a9ff9b6a8294afc8966fc952a9620d8c35efd79892c6c4d288
POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 16:28:57 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "0E52F22898665241E90E684D968A240CA8B431E4"
Expires: Tue, 06 Dec 2022 03:00:00 GMT
Last-Modified: Mon, 05 Dec 2022 15:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 1837
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 774e2869fd310b55-OSL
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 8ead0ac4ce19cef2471bae0458759d89
af02fd3fcd2e10cfa2458407c0c2e59a43e18517
507b93c64bab73e393cf8d8131415ef4d4b01e65e0f2ab73597715197845e75e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 16:28:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 10898ccb9266e31a23cf13c231a3c00b
55efaa80c2c6952f72c58d43c5e0042427ae0916
52332fafaec0295cba423857e993fbcb6e2b043905a9da58da324e03429caba3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "52332FAFAEC0295CBA423857E993FBCB6E2B043905A9DA58DA324E03429CABA3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12745
Expires: Mon, 05 Dec 2022 20:01:22 GMT
Date: Mon, 05 Dec 2022 16:28:57 GMT
Connection: keep-alive
e1.o.lencr.org/
23.33.119.27200 OK 345 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash a892e182d20d4feef31a099d8318ff6b
56d3a2a680efb4fe42d59cbfd43399e7e4a0ef7a
14fa9cec73261806b9d3550097d58cf8c7f75291e95fa5301d5bb11708d49ce8
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "14FA9CEC73261806B9D3550097D58CF8C7F75291E95FA5301D5BB11708D49CE8"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8439
Expires: Mon, 05 Dec 2022 18:49:36 GMT
Date: Mon, 05 Dec 2022 16:28:57 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 5ba2e3daf1ba29dc1ece8283677fcfd9
6e153df973cb27d9cd614f51399041192a36d87d
24a77f897d7b53e0112b1ef3471c254d6856fa9133f10365428fb64e0b338113
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "24A77F897D7B53E0112B1EF3471C254D6856FA9133F10365428FB64E0B338113"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4000
Expires: Mon, 05 Dec 2022 17:35:37 GMT
Date: Mon, 05 Dec 2022 16:28:57 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 8ead0ac4ce19cef2471bae0458759d89
af02fd3fcd2e10cfa2458407c0c2e59a43e18517
507b93c64bab73e393cf8d8131415ef4d4b01e65e0f2ab73597715197845e75e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 16:28:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ad.a-ads.com/1884432?size=468x60
148.251.155.232200 OK 4.7 kB URL HTTP/1.1 ad.a-ads.com/1884432?size=468x60
IP 148.251.155.232:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (11122)
Hash 2c6568071131e5817baaf66da890492a
d24d8645642e14ecb9de5b63bcfc8c05faace9ab
20d44b073f2c3d41c08ed340f69dd1ba9419d37fea97e327313791546be09640
GET /1884432?size=468x60 HTTP/1.1
Host: ad.a-ads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://btcnations.eu/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Dec 2022 16:28:57 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding, Accept-Encoding
Status: 200 OK
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Powered-By: Phusion Passenger(R)
X-Original-Referer: http://btcnations.eu/
X-Robots-Tag: noindex, nofollow, nosnippet, noarchive
Content-Encoding: gzip
p3.adhitzads.com/?z=1156846&p=1372897868&l=http%3A//btcnations.eu/login.php&c=1
188.114.97.1200 OK 321 B URL HTTP/1.1 p3.adhitzads.com/?z=1156846&p=1372897868&l=http%3A//btcnations.eu/login.php&c=1
IP 188.114.97.1:0
File type ASCII text, with very long lines (647), with no line terminators
Hash e2fbb418a1f7d352a204e8af4bdf8410
261213384bc8ffd8d3a800f5474f3159ed837f5b
c6c940b7d527c878a0b924ac42665c22ad66ea09ad2a472d31a9a9e769fad461
GET /?z=1156846&p=1372897868&l=http%3A//btcnations.eu/login.php&c=1 HTTP/1.1
Host: p3.adhitzads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://btcnations.eu/
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 16:28:57 GMT
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.6.40
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Encoding: gzip
Vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d4dtUYqjV5ty35PyIfWvH0aXn1yQPnROvBL16I%2FXXTgkCVJMZNiWrqbuwjZsdlbE8I0iPauqpq0y2FZYN1Wzb4qwLz%2FbE4f9bYI%2FPjKPt0U%2FbHWoDVepadEXbVrvtEP8pUNZ"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 774e286aa93b1c02-OSL
alt-svc: h2=":443"; ma=60
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta2/webfonts/fa-solid-900.woff2
104.17.24.14200 OK 123 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta2/webfonts/fa-solid-900.woff2
IP 104.17.24.14:0
File type Web Open Font Format (Version 2), TrueType, length 122760, version 768.66\012- data
Size 123 kB (122760 bytes)
Hash d1bea16f470ff27ca26131a867131fda
c1e34985d239716f1f236b932f2ecf4fb4c167d2
57deb9ccde6d49564a916cc58a799d8ebd793c7aff69a7f3cce48cbfb0c48777
GET /ajax/libs/font-awesome/6.0.0-beta2/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://btcnations.eu
Connection: keep-alive
Referer: https://cdnjs.cloudflare.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 16:28:57 GMT
content-type: application/octet-stream; charset=utf-8
content-length: 122760
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "61498362-1df88"
last-modified: Tue, 21 Sep 2021 07:01:54 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 343798
expires: Sat, 25 Nov 2023 16:28:57 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rSYJMbpFhioNQ6AcxAimO%2BHTZgUiJ8owHvtneq8tu%2BBLOdbOoillAK07r6YXnWcsuQ6dDectYtrcO0GfLH8X%2F5WhejFGGfBbjotc%2BN%2FI7iwOOYhbMZubyc8KEkUGy1b6q6wtiSLQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 774e286b5a1fb529-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta2/webfonts/fa-regular-400.woff2
104.17.24.14200 OK 24 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta2/webfonts/fa-regular-400.woff2
IP 104.17.24.14:0
File type Web Open Font Format (Version 2), TrueType, length 23456, version 768.66\012- data
Hash e3e5eef95eb3652d939b8c86ecb47fac
ff36e7b2a956a05de0b94dbe7b1bf7e2d6d44cb2
445189de22489c06a549b75c8f8e95cc56639d4128cd72e76896b4d2a7c40ce2
GET /ajax/libs/font-awesome/6.0.0-beta2/webfonts/fa-regular-400.woff2 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://btcnations.eu
Connection: keep-alive
Referer: https://cdnjs.cloudflare.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 16:28:57 GMT
content-type: application/octet-stream; charset=utf-8
content-length: 23456
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "61498362-5ba0"
last-modified: Tue, 21 Sep 2021 07:01:54 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 2159200
expires: Sat, 25 Nov 2023 16:28:57 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3H%2FRbASvAmO8TZD4QzHfbA0C9MDDwMvlLew2%2FyDSRKiBVosDRjfTRmNpHpo0S2DASHc8IyNyRh8E94eBhfOpGwyiIo%2Bn5qcXoAR5t50FhB1RjjiYpQe2sQerIUrz0CUpMp0g%2Fdmi"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 774e286b7a4bb529-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta2/webfonts/fa-brands-400.woff2
104.17.24.14200 OK 105 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/font-awesome/6.0.0-beta2/webfonts/fa-brands-400.woff2
IP 104.17.24.14:0
File type Web Open Font Format (Version 2), TrueType, length 105264, version 768.66\012- data
Size 105 kB (105264 bytes)
Hash ef9332780500ea981e97dff51cc30669
4020ed1a099b98c421f09ceb9a92f4a1d8d5d9c8
ec372177b8e8df39d755e16551dfbbddcc53938ca52765fd730d0925885c964e
GET /ajax/libs/font-awesome/6.0.0-beta2/webfonts/fa-brands-400.woff2 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://btcnations.eu
Connection: keep-alive
Referer: https://cdnjs.cloudflare.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 16:28:57 GMT
content-type: application/octet-stream; charset=utf-8
content-length: 105264
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "61498362-19b30"
last-modified: Tue, 21 Sep 2021 07:01:54 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 290700
expires: Sat, 25 Nov 2023 16:28:57 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E0hKEEFilE1Ta3W9xxThOgJB%2FXUUGAA05ICvvNYvnSNQUvOGid9%2FuvkC8cJPGSFOolPEkhQxdzZQq9Z3fZn%2Fe4cPsfCQthOV9HnQ8P5fekyY300MIvBvWCFnbSuI10VdsMV21Zwv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 774e286b9a7db529-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash e778ae5e179055bfe258c897b19c4b71
b62791f7924504ee36ad5b1d9ab16639f2c29826
333cc7eb0c31f160f419781dadbc4172b8829800d97cae1bf089b215d3e5c0ea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "333CC7EB0C31F160F419781DADBC4172B8829800D97CAE1BF089B215D3E5C0EA"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19780
Expires: Mon, 05 Dec 2022 21:58:37 GMT
Date: Mon, 05 Dec 2022 16:28:57 GMT
Connection: keep-alive
p3.adhitzads.com/?z=1156846&p=1372897868&l=http%3A//btcnations.eu/login.php&c=2
188.114.97.1200 OK 321 B URL HTTP/1.1 p3.adhitzads.com/?z=1156846&p=1372897868&l=http%3A//btcnations.eu/login.php&c=2
IP 188.114.97.1:0
File type ASCII text, with very long lines (647), with no line terminators
Hash 6932f9b3a4e5ba28c474eac033d49196
61be65e4d1e527ee64d89c09939334f262ceabdc
5b707e8b6b77bbb27c27122bed8281546dfea5c0bd2662b7c3ee96dc6457b68d
GET /?z=1156846&p=1372897868&l=http%3A//btcnations.eu/login.php&c=2 HTTP/1.1
Host: p3.adhitzads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://btcnations.eu/
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 16:28:57 GMT
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.6.40
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Encoding: gzip
Vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rssS6SFP1VeIxfj%2FhyU7s2G51bsgZc9Ika%2F7TfRwnKzCiVRJDaJJvNuuNxL6153NkKGVBFfxhLR2G888nAPk8nnyiidKf7XlNZ5tXsWxHxSaA4vtGL0xMD0R5JpVhPsxH89C"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 774e286bba5b1c02-OSL
alt-svc: h2=":443"; ma=60
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 05 Dec 2022 16:11:19 GMT
cache-control: public,max-age=3600
age: 1058
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
adhitzads.com/1156846
188.114.96.1200 OK 782 B IP 188.114.96.1:0
File type ASCII text, with very long lines (448), with no line terminators
Hash 2cec175a61fa4560c3a23ad8814059bb
43409834a2813394241e55cdd8ba81236de24e40
013c6e53eb63267bf5d4d67b8397de03b4dfa6696cf57eda9a2301468eae0e6a
GET /1156846 HTTP/1.1
Host: adhitzads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://btcnations.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 16:28:57 GMT
content-type: text/html
vary: Accept-Encoding
expires: Mon, 05 Dec 2022 17:28:57 GMT
cache-control: max-age=3600, public
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FGRA7Sdz6AQ8Fnsi%2FtEBcd6jTjYUDPEYQLGRAdyHIq3cZAMFvcAhTVKM8ChxoZh3GER%2FjEfQPU7dfg2xuIFuGhkf9KpCxIJ%2BsSDFi%2FLO%2Boq0kxKahBLUMpS65UZRcTLa"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774e2869db8bb503-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.a-ads.com/a-ads-banners/426730/468x60?region=eu-central-1
148.251.155.232200 OK 46 kB URL HTTP/1.1 static.a-ads.com/a-ads-banners/426730/468x60?region=eu-central-1
IP 148.251.155.232:0
ASN #24940 Hetzner Online GmbH
File type PNG image data, 468 x 60, 8-bit/color RGBA, non-interlaced\012- data
Hash 48fd06fcc5b768e616430e38e7914e3f
11b0f363a50cd94292bc2f2e03224488e9533997
e6484ed60f8d7b1122483eb3a26a9efb1f4d05cb9cf6942b33ae760c1fa44ae5
GET /a-ads-banners/426730/468x60?region=eu-central-1 HTTP/1.1
Host: static.a-ads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ad.a-ads.com/
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 05 Dec 2022 16:28:57 GMT
Content-Type: image/png
Content-Length: 45835
Connection: keep-alive
x-amz-id-2: opqdVoOqf2jQl6CaArrZ0xWnoxEPHp3qspyTZN5QrUEHEwu9PX/8y+AEwDYE42QJ83fKWdMQEv4=
x-amz-request-id: SSVB077162255AP4
x-amz-replication-status: COMPLETED
Last-Modified: Mon, 21 Nov 2022 08:43:55 GMT
ETag: "48fd06fcc5b768e616430e38e7914e3f"
Cache-Control: max-age=315360000
x-amz-version-id: Ywf34qsXTpBtxzLwAJQ2VGX0EhSaUfQD
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Accept-Ranges: bytes
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 2b9d6a686aa3c4ea24568425e43a5221
d53bb4c9579bd1db78a0520619e888aec79f750f
c38734a8dbe51217d73896c0bf7f5c38c107fd79e0dee24b717f130377e9b5f7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 403
Cache-Control: max-age=146678
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 16:28:57 GMT
Etag: "638db4ac-1d7"
Expires: Wed, 07 Dec 2022 09:13:35 GMT
Last-Modified: Mon, 05 Dec 2022 09:06:52 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 5cafe08f919bfb18a934ec19ab467808
c7033c875222855548a39880045bd9cd9e04f416
b55d0c2fad1d2b53b0ec7d4f2556e0e7ba1aaae23c98db26a839c189156332e1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5673
Cache-Control: max-age=131779
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 16:28:57 GMT
Etag: "638d65e3-117"
Expires: Wed, 07 Dec 2022 05:05:16 GMT
Last-Modified: Mon, 05 Dec 2022 03:30:43 GMT
Server: ECS (amb/6B8F)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 5cafe08f919bfb18a934ec19ab467808
c7033c875222855548a39880045bd9cd9e04f416
b55d0c2fad1d2b53b0ec7d4f2556e0e7ba1aaae23c98db26a839c189156332e1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5674
Cache-Control: max-age=131779
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 16:28:58 GMT
Etag: "638d65e3-117"
Expires: Wed, 07 Dec 2022 05:05:17 GMT
Last-Modified: Mon, 05 Dec 2022 03:30:43 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 279
cryptocoinsad.com/banner/ads_banner/25309.gif
172.67.213.243200 OK 306 kB URL HTTP/2 cryptocoinsad.com/banner/ads_banner/25309.gif
IP 172.67.213.243:0
File type GIF image data, version 89a, 468 x 60\012- data
Size 306 kB (306186 bytes)
Hash 88ab67b544c1afbd4b01c828f47227a2
bcd238cb1c28a34c9a30d4a8f5a5f8928e9bd8d5
fd6c88f542e8145a1e1b6cc6ad7ee9ff507cb2ce41d2505658e85cf964d0d274
GET /banner/ads_banner/25309.gif HTTP/1.1
Host: cryptocoinsad.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cryptocoinsad.com/ads/show.php?a=253971&b=394622
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 16:28:58 GMT
content-type: image/gif
content-length: 306186
last-modified: Mon, 05 Dec 2022 07:47:19 GMT
etag: "638da207-4ac0a"
cache-control: max-age=10800
cf-cache-status: HIT
age: 1797
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F3JnEdps9di0HpKivQjYVQ0IaNT7ORKl2TtPQQZLM36AU0MqVmsER2ONnZk67BvcUkBi%2FVQTgc1f7LfJdhnwSjhaLMUONlsyLysscQl%2Fdr9W260EypBnVfy%2FkKrqarZvfrxPaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774e286eeb76b515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
push.services.mozilla.com/
54.71.202.2101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.71.202.2:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: lu8dgupeYM8FwVET2J5nuQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: CAOVPzjknCkrWoV7j/1c2iNxrYY=
zerads.com/ad/ad.php?width=468&ref=732
23.95.12.218200 OK 1.0 kB URL HTTP/1.1 zerads.com/ad/ad.php?width=468&ref=732
IP 23.95.12.218:0
ASN #36352 AS-COLOCROSSING
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 1c11402ec57283dd24ebb8b427133e07
eef38f7a81ea27499bf5494daf0e84edc260c190
e4a3d417d03297f91a444faa1835f5c2d55b3162ff420e49ffe62d05e60e2756
GET /ad/ad.php?width=468&ref=732 HTTP/1.1
Host: zerads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://btcnations.eu/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 16:28:56 GMT
Server: Apache
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
appsha-lon2.cointraffic.io/ats/inpage.js?v=1659089850949
109.109.135.90200 OK 12 kB URL HTTP/2 appsha-lon2.cointraffic.io/ats/inpage.js?v=1659089850949
IP 109.109.135.90:0
ASN #205072 Layershift Limited
File type HTML document, ASCII text, with very long lines (38212), with no line terminators
Hash 7cd3503d1b4a35d1c7e15cfa57e7fda4
0a281fa303030a5c8d0cf2018e731cd915f3800a
51c0b03dda79484a24a6c89cdfee880cb329a9c4468cbbb4abc1f8b6bbb04b6e
GET /ats/inpage.js?v=1659089850949 HTTP/1.1
Host: appsha-lon2.cointraffic.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://btcnations.eu
Connection: keep-alive
Referer: http://btcnations.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 16:28:57 GMT
content-type: application/javascript
last-modified: Fri, 29 Jul 2022 10:19:52 GMT
etag: W/"62e3b448-2bfb"
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
content-encoding: gzip
set-cookie: route=12248a2a00b21ebbfbced125d0163458; Path=/
SRVGROUP=common; path=/; Secure; HttpOnly
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 17 kB IP 93.184.220.29:0
Hash 4df67d1bbadba4fc5748768b9615482f
da8b566798ec05991ac62dc68a607492371c459f
ab75217ca7ad6e48e40dc4c79a02b6bfb805a40c8daf2e268b1ef58c84ddef54
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5862
Cache-Control: max-age=90231
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 16:28:58 GMT
Etag: "638cc2db-116"
Expires: Tue, 06 Dec 2022 17:32:49 GMT
Last-Modified: Sun, 04 Dec 2022 15:55:07 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 278
mellowads.com/ads/8C066665C22B.png
104.20.49.216200 OK 37 kB URL HTTP/1.1 mellowads.com/ads/8C066665C22B.png
IP 104.20.49.216:0
File type PNG image data, 468 x 60, 8-bit/color RGB, non-interlaced\012- data
Hash ceb733b7b3ad05cd26439ffd3e9818ce
6d54736579a20b3e0453987853d34dead6057d89
42ec5114351103d2998a5ed6a30224119bdbbcbe8d44fa59f2fa58afd725ae5d
GET /ads/8C066665C22B.png HTTP/1.1
Host: mellowads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zerads.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 16:28:58 GMT
Content-Type: image/png
Content-Length: 37314
Connection: keep-alive
Cache-Control: max-age=2678400
Cf-Bgj: imgq:100,h2pri
Cf-Polished: origSize=46225
ETag: "8726d90b3bfd81:0"
Last-Modified: Sat, 03 Sep 2022 16:38:15 GMT
CF-Cache-Status: HIT
Age: 20910
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 774e28704ae60b4d-OSL
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash ca05736b0ceec84d645bffdb071e25f5
5fd0c38f2538aa57437db034d5fd0284344645aa
f0fdf4d147edac0f39bf3c07457ab6259ea51e30019813b5ae2ccae002de6325
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3074
Cache-Control: max-age=119134
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 16:28:58 GMT
Etag: "638d3ea6-116"
Expires: Wed, 07 Dec 2022 01:34:32 GMT
Last-Modified: Mon, 05 Dec 2022 00:43:18 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash ca05736b0ceec84d645bffdb071e25f5
5fd0c38f2538aa57437db034d5fd0284344645aa
f0fdf4d147edac0f39bf3c07457ab6259ea51e30019813b5ae2ccae002de6325
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3074
Cache-Control: max-age=119134
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 16:28:58 GMT
Etag: "638d3ea6-116"
Expires: Wed, 07 Dec 2022 01:34:32 GMT
Last-Modified: Mon, 05 Dec 2022 00:43:18 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 278
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 7dfb548d8f8a99d32050803775fad5d6
8b47999a01db7c2217d76a1cec576809a229cf1b
68dd2a1e5a0002f4d25d3b5884ab55bc6b5a91e38f6dc464c4261b19c6e5887e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 16:28:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i.ibb.co/zbtMxW5/fav.png
162.19.58.156200 OK 657 B IP 162.19.58.156:0
File type PNG image data, 18 x 19, 8-bit/color RGBA, non-interlaced\012- data
Hash 41772bc44c8a85b92abf620e1d78509c
f71dfad3aeed2992cf821f5dbea3928bbb9fa241
a4b840e80840dc925b011e8e5dc85ad29af0b3c5d852103b1e578e9c82fa9d31
GET /zbtMxW5/fav.png HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zerads.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 16:28:58 GMT
content-type: image/png
content-length: 657
last-modified: Sat, 08 Jan 2022 17:29:49 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
translate.googleapis.com/translate_static/css/translateelement.css
142.250.74.138200 OK 3.6 kB URL HTTP/2 translate.googleapis.com/translate_static/css/translateelement.css
IP 142.250.74.138:0
File type ASCII text, with very long lines (18670)
Hash 897ba9a21d9625286674da769dacc2e2
84b4923ab7dee562395160824d53496314499b77
696cbf5c2f3f1efae555562b72abbbb22bed02eff03d62074555cab241190ae0
GET /translate_static/css/translateelement.css HTTP/1.1
Host: translate.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://btcnations.eu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="rosetta"
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-length: 3619
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 05 Dec 2022 16:18:18 GMT
expires: Mon, 05 Dec 2022 17:18:18 GMT
cache-control: public, max-age=3600
last-modified: Wed, 17 Aug 2022 23:38:00 GMT
content-type: text/css
age: 640
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 7dfb548d8f8a99d32050803775fad5d6
8b47999a01db7c2217d76a1cec576809a229cf1b
68dd2a1e5a0002f4d25d3b5884ab55bc6b5a91e38f6dc464c4261b19c6e5887e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 16:28:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 7dfb548d8f8a99d32050803775fad5d6
8b47999a01db7c2217d76a1cec576809a229cf1b
68dd2a1e5a0002f4d25d3b5884ab55bc6b5a91e38f6dc464c4261b19c6e5887e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 16:28:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 7dfb548d8f8a99d32050803775fad5d6
8b47999a01db7c2217d76a1cec576809a229cf1b
68dd2a1e5a0002f4d25d3b5884ab55bc6b5a91e38f6dc464c4261b19c6e5887e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 16:28:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cryptocoinsad.com/ads/show.php?a=253971&b=394622
172.67.213.243200 OK 1.3 kB URL HTTP/2 cryptocoinsad.com/ads/show.php?a=253971&b=394622
IP 172.67.213.243:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 0dee949e66e873a5d2fa6d79390bc4fb
7c2c5b659d5825423180a367498cb9917a87f6fa
0a77a05441d68244454b4f4d457a5b337f97eb69c0e586b81b462cc295171768
GET /ads/show.php?a=253971&b=394622 HTTP/1.1
Host: cryptocoinsad.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://btcnations.eu/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 16:28:58 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.2.24-0ubuntu0.18.04.15
set-cookie: i_277129394622=1; expires=Mon, 05-Dec-2022 16:38:58 GMT; Max-Age=600
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=igEsE8wlG66DwgVH8Vq6%2B943NWLrot5F%2FUbHABCMNlxKFv1ewLv%2BclcB9hyZatFf5Pms8UY6YKbkWov%2B8bR3jsU24GvVth1u54HnqUA24rbKczIAIM7uHDoJNTUA6LJLygOU6g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774e286e0a89b515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
18.185.190.54200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 18.185.190.54:0
File type ASCII text, with no line terminators
Hash e3f7c1650d1be55e6aae6260b37135b3
691eb2f613ed3ecf690b1b70280d8f41a9d30a1f
f5625fe07402d1634c802f2180c9c97bf1b8b0557ff8558d1de7cc63c07cb7bc
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://btcnations.eu
Connection: keep-alive
Referer: http://btcnations.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 16:28:58 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: http://btcnations.eu
access-control-allow-credentials: true
set-cookie: uid_id2=6f774bf7-1e5c-4d75-9c1c-c1a516dc8dfd:1:1; expires=Thu, 02 Dec 2032 16:28:58 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
btcnations.eu/favicon.ico
92.204.221.14404 Not Found 315 B URL HTTP/1.1 btcnations.eu/favicon.ico
IP 92.204.221.14:0
ASN #21499 Host Europe GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
GET /favicon.ico HTTP/1.1
Host: btcnations.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://btcnations.eu/login.php
Cookie: refsite=Unknown
HTTP/1.1 404 Not Found
Date: Mon, 05 Dec 2022 16:28:58 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
ocsp.sectigo.com/
172.64.155.188200 OK 280 B IP 172.64.155.188:0
Hash fe81538e07b7c219a0618e8bc273b676
e81a88a41f02c8ed7e7ce9bae321be31c467509b
55ca09955297fe3f54eb5025f0818765fb440ccdbc6586bab872cf51f61f5e08
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 16:28:58 GMT
Content-Type: application/ocsp-response
Content-Length: 280
Connection: keep-alive
Last-Modified: Fri, 02 Dec 2022 21:53:51 GMT
Expires: Fri, 09 Dec 2022 21:53:50 GMT
Etag: "e81a88a41f02c8ed7e7ce9bae321be31c467509b"
Cache-Control: max-age=364491,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 774e2870ddf0b523-OSL
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 79c225db327a78b782f5a9512b07eaf0
398a1be3a70264d959146d6670d2ca54cdf4e91a
8539ea44d81775448ae8c6179d54d8a397c559b112291fa78abcf6ac6c480815
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 16:28:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 79c225db327a78b782f5a9512b07eaf0
398a1be3a70264d959146d6670d2ca54cdf4e91a
8539ea44d81775448ae8c6179d54d8a397c559b112291fa78abcf6ac6c480815
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 16:28:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
216.58.207.227200 OK 7.9 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 7884, version 1.0\012- data
Hash 9212f6f9860f9fc6c69b02fedf6db8c3
ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
GET /s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://btcnations.eu
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:28:50 GMT
expires: Thu, 30 Nov 2023 19:28:50 GMT
cache-control: public, max-age=31536000
age: 421208
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open+Sans
142.250.74.106200 OK 8.4 kB URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans
IP 142.250.74.106:0
Hash e797fcb4f07edc40c866a7434ee70c79
a4156136a405483f63d037a56641a5ba6bb6bcb3
225804c0ce80dd1a1df43e2082b771839552f2b421eefbe3f15de7101d440b43
GET /css?family=Open+Sans HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://btcnations.eu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 05 Dec 2022 16:28:58 GMT
date: Mon, 05 Dec 2022 16:28:58 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 79c225db327a78b782f5a9512b07eaf0
398a1be3a70264d959146d6670d2ca54cdf4e91a
8539ea44d81775448ae8c6179d54d8a397c559b112291fa78abcf6ac6c480815
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 16:28:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/images/branding/product/1x/translate_24dp.png
216.58.211.3200 OK 846 B URL HTTP/2 www.gstatic.com/images/branding/product/1x/translate_24dp.png
IP 216.58.211.3:0
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash e9cd262114358f26b7608b56905185dc
6dbde0a96deaab2b529723ce26c62043cf9180ab
5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99
GET /images/branding/product/1x/translate_24dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://btcnations.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 846
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 05 Dec 2022 15:53:39 GMT
expires: Tue, 05 Dec 2023 15:53:39 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
content-type: image/png
age: 2119
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 2e388f1ab4ec88104f57cf23944ee684
39178c45ed645709cc388d5790b1b58a3272a62f
e33b88f6f77d90b65a8fed943a45623e51f1efbdae401a1652f24be68408dba0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 16:28:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/images/branding/product/2x/translate_24dp.png
216.58.211.3200 OK 1.8 kB URL HTTP/2 www.gstatic.com/images/branding/product/2x/translate_24dp.png
IP 216.58.211.3:0
File type PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash c69c796362406f9e11c7f4bf5bb628da
e489ce95ab56208090868882113d7416abf46775
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
GET /images/branding/product/2x/translate_24dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://translate.googleapis.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 1842
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 05 Dec 2022 14:04:16 GMT
expires: Tue, 05 Dec 2023 14:04:16 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
content-type: image/png
age: 8682
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/images/cleardot.gif
142.250.74.132200 OK 43 B URL HTTP/2 www.google.com/images/cleardot.gif
IP 142.250.74.132:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash fc94fb0c3ed8a8f909dbc7630a0987ff
56d45f8a17f5078a20af9962c992ca4678450765
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
GET /images/cleardot.gif HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://btcnations.eu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/gif
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 43
date: Mon, 05 Dec 2022 16:28:58 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
translate.google.com/gen204?sl=en&nca=te_ap&client=te&logld=vTE_20221115
216.58.211.14204 No Content 0 B URL HTTP/1.1 translate.google.com/gen204?sl=en&nca=te_ap&client=te&logld=vTE_20221115
IP 216.58.211.14:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /gen204?sl=en&nca=te_ap&client=te&logld=vTE_20221115 HTTP/1.1
Host: translate.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://btcnations.eu/
HTTP/1.1 204 No Content
Content-Type: image/gif; charset=us-ascii
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Date: Mon, 05 Dec 2022 16:28:58 GMT
Cross-Origin-Resource-Policy: cross-origin
Content-Security-Policy: require-trusted-types-for 'script';report-uri /_/TranslateApiHttp/cspreport, script-src 'nonce-JwqYWNp1CtB9ZPLhH43yLw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/TranslateApiHttp/cspreport;worker-src 'self'
Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
Cross-Origin-Opener-Policy: same-origin
Permissions-Policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
Server: ESF
Content-Length: 0
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
appsha-lon2.cointraffic.io/js/?wkey=7sJ0riJGkx
109.109.135.90200 OK 640 kB URL HTTP/2 appsha-lon2.cointraffic.io/js/?wkey=7sJ0riJGkx
IP 109.109.135.90:0
ASN #205072 Layershift Limited
Size 640 kB (640383 bytes)
Hash 0d2f291342c72dbc9871e5a92b8a1cd7
d98f5a3e9e74d5b220400e48555c93ecd3bc01a8
62d83cc24fb2667bda4c66dad03a59681480c971e9d706403d00fd7b8b722f8d
GET /js/?wkey=7sJ0riJGkx HTTP/1.1
Host: appsha-lon2.cointraffic.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://btcnations.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 16:28:57 GMT
content-type: application/javascript
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
content-security-policy: frame-ancestors 'self';frame-src 'self';
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: cross-origin-allow-popups
cross-origin-resource-policy: cross-origin
permissions-policy: geolocation=(self), payment=(self)
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block;
content-encoding: gzip
set-cookie: route=12248a2a00b21ebbfbced125d0163458; Path=/
SRVGROUP=common; path=/; Secure; HttpOnly
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash a05e0cb07bd8533b33347f573a207cf5
34fd6eb851376ff7b9e3cc9ec176f098ed750003
c50a306d710b3271c1be258f4d043da774fc392ee2989ff683ecf5fac9c43ea5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5589
Cache-Control: max-age=97520
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 16:28:59 GMT
Etag: "638ce066-116"
Expires: Tue, 06 Dec 2022 19:34:19 GMT
Last-Modified: Sun, 04 Dec 2022 18:01:10 GMT
Server: ECS (amb/6BA4)
X-Cache: HIT
Content-Length: 278
ocsp.usertrust.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 9a931c33d58a52e967ec0a2067cd5ec6
377b7bfd68cdea7be80d59816e7287bdae76a7eb
cab7f7531125a6e926cc0d890e1a828bfe32afada968a85f5d8ce9315cc66846
POST / HTTP/1.1
Host: ocsp.usertrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 16:28:59 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 04 Dec 2022 06:00:50 GMT
Expires: Sun, 11 Dec 2022 06:00:49 GMT
Etag: "377b7bfd68cdea7be80d59816e7287bdae76a7eb"
Cache-Control: max-age=597578,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 774e287509281c12-OSL
ocsp.usertrust.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 9a931c33d58a52e967ec0a2067cd5ec6
377b7bfd68cdea7be80d59816e7287bdae76a7eb
cab7f7531125a6e926cc0d890e1a828bfe32afada968a85f5d8ce9315cc66846
POST / HTTP/1.1
Host: ocsp.usertrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 16:28:59 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 04 Dec 2022 06:00:50 GMT
Expires: Sun, 11 Dec 2022 06:00:49 GMT
Etag: "377b7bfd68cdea7be80d59816e7287bdae76a7eb"
Cache-Control: max-age=597578,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 774e28752dbfb500-OSL
apps-pnd.ctengine.io/tmp
109.109.136.177204 No Content 0 B IP 109.109.136.177:0
ASN #205072 Layershift Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /tmp HTTP/1.1
Host: apps-pnd.ctengine.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: http://btcnations.eu/
Origin: http://btcnations.eu
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Mon, 05 Dec 2022 16:28:59 GMT
access-control-allow-origin: http://btcnations.eu
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
access-control-max-age: 1728000
set-cookie: route=15369fb4bf1bd25cd897a3bba2f39110; Path=/
SRVGROUP=common; path=/; Secure; HttpOnly
X-Firefox-Spdy: h2
p3.adhitzads.com/638e1c49968b6360647623gbtcnations.eu217195
188.114.97.1200 OK 2.0 kB URL HTTP/2 p3.adhitzads.com/638e1c49968b6360647623gbtcnations.eu217195
IP 188.114.97.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3363), with no line terminators
Hash 550b0a008adf3a14e3e0ba9051f21357
107a3decfaa395771f4e04cea5c0c0e2ccaa15c8
fdd257a85eea7fec10f89c36d261446f803ed29902cea573a1ba22b82aba5150
GET /638e1c49968b6360647623gbtcnations.eu217195 HTTP/1.1
Host: p3.adhitzads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://btcnations.eu/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 16:28:57 GMT
content-type: text/html; charset=UTF-8
expires: Mon, 05 Dec 2022 16:58:57 GMT
cache-control: max-age=1800, private
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gCXXqCLXd6%2BGMUtfYkknWwBxAqqG9VTqIlYuaa%2BQqYVfulYQrp%2Frzj9TVzhmRXRIhGF1dbgPzyT%2B1Z51fbmRUyXw2BV5MCo2rAP8DX3sH1wsXnNPmI6jE6CFpqyE6RcxLQVJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774e286c5a37b4ed-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash a11b56a2aed50e2375a187badf54612a
3d2f35135c66789795b9c943c69563ba4f07b6bf
cb248134a6e644316c77c98dd17a0adb6879e8660d7a1e2e7c1e9a84fc637be0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CB248134A6E644316C77C98DD17A0ADB6879E8660D7A1E2E7C1E9A84FC637BE0"
Last-Modified: Sat, 03 Dec 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11365
Expires: Mon, 05 Dec 2022 19:38:24 GMT
Date: Mon, 05 Dec 2022 16:28:59 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3395
Expires: Mon, 05 Dec 2022 17:25:34 GMT
Date: Mon, 05 Dec 2022 16:28:59 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3395
Expires: Mon, 05 Dec 2022 17:25:34 GMT
Date: Mon, 05 Dec 2022 16:28:59 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3395
Expires: Mon, 05 Dec 2022 17:25:34 GMT
Date: Mon, 05 Dec 2022 16:28:59 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3395
Expires: Mon, 05 Dec 2022 17:25:34 GMT
Date: Mon, 05 Dec 2022 16:28:59 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3395
Expires: Mon, 05 Dec 2022 17:25:34 GMT
Date: Mon, 05 Dec 2022 16:28:59 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa99f7bcf-386e-4655-b6f0-99abdf67f097.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa99f7bcf-386e-4655-b6f0-99abdf67f097.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2f60a6490f38a772dcd50a1132e98e1b
ff254a1df087d2c157d88a6ef04e395dc49efe5e
653e40becd103cd76cc2f194a87e933e8c548d346f87520fefca3b16430fc4ab
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa99f7bcf-386e-4655-b6f0-99abdf67f097.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8469
x-amzn-requestid: c17eff92-da62-4f0f-9e75-2741012ec43a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_sqFSjoAMFQ6w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d131d-61d61d2f0bb01ecb21b809ea;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:33 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: kf_hcK2d2YFhladZn1S4cyGq7vLTSKdWgPUTNT0M9LwHXuOV-nlgGw==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:52:07 GMT
age: 67012
etag: "ff254a1df087d2c157d88a6ef04e395dc49efe5e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp
34.120.237.76200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 43309032a892c486f9985ef520df696e
36f4682ca6a33ff80ee02129c77e6f27e996ede0
24225ff504f30405d9ec3feb2555c738fcca0d6b265f285aa9c73a64c78a496e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5681
x-amzn-requestid: 8f0d66b8-d532-48d9-9a29-74540cd6ab3a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cltXnEotIAMFqkA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc296-27349a376ff819ab63b04a81;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:41:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Uz-wJTZjej3sjP-O68BQ4hB_kkAecG0o7GkeZUan90ZgV87g0Cg_ZA==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:49:44 GMT
age: 67155
etag: "36f4682ca6a33ff80ee02129c77e6f27e996ede0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
captivateholscrook.com/watch.512509640433.js?key=c4f4d504d6aed3136018453428ddfe00&kw=%5B%22btc%22%2C%22nations%22%2C%22-%22%2C%22a%22%2C%22game%22%2C%22of%22%2C%22war%22%5D&refer=http%3A%2F%2Fbtcnations.eu%2Flogin.php&tz=0&dev=e&res=12.1053&uuid=6f774bf7-1e5c-4d75-9c1c-c1a516dc8dfd%3A1%3A1
173.233.137.60307 Temporary Redirect 0 B URL HTTP/1.1 captivateholscrook.com/watch.512509640433.js?key=c4f4d504d6aed3136018453428ddfe00&kw=%5B%22btc%22%2C%22nations%22%2C%22-%22%2C%22a%22%2C%22game%22%2C%22of%22%2C%22war%22%5D&refer=http%3A%2F%2Fbtcnations.eu%2Flogin.php&tz=0&dev=e&res=12.1053&uuid=6f774bf7-1e5c-4d75-9c1c-c1a516dc8dfd%3A1%3A1
IP 173.233.137.60:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.512509640433.js?key=c4f4d504d6aed3136018453428ddfe00&kw=%5B%22btc%22%2C%22nations%22%2C%22-%22%2C%22a%22%2C%22game%22%2C%22of%22%2C%22war%22%5D&refer=http%3A%2F%2Fbtcnations.eu%2Flogin.php&tz=0&dev=e&res=12.1053&uuid=6f774bf7-1e5c-4d75-9c1c-c1a516dc8dfd%3A1%3A1 HTTP/1.1
Host: captivateholscrook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://btcnations.eu
Connection: keep-alive
Referer: http://btcnations.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Mon, 05 Dec 2022 16:28:59 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://btcnations.eu
Access-Control-Allow-Origin: http://btcnations.eu
Access-Control-Allow-Credentials: true
Location: https://captivateholscrook.com/watch.512509640433.js?key=c4f4d504d6aed3136018453428ddfe00&kw=%5B%22btc%22%2C%22nations%22%2C%22-%22%2C%22a%22%2C%22game%22%2C%22of%22%2C%22war%22%5D&refer=http%3A%2F%2Fbtcnations.eu%2Flogin.php&tz=0&dev=e&res=12.1053&uuid=6f774bf7-1e5c-4d75-9c1c-c1a516dc8dfd%3A1%3A1&shu=b0b46e96fdfcd985d09234427f1c761a2d1e8db02525fb2734eb17ee948d9169e29e5dad8e81e5ff84a5e99a251ebabe0f0d34a2fb3e024fe19695339ca44bc0980a40eadab9c4cc8da0c93d4e37e8ae42e8ff5ad4989427ac69f339cd27a9640db2&pst=1670257799&rmtc=t
Set-Cookie: u_pl=17022883; expires=Tue, 06 Dec 2022 16:28:59 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzAyMjg4MywiayI6ImM0ZjRkNTA0ZDZhZWQzMTM2MDE4NDUzNDI4ZGRmZTAwIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNzkzOTIxLCJwaWQiOjIzOTA0MiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozNiwiYWlkIjoyNywicHQiOjQsInBrIjoieHZhM2p4eWpoaCIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwOi8vYnRjbmF0aW9ucy5ldS9sb2dpbi5waHAifX0.yQ6825_vBhy2HQ6gkNuxbXFZZsuCBAS6F1s0bZ89mNw; expires=Mon, 05 Dec 2022 16:29:59 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 68b1df90c71af67278b0b6d5e12a1aba
Strict-Transport-Security: max-age=0; includeSubdomains
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60dcc231-abb7-48f1-8ec5-e25b31bd100b.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60dcc231-abb7-48f1-8ec5-e25b31bd100b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 24c69d7ef356b352956d6dcbc9f5df1d
2cc31dc1c5d2d2a8b3a378dce8a1240a79acfec9
94d068620c34652cb2d24ca8b3cf962febe9606e6d3a33d937fc9d99f176edef
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60dcc231-abb7-48f1-8ec5-e25b31bd100b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10396
x-amzn-requestid: b879fd2e-b6cf-4373-b780-2d97481c45f8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cioNbH5KoAMFUsA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638a8722-6add7f8e225878473b20c015;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 23:15:46 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ir97GJKaFoW6BNXCcmMqp0JSUd5JhCACyUvLh5G-0BWCDVJsqs7XhQ==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 11:06:22 GMT
age: 19357
etag: "2cc31dc1c5d2d2a8b3a378dce8a1240a79acfec9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba55fcdd-99de-4263-a327-f32d949e3f4c.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba55fcdd-99de-4263-a327-f32d949e3f4c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6cefedc4583864e81ce91d9ac4344010
cdbd2e1c3c3afe7de3da0173747e0e31f799d8aa
0547a7d9ae068c4455301bb22115951a0801afc39b5ac3365603718f15ac2c41
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba55fcdd-99de-4263-a327-f32d949e3f4c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10946
x-amzn-requestid: 8d645cf9-e79d-451c-ada7-cf9fd4c1eb29
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clsvZGkBIAMF2Qw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc195-619ed6194f29e8de7ebd307e;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:37:25 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: M8odQFbH99g-dSx8P1VmvsW1bDcTivamIi5_12u1C00tmM9GRlRd7A==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 23:11:05 GMT
age: 62274
etag: "cdbd2e1c3c3afe7de3da0173747e0e31f799d8aa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg
34.120.237.76200 OK 4.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c01fe1cccdb3b672bbade6d98217ffe9
a9a529dc9894827f6243a1bf57f81caa4fe88fc2
c43da6212c79a08e22e78e04e99e8f5422e64b4b0a87f30b7907f1b4bc675c71
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4666
x-amzn-requestid: 850d341f-5ccb-453c-8adf-a8194f8fbdad
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clr_-GiboAMFwww=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc066-766293f2526e637235067aca;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:22 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: kmki-SBINSx1kbiIkaSGebdCLrnDeHVhYeotAWzE__CevkNDdfzRGg==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:44:05 GMT
age: 67494
etag: "a9a529dc9894827f6243a1bf57f81caa4fe88fc2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd528f6ee-d348-431d-8220-5c8b154b2941.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd528f6ee-d348-431d-8220-5c8b154b2941.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash db1701b7b9d161a0c935bb6e10b17893
22a8c4bd58c729c1abcf794466e8f3231dfb034b
b495524a33e5b1d3ba34cfbe867ada0da956c061370b1fcde06b23a6194a9787
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd528f6ee-d348-431d-8220-5c8b154b2941.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8315
x-amzn-requestid: f1bcc33b-aad9-4d3b-b1f9-49282f2d4fb9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clsAMGVboAMFfxg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc067-13472a097177d4751c8f7a8c;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:23 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: JuY0xcLDiERwrVhq33d4PP64liDqFfk9bc9xX1H62o0tOwrt1ek7Pg==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:42:39 GMT
age: 67580
etag: "22a8c4bd58c729c1abcf794466e8f3231dfb034b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
captivateholscrook.com/watch.512509640433.js?key=c4f4d504d6aed3136018453428ddfe00&kw=%5B%22btc%22%2C%22nations%22%2C%22-%22%2C%22a%22%2C%22game%22%2C%22of%22%2C%22war%22%5D&refer=http%3A%2F%2Fbtcnations.eu%2Flogin.php&tz=0&dev=e&res=12.1053&uuid=6f774bf7-1e5c-4d75-9c1c-c1a516dc8dfd%3A1%3A1&shu=b0b46e96fdfcd985d09234427f1c761a2d1e8db02525fb2734eb17ee948d9169e29e5dad8e81e5ff84a5e99a251ebabe0f0d34a2fb3e024fe19695339ca44bc0980a40eadab9c4cc8da0c93d4e37e8ae42e8ff5ad4989427ac69f339cd27a9640db2&pst=1670257799&rmtc=t
173.233.137.60200 OK 2.1 kB URL HTTP/1.1 captivateholscrook.com/watch.512509640433.js?key=c4f4d504d6aed3136018453428ddfe00&kw=%5B%22btc%22%2C%22nations%22%2C%22-%22%2C%22a%22%2C%22game%22%2C%22of%22%2C%22war%22%5D&refer=http%3A%2F%2Fbtcnations.eu%2Flogin.php&tz=0&dev=e&res=12.1053&uuid=6f774bf7-1e5c-4d75-9c1c-c1a516dc8dfd%3A1%3A1&shu=b0b46e96fdfcd985d09234427f1c761a2d1e8db02525fb2734eb17ee948d9169e29e5dad8e81e5ff84a5e99a251ebabe0f0d34a2fb3e024fe19695339ca44bc0980a40eadab9c4cc8da0c93d4e37e8ae42e8ff5ad4989427ac69f339cd27a9640db2&pst=1670257799&rmtc=t
IP 173.233.137.60:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (2652)
Hash 48981ca9e284ae3655df98af2f789dba
832f9f9dd36a0879c684a8b45cd55cc49bd63227
5415b897f65cd165867c2904983d0168a0c5feb9ee38f455a2756cbcb86e7d09
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.512509640433.js?key=c4f4d504d6aed3136018453428ddfe00&kw=%5B%22btc%22%2C%22nations%22%2C%22-%22%2C%22a%22%2C%22game%22%2C%22of%22%2C%22war%22%5D&refer=http%3A%2F%2Fbtcnations.eu%2Flogin.php&tz=0&dev=e&res=12.1053&uuid=6f774bf7-1e5c-4d75-9c1c-c1a516dc8dfd%3A1%3A1&shu=b0b46e96fdfcd985d09234427f1c761a2d1e8db02525fb2734eb17ee948d9169e29e5dad8e81e5ff84a5e99a251ebabe0f0d34a2fb3e024fe19695339ca44bc0980a40eadab9c4cc8da0c93d4e37e8ae42e8ff5ad4989427ac69f339cd27a9640db2&pst=1670257799&rmtc=t HTTP/1.1
Host: captivateholscrook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://btcnations.eu
Referer: http://btcnations.eu/
Connection: keep-alive
Cookie: u_pl=17022883; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzAyMjg4MywiayI6ImM0ZjRkNTA0ZDZhZWQzMTM2MDE4NDUzNDI4ZGRmZTAwIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNzkzOTIxLCJwaWQiOjIzOTA0MiwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjozNiwiYWlkIjoyNywicHQiOjQsInBrIjoieHZhM2p4eWpoaCIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo5MDc1MzQ1NywiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjM4OTE0LCJvbiI6IldpbmRvd3MiLCJvdiI6IjEwLjAiLCJiaWQiOjEyMDYyNSwiYm4iOiJGaXJlZm94IiwiYnYiOiIxMDUuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwOi8vYnRjbmF0aW9ucy5ldS9sb2dpbi5waHAifX0.yQ6825_vBhy2HQ6gkNuxbXFZZsuCBAS6F1s0bZ89mNw
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 05 Dec 2022 16:28:59 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://btcnations.eu
Access-Control-Allow-Origin: http://btcnations.eu
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=6f774bf7-1e5c-4d75-9c1c-c1a516dc8dfd:1:1; expires=Mon, 12 Dec 2022 16:28:59 GMT; secure; SameSite=None
iprc595e9e6801bbf77b947ae393ffe2d7a8=3569807; expires=Mon, 05 Dec 2022 20:28:59 GMT; secure; SameSite=None
pdhtkv=true; expires=Tue, 06 Dec 2022 16:28:59 GMT; secure; SameSite=None
uncs=1; expires=Tue, 06 Dec 2022 16:28:59 GMT; secure; SameSite=None
pdhtkv27=true; expires=Tue, 06 Dec 2022 16:28:59 GMT; secure; SameSite=None
uncs27=1; expires=Tue, 06 Dec 2022 16:28:59 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: f3dda289cc9fe7a50f337915a042d465
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
216.58.207.227200 OK 8.0 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 8000, version 1.0\012- data
Hash 72993dddf88a63e8f226656f7de88e57
179f97ec0275f09603a8db94d4380eb584d81cd5
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
GET /s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://cdn.ctengine.io
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 8000
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:28:50 GMT
expires: Thu, 30 Nov 2023 19:28:50 GMT
cache-control: public, max-age=31536000
age: 421209
last-modified: Wed, 27 Apr 2022 16:59:07 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.ctengine.io/blank/3/2/9/media/38896440177354a2d15f234167b4442c.svg
185.76.9.21200 OK 6.0 kB URL HTTP/2 cdn.ctengine.io/blank/3/2/9/media/38896440177354a2d15f234167b4442c.svg
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
File type JSON data\012- , ASCII text, with very long lines (915), with no line terminators
Hash b8c0e212ff6ff8d93b219eb1a7b5681c
ed0c06dc52773359d565629950c5068df3f69094
3e9f6c7dd71fb26102ba54908af27dcfe5c6e5720f4d8fc8a8d953d0136e1eda
GET /blank/3/2/9/media/38896440177354a2d15f234167b4442c.svg HTTP/1.1
Host: cdn.ctengine.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.ctengine.io/blank/3/2/9/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 16:28:59 GMT
content-type: image/svg+xml
last-modified: Fri, 17 Jun 2022 11:09:25 GMT
etag: W/"62ac60e5-37b8"
access-control-allow-origin: *
x-accel-expires: @1671017826
server: CDN77-Turbo
x-77-nzt: AblMCRTwg6X/6TgEAA
x-77-nzt-ray: af585630a5887f8a4b1c8e6317f7261e
x-cache: HIT
x-age: 276713
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
cdn.cloudimagesb.com/cti/56/ef/55/56ef55f6ef3bc03e69b8d66da27f0cd1/1658920055.png
45.133.44.10200 OK 67 kB URL HTTP/2 cdn.cloudimagesb.com/cti/56/ef/55/56ef55f6ef3bc03e69b8d66da27f0cd1/1658920055.png
IP 45.133.44.10:0
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 468 x 60, 8-bit/color RGBA, non-interlaced\012- data
Hash a98b4585db1c6db06d6857c73bb75fcb
02a896b08a79e873b2dd26200ee1f0665dc1c80a
fc08e863ffafe25aa63fe8b60c2d5135fc5f52caf0abae4da3f1a90e0f8ed96c
GET /cti/56/ef/55/56ef55f6ef3bc03e69b8d66da27f0cd1/1658920055.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 16:28:59 GMT
content-type: image/png
content-length: 67174
server: nginx/1.17.6
last-modified: Wed, 27 Jul 2022 11:07:43 GMT
etag: "62e11c7f-10666"
expires: Wed, 07 Dec 2022 16:28:59 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Poppins:wght@400;500&display=swap
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css2?family=Poppins:wght@400;500&display=swap
IP 142.250.74.106:0
GET /css2?family=Poppins:wght@400;500&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://btcnations.eu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 05 Dec 2022 16:28:58 GMT
date: Mon, 05 Dec 2022 16:28:58 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
online.gather.network/gather.app.js
188.114.97.1200 OK 0 B URL HTTP/2 online.gather.network/gather.app.js
IP 188.114.97.1:0
GET /gather.app.js HTTP/1.1
Host: online.gather.network
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://btcnations.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 16:28:57 GMT
content-type: application/javascript
cf-bgj: minify
age: 7100
content-security-policy: object-src 'none'; frame-ancestors 'self'; upgrade-insecure-requests
etag: W/"f37f901d719c300755f710bf459d3e9d"
last-modified: Thu, 21 Apr 2022 11:50:51 GMT
referrer-policy: same-origin
strict-transport-security: max-age=0; includeSubDomains; preload
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-id: 7HQzHHYmpQH26m0efJdzbqQC2433RTXbb48xOrrdl6Bv5n9EkBJx8A==
x-amz-cf-pop: OSL50-P1
x-amz-version-id: VglArmHs9gML2TmZoqqattony9HckyGM
x-cache: Hit from cloudfront
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0ZZyuvT6P1DX7GAIkkCIiwgLcr9Yd9kNQhnCtspa5vJguIsLJ9LusiGMmkjVJTkzuKlMyqSba562smGQYPyD2GUDqK7RHvHjROs1DOLDIZzkUsHUHOw%2Bg4zL%2BzXX3zr54O3B7s1LUag%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774e2869dca20b3d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.adsfcdn.com/js/WXd6Y1VrbE83cDA9.js
172.67.199.144200 OK 0 B URL HTTP/2 cdn.adsfcdn.com/js/WXd6Y1VrbE83cDA9.js
IP 172.67.199.144:0
GET /js/WXd6Y1VrbE83cDA9.js HTTP/1.1
Host: cdn.adsfcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://btcnations.eu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 16:28:58 GMT
content-type: application/javascript
last-modified: Mon, 14 Nov 2022 12:29:43 GMT
vary: Accept-Encoding
etag: W/"637234b7-d7b"
expires: Mon, 05 Dec 2022 22:18:41 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 22217
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XNJnKKP8ROsEpuBKUHAq4W1G4iSFG2AIJmlDKL472pChgvmWkV1uMAav77XWEUin8K6J%2Bq1SfXSqH%2BJUJEZhz9mwaT5PdalfiGZ9VzWa1LS43Y4XfP4Ngftog8KI4BfvIaQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774e28709d57b4ff-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
p3.adhitzads.com/638e1c496d5be612742624gbtcnations.eu217195
188.114.97.1200 OK 0 B URL HTTP/2 p3.adhitzads.com/638e1c496d5be612742624gbtcnations.eu217195
IP 188.114.97.1:0
GET /638e1c496d5be612742624gbtcnations.eu217195 HTTP/1.1
Host: p3.adhitzads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://btcnations.eu/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 16:28:57 GMT
content-type: text/html; charset=UTF-8
expires: Mon, 05 Dec 2022 16:58:57 GMT
cache-control: max-age=1800, private
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xh5BGVSxEnU6fEFC1AO0D8Mw%2Fc9keyDKsC2ig9PDrwjF5n3MDLoJf4oSW4dHIOqTs2UbVkiIP4fHnvSvSXXGk6mTcxV84Pjj2n6%2BbproApMeiqdko80pRqXo5oOk2Q4e2eaf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774e286c09d3b4ed-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.adsfirm.com/iframe/
172.67.138.234200 OK 0 B IP 172.67.138.234:0
GET /iframe/ HTTP/1.1
Host: cdn.adsfirm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://btcnations.eu/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 16:28:59 GMT
content-type: text/html
last-modified: Mon, 13 Jun 2022 08:58:03 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=naLlhB%2FYMfD26AARRVpJG%2F96rAssId%2FRhMpOEl7%2F9rFX6eeJAXcXo1MuoiNUUvG8MrFBCAu26lI7XP52IyeOb5DjQl4GXHjJo4un4HT8Td4e8nuZ97WYv%2F%2BAyfFUPKEvirA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774e28751a680afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
apps-pnd.ctengine.io/tmp
109.109.136.177200 OK 0 B IP 109.109.136.177:0
ASN #205072 Layershift Limited
POST /tmp HTTP/1.1
Host: apps-pnd.ctengine.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 65
Origin: http://btcnations.eu
Connection: keep-alive
Referer: http://btcnations.eu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 16:28:59 GMT
content-type: text/javascript;charset=UTF-8
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-origin: http://btcnations.eu
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
set-cookie: route=b7079bd3f8a3cf30bf6a7d667b7a65df; Path=/
SRVGROUP=common; path=/; Secure; HttpOnly
X-Firefox-Spdy: h2
cdn.ctengine.io/blank/3/2/9/media/0c1cd69ff631ed15ed99f189cd1d70d4.svg
185.76.9.21200 OK 0 B URL HTTP/2 cdn.ctengine.io/blank/3/2/9/media/0c1cd69ff631ed15ed99f189cd1d70d4.svg
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
GET /blank/3/2/9/media/0c1cd69ff631ed15ed99f189cd1d70d4.svg HTTP/1.1
Host: cdn.ctengine.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.ctengine.io/blank/3/2/9/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 16:28:59 GMT
content-type: image/svg+xml
last-modified: Fri, 17 Jun 2022 11:09:24 GMT
etag: W/"62ac60e4-1219"
access-control-allow-origin: *
x-accel-expires: @1671017776
server: CDN77-Turbo
x-77-nzt: AblMCRRqctH/GzkEAA
x-77-nzt-ray: af585630a5887f8a4b1c8e63daa0d31d
x-cache: HIT
x-age: 276763
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
cdn.ctengine.io/blank/3/2/9/media/d1e048700429cf505cddd442a1fe6dca.svg
185.76.9.21200 OK 0 B URL HTTP/2 cdn.ctengine.io/blank/3/2/9/media/d1e048700429cf505cddd442a1fe6dca.svg
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
GET /blank/3/2/9/media/d1e048700429cf505cddd442a1fe6dca.svg HTTP/1.1
Host: cdn.ctengine.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.ctengine.io/blank/3/2/9/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 16:28:59 GMT
content-type: image/svg+xml
last-modified: Fri, 17 Jun 2022 11:09:26 GMT
etag: W/"62ac60e6-e78"
access-control-allow-origin: *
x-accel-expires: @1671017776
server: CDN77-Turbo
x-77-nzt: AblMCRSOp7//GzkEAA
x-77-nzt-ray: af585630a5887f8a4b1c8e63d59be51d
x-cache: HIT
x-age: 276763
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
216.58.211.14200 OK 0 B URL HTTP/2 translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
IP 216.58.211.14:0
GET /translate_a/element.js?cb=googleTranslateElementInit HTTP/1.1
Host: translate.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://btcnations.eu/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 05 Dec 2022 16:28:57 GMT
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: CONSENT=PENDING+019; expires=Wed, 04-Dec-2024 16:28:57 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.ctengine.io/blank/3/2/9/index.html
185.76.9.21200 OK 0 B URL HTTP/2 cdn.ctengine.io/blank/3/2/9/index.html
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
GET /blank/3/2/9/index.html HTTP/1.1
Host: cdn.ctengine.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://btcnations.eu/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 05 Dec 2022 16:28:59 GMT
content-type: text/html
last-modified: Fri, 17 Jun 2022 11:09:04 GMT
etag: W/"62ac60d0-3949"
access-control-allow-origin: *
x-accel-expires: @1671017824
server: CDN77-Turbo
x-77-nzt: AblMCRQ+Upz/6zgEAA
x-77-nzt-ray: af585630a5887f8a4b1c8e6346ac0617
x-cache: HIT
x-age: 276715
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
cdn.ctengine.io/blank/3/2/9/4e5b5a9902976095b36b368791812d86.js
185.76.9.21200 OK 0 B URL HTTP/2 cdn.ctengine.io/blank/3/2/9/4e5b5a9902976095b36b368791812d86.js
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
GET /blank/3/2/9/4e5b5a9902976095b36b368791812d86.js HTTP/1.1
Host: cdn.ctengine.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn.ctengine.io/blank/3/2/9/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 05 Dec 2022 16:28:59 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Fri, 17 Jun 2022 11:09:04 GMT
etag: W/"62ac60d0-12f08"
access-control-allow-origin: *
x-accel-expires: @1671017825
server: CDN77-Turbo
x-77-nzt: AblMCRT9wcL/6jgEAA
x-77-nzt-ray: af585630a5887f8a4b1c8e6353f67b18
x-cache: HIT
x-age: 276714
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
ad.a-ads.com/2081223?size=728x90
148.251.155.232200 OK 0 B URL HTTP/2 ad.a-ads.com/2081223?size=728x90
IP 148.251.155.232:0
ASN #24940 Hetzner Online GmbH
GET /2081223?size=728x90 HTTP/1.1
Host: ad.a-ads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://zerads.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 16:28:58 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding, Accept-Encoding
status: 200 OK
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-powered-by: Phusion Passenger(R)
x-original-referer: https://zerads.com/
x-robots-tag: noindex, nofollow, nosnippet, noarchive
content-encoding: gzip
X-Firefox-Spdy: h2