Report - rule34.xyz/

Report Overview

Submitted URL
rule34.xyz/
IP
31.222.238.177
ASN
#43624 Pq Hosting S.r.l.
Submitted
2022-09-20 19:35:17
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
12

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
www.googletagmanager.com	75	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	364 B	39 kB	142.250.74.72
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	153 kB	142.250.74.163
stats.g.doubleclick.net	96	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	579 B	705 B	142.251.1.156
ocsp.globalsign.com	2075	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	347 B	1.4 kB	104.18.21.226
mc.yandex.ru	2672	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.4 kB	76 kB	87.250.251.119
region1.google-analytics.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	614 B	557 B	216.239.34.36
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	143.204.55.36
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
www.google.com	7	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	496 B	694 B	142.250.74.164
www.google.no	25607	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	495 B	694 B	142.250.74.3
rule34.xyz	84497	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	26 kB	3.1 MB	31.222.238.177
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4.0 kB	8.4 kB	142.250.74.3
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	52.89.17.198
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.6 kB	4.4 kB	23.36.77.32
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	143.204.55.25
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	70 kB	34.120.237.76
bg4nxu2u5t.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.7 kB	47 kB	62.122.171.6
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	329 B	737 B	93.184.220.29

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-09-20	medium	bg4nxu2u5t.com	Sinkholed
2022-09-20	medium	bg4nxu2u5t.com	Sinkholed
2022-09-20	medium	bg4nxu2u5t.com	Sinkholed
2022-09-20	medium	bg4nxu2u5t.com	Sinkholed
2022-09-20	medium	bg4nxu2u5t.com	Sinkholed
2022-09-20	medium	bg4nxu2u5t.com	Sinkholed

JavaScript (14)

	URL	Size	First Seen	Last Seen
	bg4nxu2u5t.com/aas/r45d/vki/1780566/1a4e43bc.js	68 kB	2023-03-07	2023-03-07
Pretty URL bg4nxu2u5t.com/aas/r45d/vki/1780566/1a4e43bc.js IP 62.122.171.6 ASN #50245 Serverel Inc. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 21:58:40 Last Seen2023-03-07 21:58:40 Times Seen1 Hash c4d2c75170d88de60cb2523fdc1af271 4b3dc6624730943a4f8dabff0e364222ba3ff657 2731e7782d148e9d1ba8f228fac6e9d8dd375823088f4fbdd39a9fe5bb43a4b2 Loading...

	bg4nxu2u5t.com/get/1937894?zoneid=1937894&jp=_cld6e353pe5u1wxc9sp18r&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=7145906825217671	37 B	2023-03-07	2024-04-25
Pretty URL bg4nxu2u5t.com/get/1937894?zoneid=1937894&jp=_cld6e353pe5u1wxc9sp18r&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=7145906825217671 IP 62.122.171.6 ASN #50245 Serverel Inc. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:23 Last Seen2024-04-25 16:09:47 Times Seen2325 Hash 26c0446473cdbedd7eb18169ae75e0fd c2a8a31848b22f49c044d0e8f2b4a48e856e08b8 c94588c2c490281057748a6bc21191dae810fb22ce8cc638b5e3fc7d390eb165 Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-07	2024-04-25
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2024-04-25 19:24:16 Times Seen842 Hash d40531c5e99a6f84e42535859476fe35 a901817d77b2fe5259c298c91bc65c54d7f8a1a9 a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210 Loading...

	www.googletagmanager.com/gtag/js?id=G-R4GRY2G49W&l=dataLayer&cx=c	212 kB	2023-03-07	2023-03-07
Pretty URL www.googletagmanager.com/gtag/js?id=G-R4GRY2G49W&l=dataLayer&cx=c IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 21:58:40 Last Seen2023-03-07 21:58:40 Times Seen1 Hash ae2b9227a6ac4f5c0b74ac338d3d1ca9 a1f3bd4735a053770734edb64b7afe79421ff071 b3fdbd9e9e8cbba3b40b645bc269ea8d4e2f54aa85fc4456e718e987ac6aace7 Loading...

	rule34.xyz/	349 B	2023-03-07	2023-12-12
Pretty URL rule34.xyz/ IP 31.222.238.177 ASN #43624 Pq Hosting S.r.l. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 21:58:40 Last Seen2023-12-12 16:16:35 Times Seen7 Hash 4edc304205f9436d72b2ff9a0743a81b 6b44498f2a358d08c7d3a669354f6746b0cc545d f734f5da3b22c00dd3fcca0758ce05beebb465617d3934b805a970d9239c001d Loading...

	rule34.xyz/polyfills-es2015.10f5ef413ad7eb91b554.js	37 kB	2023-03-07	2023-12-12
Pretty URL rule34.xyz/polyfills-es2015.10f5ef413ad7eb91b554.js IP 31.222.238.177 ASN #43624 Pq Hosting S.r.l. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 21:58:40 Last Seen2023-12-12 16:16:59 Times Seen50 Hash 3126d8f9e8eeb3f382e3ff4b4f2f3371 b2b42c137c7f033fd6640629368b3a5d31f3b6f4 8c5b43165c2c034f9496624b4ed3342570c367b9a7ef9db96ae66a6f786ab277 Loading...

	rule34.xyz/runtime-es2015.8c1dfa218bbfed4f8c2a.js	2.5 kB	2023-03-07	2023-12-12
Pretty URL rule34.xyz/runtime-es2015.8c1dfa218bbfed4f8c2a.js IP 31.222.238.177 ASN #43624 Pq Hosting S.r.l. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 21:58:40 Last Seen2023-12-12 16:16:59 Times Seen41 Hash fa306a5cf5db76555fa629c28df96834 cfc58ebc5375edece30a9a37922369dd6bf4b80a 27fe677a858739be13c63a7b3fcbfa1d77728e8ad9900fa39677a57203a463b9 Loading...

	bg4nxu2u5t.com/aas/r45d/vki/1937894/b69dad17.js	68 kB	2023-03-07	2023-03-07
Pretty URL bg4nxu2u5t.com/aas/r45d/vki/1937894/b69dad17.js IP 62.122.171.6 ASN #50245 Serverel Inc. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 21:58:40 Last Seen2023-03-07 21:58:40 Times Seen1 Hash 3148ad79e3e278c0ced9bc97a079e28f f9fa8eac7215633ae4da09a23df2e09c34e45393 2a13773025e006f522a857ea6a6045dc331a521fe1c1a2fd58189816b4966bec Loading...

	bg4nxu2u5t.com/get/1780566?zoneid=1780566&jp=_clxpepora9gks0vp05w9fj&nojs=0&ix=0&abvar=28&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=7990331755371059	2.6 kB	2023-03-07	2023-03-07
Pretty URL bg4nxu2u5t.com/get/1780566?zoneid=1780566&jp=_clxpepora9gks0vp05w9fj&nojs=0&ix=0&abvar=28&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=7990331755371059 IP 62.122.171.6 ASN #50245 Serverel Inc. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 21:58:40 Last Seen2023-03-07 21:58:40 Times Seen1 Hash 38d56b5cf02a1b317aedfad74029f9a3 d8317c7db945f29124a92a7d6d9cc874589b02c3 9242f7086f8ee0cc42cf790ae2313c21df24605143a9d86997ac638cca5f694f Loading...

	rule34.xyz/	532 B	2023-03-07	2023-12-12
Pretty URL rule34.xyz/ IP 31.222.238.177 ASN #43624 Pq Hosting S.r.l. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 21:58:40 Last Seen2023-12-12 16:16:59 Times Seen7 Hash c0736df5bc2d804a8452871c3cd295d2 1d06a43c6714336cb341d991d6f9779a53d24f61 7b396328ab1bc186ad2b0dce0f0b70a6eb8b067f2e65920537a0509eaff8c6a2 Loading...

	rule34.xyz/	433 B	2023-03-07	2023-03-07
Pretty URL rule34.xyz/ IP 31.222.238.177 ASN #43624 Pq Hosting S.r.l. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 21:58:40 Last Seen2023-03-07 21:58:40 Times Seen1 Hash 3e620dc3f2f135f93aad6504b25c6776 ca81656974e22e25fbd8d2f30136cea21a689f86 d5861bea22a2c5837ad85a134de8859cb8b90132bf5e7d359b2fa1418d322613 Loading...

	rule34.xyz/main-es2015.ded06dec06650aa2dd25.js	1.3 MB	2023-03-07	2023-03-10
Pretty URL rule34.xyz/main-es2015.ded06dec06650aa2dd25.js IP 31.222.238.177 ASN #43624 Pq Hosting S.r.l. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 21:58:40 Last Seen2023-03-10 10:55:30 Times Seen1 Hash afea5f0c2a54343da740e7aebe9c3ffb 55b72fbde8c2a8835949577a15102b6bdb4205b2 d8a154b1637b240b015bdb31c114088f0bd63adea287464126c5e2bb645583f6 Loading...

	www.googletagmanager.com/gtm.js?id=GTM-TFMCMS4	98 kB	2023-03-07	2023-03-07
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-TFMCMS4 IP 142.250.74.72 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 21:58:40 Last Seen2023-03-07 21:58:40 Times Seen1 Hash 61188ee5e3a2de29dbb018aa25db8113 a0171637ff156e391c4f41a4f911973be14db79a 5bdd7a2731b9de7bba98bd4dd86268947bc04e20219be975445d25fffb133e90 Loading...

	mc.yandex.ru/metrika/tag.js	210 kB	2023-03-07	2023-03-07
Pretty URL mc.yandex.ru/metrika/tag.js IP 87.250.251.119 ASN #13238 YANDEX LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 21:42:24 Last Seen2023-03-07 23:46:18 Times Seen1 Hash d526c3bd92756a3a29383db2a6cb936a 16f7d0524bfe0dfd42a009fdfc5b0e98187fe5af ecde853cc80c2524bcdf269dcb2e01990db429d54cda8bd6ceb9c34dc36561c1 Loading...

HTTP Transactions (104)

URL IP Response Size

rule34.xyz/

31.222.238.177

307 Temporary Redirect

0 B

URL HTTP/1.1
rule34.xyz/
IP
31.222.238.177:0
ASN
#43624 Pq Hosting S.r.l.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: rule34.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 307 Temporary Redirect
Date: Tue, 20 Sep 2022 19:35:04 GMT
Server: Kestrel
Content-Length: 0
Location: https://rule34.xyz/

firefox.settings.services.mozilla.com/v1/

143.204.55.36

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.36:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 20 Sep 2022 19:03:07 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: wuNQ3XNOTaLjkwlif4zhT1YoLewJBMRKSS6opnzNpSQVURaLiaLZ7A==
Age: 1918

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
861cfa99de956423d917ed0ddbea4b9c
ad65dbc394b48b04a45c205f56af296c8d008db4
5c706b2718b1698995f4feb91223779aef4bf6dc967c31f9ef9a93873197d5f9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5C706B2718B1698995F4FEB91223779AEF4BF6DC967C31F9EF9A93873197D5F9"
Last-Modified: Sun, 18 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3889
Expires: Tue, 20 Sep 2022 20:39:54 GMT
Date: Tue, 20 Sep 2022 19:35:05 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain

143.204.55.25

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP
143.204.55.25:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 20 Sep 2022 04:35:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 5rHkxno20D1xzJv2p1BXq_ALFAsn0ijXmoxFYNSHSE8tPVKKkpEkVw==
age: 53992
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8ab380149c64b0230d8dd2ed7c5ce03d
79d87c84f12b343964df5a47ca2453e3cdd419a5
51253ebac66551c8dc62c9c00a941e23bf92105f22d0eee13ec187d067ecf56d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "51253EBAC66551C8DC62C9C00A941E23BF92105F22D0EEE13EC187D067ECF56D"
Last-Modified: Tue, 20 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13516
Expires: Tue, 20 Sep 2022 23:20:21 GMT
Date: Tue, 20 Sep 2022 19:35:05 GMT
Connection: keep-alive

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 19:35:05 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

rule34.xyz/assets/images/discord_32.png

31.222.238.177

200 OK

833 B

URL HTTP/2
rule34.xyz/assets/images/discord_32.png
IP
31.222.238.177:0
ASN
#43624 Pq Hosting S.r.l.

File type
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Size
833 B (833 bytes)
Hash
a9670c588d6d7b07ccfb3d125173de21
fad6bb4af7258dacca5412cf3ced4ac1f984ee69
214077b40659aa214c997cf921ead8a4952fa16ba3f64d7953c369ae03e648f8

HTTP Headers

GET /assets/images/discord_32.png HTTP/1.1
Host: rule34.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rule34.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public,max-age=31536000
date: Tue, 20 Sep 2022 19:35:04 GMT
content-type: image/png
last-modified: Tue, 20 Sep 2022 19:20:06 GMT
accept-ranges: bytes
etag: "1d8cd25fd9f7441"
server: Kestrel
content-length: 833
strict-transport-security: max-age=2592000
X-Firefox-Spdy: h2

rule34.xyz/assets/images/twitter.png

31.222.238.177

200 OK

1.3 kB

URL HTTP/2
rule34.xyz/assets/images/twitter.png
IP
31.222.238.177:0
ASN
#43624 Pq Hosting S.r.l.

File type
PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Size
1.3 kB (1317 bytes)
Hash
501d6dfa0f9f66cc740e95fc952dbb68
4b0f77b1f2f45866f554a9349a10d19ce5191057
ab5f3e319577d3bcc1c2db4fadddb215b7b16976cd780881ca785221b34c3434

HTTP Headers

GET /assets/images/twitter.png HTTP/1.1
Host: rule34.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rule34.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public,max-age=31536000
date: Tue, 20 Sep 2022 19:35:04 GMT
content-type: image/png
last-modified: Tue, 20 Sep 2022 19:20:06 GMT
accept-ranges: bytes
etag: "1d8cd25fd9f7225"
server: Kestrel
content-length: 1317
strict-transport-security: max-age=2592000
X-Firefox-Spdy: h2

rule34.xyz/assets/images/flags/en.png

31.222.238.177

200 OK

4.8 kB

URL HTTP/2
rule34.xyz/assets/images/flags/en.png
IP
31.222.238.177:0
ASN
#43624 Pq Hosting S.r.l.

File type
PNG image data, 256 x 171, 8-bit/color RGBA, non-interlaced\012- data
Size
4.8 kB (4849 bytes)
Hash
dda9cec7d5c5f13201b0f59e83ad74a2
99797780c3381911facf4a7f725795d44b4ced88
7a7a13c54037d440227c51cdd42501d095a43cf6cc1c6f34150224d68b57317b

HTTP Headers

GET /assets/images/flags/en.png HTTP/1.1
Host: rule34.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rule34.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public,max-age=31536000
date: Tue, 20 Sep 2022 19:35:04 GMT
content-type: image/png
last-modified: Tue, 20 Sep 2022 19:20:06 GMT
accept-ranges: bytes
etag: "1d8cd25fd9f65f1"
server: Kestrel
content-length: 4849
strict-transport-security: max-age=2592000
X-Firefox-Spdy: h2

rule34.xyz/assets/images/r34xyz.png

31.222.238.177

200 OK

3.0 kB

URL HTTP/2
rule34.xyz/assets/images/r34xyz.png
IP
31.222.238.177:0
ASN
#43624 Pq Hosting S.r.l.

File type
PNG image data, 192 x 192, 8-bit colormap, non-interlaced\012- data
Size
3.0 kB (2950 bytes)
Hash
e16ed231acdbbfe680da8526bb1d6724
65cc448611ae56224ffbe651d798f19e7f225f39
16e5dda70ec1757be18cb2d0f63b15333fbebed549e31535597dc6bc36a6a769

HTTP Headers

GET /assets/images/r34xyz.png HTTP/1.1
Host: rule34.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rule34.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public,max-age=31536000
date: Tue, 20 Sep 2022 19:35:04 GMT
content-type: image/png
last-modified: Tue, 20 Sep 2022 19:20:06 GMT
accept-ranges: bytes
etag: "1d8cd25fd9f7c86"
server: Kestrel
content-length: 2950
strict-transport-security: max-age=2592000
X-Firefox-Spdy: h2

rule34.xyz/runtime-es2015.8c1dfa218bbfed4f8c2a.js

31.222.238.177

200 OK

2.5 kB

URL HTTP/2
rule34.xyz/runtime-es2015.8c1dfa218bbfed4f8c2a.js
IP
31.222.238.177:0
ASN
#43624 Pq Hosting S.r.l.

File type
ASCII text, with very long lines (2473), with no line terminators
Size
2.5 kB (2473 bytes)
Hash
fa306a5cf5db76555fa629c28df96834
cfc58ebc5375edece30a9a37922369dd6bf4b80a
27fe677a858739be13c63a7b3fcbfa1d77728e8ad9900fa39677a57203a463b9

HTTP Headers

GET /runtime-es2015.8c1dfa218bbfed4f8c2a.js HTTP/1.1
Host: rule34.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rule34.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public,max-age=31536000
date: Tue, 20 Sep 2022 19:35:04 GMT
content-type: application/javascript
last-modified: Tue, 20 Sep 2022 19:20:06 GMT
accept-ranges: bytes
etag: "1d8cd25fd9f7ea9"
server: Kestrel
content-length: 2473
strict-transport-security: max-age=2592000
X-Firefox-Spdy: h2

rule34.xyz/polyfills-es2015.10f5ef413ad7eb91b554.js

31.222.238.177

200 OK

37 kB

URL HTTP/2
rule34.xyz/polyfills-es2015.10f5ef413ad7eb91b554.js
IP
31.222.238.177:0
ASN
#43624 Pq Hosting S.r.l.

File type
ASCII text, with very long lines (36973), with no line terminators
Size
37 kB (36973 bytes)
Hash
3126d8f9e8eeb3f382e3ff4b4f2f3371
b2b42c137c7f033fd6640629368b3a5d31f3b6f4
8c5b43165c2c034f9496624b4ed3342570c367b9a7ef9db96ae66a6f786ab277

HTTP Headers

GET /polyfills-es2015.10f5ef413ad7eb91b554.js HTTP/1.1
Host: rule34.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rule34.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public,max-age=31536000
date: Tue, 20 Sep 2022 19:35:04 GMT
content-type: application/javascript
last-modified: Tue, 20 Sep 2022 19:20:06 GMT
accept-ranges: bytes
etag: "1d8cd25fd9fe76d"
server: Kestrel
content-length: 36973
strict-transport-security: max-age=2592000
X-Firefox-Spdy: h2

rule34.xyz/styles.0551c7465b0cc99fa3c6.css

31.222.238.177

200 OK

345 kB

URL HTTP/2
rule34.xyz/styles.0551c7465b0cc99fa3c6.css
IP
31.222.238.177:0
ASN
#43624 Pq Hosting S.r.l.

File type
ASCII text, with very long lines (55435)
Size
345 kB (344877 bytes)
Hash
6364a642aaef90d2b01a784342ad6bea
bcf22dc32e9a2920b3e926297d6d69165b798499
bede92f15609cfc8a070c3217494987365f99eb877e6d45689b0fcea55a5a681

HTTP Headers

GET /styles.0551c7465b0cc99fa3c6.css HTTP/1.1
Host: rule34.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rule34.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public,max-age=31536000
date: Tue, 20 Sep 2022 19:35:04 GMT
content-type: text/css
last-modified: Tue, 20 Sep 2022 19:20:06 GMT
accept-ranges: bytes
etag: "1d8cd25fd9a342d"
server: Kestrel
content-length: 344877
strict-transport-security: max-age=2592000
X-Firefox-Spdy: h2

rule34.xyz/main-es2015.ded06dec06650aa2dd25.js

31.222.238.177

200 OK

1.3 MB

URL HTTP/2
rule34.xyz/main-es2015.ded06dec06650aa2dd25.js
IP
31.222.238.177:0
ASN
#43624 Pq Hosting S.r.l.

File type
ASCII text, with very long lines (65536), with no line terminators
Size
1.3 MB (1282432 bytes)
Hash
afea5f0c2a54343da740e7aebe9c3ffb
55b72fbde8c2a8835949577a15102b6bdb4205b2
d8a154b1637b240b015bdb31c114088f0bd63adea287464126c5e2bb645583f6

HTTP Headers

GET /main-es2015.ded06dec06650aa2dd25.js HTTP/1.1
Host: rule34.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rule34.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public,max-age=31536000
date: Tue, 20 Sep 2022 19:35:04 GMT
content-type: application/javascript
last-modified: Tue, 20 Sep 2022 19:20:05 GMT
accept-ranges: bytes
etag: "1d8cd25fd157100"
server: Kestrel
content-length: 1282432
strict-transport-security: max-age=2592000
X-Firefox-Spdy: h2

bg4nxu2u5t.com/solid.gif?z=1780566&abvar=28

62.122.171.6

200 OK

43 B

URL HTTP/2
bg4nxu2u5t.com/solid.gif?z=1780566&abvar=28
IP
62.122.171.6:0
ASN
#50245 Serverel Inc.

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
28e463819a210071de3b45ebe7633613
6dccd571828ec0912629119cf7eabfea9f33ddbc
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

POST /solid.gif?z=1780566&abvar=28 HTTP/1.1
Host: bg4nxu2u5t.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://rule34.xyz
Connection: keep-alive
Referer: https://rule34.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 19:35:05 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.tag.loaded
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
26fcf8aea27805b4a6a29e3e2a4ba19b
f920fd6c5a79a4adb2f456edcee678757ff1602c
7aa63d03f514e4f51190e85f167f747563f980e0e6fdee6cce9393321dff1038

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 19:35:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.googletagmanager.com/gtm.js?id=GTM-TFMCMS4

142.250.74.72

200 OK

38 kB

URL HTTP/2
www.googletagmanager.com/gtm.js?id=GTM-TFMCMS4
IP
142.250.74.72:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1720)
Size
38 kB (38309 bytes)
Hash
65b63a21053115d420aea50c525654ed
0b7bff441fa97265d7e82ba2ff2558331659412c
22dddcc562e3232d018895fc32ad1b582e36c8ca8d8e7aa466e940a04840158c

HTTP Headers

GET /gtm.js?id=GTM-TFMCMS4 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rule34.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 20 Sep 2022 19:35:06 GMT
expires: Tue, 20 Sep 2022 19:35:06 GMT
cache-control: private, max-age=900
last-modified: Tue, 20 Sep 2022 19:02:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 38309
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

bg4nxu2u5t.com/solid.gif?z=1937894&abvar=0

62.122.171.6

200 OK

43 B

URL HTTP/2
bg4nxu2u5t.com/solid.gif?z=1937894&abvar=0
IP
62.122.171.6:0
ASN
#50245 Serverel Inc.

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
28e463819a210071de3b45ebe7633613
6dccd571828ec0912629119cf7eabfea9f33ddbc
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

POST /solid.gif?z=1937894&abvar=0 HTTP/1.1
Host: bg4nxu2u5t.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://rule34.xyz
Connection: keep-alive
Referer: https://rule34.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 19:35:06 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.tag.loaded
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
26fcf8aea27805b4a6a29e3e2a4ba19b
f920fd6c5a79a4adb2f456edcee678757ff1602c
7aa63d03f514e4f51190e85f167f747563f980e0e6fdee6cce9393321dff1038

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 19:35:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.36

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.36:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Tue, 20 Sep 2022 19:03:22 GMT
Expires: Tue, 20 Sep 2022 19:31:32 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: s_kEIyzTeH2iXOVkZJRvcfxChlg8c592bE9PnqRGFPKPWRX7y1kt3g==
Age: 1904

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
4f5180e6651455bc8443945fb5b6860c
01457b8648200c9d274b2790b95274b1dc855aaf
39301cccc2805993f794301cb01a70a954e7c8a8e5d6779acc4888f77d7282c0

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 19:35:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

rule34.xyz/posts/3500/3500764/3500764.pic256avif.avif

31.222.238.177

200 OK

11 kB

URL HTTP/2
rule34.xyz/posts/3500/3500764/3500764.pic256avif.avif
IP
31.222.238.177:0
ASN
#43624 Pq Hosting S.r.l.

File type
ISO Media, HEIF Image\012- data
Size
11 kB (10999 bytes)
Hash
093845d324180a85a2d935c0ea333e76
594796ae0cb76f41f5d93daef61278bede1a7b6a
d7488c3c9868dc2e25e6ed42ed956e1b9c36541ea17730db1d78b2ff795bd137

HTTP Headers

GET /posts/3500/3500764/3500764.pic256avif.avif HTTP/1.1
Host: rule34.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rule34.xyz/
Cookie: __PPU___PPU_SESSION_URL=%2F
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public,max-age=31536000
date: Tue, 20 Sep 2022 19:35:05 GMT
content-type: image/avif
last-modified: Tue, 20 Sep 2022 19:28:52 GMT
accept-ranges: bytes
etag: "1d8cd27372498f7"
server: Kestrel
content-length: 10999
strict-transport-security: max-age=2592000
X-Firefox-Spdy: h2

rule34.xyz/posts/3500/3500763/3500763.pic256avif.avif

31.222.238.177

200 OK

20 kB

URL HTTP/2
rule34.xyz/posts/3500/3500763/3500763.pic256avif.avif
IP
31.222.238.177:0
ASN
#43624 Pq Hosting S.r.l.

File type
ISO Media, HEIF Image\012- data
Size
20 kB (19818 bytes)
Hash
34c0a8fe2748361966e5568bb3dd6d24
d02bd5fa2c0ec9c9eebacb830b3d06002d158982
1713d0606150b17c597f3073a927291335766f219d3b688ada9ab50be5103190

HTTP Headers

GET /posts/3500/3500763/3500763.pic256avif.avif HTTP/1.1
Host: rule34.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rule34.xyz/
Cookie: __PPU___PPU_SESSION_URL=%2F
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public,max-age=31536000
date: Tue, 20 Sep 2022 19:35:05 GMT
content-type: image/avif
last-modified: Tue, 20 Sep 2022 19:28:44 GMT
accept-ranges: bytes
etag: "1d8cd27325fb36a"
server: Kestrel
content-length: 19818
strict-transport-security: max-age=2592000
X-Firefox-Spdy: h2

rule34.xyz/posts/3500/3500761/3500761.pic256avif.avif

31.222.238.177

200 OK

4.7 kB

URL HTTP/2
rule34.xyz/posts/3500/3500761/3500761.pic256avif.avif
IP
31.222.238.177:0
ASN
#43624 Pq Hosting S.r.l.

File type
ISO Media, HEIF Image\012- data
Size
4.7 kB (4677 bytes)
Hash
7cd4a9e4327b1545fa7344eefac9e5e8
353d8ce02db43a77c81eaad584a24b6d49b55c8b
8d7df07f9d6d12a83f85a885539b60fc408517c76270e3457466f509ec058b7d

HTTP Headers

GET /posts/3500/3500761/3500761.pic256avif.avif HTTP/1.1
Host: rule34.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rule34.xyz/
Cookie: __PPU___PPU_SESSION_URL=%2F
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public,max-age=31536000
date: Tue, 20 Sep 2022 19:35:05 GMT
content-type: image/avif
last-modified: Tue, 20 Sep 2022 19:23:56 GMT
accept-ranges: bytes
etag: "1d8cd2686b6bc45"
server: Kestrel
content-length: 4677
strict-transport-security: max-age=2592000
X-Firefox-Spdy: h2

rule34.xyz/posts/3500/3500762/3500762.pic256avif.avif

31.222.238.177

200 OK

9.2 kB

URL HTTP/2
rule34.xyz/posts/3500/3500762/3500762.pic256avif.avif
IP
31.222.238.177:0
ASN
#43624 Pq Hosting S.r.l.

File type
ISO Media, HEIF Image\012- data
Size
9.2 kB (9242 bytes)
Hash
dfbddcd196385d0a48849a24abefc312
1fb0a27f919325615dfd5748547fd2f3d3da5145
2236e44be54537ad414ce0a543c3efa2bc179fd6a7fe414ba74d3aa995085809

HTTP Headers

GET /posts/3500/3500762/3500762.pic256avif.avif HTTP/1.1
Host: rule34.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rule34.xyz/
Cookie: __PPU___PPU_SESSION_URL=%2F
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public,max-age=31536000
date: Tue, 20 Sep 2022 19:35:05 GMT
content-type: image/avif
last-modified: Tue, 20 Sep 2022 19:23:55 GMT
accept-ranges: bytes
etag: "1d8cd26861e339a"
server: Kestrel
content-length: 9242
strict-transport-security: max-age=2592000
X-Firefox-Spdy: h2

rule34.xyz/posts/3500/3500760/3500760.pic256avif.avif

31.222.238.177

200 OK

7.4 kB

URL HTTP/2
rule34.xyz/posts/3500/3500760/3500760.pic256avif.avif
IP
31.222.238.177:0
ASN
#43624 Pq Hosting S.r.l.

File type
ISO Media, HEIF Image\012- data
Size
7.4 kB (7425 bytes)
Hash
995802d5e6c9b7a95f296b40ee2dbce5
47ccbcd116182afcc29f9437a89d4a6a41330149
1993de9b45a2f9d6d67b05a3da1977b669dd8793c959a40a8a668642636ed879

HTTP Headers

GET /posts/3500/3500760/3500760.pic256avif.avif HTTP/1.1
Host: rule34.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rule34.xyz/
Cookie: __PPU___PPU_SESSION_URL=%2F
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public,max-age=31536000
date: Tue, 20 Sep 2022 19:35:05 GMT
content-type: image/avif
last-modified: Tue, 20 Sep 2022 19:23:54 GMT
accept-ranges: bytes
etag: "1d8cd2685859c01"
server: Kestrel
content-length: 7425
strict-transport-security: max-age=2592000
X-Firefox-Spdy: h2

rule34.xyz/posts/3500/3500759/3500759.pic256avif.avif

31.222.238.177

200 OK

614 B

URL HTTP/2
rule34.xyz/posts/3500/3500759/3500759.pic256avif.avif
IP
31.222.238.177:0
ASN
#43624 Pq Hosting S.r.l.

File type
ISO Media, HEIF Image\012- data
Size
614 B (614 bytes)
Hash
cfb889913a9170a9e69c8c769482a101
c1fc61718913254db20d8e38b234379785f32dbc
b5f833c8546152af6e747bcb71c3c4065ed0ea91d7451e0103ffd4700d90c196

HTTP Headers

GET /posts/3500/3500759/3500759.pic256avif.avif HTTP/1.1
Host: rule34.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rule34.xyz/
Cookie: __PPU___PPU_SESSION_URL=%2F
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public,max-age=31536000
date: Tue, 20 Sep 2022 19:35:05 GMT
content-type: image/avif
last-modified: Tue, 20 Sep 2022 19:23:43 GMT
accept-ranges: bytes
etag: "1d8cd267ef70be6"
server: Kestrel
content-length: 614
strict-transport-security: max-age=2592000
X-Firefox-Spdy: h2

rule34.xyz/posts/3500/3500758/3500758.pic256avif.avif

31.222.238.177

200 OK

3.9 kB

URL HTTP/2
rule34.xyz/posts/3500/3500758/3500758.pic256avif.avif
IP
31.222.238.177:0
ASN
#43624 Pq Hosting S.r.l.

File type
ISO Media, HEIF Image\012- data
Size
3.9 kB (3898 bytes)
Hash
7f1b0d587cff484fb6a2ea0ac1e00c3c
3d1bc11313c6ba7289496cf281b2ab150ffe1bcf
027834749420b4c636d5395d70e847639fe1e5923f73e9fe343462a135c92172

HTTP Headers

GET /posts/3500/3500758/3500758.pic256avif.avif HTTP/1.1
Host: rule34.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rule34.xyz/
Cookie: __PPU___PPU_SESSION_URL=%2F
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public,max-age=31536000
date: Tue, 20 Sep 2022 19:35:05 GMT
content-type: image/avif
last-modified: Tue, 20 Sep 2022 19:21:24 GMT
accept-ranges: bytes
etag: "1d8cd262c1d5d3a"
server: Kestrel
content-length: 3898
strict-transport-security: max-age=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

142.250.74.163

200 OK

11 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 11028, version 1.0\012- data
Size
11 kB (11028 bytes)
Hash
1f6d3cf6d38f25d83d95f5a800b8cac3
279f300ca2cbbdf9f5036ef2f438607fbf377daa
796de064b8d80eba7ccacb8ba67d77fdbcdf4b385c844645d452c24537b3108f

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rule34.xyz
Connection: keep-alive
Referer: https://rule34.xyz/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11028
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 15 Sep 2022 17:24:34 GMT
expires: Fri, 15 Sep 2023 17:24:34 GMT
cache-control: public, max-age=31536000
age: 439832
last-modified: Wed, 11 May 2022 19:24:50 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

rule34.xyz/posts/3500/3500757/3500757.pic256avif.avif

31.222.238.177

200 OK

10 kB

URL HTTP/2
rule34.xyz/posts/3500/3500757/3500757.pic256avif.avif
IP
31.222.238.177:0
ASN
#43624 Pq Hosting S.r.l.

File type
ISO Media, HEIF Image\012- data
Size
10 kB (10072 bytes)
Hash
3b5074ab54a20c75a6785cff63e6c4ab
9230532d14ba8cc8b4f5968a6fe3ff5778b395ce
0a39b6c2f980dd10a71b317d7d22420a30e1d2517dd7b87b5995a15b12eada27

HTTP Headers

GET /posts/3500/3500757/3500757.pic256avif.avif HTTP/1.1
Host: rule34.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rule34.xyz/
Cookie: __PPU___PPU_SESSION_URL=%2F
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public,max-age=31536000
date: Tue, 20 Sep 2022 19:35:05 GMT
content-type: image/avif
last-modified: Tue, 20 Sep 2022 19:13:29 GMT
accept-ranges: bytes
etag: "1d8cd2510fe35d8"
server: Kestrel
content-length: 10072
strict-transport-security: max-age=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
c683e61e63df92799aa274fdac42cd3b
191aeec95861fa8596a90a10c60b22434431c033
898c007bc0e7d5f4d3180c9fe28b88036102ba64912d0773c023e1f4f07d7beb

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 19:35:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

rule34.xyz/posts/3500/3500756/3500756.pic256avif.avif

31.222.238.177

200 OK

9.9 kB

URL HTTP/2
rule34.xyz/posts/3500/3500756/3500756.pic256avif.avif
IP
31.222.238.177:0
ASN
#43624 Pq Hosting S.r.l.

File type
ISO Media, HEIF Image\012- data
Size
9.9 kB (9900 bytes)
Hash
ca2362b76919253b72953ea697dd0ebe
f844ea063c8b5f30edad888adb42afb90be5c5a6
3a748dfd76129958dcb8ad52e8a65bded599e82d0151a316d22494497dd10a9c

HTTP Headers

GET /posts/3500/3500756/3500756.pic256avif.avif HTTP/1.1
Host: rule34.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rule34.xyz/
Cookie: __PPU___PPU_SESSION_URL=%2F
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public,max-age=31536000
date: Tue, 20 Sep 2022 19:35:05 GMT
content-type: image/avif
last-modified: Tue, 20 Sep 2022 19:08:35 GMT
accept-ranges: bytes
etag: "1d8cd2461c11d2c"
server: Kestrel
content-length: 9900
strict-transport-security: max-age=2592000
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
edf07cd621f733b0eb50c632387ebf4f
61a082d26501c2c8d481b1676d0de2e585269613
e5c4324e4c55824b86f48bf0b9a1d317a82e7d3c19bdea7a91d78ce98d68a980

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4477
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 19:35:06 GMT
Last-Modified: Tue, 20 Sep 2022 18:20:29 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471

rule34.xyz/posts/3500/3500755/3500755.pic256avif.avif

31.222.238.177

200 OK

6.2 kB

URL HTTP/2
rule34.xyz/posts/3500/3500755/3500755.pic256avif.avif
IP
31.222.238.177:0
ASN
#43624 Pq Hosting S.r.l.

File type
ISO Media, HEIF Image\012- data
Size
6.2 kB (6185 bytes)
Hash
e20198d613969f4354d44f2b243a89cb
868be595a673d1fb154ccef976b65f8d05eb49e3
1613196e747ca48a47a942c59bda37c4235bbd07d62956a10989b663b5db86f5

HTTP Headers

GET /posts/3500/3500755/3500755.pic256avif.avif HTTP/1.1
Host: rule34.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rule34.xyz/
Cookie: __PPU___PPU_SESSION_URL=%2F
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public,max-age=31536000
date: Tue, 20 Sep 2022 19:35:05 GMT
content-type: image/avif
last-modified: Tue, 20 Sep 2022 19:08:25 GMT
accept-ranges: bytes
etag: "1d8cd245bcb42a9"
server: Kestrel
content-length: 6185
strict-transport-security: max-age=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
4f5180e6651455bc8443945fb5b6860c
01457b8648200c9d274b2790b95274b1dc855aaf
39301cccc2805993f794301cb01a70a954e7c8a8e5d6779acc4888f77d7282c0

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 19:35:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

rule34.xyz/posts/3500/3500754/3500754.pic256avif.avif

31.222.238.177

200 OK

8.4 kB

URL HTTP/2
rule34.xyz/posts/3500/3500754/3500754.pic256avif.avif
IP
31.222.238.177:0
ASN
#43624 Pq Hosting S.r.l.

File type
ISO Media, HEIF Image\012- data
Size
8.4 kB (8361 bytes)
Hash
e96efe19ba47a63efb73230ba1ce15c8
904e3b2e69776296a00ba53e198b443751526088
73c75bce2ddbddb49fafa9c35ca4ddbf9130d4e3cb9555d6ab9bd8ea275787ac

HTTP Headers

GET /posts/3500/3500754/3500754.pic256avif.avif HTTP/1.1
Host: rule34.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rule34.xyz/
Cookie: __PPU___PPU_SESSION_URL=%2F
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public,max-age=31536000
date: Tue, 20 Sep 2022 19:35:05 GMT
content-type: image/avif
last-modified: Tue, 20 Sep 2022 19:03:26 GMT
accept-ranges: bytes
etag: "1d8cd23a993b3a9"
server: Kestrel
content-length: 8361
strict-transport-security: max-age=2592000
X-Firefox-Spdy: h2

rule34.xyz/posts/3500/3500753/3500753.pic256avif.avif

31.222.238.177

200 OK

3.7 kB

URL HTTP/2
rule34.xyz/posts/3500/3500753/3500753.pic256avif.avif
IP
31.222.238.177:0
ASN
#43624 Pq Hosting S.r.l.

File type
ISO Media, HEIF Image\012- data
Size
3.7 kB (3749 bytes)
Hash
662e30c02a05f807b597ecfe657dec48
efd2ff6999ecdcb2bb82dd46d23f6685eec7c63f
e4f5caf57ff294b66c29248ccfa24628f8daa324087aa22044d17d3e0b512993

HTTP Headers

GET /posts/3500/3500753/3500753.pic256avif.avif HTTP/1.1
Host: rule34.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rule34.xyz/
Cookie: __PPU___PPU_SESSION_URL=%2F
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public,max-age=31536000
date: Tue, 20 Sep 2022 19:35:05 GMT
content-type: image/avif
last-modified: Tue, 20 Sep 2022 18:58:42 GMT
accept-ranges: bytes
etag: "1d8cd23004c93a5"
server: Kestrel
content-length: 3749
strict-transport-security: max-age=2592000
X-Firefox-Spdy: h2

rule34.xyz/posts/3500/3500748/3500748.pic256avif.avif

31.222.238.177

200 OK

337 B

URL HTTP/2
rule34.xyz/posts/3500/3500748/3500748.pic256avif.avif
IP
31.222.238.177:0
ASN
#43624 Pq Hosting S.r.l.

File type
ISO Media, HEIF Image\012- data
Size
337 B (337 bytes)
Hash
c6e1feb999b902c0230338775316053d
63967ccadb76cfef49640fd7855b44eaea470cb7
628b1b9b3c01a9976c7250314f37e07cc77feac725308207e84631a0f9e40fcb

HTTP Headers

GET /posts/3500/3500748/3500748.pic256avif.avif HTTP/1.1
Host: rule34.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rule34.xyz/
Cookie: __PPU___PPU_SESSION_URL=%2F
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public,max-age=31536000
date: Tue, 20 Sep 2022 19:35:05 GMT
content-type: image/avif
last-modified: Tue, 20 Sep 2022 18:50:42 GMT
accept-ranges: bytes
etag: "1d8cd21e2326c51"
server: Kestrel
content-length: 337
strict-transport-security: max-age=2592000
X-Firefox-Spdy: h2

rule34.xyz/posts/3500/3500751/3500751.pic256avif.avif

31.222.238.177

200 OK

4.1 kB

URL HTTP/2
rule34.xyz/posts/3500/3500751/3500751.pic256avif.avif
IP
31.222.238.177:0
ASN
#43624 Pq Hosting S.r.l.

File type
ISO Media, HEIF Image\012- data
Size
4.1 kB (4124 bytes)
Hash
169a11e87033ed9f32c379b50aab3bf1
a306b0834d16f458dc89f0008fdcfaddf7dd7fe7
d1a699e9b733844788336a95ef1046b1a98dc8dfda8a442bf0bcc9c4ec70301c

HTTP Headers

GET /posts/3500/3500751/3500751.pic256avif.avif HTTP/1.1
Host: rule34.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rule34.xyz/
Cookie: __PPU___PPU_SESSION_URL=%2F
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public,max-age=31536000
date: Tue, 20 Sep 2022 19:35:05 GMT
content-type: image/avif
last-modified: Tue, 20 Sep 2022 18:55:50 GMT
accept-ranges: bytes
etag: "1d8cd2299c76f1c"
server: Kestrel
content-length: 4124
strict-transport-security: max-age=2592000
X-Firefox-Spdy: h2

bg4nxu2u5t.com/aas/r45d/vki/1780566/1a4e43bc.js

62.122.171.6

200 OK

42 kB

URL HTTP/2
bg4nxu2u5t.com/aas/r45d/vki/1780566/1a4e43bc.js
IP
62.122.171.6:0
ASN
#50245 Serverel Inc.

File type
data
Size
42 kB (41876 bytes)
Hash
9592cecdc41517194536b70d45c61ea0
7c25eb5bcebe2d9ec39715c950a6a9e07222a7c6
87faac4e4aace34e6ffd8428b253c8f9bc6b2fb452f86f10a58e9f97f7d08c7c

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /aas/r45d/vki/1780566/1a4e43bc.js HTTP/1.1
Host: bg4nxu2u5t.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rule34.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 19:35:05 GMT
content-type: application/javascript
last-modified: Mon, 19 Sep 2022 10:23:52 GMT
vary: Accept-Encoding
etag: W/"63284338-107c5"
x-js-ab1: var28
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2

fonts.gstatic.com/s/materialicons/v139/flUhRq6tzZclQEJ-Vdg-IuiaDsNcIhQ8tQ.woff2

142.250.74.163

200 OK

128 kB

URL HTTP/2
fonts.gstatic.com/s/materialicons/v139/flUhRq6tzZclQEJ-Vdg-IuiaDsNcIhQ8tQ.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 128360, version 1.0\012- data
Size
128 kB (128360 bytes)
Hash
393b5d8b3fd798486652801f3ee8c6ea
979383e09be691921a211f5fc4ef97fc4406e4dd
83be7b2f504af2c948c5106fa907dc4224380a7b75a993a7bff52cd71ec8c7d3

HTTP Headers

GET /s/materialicons/v139/flUhRq6tzZclQEJ-Vdg-IuiaDsNcIhQ8tQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rule34.xyz
Connection: keep-alive
Referer: https://rule34.xyz/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 128360
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 15 Sep 2022 20:30:37 GMT
expires: Fri, 15 Sep 2023 20:30:37 GMT
cache-control: public, max-age=31536000
age: 428669
last-modified: Thu, 25 Aug 2022 00:09:15 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

rule34.xyz/posts/3500/3500747/3500747.pic256avif.avif

31.222.238.177

200 OK

3.0 kB

URL HTTP/2
rule34.xyz/posts/3500/3500747/3500747.pic256avif.avif
IP
31.222.238.177:0
ASN
#43624 Pq Hosting S.r.l.

File type
ISO Media, HEIF Image\012- data
Size
3.0 kB (2950 bytes)
Hash
446a4685185159ca537cbbf60b8a853e
7d14ca21e909b3d885a3aaae29eb0113c0693ea4
924259eed8486f209b26e4b7cf03d3525e332628dce5bcfdab829c2791000e90

HTTP Headers

GET /posts/3500/3500747/3500747.pic256avif.avif HTTP/1.1
Host: rule34.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rule34.xyz/
Cookie: __PPU___PPU_SESSION_URL=%2F
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public,max-age=31536000
date: Tue, 20 Sep 2022 19:35:05 GMT
content-type: image/avif
last-modified: Tue, 20 Sep 2022 18:38:39 GMT
accept-ranges: bytes
etag: "1d8cd2033416a06"
server: Kestrel
content-length: 2950
strict-transport-security: max-age=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2

142.250.74.163

200 OK

11 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 11072, version 1.0\012- data
Size
11 kB (11072 bytes)
Hash
e7df3d0942815909add8f9d0c40d00d9
cf5032eea3399a58870e8a05e629b006a8c7c3c7
bce2f309470952b7affa62ff4d91b454334c68cefa541429b502904d20696875

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rule34.xyz
Connection: keep-alive
Referer: https://rule34.xyz/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11072
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Sep 2022 19:34:03 GMT
expires: Thu, 14 Sep 2023 19:34:03 GMT
cache-control: public, max-age=31536000
age: 518463
last-modified: Wed, 11 May 2022 19:24:53 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

rule34.xyz/posts/3500/3500749/3500749.pic256avif.avif

31.222.238.177

200 OK

4.8 kB

URL HTTP/2
rule34.xyz/posts/3500/3500749/3500749.pic256avif.avif
IP
31.222.238.177:0
ASN
#43624 Pq Hosting S.r.l.

File type
ISO Media, HEIF Image\012- data
Size
4.8 kB (4809 bytes)
Hash
30b2000a0595eff19d8e6ffc93a6956b
ea01817025e89b184c576038929893685b634f3a
50b9f274745e6f6f7b214687e1ee85451274d02b16daf96b6f7df6f49e9d0b2e

HTTP Headers

GET /posts/3500/3500749/3500749.pic256avif.avif HTTP/1.1
Host: rule34.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rule34.xyz/
Cookie: __PPU___PPU_SESSION_URL=%2F
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public,max-age=31536000
date: Tue, 20 Sep 2022 19:35:05 GMT
content-type: image/avif
last-modified: Tue, 20 Sep 2022 18:51:09 GMT
accept-ranges: bytes
etag: "1d8cd21f24a5e49"
server: Kestrel
content-length: 4809
strict-transport-security: max-age=2592000
X-Firefox-Spdy: h2

rule34.xyz/posts/3500/3500746/3500746.pic256avif.avif

31.222.238.177

200 OK

5.4 kB

URL HTTP/2
rule34.xyz/posts/3500/3500746/3500746.pic256avif.avif
IP
31.222.238.177:0
ASN
#43624 Pq Hosting S.r.l.

File type
ISO Media, HEIF Image\012- data
Size
5.4 kB (5367 bytes)
Hash
92d47c2f76c7e207709c4d02f6b772f0
eb1dbd24089427f2c034d336f57c8fefaf99265f
83e3633395667f333c3519b0d5fc80c5c1415b72fc2bf5a8fc70e8ceb0192394

HTTP Headers

GET /posts/3500/3500746/3500746.pic256avif.avif HTTP/1.1
Host: rule34.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rule34.xyz/
Cookie: __PPU___PPU_SESSION_URL=%2F
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public,max-age=31536000
date: Tue, 20 Sep 2022 19:35:05 GMT
content-type: image/avif
last-modified: Tue, 20 Sep 2022 18:38:29 GMT
accept-ranges: bytes
etag: "1d8cd202d4b9477"
server: Kestrel
content-length: 5367
strict-transport-security: max-age=2592000
X-Firefox-Spdy: h2

rule34.xyz/posts/3500/3500752/3500752.pic256avif.avif

31.222.238.177

200 OK

12 kB

URL HTTP/2
rule34.xyz/posts/3500/3500752/3500752.pic256avif.avif
IP
31.222.238.177:0
ASN
#43624 Pq Hosting S.r.l.

File type
ISO Media, HEIF Image\012- data
Size
12 kB (12231 bytes)
Hash
7234e848e3f8c4ca855419edef8dc78b
34170f1836c6b81095933f6345455f946bfb9379
74a86b75d3eff1d10105f323ac68d75126b62fab7752402f700f24a9fac74bf9

HTTP Headers

GET /posts/3500/3500752/3500752.pic256avif.avif HTTP/1.1
Host: rule34.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rule34.xyz/
Cookie: __PPU___PPU_SESSION_URL=%2F
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public,max-age=31536000
date: Tue, 20 Sep 2022 19:35:05 GMT
content-type: image/avif
last-modified: Tue, 20 Sep 2022 18:56:01 GMT
accept-ranges: bytes
etag: "1d8cd22a055d947"
server: Kestrel
content-length: 12231
strict-transport-security: max-age=2592000
X-Firefox-Spdy: h2

rule34.xyz/posts/3500/3500741/3500741.pic256avif.avif

31.222.238.177

200 OK

6.7 kB

URL HTTP/2
rule34.xyz/posts/3500/3500741/3500741.pic256avif.avif
IP
31.222.238.177:0
ASN
#43624 Pq Hosting S.r.l.

File type
ISO Media, HEIF Image\012- data
Size
6.7 kB (6686 bytes)
Hash
15f770035b5eb6228da8506effd34bfd
c5a0b814c8b4fac14f32bdb993888a3c2c444f45
9ba5f9b66c47c7d39e807a14a4d8576226289be4df8c8cdafbd4f0a884a55bd6

HTTP Headers

GET /posts/3500/3500741/3500741.pic256avif.avif HTTP/1.1
Host: rule34.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rule34.xyz/
Cookie: __PPU___PPU_SESSION_URL=%2F
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public,max-age=31536000
date: Tue, 20 Sep 2022 19:35:05 GMT
content-type: image/avif
last-modified: Tue, 20 Sep 2022 18:13:36 GMT
accept-ranges: bytes
etag: "1d8cd1cb365d21e"
server: Kestrel
content-length: 6686
strict-transport-security: max-age=2592000
X-Firefox-Spdy: h2

rule34.xyz/posts/3500/3500745/3500745.pic256avif.avif

31.222.238.177

200 OK

6.9 kB

URL HTTP/2
rule34.xyz/posts/3500/3500745/3500745.pic256avif.avif
IP
31.222.238.177:0
ASN
#43624 Pq Hosting S.r.l.

File type
ISO Media, HEIF Image\012- data
Size
6.9 kB (6911 bytes)
Hash
5c5da6656a273db47d2d337d555b56fe
13ada41a620dc0111f73725b7e82fb1df3b78af2
a34f771bf8dab88ab8bca6cc1786444a680fb6eb693032b34533b9a11cef99c3

HTTP Headers

GET /posts/3500/3500745/3500745.pic256avif.avif HTTP/1.1
Host: rule34.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rule34.xyz/
Cookie: __PPU___PPU_SESSION_URL=%2F
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public,max-age=31536000
date: Tue, 20 Sep 2022 19:35:05 GMT
content-type: image/avif
last-modified: Tue, 20 Sep 2022 18:23:45 GMT
accept-ranges: bytes
etag: "1d8cd1e1e63d47f"
server: Kestrel
content-length: 6911
strict-transport-security: max-age=2592000
X-Firefox-Spdy: h2

rule34.xyz/posts/3500/3500743/3500743.pic256avif.avif

31.222.238.177

200 OK

10 kB

URL HTTP/2
rule34.xyz/posts/3500/3500743/3500743.pic256avif.avif
IP
31.222.238.177:0
ASN
#43624 Pq Hosting S.r.l.

File type
ISO Media, HEIF Image\012- data
Size
10 kB (10388 bytes)
Hash
4da6ea6d562166ccedb2e328e58af1bc
0471786f7b1568f26b0823fb831181d186e04e9a
6c5f80cef5c2bd08fc26bfc62b73880943c907c8caabade5bad187dc21823cad

HTTP Headers

GET /posts/3500/3500743/3500743.pic256avif.avif HTTP/1.1
Host: rule34.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rule34.xyz/
Cookie: __PPU___PPU_SESSION_URL=%2F
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public,max-age=31536000
date: Tue, 20 Sep 2022 19:35:05 GMT
content-type: image/avif
last-modified: Tue, 20 Sep 2022 18:23:36 GMT
accept-ranges: bytes
etag: "1d8cd1e1906ac94"
server: Kestrel
content-length: 10388
strict-transport-security: max-age=2592000
X-Firefox-Spdy: h2

rule34.xyz/posts/3500/3500750/3500750.pic256avif.avif

31.222.238.177

200 OK

8.6 kB

URL HTTP/2
rule34.xyz/posts/3500/3500750/3500750.pic256avif.avif
IP
31.222.238.177:0
ASN
#43624 Pq Hosting S.r.l.

File type
ISO Media, HEIF Image\012- data
Size
8.6 kB (8563 bytes)
Hash
4e0ed29dab87aa58d7e8f66d7350a144
9cb9c8364c986756fd76973eecdc7f0bd6b456bf
2bba9b54fd02574e5b9a8370daa9967425cd10974fdf9a14546c325a137f0a0b

HTTP Headers

GET /posts/3500/3500750/3500750.pic256avif.avif HTTP/1.1
Host: rule34.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rule34.xyz/
Cookie: __PPU___PPU_SESSION_URL=%2F
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public,max-age=31536000
date: Tue, 20 Sep 2022 19:35:05 GMT
content-type: image/avif
last-modified: Tue, 20 Sep 2022 18:50:51 GMT
accept-ranges: bytes
etag: "1d8cd21e78f96f3"
server: Kestrel
content-length: 8563
strict-transport-security: max-age=2592000
X-Firefox-Spdy: h2

rule34.xyz/posts/3500/3500739/3500739.pic256avif.avif

31.222.238.177

200 OK

5.2 kB

URL HTTP/2
rule34.xyz/posts/3500/3500739/3500739.pic256avif.avif
IP
31.222.238.177:0
ASN
#43624 Pq Hosting S.r.l.

File type
ISO Media, HEIF Image\012- data
Size
5.2 kB (5210 bytes)
Hash
4de75c7bc2909f0e540df189afb46552
6164386bac9fbc39efcac006a19aff44402cb567
d0ae898e4c2cc63219e35bda3c137108ac6cfea90c417fa1daf63dc74c60498c

HTTP Headers

GET /posts/3500/3500739/3500739.pic256avif.avif HTTP/1.1
Host: rule34.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rule34.xyz/
Cookie: __PPU___PPU_SESSION_URL=%2F
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public,max-age=31536000
date: Tue, 20 Sep 2022 19:35:05 GMT
content-type: image/avif
last-modified: Tue, 20 Sep 2022 18:08:32 GMT
accept-ranges: bytes
etag: "1d8cd1bfe33045a"
server: Kestrel
content-length: 5210
strict-transport-security: max-age=2592000
X-Firefox-Spdy: h2

rule34.xyz/posts/3500/3500740/3500740.pic256avif.avif

31.222.238.177

200 OK

7.7 kB

URL HTTP/2
rule34.xyz/posts/3500/3500740/3500740.pic256avif.avif
IP
31.222.238.177:0
ASN
#43624 Pq Hosting S.r.l.

File type
ISO Media, HEIF Image\012- data
Size
7.7 kB (7655 bytes)
Hash
591e960c777bc7c4fb58ff157535d2ed
ac3cc2da272787a31d54ccdaaee0db0f7a84d20a
15ec14234fb1c855e528c3932aacb9fca3b66a14fdfc31f04e986f43e9e6bed4

HTTP Headers

GET /posts/3500/3500740/3500740.pic256avif.avif HTTP/1.1
Host: rule34.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rule34.xyz/
Cookie: __PPU___PPU_SESSION_URL=%2F
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public,max-age=31536000
date: Tue, 20 Sep 2022 19:35:05 GMT
content-type: image/avif
last-modified: Tue, 20 Sep 2022 18:13:28 GMT
accept-ranges: bytes
etag: "1d8cd1caea109e7"
server: Kestrel
content-length: 7655
strict-transport-security: max-age=2592000
X-Firefox-Spdy: h2

rule34.xyz/posts/3500/3500738/3500738.pic256avif.avif

31.222.238.177

200 OK

13 kB

URL HTTP/2
rule34.xyz/posts/3500/3500738/3500738.pic256avif.avif
IP
31.222.238.177:0
ASN
#43624 Pq Hosting S.r.l.

File type
ISO Media, HEIF Image\012- data
Size
13 kB (13395 bytes)
Hash
134c3bd9d8c01feb70809ad08bd8f718
9f1cca34b5bb304813d656864a6e13b9800dd839
784155eef99ff5aef0d1a349f7159772261f912108a3bc053e0050429fc3632c

HTTP Headers

GET /posts/3500/3500738/3500738.pic256avif.avif HTTP/1.1
Host: rule34.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rule34.xyz/
Cookie: __PPU___PPU_SESSION_URL=%2F
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public,max-age=31536000
date: Tue, 20 Sep 2022 19:35:05 GMT
content-type: image/avif
last-modified: Tue, 20 Sep 2022 18:08:23 GMT
accept-ranges: bytes
etag: "1d8cd1bf8d5f1d3"
server: Kestrel
content-length: 13395
strict-transport-security: max-age=2592000
X-Firefox-Spdy: h2

rule34.xyz/posts/3500/3500734/3500734.pic256avif.avif

31.222.238.177

200 OK

8.0 kB

URL HTTP/2
rule34.xyz/posts/3500/3500734/3500734.pic256avif.avif
IP
31.222.238.177:0
ASN
#43624 Pq Hosting S.r.l.

File type
ISO Media, HEIF Image\012- data
Size
8.0 kB (8020 bytes)
Hash
cc41c504eb110fc11c76ab4ecc544c7c
16424935d86881ad655ab7088422ab36c36b615e
4f132289de92a202794c84083c93271c3ca8944458d75f46139141076e03b16d

HTTP Headers

GET /posts/3500/3500734/3500734.pic256avif.avif HTTP/1.1
Host: rule34.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rule34.xyz/
Cookie: __PPU___PPU_SESSION_URL=%2F
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public,max-age=31536000
date: Tue, 20 Sep 2022 19:35:05 GMT
content-type: image/avif
last-modified: Tue, 20 Sep 2022 17:54:00 GMT
accept-ranges: bytes
etag: "1d8cd19f6727354"
server: Kestrel
content-length: 8020
strict-transport-security: max-age=2592000
X-Firefox-Spdy: h2

rule34.xyz/posts/3500/3500732/3500732.pic256avif.avif

31.222.238.177

200 OK

8.0 kB

URL HTTP/2
rule34.xyz/posts/3500/3500732/3500732.pic256avif.avif
IP
31.222.238.177:0
ASN
#43624 Pq Hosting S.r.l.

File type
ISO Media, HEIF Image\012- data
Size
8.0 kB (7979 bytes)
Hash
0b15f7a4c97851686839062bf01714f3
15e52fd456d85f979099dad410dd4d47d2761326
6bea96d97a73471731cdcd0662a8b99eb936d112ed1bda398444787504457212

HTTP Headers

GET /posts/3500/3500732/3500732.pic256avif.avif HTTP/1.1
Host: rule34.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rule34.xyz/
Cookie: __PPU___PPU_SESSION_URL=%2F
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public,max-age=31536000
date: Tue, 20 Sep 2022 19:35:05 GMT
content-type: image/avif
last-modified: Tue, 20 Sep 2022 17:53:58 GMT
accept-ranges: bytes
etag: "1d8cd19f541202b"
server: Kestrel
content-length: 7979
strict-transport-security: max-age=2592000
X-Firefox-Spdy: h2

rule34.xyz/posts/3500/3500737/3500737.pic256avif.avif

31.222.238.177

200 OK

14 kB

URL HTTP/2
rule34.xyz/posts/3500/3500737/3500737.pic256avif.avif
IP
31.222.238.177:0
ASN
#43624 Pq Hosting S.r.l.

File type
ISO Media, HEIF Image\012- data
Size
14 kB (13897 bytes)
Hash
7dd773e85621d3c0fad9fcf0048052d2
f5b739eb42f39be737f11d3ac17c184c0e24e658
2e9744dc0f8b7a863316dcd7b63ec1e578a755e58f9cd4299eec1b06e5d62e61

HTTP Headers

GET /posts/3500/3500737/3500737.pic256avif.avif HTTP/1.1
Host: rule34.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rule34.xyz/
Cookie: __PPU___PPU_SESSION_URL=%2F
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public,max-age=31536000
date: Tue, 20 Sep 2022 19:35:05 GMT
content-type: image/avif
last-modified: Tue, 20 Sep 2022 18:04:11 GMT
accept-ranges: bytes
etag: "1d8cd1b62a1a9c9"
server: Kestrel
content-length: 13897
strict-transport-security: max-age=2592000
X-Firefox-Spdy: h2

rule34.xyz/posts/3500/3500735/3500735.pic256avif.avif

31.222.238.177

200 OK

3.8 kB

URL HTTP/2
rule34.xyz/posts/3500/3500735/3500735.pic256avif.avif
IP
31.222.238.177:0
ASN
#43624 Pq Hosting S.r.l.

File type
ISO Media, HEIF Image\012- data
Size
3.8 kB (3791 bytes)
Hash
78d6787e8c434b00c66e32abaea21d66
11803bee1e0de6126acac2ea2acfc0b9391e51d1
2dced383efc99be6c9d8bd3022bbdcfe157946e82a5b84ba12f5d92ec300b076

HTTP Headers

GET /posts/3500/3500735/3500735.pic256avif.avif HTTP/1.1
Host: rule34.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rule34.xyz/
Cookie: __PPU___PPU_SESSION_URL=%2F
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public,max-age=31536000
date: Tue, 20 Sep 2022 19:35:05 GMT
content-type: image/avif
last-modified: Tue, 20 Sep 2022 18:00:17 GMT
accept-ranges: bytes
etag: "1d8cd1ad728004f"
server: Kestrel
content-length: 3791
strict-transport-security: max-age=2592000
X-Firefox-Spdy: h2

rule34.xyz/posts/3500/3500736/3500736.pic256avif.avif

31.222.238.177

200 OK

6.2 kB

URL HTTP/2
rule34.xyz/posts/3500/3500736/3500736.pic256avif.avif
IP
31.222.238.177:0
ASN
#43624 Pq Hosting S.r.l.

File type
ISO Media, HEIF Image\012- data
Size
6.2 kB (6246 bytes)
Hash
039dcb4b7b1052d4a4f06a9f86c31209
890974374fc7b392c7029bc2f704952880b104ec
06850f08af389a9b953b9acc3bd655f3abe5386c09f0006f14e61a69d7d5937f

HTTP Headers

GET /posts/3500/3500736/3500736.pic256avif.avif HTTP/1.1
Host: rule34.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rule34.xyz/
Cookie: __PPU___PPU_SESSION_URL=%2F
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public,max-age=31536000
date: Tue, 20 Sep 2022 19:35:05 GMT
content-type: image/avif
last-modified: Tue, 20 Sep 2022 18:00:25 GMT
accept-ranges: bytes
etag: "1d8cd1adbecdae6"
server: Kestrel
content-length: 6246
strict-transport-security: max-age=2592000
X-Firefox-Spdy: h2

rule34.xyz/posts/3500/3500733/3500733.pic256avif.avif

31.222.238.177

200 OK

15 kB

URL HTTP/2
rule34.xyz/posts/3500/3500733/3500733.pic256avif.avif
IP
31.222.238.177:0
ASN
#43624 Pq Hosting S.r.l.

File type
ISO Media, HEIF Image\012- data
Size
15 kB (15286 bytes)
Hash
3690895f7925cc26d4330b3d6ff09a70
0b315692c3e8f3d90aa0db605a63505db38509fb
6e03036722a37a761cebef5998fd67a1034c24d0ee9642b37cb75a2d43ae4f6b

HTTP Headers

GET /posts/3500/3500733/3500733.pic256avif.avif HTTP/1.1
Host: rule34.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rule34.xyz/
Cookie: __PPU___PPU_SESSION_URL=%2F
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public,max-age=31536000
date: Tue, 20 Sep 2022 19:35:05 GMT
content-type: image/avif
last-modified: Tue, 20 Sep 2022 17:53:57 GMT
accept-ranges: bytes
etag: "1d8cd19f4a89336"
server: Kestrel
content-length: 15286
strict-transport-security: max-age=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
4f5180e6651455bc8443945fb5b6860c
01457b8648200c9d274b2790b95274b1dc855aaf
39301cccc2805993f794301cb01a70a954e7c8a8e5d6779acc4888f77d7282c0

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 19:35:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

rule34.xyz/ads2.json?v=09T0735

31.222.238.177

200 OK

107 B

URL HTTP/2
rule34.xyz/ads2.json?v=09T0735
IP
31.222.238.177:0
ASN
#43624 Pq Hosting S.r.l.

File type
JSON data\012- , ASCII text
Size
107 B (107 bytes)
Hash
b2d3d34481317292d0addf37e267bdb7
7bba1ea49c028773d0b8fd057057d00f75a49368
9281f2fe8abf20be1bc1241f9b8081f7c09d6ab055271ba4d4acdbda572dbcc0

HTTP Headers

GET /ads2.json?v=09T0735 HTTP/1.1
Host: rule34.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rule34.xyz/
Cookie: __PPU___PPU_SESSION_URL=%2F
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 20 Sep 2022 19:35:05 GMT
content-type: application/json
last-modified: Fri, 16 Sep 2022 10:56:53 GMT
accept-ranges: bytes
etag: "1d8c9bb078a48eb"
server: Kestrel
content-length: 107
strict-transport-security: max-age=2592000
X-Firefox-Spdy: h2

rule34.xyz/favicon.rule34xyz.ico

31.222.238.177

200 OK

22 kB

URL HTTP/2
rule34.xyz/favicon.rule34xyz.ico
IP
31.222.238.177:0
ASN
#43624 Pq Hosting S.r.l.

File type
MS Windows icon resource - 1 icon, 72x72, 32 bits/pixel\012- data
Size
22 kB (21662 bytes)
Hash
8af3931693c34a541ca0364bdd32940b
fe181a319195d6f133a73f9a232896c5369a1638
e5226fb838325cb0e7ddf30c89f4a0d0afd3f89d7936f5189f028fac8e1e5e77

HTTP Headers

GET /favicon.rule34xyz.ico HTTP/1.1
Host: rule34.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rule34.xyz/
Cookie: __PPU___PPU_SESSION_URL=%2F
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public,max-age=31536000
date: Tue, 20 Sep 2022 19:35:05 GMT
content-type: image/x-icon
last-modified: Tue, 20 Sep 2022 19:20:05 GMT
accept-ranges: bytes
etag: "1d8cd25fd06b41e"
server: Kestrel
content-length: 21662
strict-transport-security: max-age=2592000
X-Firefox-Spdy: h2

rule34.xyz/api/r/posts/negotiate?negotiateVersion=1

31.222.238.177

200 OK

20 kB

URL HTTP/2
rule34.xyz/api/r/posts/negotiate?negotiateVersion=1
IP
31.222.238.177:0
ASN
#43624 Pq Hosting S.r.l.

File type
JSON data\012- , ASCII text, with very long lines (316), with no line terminators
Size
20 kB (20223 bytes)
Hash
376db4a0c2ff170907706d89b9b578a3
b2405e6cb922aa35b06723504ae727d7c8444dfe
5dec211ebbdc731115d399285224a7b4d559278e0d4a6b8430c7ffbe50e3ba01

HTTP Headers

POST /api/r/posts/negotiate?negotiateVersion=1 HTTP/1.1
Host: rule34.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rule34.xyz/
Content-Type: text/plain;charset=UTF-8
X-Requested-With: XMLHttpRequest
X-SignalR-User-Agent: Microsoft SignalR/5.0 (5.0.13; Unknown OS; Browser; Unknown Runtime Version)
Origin: https://rule34.xyz
Content-Length: 0
Connection: keep-alive
Cookie: __PPU___PPU_SESSION_URL=%2F
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 20 Sep 2022 19:35:05 GMT
content-type: application/json
content-encoding: br
server: Kestrel
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-origin: https://rule34.xyz
strict-transport-security: max-age=2592000
X-Firefox-Spdy: h2

push.services.mozilla.com/

52.89.17.198

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.89.17.198:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: NzPsctBs6uLKRD9SCg+9Aw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: QLZnUo/+++mHv+9j3fY0KhL/1N4=

rule34.xyz/assets/images/flags/ru.png

31.222.238.177

200 OK

726 B

URL HTTP/2
rule34.xyz/assets/images/flags/ru.png
IP
31.222.238.177:0
ASN
#43624 Pq Hosting S.r.l.

File type
PNG image data, 256 x 171, 8-bit/color RGBA, non-interlaced\012- data
Size
726 B (726 bytes)
Hash
878b1c39221fd18c8288f25a81078e54
fdbc80bbe6fdfde300c6d059f02d7f3b51004c92
1271ce7f3b45a1197ce14d0f66a15e31465c16ff2b9711c00d69c44a26434d9a

HTTP Headers

GET /assets/images/flags/ru.png HTTP/1.1
Host: rule34.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rule34.xyz/
Cookie: __PPU___PPU_SESSION_URL=%2F
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public,max-age=31536000
date: Tue, 20 Sep 2022 19:35:05 GMT
content-type: image/png
last-modified: Tue, 20 Sep 2022 19:20:06 GMT
accept-ranges: bytes
etag: "1d8cd25fd9f75d6"
server: Kestrel
content-length: 726
strict-transport-security: max-age=2592000
X-Firefox-Spdy: h2

rule34.xyz/posts/3500/3500759/3500759.mov256.mp4

31.222.238.177

206 Partial Content

274 kB

URL HTTP/2
rule34.xyz/posts/3500/3500759/3500759.mov256.mp4
IP
31.222.238.177:0
ASN
#43624 Pq Hosting S.r.l.

File type
ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data
Size
274 kB (273710 bytes)
Hash
2ae2d315396876b8a642c3d9a06f0674
a7da3b7323bdfc19ff24c8d38630f069abf4ed53
8d58352c77e14a8d065c98e1ea7f30f6b2cf8cc27f1cfb33ef6b96eed31cb00c

HTTP Headers

GET /posts/3500/3500759/3500759.mov256.mp4 HTTP/1.1
Host: rule34.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://rule34.xyz/
Cookie: __PPU___PPU_SESSION_URL=%2F
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 206 Partial Content
cache-control: public,max-age=31536000
date: Tue, 20 Sep 2022 19:35:06 GMT
content-type: video/mp4
content-range: bytes 0-273709/273710
last-modified: Tue, 20 Sep 2022 19:23:29 GMT
accept-ranges: bytes
etag: "1d8cd26769ae3ae"
server: Kestrel
content-length: 273710
strict-transport-security: max-age=2592000
X-Firefox-Spdy: h2

rule34.xyz/ngsw-worker.js

31.222.238.177

200 OK

144 kB

URL HTTP/2
rule34.xyz/ngsw-worker.js
IP
31.222.238.177:0
ASN
#43624 Pq Hosting S.r.l.

File type
C++ source textAlgol 68 source text\012- Pascal source, ASCII text
Size
144 kB (144457 bytes)
Hash
f198dd031aa5e9954ce075455ba42676
b44316be1c1338e9e8bd30ee40946085916c58e4
b7e1ecb196061181fbb93845935de5d5a287f7a62a7dc9998e1bd781cedd14c9

HTTP Headers

GET /ngsw-worker.js HTTP/1.1
Host: rule34.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: __PPU___PPU_SESSION_URL=%2F; _ga=GA1.2.512631978.1663702507; _gid=GA1.2.1136460760.1663702507; _gat=1
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public,max-age=31536000
date: Tue, 20 Sep 2022 19:35:06 GMT
content-type: application/javascript
last-modified: Tue, 20 Sep 2022 19:20:06 GMT
accept-ranges: bytes
etag: "1d8cd25fd9d4349"
server: Kestrel
content-length: 144457
strict-transport-security: max-age=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
dda77a44a7f9eeb9bd828f659ccb7e22
9af43f88835600fd3206e4f18b0c1c2571a3959c
c8effed6366a20b26e104fc4f64d24213eb357d61e7683e28f812d0c21edd044

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 19:35:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-114324981-1&cid=512631978.1663702507&jid=947287161&gjid=237817440&_gid=1136460760.1663702507&_u=IEBAAEAAAAAAAC~&z=472704562

142.251.1.156

200 OK

4 B

URL HTTP/2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-114324981-1&cid=512631978.1663702507&jid=947287161&gjid=237817440&_gid=1136460760.1663702507&_u=IEBAAEAAAAAAAC~&z=472704562
IP
142.251.1.156:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
4 B (4 bytes)
Hash
48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a

HTTP Headers

POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-114324981-1&cid=512631978.1663702507&jid=947287161&gjid=237817440&_gid=1136460760.1663702507&_u=IEBAAEAAAAAAAC~&z=472704562 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://rule34.xyz
Connection: keep-alive
Referer: https://rule34.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: https://rule34.xyz
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 20 Sep 2022 19:35:08 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
fe5ffc0bb967bf39c053d24cdfae521a
87bc50876b1600714e2c29608bf4af00fbfbd23e
ceaf52d90eaf692a8da9f6c353d09011e26d8e2b971ec4c17fcbcab8676c70c3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CEAF52D90EAF692A8DA9F6C353D09011E26D8E2B971EC4C17FCBCAB8676C70C3"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7141
Expires: Tue, 20 Sep 2022 21:34:09 GMT
Date: Tue, 20 Sep 2022 19:35:08 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
fe5ffc0bb967bf39c053d24cdfae521a
87bc50876b1600714e2c29608bf4af00fbfbd23e
ceaf52d90eaf692a8da9f6c353d09011e26d8e2b971ec4c17fcbcab8676c70c3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CEAF52D90EAF692A8DA9F6C353D09011E26D8E2B971EC4C17FCBCAB8676C70C3"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7141
Expires: Tue, 20 Sep 2022 21:34:09 GMT
Date: Tue, 20 Sep 2022 19:35:08 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
fe5ffc0bb967bf39c053d24cdfae521a
87bc50876b1600714e2c29608bf4af00fbfbd23e
ceaf52d90eaf692a8da9f6c353d09011e26d8e2b971ec4c17fcbcab8676c70c3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CEAF52D90EAF692A8DA9F6C353D09011E26D8E2B971EC4C17FCBCAB8676C70C3"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7141
Expires: Tue, 20 Sep 2022 21:34:09 GMT
Date: Tue, 20 Sep 2022 19:35:08 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4c2e0de8-088f-449b-a3cb-bbb83e3883a6.jpeg

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4c2e0de8-088f-449b-a3cb-bbb83e3883a6.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11832 bytes)
Hash
2ed7323b395e757f7766ea0045efdaca
8b91bc3069a3217bc719c27959d578b353b5d9dc
8daf8cb1464daa5f72bc4f1049adb4aba00b2c2dec11cb3ade3454ec2ebbfb63

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4c2e0de8-088f-449b-a3cb-bbb83e3883a6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11832
x-amzn-requestid: 75065a71-5f2d-4987-915b-9bddc772c76a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YugI_EsLIAMFdmQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6328e09f-1248d25405209da3353d4a4a;Sampled=0
x-amzn-remapped-date: Mon, 19 Sep 2022 21:35:27 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: gLh2EBTPdXvFtZuYKH1NVZebvnz4Rhs-f_rZPtfJpIWNemEk0upeOQ==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 22:09:43 GMT
etag: "8b91bc3069a3217bc719c27959d578b353b5d9dc"
content-type: image/jpeg
age: 77125
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F28b8af49-2631-4a57-aeca-43e33f0f6d83.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11145 bytes)
Hash
c283017ec789693602177a2785177e21
ff8286c4d2cf87a1865d56d082bc5235dba60ad7
520db2567ad5529d35d2ac63b94d4186848382e9c86d0c4355ab979b34f0e0ab

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F28b8af49-2631-4a57-aeca-43e33f0f6d83.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11145
x-amzn-requestid: dcb726a6-2f43-4170-a53c-4f0d2883309e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yuh7yHfHIAMFu4g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6328e37e-11bf06e96123e01c11854cbb;Sampled=0
x-amzn-remapped-date: Mon, 19 Sep 2022 21:47:42 GMT
x-amz-cf-pop: SEA73-P2, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: oJyChyEdTbGx6oQCRy6IVMS8qU22LupFYn6FOii3p4BUVFyKnssQ7Q==
via: 1.1 b47618c03bd47cf085f27b1e215f76cc.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 22:05:54 GMT
age: 77354
etag: "ff8286c4d2cf87a1865d56d082bc5235dba60ad7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a91bc33-86f4-4bda-af70-da083ceb7c72.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (10894 bytes)
Hash
d3e70b2859ca89b353682d03f6b46b93
ebd83f29edd95217dfa4f4c7a94eddf34dd58b14
43ad8f8b0a664bbec39e0410c1201498a2d2e36e5bd7d5ece8d65b15230ec50b

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a91bc33-86f4-4bda-af70-da083ceb7c72.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10894
x-amzn-requestid: f7aad96e-af80-4db7-8bc1-d1e09a9b37e8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YeJQGHhOIAMFYuw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6322559a-538534e91448af217c59ab3d;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 22:28:42 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: P7aZQzmAvqn2rcHJUQjHo0Dcg8dsrqseey5mNOabfq1b857M4SUMDQ==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 10:06:02 GMT
age: 34146
etag: "ebd83f29edd95217dfa4f4c7a94eddf34dd58b14"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1d1af9c9-23b5-42e1-b7c6-655c21db6627.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.9 kB (9873 bytes)
Hash
7ca0c1a7f205ad07f1cce80b26448873
0e14f5062e40ce94346494ff947bfcf74b5e88c1
ebc960279032671136749823c126ec807334d9eaf2b019abcc63b41bcdbf4a7f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1d1af9c9-23b5-42e1-b7c6-655c21db6627.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9873
x-amzn-requestid: 7171299f-e6e3-40ef-a292-33779346e1ee
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YugI-FDIIAMF-xg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6328e09f-31f9413434a6b00e77e7709b;Sampled=0
x-amzn-remapped-date: Mon, 19 Sep 2022 21:35:27 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: evL3aL1ULo6B2a8Rp6iILKCX7F14O9HMSbEqkEY3XHFhmMptE8FaVw==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 22:09:44 GMT
age: 77124
etag: "0e14f5062e40ce94346494ff947bfcf74b5e88c1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

rule34.xyz/api/r/posts?id=tFPlfeEFyhID0_sv6G5ViA

31.222.238.177

101 Switching Protocols

0 B

URL HTTP/1.1
rule34.xyz/api/r/posts?id=tFPlfeEFyhID0_sv6G5ViA
IP
31.222.238.177:0
ASN
#43624 Pq Hosting S.r.l.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /api/r/posts?id=tFPlfeEFyhID0_sv6G5ViA HTTP/1.1
Host: rule34.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://rule34.xyz
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: OsZDKldxJ7PFy7AWPynJlQ==
Connection: keep-alive, Upgrade
Cookie: __PPU___PPU_SESSION_URL=%2F; _ga=GA1.2.512631978.1663702507; _gid=GA1.2.1136460760.1663702507; _gat=1
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Date: Tue, 20 Sep 2022 19:35:07 GMT
Server: Kestrel
Upgrade: websocket
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://rule34.xyz
Strict-Transport-Security: max-age=2592000
Sec-WebSocket-Accept: dy9S9VxJIT4vW1EkvtmltgxCgRk=

34.120.237.76

200 OK

9.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b9b6fcc-4a98-463a-8c9c-a60812d5b535.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.9 kB (9865 bytes)
Hash
1a7d863845e96c5927e812f325c08c16
b8484fb5443344b03e52dd56b1d6c5682eb6221a
fcb382029332a44deaf212298b618074a752d674d0c735a1b8b861ab4bb6ff0f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b9b6fcc-4a98-463a-8c9c-a60812d5b535.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9865
x-amzn-requestid: 7eeeff5b-cb13-4060-96a6-bf5a4be57331
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YugokGQVoAMFXmA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6328e169-4211dbbe1a22d0255a45aff0;Sampled=0
x-amzn-remapped-date: Mon, 19 Sep 2022 21:38:49 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 2kU9PLuzusMR04mNUdwbU6-120ESVhYJtNaIixERO68Vo9jEfP3JWg==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 22:04:47 GMT
age: 77421
etag: "b8484fb5443344b03e52dd56b1d6c5682eb6221a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc72c9eb8-103b-4d09-b405-97d1a7ae99a8.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.5 kB (9543 bytes)
Hash
30fbdfee7ec4513a5ff3dfcb7282f816
a852edb64a7220532aa619ab2a440c3a7e11b97a
4adee59f97bea412c6a0a786d0a27e431a497198b9047a75841b0a530803bdfe

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc72c9eb8-103b-4d09-b405-97d1a7ae99a8.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9543
x-amzn-requestid: 17be04c9-54f0-4988-82dd-f13911a2a629
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YugINHN1IAMF8iA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6328e09a-35496b4c21c23dec75257964;Sampled=0
x-amzn-remapped-date: Mon, 19 Sep 2022 21:35:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: -VBFetQNkmIiWeJtW5IOheaPLdDHM9iKhiGPzVcA3_KQk7Qha5VrXg==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 22:14:25 GMT
age: 76843
etag: "a852edb64a7220532aa619ab2a440c3a7e11b97a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
dda77a44a7f9eeb9bd828f659ccb7e22
9af43f88835600fd3206e4f18b0c1c2571a3959c
c8effed6366a20b26e104fc4f64d24213eb357d61e7683e28f812d0c21edd044

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 19:35:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.globalsign.com/gseccovsslca2018

104.18.21.226

200 OK

940 B

URL HTTP/1.1
ocsp.globalsign.com/gseccovsslca2018
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
940 B (940 bytes)
Hash
1d2617cd8bddac1e72660b5eab4efa3a
31aa7390c1fd0130883586c3c64d56cbd621e512
dab52ec321a5db369c660a977c7495a3039db1fff4490f0a8dd8a2e78568dee9

HTTP Headers

POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 20 Sep 2022 19:35:08 GMT
Content-Type: application/ocsp-response
Content-Length: 940
Connection: keep-alive
Expires: Sat, 24 Sep 2022 15:59:08 GMT
ETag: "31aa7390c1fd0130883586c3c64d56cbd621e512"
Last-Modified: Tue, 20 Sep 2022 15:59:09 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3019
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74dd00a46c64fac0-OSL

mc.yandex.ru/metrika/tag.js

87.250.251.119

200 OK

72 kB

URL HTTP/2
mc.yandex.ru/metrika/tag.js
IP
87.250.251.119:0
ASN
#13238 YANDEX LLC

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (593)
Size
72 kB (72207 bytes)
Hash
27e20c7dbfa3e9cb49571531093d3023
a0f047f86b421891cef771da8171160e831a8471
f25ce8f6f6a4fe1fda545849cc37eada3d1f12779d6411b02fcd16e5345e6d5d

HTTP Headers

GET /metrika/tag.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rule34.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-length: 72207
date: Tue, 20 Sep 2022 19:35:08 GMT
access-control-allow-origin: *
etag: "63295b76-11a0f"
expires: Tue, 20 Sep 2022 20:35:08 GMT
last-modified: Tue, 20 Sep 2022 09:19:34 GMT
cache-control: max-age=3600
content-encoding: br
content-type: application/javascript
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

region1.google-analytics.com/g/collect?v=2&tid=G-R4GRY2G49W&gtm=2oe9j0&_p=2025353057&cid=512631978.1663702507&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1663702508&sct=1&seg=0&dl=https%3A%2F%2Frule34.xyz%2F&dt=Rule%2034%20XYZ&en=page_view&_fv=1&_ss=1

216.239.34.36

204 No Content

0 B

URL HTTP/2
region1.google-analytics.com/g/collect?v=2&tid=G-R4GRY2G49W&gtm=2oe9j0&_p=2025353057&cid=512631978.1663702507&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1663702508&sct=1&seg=0&dl=https%3A%2F%2Frule34.xyz%2F&dt=Rule%2034%20XYZ&en=page_view&_fv=1&_ss=1
IP
216.239.34.36:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-R4GRY2G49W&gtm=2oe9j0&_p=2025353057&cid=512631978.1663702507&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1663702508&sct=1&seg=0&dl=https%3A%2F%2Frule34.xyz%2F&dt=Rule%2034%20XYZ&en=page_view&_fv=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rule34.xyz/
Origin: https://rule34.xyz
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://rule34.xyz
date: Tue, 20 Sep 2022 19:35:09 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
c53364cae0510b97de38fb4b3396ff56
d6088b7fe775ebc077d116271fbe7fce898c06f0
2df909d86d97fbb9a27dd94ca9335ea29eae8f9325fccc8d0ef00a4f7cd7cdc6

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 19:35:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
0180bad73e9143c70a43e0065c4a8072
035340a6bdb7d6438d9e1c5cfa1d5bd0928d98e4
c74f5ac8268c64bc64d08fe4da689750b91c40462265e8ce1b815d202889f3e7

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 19:35:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

mc.yandex.ru/metrika/advert.gif

87.250.251.119

200 OK

43 B

URL HTTP/2
mc.yandex.ru/metrika/advert.gif
IP
87.250.251.119:0
ASN
#13238 YANDEX LLC

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

HTTP Headers

GET /metrika/advert.gif HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rule34.xyz/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-length: 43
date: Tue, 20 Sep 2022 19:35:09 GMT
access-control-allow-origin: *
etag: "63295b76-2b"
expires: Tue, 20 Sep 2022 20:35:09 GMT
accept-ranges: bytes
last-modified: Tue, 20 Sep 2022 09:19:34 GMT
cache-control: max-age=3600
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-114324981-1&cid=512631978.1663702507&jid=947287161&_u=IEBAAEAAAAAAAC~&z=1041853443

142.250.74.164

200 OK

42 B

URL HTTP/2
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-114324981-1&cid=512631978.1663702507&jid=947287161&_u=IEBAAEAAAAAAAC~&z=1041853443
IP
142.250.74.164:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-114324981-1&cid=512631978.1663702507&jid=947287161&_u=IEBAAEAAAAAAAC~&z=1041853443 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rule34.xyz/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 20 Sep 2022 19:35:09 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-114324981-1&cid=512631978.1663702507&jid=947287161&_u=IEBAAEAAAAAAAC~&z=1041853443

142.250.74.3

200 OK

42 B

URL HTTP/2
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-114324981-1&cid=512631978.1663702507&jid=947287161&_u=IEBAAEAAAAAAAC~&z=1041853443
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-114324981-1&cid=512631978.1663702507&jid=947287161&_u=IEBAAEAAAAAAAC~&z=1041853443 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rule34.xyz/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 20 Sep 2022 19:35:09 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
0180bad73e9143c70a43e0065c4a8072
035340a6bdb7d6438d9e1c5cfa1d5bd0928d98e4
c74f5ac8268c64bc64d08fe4da689750b91c40462265e8ce1b815d202889f3e7

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 19:35:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
bb4bdc4c3c6869c822618f0b9ef1bdc5
6a438b8d9d87aa30e0989ace7fc0d4cafce1f29d
eb762661b0a0ecc4ccdf50229ce134d0062e8d60698b7ed1970c5073b18f31ac

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Sep 2022 19:35:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

mc.yandex.ru/watch/90294615/1?wmode=7&page-url=https%3A%2F%2Frule34.xyz%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Abkhw48i07cggsex1juigo%3Afp%3A1214%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A903%3Acn%3A1%3Adp%3A0%3Als%3A600316239630%3Ahid%3A887159998%3Az%3A0%3Ai%3A20220920193508%3Aet%3A1663702509%3Ac%3A1%3Arn%3A410093281%3Arqn%3A1%3Au%3A166370250973568314%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A1%2C90%2C36%2C0%2C319%2C0%2C%2C483%2C635%2C2668%2C2668%2C1%2C1255%3Ans%3A1663702505096%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1663702509%3At%3ARule%2034%20XYZ&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29

87.250.251.119

200 OK

407 B

URL HTTP/2
mc.yandex.ru/watch/90294615/1?wmode=7&page-url=https%3A%2F%2Frule34.xyz%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Abkhw48i07cggsex1juigo%3Afp%3A1214%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A903%3Acn%3A1%3Adp%3A0%3Als%3A600316239630%3Ahid%3A887159998%3Az%3A0%3Ai%3A20220920193508%3Aet%3A1663702509%3Ac%3A1%3Arn%3A410093281%3Arqn%3A1%3Au%3A166370250973568314%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A1%2C90%2C36%2C0%2C319%2C0%2C%2C483%2C635%2C2668%2C2668%2C1%2C1255%3Ans%3A1663702505096%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1663702509%3At%3ARule%2034%20XYZ&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29
IP
87.250.251.119:0
ASN
#13238 YANDEX LLC

File type
JSON data\012- , ASCII text, with very long lines (407), with no line terminators
Size
407 B (407 bytes)
Hash
4834a1a00a0d9e08173921d146ec14ae
64c8d4e9c4721e90fa8286f317652eba63631d68
eee40d7647e07ab64f3ea5fb5ad06681417c2446a44141d7af4b4accc9a8dc06

HTTP Headers

GET /watch/90294615/1?wmode=7&page-url=https%3A%2F%2Frule34.xyz%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Abkhw48i07cggsex1juigo%3Afp%3A1214%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A903%3Acn%3A1%3Adp%3A0%3Als%3A600316239630%3Ahid%3A887159998%3Az%3A0%3Ai%3A20220920193508%3Aet%3A1663702509%3Ac%3A1%3Arn%3A410093281%3Arqn%3A1%3Au%3A166370250973568314%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A1%2C90%2C36%2C0%2C319%2C0%2C%2C483%2C635%2C2668%2C2668%2C1%2C1255%3Ans%3A1663702505096%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1663702509%3At%3ARule%2034%20XYZ&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29 HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://rule34.xyz
Referer: https://rule34.xyz/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-length: 407
date: Tue, 20 Sep 2022 19:35:09 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://rule34.xyz
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Tue, 20-Sep-2022 19:35:09 GMT
last-modified: Tue, 20-Sep-2022 19:35:09 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: application/json; charset=utf-8
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

rule34.xyz/10-es2015.0436f502c4c85d25b696.js

31.222.238.177

200 OK

5.7 kB

URL HTTP/2
rule34.xyz/10-es2015.0436f502c4c85d25b696.js
IP
31.222.238.177:0
ASN
#43624 Pq Hosting S.r.l.

File type
ASCII text, with very long lines (5739), with no line terminators
Size
5.7 kB (5739 bytes)
Hash
3f22018115bfd2db16778de786901834
84b09d73f045a9a3c01ab30aedde29767a170329
aafbf44a19623961d2a2b5c6203680ca832bb3d3e5ed5de9949d313714a9cbac

HTTP Headers

GET /10-es2015.0436f502c4c85d25b696.js HTTP/1.1
Host: rule34.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rule34.xyz/ngsw-worker.js
Connection: keep-alive
Cookie: __PPU___PPU_SESSION_URL=%2F; _ga=GA1.1.512631978.1663702507; _gid=GA1.2.1136460760.1663702507; _gat=1; _ga_R4GRY2G49W=GS1.1.1663702508.1.0.1663702508.0.0.0; _ym_uid=166370250973568314; _ym_d=1663702509; _ym_isad=2; _ym_visorc=b
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public,max-age=31536000
date: Tue, 20 Sep 2022 19:35:13 GMT
content-type: application/javascript
last-modified: Tue, 20 Sep 2022 19:20:05 GMT
accept-ranges: bytes
etag: "1d8cd25fd06f6eb"
server: Kestrel
content-length: 5739
strict-transport-security: max-age=2592000
X-Firefox-Spdy: h2

rule34.xyz/10-es5.0436f502c4c85d25b696.js

31.222.238.177

200 OK

7.0 kB

URL HTTP/2
rule34.xyz/10-es5.0436f502c4c85d25b696.js
IP
31.222.238.177:0
ASN
#43624 Pq Hosting S.r.l.

File type
ASCII text, with very long lines (6986), with no line terminators
Size
7.0 kB (6986 bytes)
Hash
cf398a2d653f9ed393021c77ff9a98d0
bb244f5f5127d4de794dc964824a1c60d7af258c
7dfd38750d4e2574a0c3b9f6d545e40600445e58c80d0f43ed03a40b25fdef69

HTTP Headers

GET /10-es5.0436f502c4c85d25b696.js HTTP/1.1
Host: rule34.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rule34.xyz/ngsw-worker.js
Connection: keep-alive
Cookie: __PPU___PPU_SESSION_URL=%2F; _ga=GA1.1.512631978.1663702507; _gid=GA1.2.1136460760.1663702507; _gat=1; _ga_R4GRY2G49W=GS1.1.1663702508.1.0.1663702508.0.0.0; _ym_uid=166370250973568314; _ym_d=1663702509; _ym_isad=2; _ym_visorc=b
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public,max-age=31536000
date: Tue, 20 Sep 2022 19:35:13 GMT
content-type: application/javascript
last-modified: Tue, 20 Sep 2022 19:20:05 GMT
accept-ranges: bytes
etag: "1d8cd25fd06fbca"
server: Kestrel
content-length: 6986
strict-transport-security: max-age=2592000
X-Firefox-Spdy: h2

rule34.xyz/11-es2015.9b5c908c89b6a2ce2352.js

31.222.238.177

200 OK

11 kB

URL HTTP/2
rule34.xyz/11-es2015.9b5c908c89b6a2ce2352.js
IP
31.222.238.177:0
ASN
#43624 Pq Hosting S.r.l.

File type
ASCII text, with very long lines (11241), with no line terminators
Size
11 kB (11241 bytes)
Hash
3397e9465f84512af5c56793eb1c34ec
7e0a9f3ec71ad8c87108109bf73cd5118d9300dc
b612338c9b9cf8f600a1568c80a54942544379bbaa8d0d61bb51bc4ea13553a1

HTTP Headers

GET /11-es2015.9b5c908c89b6a2ce2352.js HTTP/1.1
Host: rule34.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rule34.xyz/ngsw-worker.js
Connection: keep-alive
Cookie: __PPU___PPU_SESSION_URL=%2F; _ga=GA1.1.512631978.1663702507; _gid=GA1.2.1136460760.1663702507; _gat=1; _ga_R4GRY2G49W=GS1.1.1663702508.1.0.1663702508.0.0.0; _ym_uid=166370250973568314; _ym_d=1663702509; _ym_isad=2; _ym_visorc=b
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public,max-age=31536000
date: Tue, 20 Sep 2022 19:35:13 GMT
content-type: application/javascript
last-modified: Tue, 20 Sep 2022 19:20:05 GMT
accept-ranges: bytes
etag: "1d8cd25fd06cb69"
server: Kestrel
content-length: 11241
strict-transport-security: max-age=2592000
X-Firefox-Spdy: h2

rule34.xyz/11-es5.9b5c908c89b6a2ce2352.js

31.222.238.177

200 OK

12 kB

URL HTTP/2
rule34.xyz/11-es5.9b5c908c89b6a2ce2352.js
IP
31.222.238.177:0
ASN
#43624 Pq Hosting S.r.l.

File type
ASCII text, with very long lines (12325), with no line terminators
Size
12 kB (12325 bytes)
Hash
2cecea096671c92693fc3822e26b5720
e9ab2f65ec2e470057daa94bf963ad8e1649edb1
e995559623fb0f6e2a5f33ed9ca5ebb3c9888ded9de3c358ff0a1d2167c08e77

HTTP Headers

GET /11-es5.9b5c908c89b6a2ce2352.js HTTP/1.1
Host: rule34.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rule34.xyz/ngsw-worker.js
Connection: keep-alive
Cookie: __PPU___PPU_SESSION_URL=%2F; _ga=GA1.1.512631978.1663702507; _gid=GA1.2.1136460760.1663702507; _gat=1; _ga_R4GRY2G49W=GS1.1.1663702508.1.0.1663702508.0.0.0; _ym_uid=166370250973568314; _ym_d=1663702509; _ym_isad=2; _ym_visorc=b
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public,max-age=31536000
date: Tue, 20 Sep 2022 19:35:13 GMT
content-type: application/javascript
last-modified: Tue, 20 Sep 2022 19:20:05 GMT
accept-ranges: bytes
etag: "1d8cd25fd06d0a5"
server: Kestrel
content-length: 12325
strict-transport-security: max-age=2592000
X-Firefox-Spdy: h2

rule34.xyz/12-es2015.87a72d4af2eafe9f8a29.js

31.222.238.177

200 OK

22 kB

URL HTTP/2
rule34.xyz/12-es2015.87a72d4af2eafe9f8a29.js
IP
31.222.238.177:0
ASN
#43624 Pq Hosting S.r.l.

File type
ASCII text, with very long lines (21684), with no line terminators
Size
22 kB (21684 bytes)
Hash
1201f2b1697a66fefb14f850dbad1025
7d94d86e22012e49ad6988fc8d106132757cd6cb
c11cf73362018fc07070d253afb5a555e4ffd9641c5f29e80025045856f0a884

HTTP Headers

GET /12-es2015.87a72d4af2eafe9f8a29.js HTTP/1.1
Host: rule34.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rule34.xyz/ngsw-worker.js
Connection: keep-alive
Cookie: __PPU___PPU_SESSION_URL=%2F; _ga=GA1.1.512631978.1663702507; _gid=GA1.2.1136460760.1663702507; _gat=1; _ga_R4GRY2G49W=GS1.1.1663702508.1.0.1663702508.0.0.0; _ym_uid=166370250973568314; _ym_d=1663702509; _ym_isad=2; _ym_visorc=b
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public,max-age=31536000
date: Tue, 20 Sep 2022 19:35:13 GMT
content-type: application/javascript
last-modified: Tue, 20 Sep 2022 19:20:05 GMT
accept-ranges: bytes
etag: "1d8cd25fd06b434"
server: Kestrel
content-length: 21684
strict-transport-security: max-age=2592000
X-Firefox-Spdy: h2

rule34.xyz/12-es5.87a72d4af2eafe9f8a29.js

31.222.238.177

200 OK

24 kB

URL HTTP/2
rule34.xyz/12-es5.87a72d4af2eafe9f8a29.js
IP
31.222.238.177:0
ASN
#43624 Pq Hosting S.r.l.

File type
ASCII text, with very long lines (24448), with no line terminators
Size
24 kB (24448 bytes)
Hash
3c6971902782e4f915931977f734c15b
6e1643d205bd2e0ce89865a1fb673fbf2959a085
9da1c7b9339fa77be687577051c212fca948105d71d3d51cb928fd6adc99a83f

HTTP Headers

GET /12-es5.87a72d4af2eafe9f8a29.js HTTP/1.1
Host: rule34.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rule34.xyz/ngsw-worker.js
Connection: keep-alive
Cookie: __PPU___PPU_SESSION_URL=%2F; _ga=GA1.1.512631978.1663702507; _gid=GA1.2.1136460760.1663702507; _gat=1; _ga_R4GRY2G49W=GS1.1.1663702508.1.0.1663702508.0.0.0; _ym_uid=166370250973568314; _ym_d=1663702509; _ym_isad=2; _ym_visorc=b
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public,max-age=31536000
date: Tue, 20 Sep 2022 19:35:14 GMT
content-type: application/javascript
last-modified: Tue, 20 Sep 2022 19:20:05 GMT
accept-ranges: bytes
etag: "1d8cd25fd06bf00"
server: Kestrel
content-length: 24448
strict-transport-security: max-age=2592000
X-Firefox-Spdy: h2

rule34.xyz/6-es2015.57a6bf094d63d3773676.js

31.222.238.177

200 OK

666 kB

URL HTTP/2
rule34.xyz/6-es2015.57a6bf094d63d3773676.js
IP
31.222.238.177:0
ASN
#43624 Pq Hosting S.r.l.

File type
ASCII text, with very long lines (65536), with no line terminators
Size
666 kB (665882 bytes)
Hash
fa21ab447af338b13eab0953112ebeb2
681fdc4e3468ef09b581aef4041f0f29ac4a22ba
0a084eb8b274ddea11121611a53f5768cc9a0bdabb465762c1a8bac8bf513cdc

HTTP Headers

GET /6-es2015.57a6bf094d63d3773676.js HTTP/1.1
Host: rule34.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rule34.xyz/ngsw-worker.js
Connection: keep-alive
Cookie: __PPU___PPU_SESSION_URL=%2F; _ga=GA1.1.512631978.1663702507; _gid=GA1.2.1136460760.1663702507; _gat=1; _ga_R4GRY2G49W=GS1.1.1663702508.1.0.1663702508.0.0.0; _ym_uid=166370250973568314; _ym_d=1663702509; _ym_isad=2; _ym_visorc=b
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public,max-age=31536000
date: Tue, 20 Sep 2022 19:35:14 GMT
content-type: application/javascript
last-modified: Tue, 20 Sep 2022 19:20:05 GMT
accept-ranges: bytes
etag: "1d8cd25fd0cc99a"
server: Kestrel
content-length: 665882
strict-transport-security: max-age=2592000
X-Firefox-Spdy: h2

mc.yandex.ru/watch/90294615?wmode=7&page-url=https%3A%2F%2Frule34.xyz%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Abkhw48i07cggsex1juigo%3Afp%3A1214%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A903%3Acn%3A1%3Adp%3A0%3Als%3A600316239630%3Ahid%3A887159998%3Az%3A0%3Ai%3A20220920193508%3Aet%3A1663702509%3Ac%3A1%3Arn%3A410093281%3Arqn%3A1%3Au%3A166370250973568314%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A1%2C90%2C36%2C0%2C319%2C0%2C%2C483%2C635%2C2668%2C2668%2C1%2C1255%3Ans%3A1663702505096%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1663702509%3At%3ARule%2034%20XYZ&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2)

87.250.251.119

302 Found

0 B

URL HTTP/2
mc.yandex.ru/watch/90294615?wmode=7&page-url=https%3A%2F%2Frule34.xyz%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Abkhw48i07cggsex1juigo%3Afp%3A1214%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A903%3Acn%3A1%3Adp%3A0%3Als%3A600316239630%3Ahid%3A887159998%3Az%3A0%3Ai%3A20220920193508%3Aet%3A1663702509%3Ac%3A1%3Arn%3A410093281%3Arqn%3A1%3Au%3A166370250973568314%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A1%2C90%2C36%2C0%2C319%2C0%2C%2C483%2C635%2C2668%2C2668%2C1%2C1255%3Ans%3A1663702505096%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1663702509%3At%3ARule%2034%20XYZ&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2)
IP
87.250.251.119:0
ASN
#13238 YANDEX LLC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /watch/90294615?wmode=7&page-url=https%3A%2F%2Frule34.xyz%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Abkhw48i07cggsex1juigo%3Afp%3A1214%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A903%3Acn%3A1%3Adp%3A0%3Als%3A600316239630%3Ahid%3A887159998%3Az%3A0%3Ai%3A20220920193508%3Aet%3A1663702509%3Ac%3A1%3Arn%3A410093281%3Arqn%3A1%3Au%3A166370250973568314%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A1%2C90%2C36%2C0%2C319%2C0%2C%2C483%2C635%2C2668%2C2668%2C1%2C1255%3Ans%3A1663702505096%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1663702509%3At%3ARule%2034%20XYZ&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rule34.xyz/
Origin: https://rule34.xyz
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 302 Found
location: /watch/90294615/1?wmode=7&page-url=https%3A%2F%2Frule34.xyz%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Abkhw48i07cggsex1juigo%3Afp%3A1214%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A903%3Acn%3A1%3Adp%3A0%3Als%3A600316239630%3Ahid%3A887159998%3Az%3A0%3Ai%3A20220920193508%3Aet%3A1663702509%3Ac%3A1%3Arn%3A410093281%3Arqn%3A1%3Au%3A166370250973568314%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A1%2C90%2C36%2C0%2C319%2C0%2C%2C483%2C635%2C2668%2C2668%2C1%2C1255%3Ans%3A1663702505096%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1663702509%3At%3ARule%2034%20XYZ&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29
date: Tue, 20 Sep 2022 19:35:09 GMT
access-control-allow-origin: https://rule34.xyz
set-cookie: yandexuid=5677057411663702509; Expires=Wed, 20-Sep-2023 19:35:09 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=5677057411663702509; Expires=Wed, 20-Sep-2023 19:35:09 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yabs-sid=176463831663702509; Path=/; SameSite=None; Secure
i=DL5RepXsEWzhUdK/iXxEsArmYDlTT63cQeQUbodbVFjH5C43G8nKU2rKCjt3Zx/y+lc5/KiYDVl97boajdjonnTOfPM=; Expires=Fri, 17-Sep-2032 19:35:06 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
ymex=1695238509.yrts.1663702509#1695238509.yrtsi.1663702509; Expires=Wed, 20-Sep-2023 19:35:09 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Tue, 20-Sep-2022 19:35:09 GMT
last-modified: Tue, 20-Sep-2022 19:35:09 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

bg4nxu2u5t.com/aas/r45d/vki/1937894/b69dad17.js

62.122.171.6

200 OK

0 B

URL HTTP/2
bg4nxu2u5t.com/aas/r45d/vki/1937894/b69dad17.js
IP
62.122.171.6:0
ASN
#50245 Serverel Inc.

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /aas/r45d/vki/1937894/b69dad17.js HTTP/1.1
Host: bg4nxu2u5t.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rule34.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 19:35:05 GMT
content-type: application/javascript
last-modified: Wed, 07 Sep 2022 13:38:24 GMT
vary: Accept-Encoding
etag: W/"63189ed0-1091a"
x-js-ab1: current
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2

bg4nxu2u5t.com/get/1937894?zoneid=1937894&jp=_cld6e353pe5u1wxc9sp18r&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=7145906825217671

62.122.171.6

200 OK

0 B

URL HTTP/2
bg4nxu2u5t.com/get/1937894?zoneid=1937894&jp=_cld6e353pe5u1wxc9sp18r&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=7145906825217671
IP
62.122.171.6:0
ASN
#50245 Serverel Inc.

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /get/1937894?zoneid=1937894&jp=_cld6e353pe5u1wxc9sp18r&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=7145906825217671 HTTP/1.1
Host: bg4nxu2u5t.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rule34.xyz/
Cookie: UID=220920143526761d449adf4e14a8d7a654f0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 19:35:06 GMT
content-type: text/javascript
vary: Accept-Encoding
x-route-id: config
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2

rule34.xyz/ngsw.json?ngsw-cache-bust=0.13899997326018765

31.222.238.177

200 OK

0 B

URL HTTP/2
rule34.xyz/ngsw.json?ngsw-cache-bust=0.13899997326018765
IP
31.222.238.177:0
ASN
#43624 Pq Hosting S.r.l.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /ngsw.json?ngsw-cache-bust=0.13899997326018765 HTTP/1.1
Host: rule34.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://rule34.xyz/ngsw-worker.js
Connection: keep-alive
Cookie: __PPU___PPU_SESSION_URL=%2F; _ga=GA1.2.512631978.1663702507; _gid=GA1.2.1136460760.1663702507; _gat=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=31536000
date: Tue, 20 Sep 2022 19:35:08 GMT
content-type: application/json; charset=utf-8
content-encoding: gzip
last-modified: Fri, 16 Sep 2022 10:27:45 GMT
accept-ranges: bytes
etag: W/"1b1f-18345d70ce8"
server: Kestrel
vary: Accept-Encoding
strict-transport-security: max-age=2592000
x-powered-by: Express
X-Firefox-Spdy: h2

rule34.xyz/

31.222.238.177

200 OK

0 B

URL HTTP/2
rule34.xyz/
IP
31.222.238.177:0
ASN
#43624 Pq Hosting S.r.l.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET / HTTP/1.1
Host: rule34.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
date: Tue, 20 Sep 2022 19:35:05 GMT
content-type: text/html; charset=utf-8
content-encoding: gzip
etag: W/"41b97-7wsYEXjPoy9hvKwhChC57kDMdV4"
server: Kestrel
vary: Accept-Encoding
strict-transport-security: max-age=2592000
x-powered-by: Express
X-Firefox-Spdy: h2

bg4nxu2u5t.com/get/1780566?zoneid=1780566&jp=_clxpepora9gks0vp05w9fj&nojs=0&ix=0&abvar=28&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=7990331755371059

62.122.171.6

200 OK

0 B

URL HTTP/2
bg4nxu2u5t.com/get/1780566?zoneid=1780566&jp=_clxpepora9gks0vp05w9fj&nojs=0&ix=0&abvar=28&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=7990331755371059
IP
62.122.171.6:0
ASN
#50245 Serverel Inc.

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /get/1780566?zoneid=1780566&jp=_clxpepora9gks0vp05w9fj&nojs=0&ix=0&abvar=28&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=7990331755371059 HTTP/1.1
Host: bg4nxu2u5t.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rule34.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 20 Sep 2022 19:35:06 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-route-id: config
set-cookie: UID=220920143526761d449adf4e14a8d7a654f0; Path=/; Expires=Wed, 20 Sep 2023 19:35:06 GMT; HttpOnly; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (14)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations