firefox.settings.services.mozilla.com/v1/
143.204.55.35200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash b593eb39329cfe060d55be5e4a5405e2
78e46c1028e9f94f8569303ad2d90d7df13a059a
08a810103557efe55ca4425ff0cf82593f1f54633df899127eaec9bee05d4d04
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Content-Length, Content-Type, Backoff
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 31 Aug 2022 06:26:22 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 6a757ab2991da716151f94ca00b38098.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: buhPMQ5ZwCN-3tkSJeA8btcJHTmlK3-RchggyglY1_4vXm1YOHFWhg==
Age: 2655
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 517693963cc46e7a35a054296d0edfd5
11dfcd7e118e5f8d31e664e56ac29c57f973b8b3
ece269e8b9be8a5839d75c1343823d68b96930c593c2e3e8d522999176ee3149
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "ECE269E8B9BE8A5839D75C1343823D68B96930C593C2E3E8D522999176EE3149"
Last-Modified: Mon, 29 Aug 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5003
Expires: Wed, 31 Aug 2022 08:34:00 GMT
Date: Wed, 31 Aug 2022 07:10:37 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.110200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.110:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Wed, 31 Aug 2022 02:27:05 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 2afd697fc5d0058ea30d6c4b939e714c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: kGWafSA0jiTnlSywYlX3uBrovFHDsWBAijtzNX_lXF806g6gSSiH_Q==
age: 17013
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 31 Aug 2022 07:10:38 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.35200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Cache-Control, Pragma, Backoff, Last-Modified, ETag, Expires, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Wed, 31 Aug 2022 06:17:12 GMT
Cache-Control: max-age=3600
Expires: Wed, 31 Aug 2022 06:36:56 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 6cb1d4b545e7beb4ead790454f4807c6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Z4AbPGbYFc85C6t3A7r27XN4XkEyiD781lywofr_bJq2GmVOHCJy3w==
Age: 3206
nytesgoal.com/
94.242.61.186200 OK 14 kB IP 94.242.61.186:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8047), with CRLF, LF line terminators
Hash ee1c5546a736058f5e7158173c002d83
0edfa71c6f6345660c5bc357a91dd962703174d5
564e94f38aa31a0a4212ed9fb94445bc0282e4a3ac392962f2983492dd710de4
GET / HTTP/1.1
Host: nytesgoal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html; charset=UTF-8
link: <https://nytesgoal.com/wp-json/>; rel="https://api.w.org/"
transfer-encoding: chunked
content-encoding: gzip
vary: Accept-Encoding,User-Agent
date: Wed, 31 Aug 2022 07:10:38 GMT
server: LiteSpeed
achcdn.com/script/atg.js
172.67.151.56200 OK 32 kB IP 172.67.151.56:0
File type Unicode text, UTF-8 text, with very long lines (37217), with NEL line terminators
Hash c17a463369fa03f36d87be9675e80fd2
eb19f8cce5899a96b0816ee9a7dbb46025d91c63
5260b256c772c17ae0ec1894028b737d096490c3ee41955a49a3c5cf23f52722
GET /script/atg.js HTTP/1.1
Host: achcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nytesgoal.com/
HTTP/1.1 200 OK
Date: Wed, 31 Aug 2022 07:10:38 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
X-GUploader-UploadID: ADPycdsnyIg5sXYEA_RbTgBT8d5aCunLzXBOnuKdacNFekzddQLdNqBZeXaYtoY_Bw2d8_NhqxzlGY4Qf9LiFPExWsEeUg
x-goog-generation: 1660138442795270
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 97005
x-goog-hash: crc32c=QCQh4w==, md5=jghCltVtyD1BQZRYYuc59g==
x-goog-storage-class: MULTI_REGIONAL
Access-Control-Allow-Origin: *
Expires: Wed, 31 Aug 2022 06:45:24 GMT
Cache-Control: public, max-age=14400
Last-Modified: Wed, 10 Aug 2022 13:34:02 GMT
ETag: W/"8e084296d56dc83d4141945862e739f6"
Age: 3575
CF-Cache-Status: HIT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IivOPgtHahLjSyBxocsDagxAj9%2BtBoK88wTaR3H2P9o6CGLIparoqKeotytqbRHrqEypSkEZPVDhaHv0d54mH%2Bf%2BljXLgRLTmRIY%2BuKF79b0wHunlgn6AcNRfrGb"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7433f292dc350b59-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
fonts.googleapis.com/css?family=Open+Sans%7CLato%3A300%2C400%2C400i%2C500%2C600%2C700&ver=6.0.2
142.250.74.10200 OK 739 B URL HTTP/1.1 fonts.googleapis.com/css?family=Open+Sans%7CLato%3A300%2C400%2C400i%2C500%2C600%2C700&ver=6.0.2
IP 142.250.74.10:0
Hash 5199c5f4dfdf8377ce21484aa5907adf
08c448ded1f90da37ab4d21414e162d50fa066cd
18553f370a66244b5ffdcb545cecc143ee43a9aa4ea9ac59749e7cde608303cb
GET /css?family=Open+Sans%7CLato%3A300%2C400%2C400i%2C500%2C600%2C700&ver=6.0.2 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nytesgoal.com/
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Wed, 31 Aug 2022 07:10:38 GMT
Date: Wed, 31 Aug 2022 07:10:38 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin-allow-popups
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
acdcdn.com/script/ippg.js
172.67.134.145200 OK 38 kB URL HTTP/1.1 acdcdn.com/script/ippg.js
IP 172.67.134.145:0
File type Unicode text, UTF-8 text, with very long lines (43546), with NEL line terminators
Hash ab0a746fd316e563662f3bea5cc5f8aa
5896bdce5cb563304e20795cee5049fdcec63247
420a858dbd807d33ef190ef8ed30405943e014b82071cd4e506e1806ee54e03a
GET /script/ippg.js HTTP/1.1
Host: acdcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nytesgoal.com/
HTTP/1.1 200 OK
Date: Wed, 31 Aug 2022 07:10:38 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
X-GUploader-UploadID: ADPycdvghGHXLGo97A70Uy7a62bj_WgPSsxrg3Oq0NTw2UTL4AtP2IAbmgrmTddR69_UEVxE4Tv9N5IMUgaYCOYBQy0I
Expires: Wed, 31 Aug 2022 07:58:36 GMT
Cache-Control: public, max-age=14400
Last-Modified: Tue, 23 Aug 2022 12:55:44 GMT
ETag: W/"19bd97667ab7ce92b4860d2b6431db2d"
x-goog-generation: 1661259344618739
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 127045
x-goog-hash: crc32c=rafFLA==, md5=Gb2XZnq3zpK0hg0rZDHbLQ==
x-goog-storage-class: MULTI_REGIONAL
Access-Control-Allow-Origin: *
CF-Cache-Status: HIT
Age: 432
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l7nEl5i0KnYnTXQma7nSlfwPZUSv%2BzqfL5eL%2FJxDn6bx3k%2FDYsVm6XYpMEchhII1BLlBDk8yZ5ucxEBQ1yzGKpuoDuHnQlxroGh7d0BlGRxq1k%2FSWqAYu%2BUNNezn"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7433f292ef8db4f4-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
nytesgoal.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2
94.242.61.186200 OK 12 kB URL HTTP/1.1 nytesgoal.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2
IP 94.242.61.186:0
File type ASCII text, with very long lines (43771)
Hash ad7a4eb645a7c803e8aa5fb06636d485
4cee4d244c7b280a3b159f22039a744441683c46
cf3ba5d4ef256c6f4583f414fd6899bf7849ba0e12d78862e3b85f6c933aba83
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.0.2 HTTP/1.1
Host: nytesgoal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nytesgoal.com/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Wed, 07 Sep 2022 07:10:38 GMT
content-type: text/css
last-modified: Tue, 12 Jul 2022 22:50:47 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 11557
date: Wed, 31 Aug 2022 07:10:38 GMT
server: LiteSpeed
nytesgoal.com/wp-content/plugins/cookie-law-info/public/css/cookie-law-info-public.css?ver=2.1.2
94.242.61.186200 OK 952 B URL HTTP/1.1 nytesgoal.com/wp-content/plugins/cookie-law-info/public/css/cookie-law-info-public.css?ver=2.1.2
IP 94.242.61.186:0
Hash 75651cc9ab80a92859285aad43028f68
e2fdd2b1cdd166773a3164f0e73aea875e4dc09c
4c6d703bfb4d5ce9546b0b0136cf2957cba616af4be7961b90d2dbd11e11e0f4
GET /wp-content/plugins/cookie-law-info/public/css/cookie-law-info-public.css?ver=2.1.2 HTTP/1.1
Host: nytesgoal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nytesgoal.com/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Wed, 07 Sep 2022 07:10:38 GMT
content-type: text/css
last-modified: Wed, 13 Jul 2022 05:04:18 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 952
date: Wed, 31 Aug 2022 07:10:38 GMT
server: LiteSpeed
nytesgoal.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.1
94.242.61.186200 OK 969 B URL HTTP/1.1 nytesgoal.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.1
IP 94.242.61.186:0
Hash 0e10a84a97cb7e866bfadddafecb4d84
5b4b961bc3393c4f0ddc83753b219b26c83baafe
5a97859a1a8ddef3b8e5a7fb7fab930507b0a319975d6e3aadfab51bc83cdd58
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.1 HTTP/1.1
Host: nytesgoal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nytesgoal.com/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Wed, 07 Sep 2022 07:10:38 GMT
content-type: text/css
last-modified: Thu, 28 Jul 2022 12:07:43 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 969
date: Wed, 31 Aug 2022 07:10:38 GMT
server: LiteSpeed
nytesgoal.com/wp-content/plugins/cookie-law-info/public/css/cookie-law-info-gdpr.css?ver=2.1.2
94.242.61.186200 OK 4.4 kB URL HTTP/1.1 nytesgoal.com/wp-content/plugins/cookie-law-info/public/css/cookie-law-info-gdpr.css?ver=2.1.2
IP 94.242.61.186:0
Hash 20182f1c6951d7ab1223b546b0700e35
4853187a67c13a129410c727bb598d67d97acd48
0dee5ee6d687898abfdd054f22a621dd20d0465dad2b5948dc07dc80af1ca43c
GET /wp-content/plugins/cookie-law-info/public/css/cookie-law-info-gdpr.css?ver=2.1.2 HTTP/1.1
Host: nytesgoal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nytesgoal.com/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Wed, 07 Sep 2022 07:10:38 GMT
content-type: text/css
last-modified: Wed, 13 Jul 2022 05:04:18 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 4383
date: Wed, 31 Aug 2022 07:10:38 GMT
server: LiteSpeed
nytesgoal.com/wp-content/themes/magbook/assets/font-awesome/css/font-awesome.min.css?ver=6.0.2
94.242.61.186200 OK 6.9 kB URL HTTP/1.1 nytesgoal.com/wp-content/themes/magbook/assets/font-awesome/css/font-awesome.min.css?ver=6.0.2
IP 94.242.61.186:0
File type ASCII text, with very long lines (30837)
Hash d6c8c1428db744943001ade348510e65
83e16acc875a5e3559526ac3c3f31c471dc77d4c
13de46b403869629f28eb7e5c1403f714372b09b5eb8ecbe3a5955ba94debf16
GET /wp-content/themes/magbook/assets/font-awesome/css/font-awesome.min.css?ver=6.0.2 HTTP/1.1
Host: nytesgoal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nytesgoal.com/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Wed, 07 Sep 2022 07:10:38 GMT
content-type: text/css
last-modified: Wed, 15 Jun 2022 08:04:18 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 6875
date: Wed, 31 Aug 2022 07:10:38 GMT
server: LiteSpeed
nytesgoal.com/wp-content/themes/magbook/css/responsive.css?ver=6.0.2
94.242.61.186200 OK 3.7 kB URL HTTP/1.1 nytesgoal.com/wp-content/themes/magbook/css/responsive.css?ver=6.0.2
IP 94.242.61.186:0
Hash 00b9928a2134e755546cdd9e1f3a5fa9
54f3f09728af99d3f3b47f12551e66d45152bab6
24854b101daf5c371745bb90892ad3ccb069a4cf3325631e11a4be5d0664b3e1
GET /wp-content/themes/magbook/css/responsive.css?ver=6.0.2 HTTP/1.1
Host: nytesgoal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nytesgoal.com/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Wed, 07 Sep 2022 07:10:38 GMT
content-type: text/css
last-modified: Wed, 15 Jun 2022 08:04:18 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 3654
date: Wed, 31 Aug 2022 07:10:38 GMT
server: LiteSpeed
nytesgoal.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
94.242.61.186200 OK 4.2 kB URL HTTP/1.1 nytesgoal.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 94.242.61.186:0
File type ASCII text, with very long lines (11126)
Hash 0d5bb2a36d1fc2e095235bc201eb5579
98f0154e2ed5322a9f65077f954868d6c800b337
fe6382620c35c12aa4f3f96fe395e5813defe330c1d95fd3de1e94f8f5d1f0a5
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: nytesgoal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nytesgoal.com/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Wed, 07 Sep 2022 07:10:38 GMT
content-type: application/javascript
last-modified: Wed, 18 Nov 2020 11:36:06 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 4165
date: Wed, 31 Aug 2022 07:10:38 GMT
server: LiteSpeed
nytesgoal.com/wp-content/plugins/cookie-law-info/public/js/cookie-law-info-public.js?ver=2.1.2
94.242.61.186200 OK 7.5 kB URL HTTP/1.1 nytesgoal.com/wp-content/plugins/cookie-law-info/public/js/cookie-law-info-public.js?ver=2.1.2
IP 94.242.61.186:0
Hash e81e457079e8672ada14122c7f32ef77
16b7dd01aff2248aba5961550d60bbc7ffb0b529
28a0a53d89ae2f930caef393216d3cd75b9563e0c762690400f9334670439386
GET /wp-content/plugins/cookie-law-info/public/js/cookie-law-info-public.js?ver=2.1.2 HTTP/1.1
Host: nytesgoal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nytesgoal.com/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Wed, 07 Sep 2022 07:10:38 GMT
content-type: application/javascript
last-modified: Wed, 13 Jul 2022 05:04:18 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 7506
date: Wed, 31 Aug 2022 07:10:38 GMT
server: LiteSpeed
nytesgoal.com/wp-content/plugins/cookie-law-info/public/css/cookie-law-info-table.css?ver=2.1.2
94.242.61.186200 OK 1.7 kB URL HTTP/1.1 nytesgoal.com/wp-content/plugins/cookie-law-info/public/css/cookie-law-info-table.css?ver=2.1.2
IP 94.242.61.186:0
File type ASCII text, with very long lines (401)
Hash 97fa529a339c55f364f0626280f33b10
5dae9df89512bfd7bbd307e42d6f04a11faaacc1
bb3fc0a0459c33712c6601427da7e4d5708ccc21f99a8eacd4eb4b5f31ae7d2e
GET /wp-content/plugins/cookie-law-info/public/css/cookie-law-info-table.css?ver=2.1.2 HTTP/1.1
Host: nytesgoal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nytesgoal.com/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Wed, 07 Sep 2022 07:10:38 GMT
content-type: text/css
last-modified: Wed, 13 Jul 2022 05:04:18 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 1732
date: Wed, 31 Aug 2022 07:10:38 GMT
server: LiteSpeed
nytesgoal.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
94.242.61.186200 OK 31 kB URL HTTP/1.1 nytesgoal.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP 94.242.61.186:0
File type ASCII text, with very long lines (65447)
Hash 141fb600108e5cdbb4af358f6aeb240f
b4f991f17b786fdec01fb0ac726d407265ebe64a
3365d55bebe1cd8c3ce765c7df5fb4c823236392ba36c978ea64706682e84695
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: nytesgoal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nytesgoal.com/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Wed, 07 Sep 2022 07:10:38 GMT
content-type: application/javascript
last-modified: Wed, 10 Mar 2021 17:37:24 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 30900
date: Wed, 31 Aug 2022 07:10:38 GMT
server: LiteSpeed
nytesgoal.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
94.242.61.186200 OK 2.4 kB URL HTTP/1.1 nytesgoal.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
IP 94.242.61.186:0
File type ASCII text, with very long lines (6475), with no line terminators
Hash 6b0c5288bb5f4619cd7d10c077b2858b
f5fa1550d81a04d13d0d7273c32005722b910022
69c224d56ae4f660970896b60da2cabeb296fd95673a8ea23519db8f4f285b24
GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 HTTP/1.1
Host: nytesgoal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nytesgoal.com/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Wed, 07 Sep 2022 07:10:38 GMT
content-type: application/javascript
last-modified: Mon, 11 Apr 2022 14:34:30 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 2438
date: Wed, 31 Aug 2022 07:10:38 GMT
server: LiteSpeed
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash f67e41cdd7e5f2aa8f93d031979c9109
5f4c0093f9bf8f8e48e0d7f56ed31aba0c6f43f6
608e2b7d208977f18da12165c9eb1539656d7754dc49f3f687736151a4810e06
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4228
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 31 Aug 2022 07:10:38 GMT
Last-Modified: Wed, 31 Aug 2022 06:00:10 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471
nytesgoal.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
94.242.61.186200 OK 7.1 kB URL HTTP/1.1 nytesgoal.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
IP 94.242.61.186:0
File type Unicode text, UTF-8 text, with very long lines (19138), with no line terminators
Hash eaee4dc80ca00588e937b1d91255d62f
a6c0d7c8e0d3250c07a2c4863611db3db1adea48
28fe5891dbd0e4bb5729dc8ee7c324ae1a1f62d9a1482d90d455a0a4aa6c984a
GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1
Host: nytesgoal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nytesgoal.com/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Wed, 07 Sep 2022 07:10:38 GMT
content-type: application/javascript
last-modified: Mon, 11 Apr 2022 14:34:30 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 7069
date: Wed, 31 Aug 2022 07:10:38 GMT
server: LiteSpeed
nytesgoal.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.1
94.242.61.186200 OK 6.5 kB URL HTTP/1.1 nytesgoal.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.1
IP 94.242.61.186:0
File type ASCII text, with very long lines (21904), with no line terminators
Hash a05a272fa10304e76f37983f2e926f1f
d3ec73e207b473db0c0dba63e66c8793bb8c0be6
ecbef0cbce3bc5d283dfa7eb8337aab5d36a64279d4661acc57d80a0ecf1f8f5
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.1 HTTP/1.1
Host: nytesgoal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nytesgoal.com/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Wed, 07 Sep 2022 07:10:38 GMT
content-type: application/javascript
last-modified: Thu, 28 Jul 2022 12:07:43 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 6522
date: Wed, 31 Aug 2022 07:10:38 GMT
server: LiteSpeed
nytesgoal.com/wp-content/themes/magbook/js/magbook-main.js?ver=6.0.2
94.242.61.186200 OK 863 B URL HTTP/1.1 nytesgoal.com/wp-content/themes/magbook/js/magbook-main.js?ver=6.0.2
IP 94.242.61.186:0
File type ASCII text, with very long lines (2868), with no line terminators
Hash 0cdbaee1d4437ac185debaab9c11ebcc
5c8209e4e5b245949395b16f2d0d5d02710dd141
f6833bc43461c9d94d1d02fb0d82a62c27fc0c4114d52543bdf62207c936d665
GET /wp-content/themes/magbook/js/magbook-main.js?ver=6.0.2 HTTP/1.1
Host: nytesgoal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nytesgoal.com/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Wed, 07 Sep 2022 07:10:38 GMT
content-type: application/javascript
last-modified: Wed, 15 Jun 2022 08:04:18 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 863
date: Wed, 31 Aug 2022 07:10:38 GMT
server: LiteSpeed
nytesgoal.com/wp-content/plugins/jetpack/css/jetpack.css?ver=11.1.2
94.242.61.186200 OK 16 kB URL HTTP/1.1 nytesgoal.com/wp-content/plugins/jetpack/css/jetpack.css?ver=11.1.2
IP 94.242.61.186:0
File type Unicode text, UTF-8 text, with very long lines (65533), with no line terminators
Hash febfdb28042d35e49ead695099be109e
c6f1b6c4ebb42d45c48c1b1a0fe1de9541efa24a
f7b8b77897491621740d7787b4e32841ed2ba9692eac696aa3e34946777a998d
GET /wp-content/plugins/jetpack/css/jetpack.css?ver=11.1.2 HTTP/1.1
Host: nytesgoal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nytesgoal.com/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Wed, 07 Sep 2022 07:10:38 GMT
content-type: text/css
last-modified: Thu, 28 Jul 2022 12:09:43 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 16326
date: Wed, 31 Aug 2022 07:10:38 GMT
server: LiteSpeed
clearonclick.com/a/display.php?r=6073478
35.201.86.109200 OK 2.5 kB URL HTTP/1.1 clearonclick.com/a/display.php?r=6073478
IP 35.201.86.109:0
Hash 98b6bf6017c6cef7ec26b062c9e7b64d
c05c675e940e43ace188334c88bc2d73d07af31e
dd983cb2beb6e875249f4c2f5db7a8b2c90ecf56bfa314fb2c04ba2dfac06360
GET /a/display.php?r=6073478 HTTP/1.1
Host: clearonclick.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nytesgoal.com/
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 31 Aug 2022 07:10:38 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 google
clearonclick.com/a/display.php?r=6118330
35.201.86.109200 OK 2.5 kB URL HTTP/1.1 clearonclick.com/a/display.php?r=6118330
IP 35.201.86.109:0
Hash 5192af0af404ec9f717fad5caa263f78
d2580cfa2d6c33588bc7a3884c340bd7c04ece22
9ade50cbf0137ff55032068847627deae2d21a3ab4c65f89eb59d66f44b117d3
GET /a/display.php?r=6118330 HTTP/1.1
Host: clearonclick.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nytesgoal.com/
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 31 Aug 2022 07:10:38 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 google
clearonclick.com/a/display.php?r=6114582
35.201.86.109200 OK 2.5 kB URL HTTP/1.1 clearonclick.com/a/display.php?r=6114582
IP 35.201.86.109:0
Hash 726bbb4b87c6794704ec51a326b775ba
30d3d8d80781249dcf2b98b175fbaa0fe8a44d29
6f57ebd56e4e0600ffcbc31923e9974c27045a67039f136946b12f8035d4f629
GET /a/display.php?r=6114582 HTTP/1.1
Host: clearonclick.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nytesgoal.com/
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 31 Aug 2022 07:10:38 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 google
clearonclick.com/a/display.php?r=6114562
35.201.86.109200 OK 2.5 kB URL HTTP/1.1 clearonclick.com/a/display.php?r=6114562
IP 35.201.86.109:0
Hash 5e61875445f5937805b9730af11442b3
28147f16ac33ba182f1acc7a6fd5abd0af4c2111
0c1f896565f4f59558f81bcaf7b350c24bbf65e02b8f044233e6c1f21323a671
GET /a/display.php?r=6114562 HTTP/1.1
Host: clearonclick.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nytesgoal.com/
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 31 Aug 2022 07:10:38 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 google
nytesgoal.com/wp-content/themes/magbook/assets/sticky/jquery.sticky.min.js?ver=6.0.2
94.242.61.186200 OK 1.5 kB URL HTTP/1.1 nytesgoal.com/wp-content/themes/magbook/assets/sticky/jquery.sticky.min.js?ver=6.0.2
IP 94.242.61.186:0
File type ASCII text, with very long lines (4325), with no line terminators
Hash 0aa0df61c48ca01c40b7c04ca40e1a03
e93bddacd76c7b5ad8941b44b2b2914f40ccac6a
84d472144db719c8521909354dcb850f98b5aecacc3445a30f31c65f20ecfbf2
GET /wp-content/themes/magbook/assets/sticky/jquery.sticky.min.js?ver=6.0.2 HTTP/1.1
Host: nytesgoal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nytesgoal.com/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Wed, 07 Sep 2022 07:10:38 GMT
content-type: application/javascript
last-modified: Wed, 15 Jun 2022 08:04:18 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 1485
date: Wed, 31 Aug 2022 07:10:38 GMT
server: LiteSpeed
nytesgoal.com/wp-content/themes/magbook/js/jquery.flexslider-min.js?ver=6.0.2
94.242.61.186200 OK 6.6 kB URL HTTP/1.1 nytesgoal.com/wp-content/themes/magbook/js/jquery.flexslider-min.js?ver=6.0.2
IP 94.242.61.186:0
File type ASCII text, with very long lines (22994)
Hash dc893bc8a4ae2c26428370a4fcf6962c
8398799033b0af182fb6a4f0ee081490325ee268
574eca1d03d577b79748cbba6c250fd3a8f20930d6e4a3ac61a665d335876a38
GET /wp-content/themes/magbook/js/jquery.flexslider-min.js?ver=6.0.2 HTTP/1.1
Host: nytesgoal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nytesgoal.com/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Wed, 07 Sep 2022 07:10:38 GMT
content-type: application/javascript
last-modified: Wed, 15 Jun 2022 08:04:18 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 6612
date: Wed, 31 Aug 2022 07:10:38 GMT
server: LiteSpeed
nytesgoal.com/wp-content/themes/magbook/assets/sticky/sticky-settings.js?ver=6.0.2
94.242.61.186200 OK 204 B URL HTTP/1.1 nytesgoal.com/wp-content/themes/magbook/assets/sticky/sticky-settings.js?ver=6.0.2
IP 94.242.61.186:0
File type ASCII text, with no line terminators
Hash 37e4fde6d346cc6eb94df280f8d4abcb
3ed2fb09377e71d65777888cff026214d9b5c490
78e1b27fb71f1da5a95851b434942b982fb1445c6e8faed230f0a2a0771b93f4
GET /wp-content/themes/magbook/assets/sticky/sticky-settings.js?ver=6.0.2 HTTP/1.1
Host: nytesgoal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nytesgoal.com/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Wed, 07 Sep 2022 07:10:38 GMT
content-type: application/javascript
last-modified: Wed, 15 Jun 2022 08:04:18 GMT
accept-ranges: bytes
content-length: 204
date: Wed, 31 Aug 2022 07:10:38 GMT
server: LiteSpeed
vary: User-Agent
nytesgoal.com/wp-content/themes/magbook/js/navigation.js?ver=6.0.2
94.242.61.186200 OK 631 B URL HTTP/1.1 nytesgoal.com/wp-content/themes/magbook/js/navigation.js?ver=6.0.2
IP 94.242.61.186:0
File type ASCII text, with very long lines (1541), with no line terminators
Hash 97946a28df318d53df68d1feb27be9df
570559dd0314bcced7a206c68c3d2f4a27963969
82be6aaeb6275c57590b677aa4678ff72cfba6a3c4ac2582c47ea7a2119e25e7
GET /wp-content/themes/magbook/js/navigation.js?ver=6.0.2 HTTP/1.1
Host: nytesgoal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nytesgoal.com/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Wed, 07 Sep 2022 07:10:38 GMT
content-type: application/javascript
last-modified: Wed, 15 Jun 2022 08:04:18 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 631
date: Wed, 31 Aug 2022 07:10:38 GMT
server: LiteSpeed
nytesgoal.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2
94.242.61.186200 OK 5.0 kB URL HTTP/1.1 nytesgoal.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2
IP 94.242.61.186:0
File type ASCII text, with very long lines (15660)
Hash bbb097231c0fb01c0d2f6b36ed6671f8
c816b9446535131259db1107069b5096354f993b
aca781b166c02a50a9de1f82c51f0ebbd808b59e58e6dfe5f29ae84c881926c5
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.0.2 HTTP/1.1
Host: nytesgoal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nytesgoal.com/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Wed, 07 Sep 2022 07:10:38 GMT
content-type: application/javascript
last-modified: Tue, 12 Apr 2022 08:26:24 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 4963
date: Wed, 31 Aug 2022 07:10:38 GMT
server: LiteSpeed
nytesgoal.com/wp-content/themes/magbook/js/skip-link-focus-fix.js?ver=6.0.2
94.242.61.186200 OK 325 B URL HTTP/1.1 nytesgoal.com/wp-content/themes/magbook/js/skip-link-focus-fix.js?ver=6.0.2
IP 94.242.61.186:0
File type ASCII text, with very long lines (325), with no line terminators
Hash 06f019a6ff09db6b297570940eec1d5d
872efe186950ce534aad341e7030fe24f7c672dc
53f829ae556bf7011727483015d83a98bcdb4b5796eecb728827c1282c971536
GET /wp-content/themes/magbook/js/skip-link-focus-fix.js?ver=6.0.2 HTTP/1.1
Host: nytesgoal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nytesgoal.com/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Wed, 07 Sep 2022 07:10:38 GMT
content-type: application/javascript
last-modified: Wed, 15 Jun 2022 08:04:18 GMT
accept-ranges: bytes
content-length: 325
date: Wed, 31 Aug 2022 07:10:38 GMT
server: LiteSpeed
vary: User-Agent
nytesgoal.com/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.16
94.242.61.186200 OK 2.6 kB URL HTTP/1.1 nytesgoal.com/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.16
IP 94.242.61.186:0
File type ASCII text, with very long lines (11256), with no line terminators
Hash 32bbcbc91c8a56e44a49d444a9a646b9
56a6388602cfb69a7a1eb260d0b426faa57496b5
544a447c0466933b21cb89eb283a4a3d7e38775123fab18dc317557cdb857eb1
GET /wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.16 HTTP/1.1
Host: nytesgoal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nytesgoal.com/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Wed, 07 Sep 2022 07:10:38 GMT
content-type: text/css
last-modified: Tue, 29 Sep 2020 18:23:06 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 2573
date: Wed, 31 Aug 2022 07:10:38 GMT
server: LiteSpeed
nytesgoal.com/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.0.2
94.242.61.186200 OK 1.1 kB URL HTTP/1.1 nytesgoal.com/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.0.2
IP 94.242.61.186:0
File type ASCII text, with very long lines (4186), with no line terminators
Hash a141f76547029a26d386783046e028ff
87016052c294237aee974114bd5799270e109831
da5c6b8f5036fc335bb2df273ee99906d83a8268610b821e2af7496c03fef8a2
GET /wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.0.2 HTTP/1.1
Host: nytesgoal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nytesgoal.com/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Wed, 07 Sep 2022 07:10:38 GMT
content-type: text/css
last-modified: Fri, 07 Jun 2019 23:15:02 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 1145
date: Wed, 31 Aug 2022 07:10:38 GMT
server: LiteSpeed
nytesgoal.com/wp-content/themes/magbook/style.css?ver=6.0.2
94.242.61.186200 OK 19 kB URL HTTP/1.1 nytesgoal.com/wp-content/themes/magbook/style.css?ver=6.0.2
IP 94.242.61.186:0
File type ASCII text, with very long lines (996)
Hash ddc8a95a4820f8ae0924d33c9d7fdc7b
d63465cef666cdda81b342d91530e64baffa42c6
582605ec3e7e12dc34b12ddc7034c121d403c56a7c5bebee5f45216ef224cd97
GET /wp-content/themes/magbook/style.css?ver=6.0.2 HTTP/1.1
Host: nytesgoal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nytesgoal.com/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Wed, 07 Sep 2022 07:10:38 GMT
content-type: text/css
last-modified: Wed, 15 Jun 2022 08:04:18 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 18802
date: Wed, 31 Aug 2022 07:10:38 GMT
server: LiteSpeed
nytesgoal.com/wp-content/themes/magbook/js/flexslider-setting.js?ver=6.0.2
94.242.61.186200 OK 453 B URL HTTP/1.1 nytesgoal.com/wp-content/themes/magbook/js/flexslider-setting.js?ver=6.0.2
IP 94.242.61.186:0
File type ASCII text, with very long lines (1584), with no line terminators
Hash 7563ac49b2309a29a017646138f1c440
e39f5ed06dce52641ea705fa348039e7fb07643d
6f986991b3d0c39680d49543eb805729540888f05a16632e58b3e48e09e04e0e
GET /wp-content/themes/magbook/js/flexslider-setting.js?ver=6.0.2 HTTP/1.1
Host: nytesgoal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nytesgoal.com/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Wed, 07 Sep 2022 07:10:38 GMT
content-type: application/javascript
last-modified: Wed, 15 Jun 2022 08:04:18 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding,User-Agent
content-length: 453
date: Wed, 31 Aug 2022 07:10:38 GMT
server: LiteSpeed
push.services.mozilla.com/
44.237.239.70101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.237.239.70:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: FoxypX9MN0O0JsSt3e1UFw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: zN1WaEsq5WWoK5P5WHCf7R1dykA=
fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
142.250.74.163200 OK 24 kB URL HTTP/1.1 fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data
Hash e1b3b5908c9cf23dfb2b9c52b9a023ab
fcd4136085f2a03481d9958cc6793a5ed98e714c
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
GET /s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://nytesgoal.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 23580
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 30 Aug 2022 18:17:24 GMT
Expires: Wed, 30 Aug 2023 18:17:24 GMT
Cache-Control: public, max-age=31536000
Age: 46394
Last-Modified: Tue, 26 Apr 2022 15:48:56 GMT
Content-Type: font/woff2
pl17520029.highperformancegate.com/8530d58aa280bb5d384234d51f7bba65/invoke.js
192.243.59.20200 OK 9.3 kB URL HTTP/1.1 pl17520029.highperformancegate.com/8530d58aa280bb5d384234d51f7bba65/invoke.js
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type Unicode text, UTF-8 text, with very long lines (25086), with no line terminators
Hash 413f5662150c376f75bfea0acc524bc9
6e4d83552004e77ee453d0ee9e38d5670efe3ad8
f98ca17b8b5fc0011864364c7fa0addfe115be6498fa13ac797c67b6f7083121
Analyzer Verdict Alert quad9 Sinkholed
GET /8530d58aa280bb5d384234d51f7bba65/invoke.js HTTP/1.1
Host: pl17520029.highperformancegate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nytesgoal.com/
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Wed, 31 Aug 2022 07:10:38 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a4cc0bb184a7a2a77fd600b18ad48b3c
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
clearonclick.com/ad/display.php?stamat=m%257C%252CUYiNmYhNqB1dAN0dEdHP3xP.d0f%252CZMkKdRAQlkuDbgTABrav5P_Y-78xF79JQBkeOeCwRP734bdyzKlNNl49ZVXBjASvnG4uT0BJ0SuZE-V8mkr1XGb2BNt72eFkyJeUg7rgaQA%252C&cbpage=http://nytesgoal.com/&cbur=0.8363113437749143&cbtitle=NYTES%20GOAL%20%E2%80%93%20ALL%20ROUND%20SPORTS&cbiframe=0&cbWidth=1280&cbHeight=939&cbdescription=&cbkeywords=&cbref=
35.201.86.109200 OK 2.0 kB URL HTTP/1.1 clearonclick.com/ad/display.php?stamat=m%257C%252CUYiNmYhNqB1dAN0dEdHP3xP.d0f%252CZMkKdRAQlkuDbgTABrav5P_Y-78xF79JQBkeOeCwRP734bdyzKlNNl49ZVXBjASvnG4uT0BJ0SuZE-V8mkr1XGb2BNt72eFkyJeUg7rgaQA%252C&cbpage=http://nytesgoal.com/&cbur=0.8363113437749143&cbtitle=NYTES%20GOAL%20%E2%80%93%20ALL%20ROUND%20SPORTS&cbiframe=0&cbWidth=1280&cbHeight=939&cbdescription=&cbkeywords=&cbref=
IP 35.201.86.109:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (739)
Hash 0356e43011313d219fa3f5f86c3d0c13
063e43ceb575b311a6f566d452fea4d66e697f4f
1ef3cf163260ba9fc088690c3ed061c2dff4752a775557de1bc337a2e7f324ae
GET /ad/display.php?stamat=m%257C%252CUYiNmYhNqB1dAN0dEdHP3xP.d0f%252CZMkKdRAQlkuDbgTABrav5P_Y-78xF79JQBkeOeCwRP734bdyzKlNNl49ZVXBjASvnG4uT0BJ0SuZE-V8mkr1XGb2BNt72eFkyJeUg7rgaQA%252C&cbpage=http://nytesgoal.com/&cbur=0.8363113437749143&cbtitle=NYTES%20GOAL%20%E2%80%93%20ALL%20ROUND%20SPORTS&cbiframe=0&cbWidth=1280&cbHeight=939&cbdescription=&cbkeywords=&cbref= HTTP/1.1
Host: clearonclick.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nytesgoal.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 31 Aug 2022 07:10:38 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Access-Control-Allow-Origin: *
Link: <//clearonclick.com>; rel=dns-prefetch,<//clearonclick.com>; rel=preconnect,<//rdr.wargaming.net>; rel=dns-prefetch,<//rdr.wargaming.net>; rel=preconnect
Content-Encoding: gzip
Via: 1.1 google
clearonclick.com/ad/display.php?stamat=m%257C%252Ck93a3NjEqB1dAN0dEdHP3xP.ea3%252CZMkKdRAQlkuDbgTABrav5OFQ0MJAykODZWsP5sOFWCEkum2tVRL4Kc_Hm7gVKUFqlR1_o_RCbGJJtED9bbP3AtPuoMi7-hl0E82swKBQG4w%252C&cbpage=http://nytesgoal.com/&cbur=0.8991103859842993&cbtitle=NYTES%20GOAL%20%E2%80%93%20ALL%20ROUND%20SPORTS&cbiframe=0&cbWidth=1280&cbHeight=939&cbdescription=&cbkeywords=&cbref=
35.201.86.109200 OK 2.0 kB URL HTTP/1.1 clearonclick.com/ad/display.php?stamat=m%257C%252Ck93a3NjEqB1dAN0dEdHP3xP.ea3%252CZMkKdRAQlkuDbgTABrav5OFQ0MJAykODZWsP5sOFWCEkum2tVRL4Kc_Hm7gVKUFqlR1_o_RCbGJJtED9bbP3AtPuoMi7-hl0E82swKBQG4w%252C&cbpage=http://nytesgoal.com/&cbur=0.8991103859842993&cbtitle=NYTES%20GOAL%20%E2%80%93%20ALL%20ROUND%20SPORTS&cbiframe=0&cbWidth=1280&cbHeight=939&cbdescription=&cbkeywords=&cbref=
IP 35.201.86.109:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (756)
Hash 9bce1189deaf1d10913d6faac8bb2454
fbc7e2be6bc78e170bbf539c5adbe825e40f5a75
adfd7ffb4bb1a5f42e49173c422e17e8edad3d17d42d60fca7c7a4f2d6e2a114
GET /ad/display.php?stamat=m%257C%252Ck93a3NjEqB1dAN0dEdHP3xP.ea3%252CZMkKdRAQlkuDbgTABrav5OFQ0MJAykODZWsP5sOFWCEkum2tVRL4Kc_Hm7gVKUFqlR1_o_RCbGJJtED9bbP3AtPuoMi7-hl0E82swKBQG4w%252C&cbpage=http://nytesgoal.com/&cbur=0.8991103859842993&cbtitle=NYTES%20GOAL%20%E2%80%93%20ALL%20ROUND%20SPORTS&cbiframe=0&cbWidth=1280&cbHeight=939&cbdescription=&cbkeywords=&cbref= HTTP/1.1
Host: clearonclick.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nytesgoal.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 31 Aug 2022 07:10:38 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Access-Control-Allow-Origin: *
Link: <//clearonclick.com>; rel=dns-prefetch,<//clearonclick.com>; rel=preconnect,<//rdr.wargaming.net>; rel=dns-prefetch,<//rdr.wargaming.net>; rel=preconnect
Content-Encoding: gzip
Via: 1.1 google
clearonclick.com/ad/display.php?stamat=m%257C%252CgoiNSIjarB1dAN0dEdHP3xP.445%252CZMkKdRAQlkuDbgTABrav5HpP176zkQqxAH738cXuHuZLJD3q01P2_IWjwRXLCtsINGDWsuzqTIk7h_IBTCdbit95hx54Iacsl84AvPyGnC4%252C&cbpage=http://nytesgoal.com/&cbur=0.30406272024071657&cbtitle=NYTES%20GOAL%20%E2%80%93%20ALL%20ROUND%20SPORTS&cbiframe=0&cbWidth=1280&cbHeight=939&cbdescription=&cbkeywords=&cbref=
35.201.86.109200 OK 2.0 kB URL HTTP/1.1 clearonclick.com/ad/display.php?stamat=m%257C%252CgoiNSIjarB1dAN0dEdHP3xP.445%252CZMkKdRAQlkuDbgTABrav5HpP176zkQqxAH738cXuHuZLJD3q01P2_IWjwRXLCtsINGDWsuzqTIk7h_IBTCdbit95hx54Iacsl84AvPyGnC4%252C&cbpage=http://nytesgoal.com/&cbur=0.30406272024071657&cbtitle=NYTES%20GOAL%20%E2%80%93%20ALL%20ROUND%20SPORTS&cbiframe=0&cbWidth=1280&cbHeight=939&cbdescription=&cbkeywords=&cbref=
IP 35.201.86.109:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (798)
Hash 44f1b98f86971743c01e4f91bd14b1f5
ba66dc9ac55b9b0bf47148b4b2584f789547377e
e16f21619da011ea37458a81614b6f4f97b58ca3438ae9dc9389c4e0d057ee58
GET /ad/display.php?stamat=m%257C%252CgoiNSIjarB1dAN0dEdHP3xP.445%252CZMkKdRAQlkuDbgTABrav5HpP176zkQqxAH738cXuHuZLJD3q01P2_IWjwRXLCtsINGDWsuzqTIk7h_IBTCdbit95hx54Iacsl84AvPyGnC4%252C&cbpage=http://nytesgoal.com/&cbur=0.30406272024071657&cbtitle=NYTES%20GOAL%20%E2%80%93%20ALL%20ROUND%20SPORTS&cbiframe=0&cbWidth=1280&cbHeight=939&cbdescription=&cbkeywords=&cbref= HTTP/1.1
Host: clearonclick.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nytesgoal.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 31 Aug 2022 07:10:38 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Access-Control-Allow-Origin: *
Link: <//clearonclick.com>; rel=dns-prefetch,<//clearonclick.com>; rel=preconnect,<//zbxli.rdtk.io>; rel=dns-prefetch,<//zbxli.rdtk.io>; rel=preconnect
Content-Encoding: gzip
Via: 1.1 google
crrepo.com/extban/276949620/creatives/23424486/4d5bedcd9fe91f04523940506c344750_7273.jpg
104.21.235.114200 OK 39 kB URL HTTP/1.1 crrepo.com/extban/276949620/creatives/23424486/4d5bedcd9fe91f04523940506c344750_7273.jpg
IP 104.21.235.114:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 336x280, components 3\012- data
Hash eb7a631a7f7cf061b61a0d98eb6b8057
ed87262fba37020805eb56cf7b472ce6cb1c1b48
fd3674bee27f10b4bae2af8c66dc77c3617438da77be4350883a629739d4f4b2
GET /extban/276949620/creatives/23424486/4d5bedcd9fe91f04523940506c344750_7273.jpg HTTP/1.1
Host: crrepo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://clearonclick.com/
HTTP/1.1 200 OK
Date: Wed, 31 Aug 2022 07:10:39 GMT
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 25 Feb 2022 17:48:44 GMT
ETag: W/"6219167c-98ac"
Content-Encoding: gzip
Via: 1.1 google
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 4464
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sk0SY3eupFPDU9y88cnhhHxCJ4KMKKyy1EgUs76OA7hWtFROU9SZoF%2BqeLVje4p3iNgJUtEDGrWOPKq69qFzhJn%2FtehhqO64YgxNFHNUv15JJpPjLh%2FYUAg4MSUL"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7433f2960c5288b5-LHR
alt-svc: h2=":443"; ma=60
absorbedswept.com/82/78/b0/8278b008d2fa2a9b216e3768fac50fa9.js
192.243.61.225200 OK 20 kB URL HTTP/1.1 absorbedswept.com/82/78/b0/8278b008d2fa2a9b216e3768fac50fa9.js
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with very long lines (59396), with no line terminators
Hash a94290de88926d420c66373efa2e3ce3
abf8cc8819650c283c4cdcdee2fcccb53b2078b7
9753e8e27e1f7c79759e152fda3d2e1f35e1e7f1ad0d4e7a82d7213841c22eb5
Analyzer Verdict Alert quad9 Sinkholed
GET /82/78/b0/8278b008d2fa2a9b216e3768fac50fa9.js HTTP/1.1
Host: absorbedswept.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nytesgoal.com/
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Wed, 31 Aug 2022 07:10:38 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 216bd1e312ab53e58c339056408be9c1
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
crrepo.com/extban/278371020/creatives/23427452/0ea449ffcad13aa15e198ae144c96e97_8600.jpg
104.21.235.114200 OK 40 kB URL HTTP/1.1 crrepo.com/extban/278371020/creatives/23427452/0ea449ffcad13aa15e198ae144c96e97_8600.jpg
IP 104.21.235.114:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 468x60, components 3\012- data
Hash 432e31b379c1f87414d74806f8c7aadd
bf2fd65d7dbc63653c524432c57886ddb3f3629a
4337bf05884f48aa133ace71ff8bedd2bdc2b183802a7ae6945eee00289d8c0a
GET /extban/278371020/creatives/23427452/0ea449ffcad13aa15e198ae144c96e97_8600.jpg HTTP/1.1
Host: crrepo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://clearonclick.com/
HTTP/1.1 200 OK
Date: Wed, 31 Aug 2022 07:10:39 GMT
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 06 Mar 2022 12:04:04 GMT
ETag: W/"6224a334-9bd2"
Content-Encoding: gzip
Via: 1.1 google
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 2210
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qqLlqeDz88eT41%2F9%2FEmsYcbd25d0rJ1JupROu8tsrks4MKmLkYtnJbVeTfghlNmTyBfHKSHpC3OWWzILGM3Iyee%2B5J2PeNPWEkbmXX1pm6h3hAcIpKmSX6pL%2FE7G"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7433f2960fb37505-LHR
alt-svc: h2=":443"; ma=60
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash a95e91498d7dcaa762948aee96c33fa6
0e03197b344bd8d4210ed9e54965cc1b62de3b34
2da87d7b314c5ab2b6b13be3ae6fd1207ebc6b0815dd8da7dd09bbf0cc7763da
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 31 Aug 2022 07:10:39 GMT
Last-Modified: Wed, 31 Aug 2022 05:29:18 GMT
Server: ECS (nyb/1D23)
X-Cache: Miss from cloudfront
Via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: SOZvfVCB7pZW2DnzV_hJZhf4E5dcSzP4IET60J20bSYru18AtATg1A==
Age: 6081
simplewebanalysis.com/stats
3.127.140.33200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 3.127.140.33:0
File type ASCII text, with no line terminators
Hash 8da65726f214e4d90ce931038581f331
45a12b8aaec4a1dc242182adc621cfdc70fe2ac6
0d7c44450c638331cec06503e8cd75fba9d2af6f3826b34be7b4e2297790146d
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://nytesgoal.com
Connection: keep-alive
Referer: http://nytesgoal.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 31 Aug 2022 07:10:39 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: http://nytesgoal.com
access-control-allow-credentials: true
set-cookie: uid_id2=8edd079d-31df-4ddd-9711-081466b22a0b:1:1; expires=Sat, 28 Aug 2032 07:10:39 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
crrepo.com/extban/298252620/creatives/23467186/a33b560a297f1719ad2ed7e12396b0fb_5393.gif
104.21.235.114200 OK 373 kB URL HTTP/1.1 crrepo.com/extban/298252620/creatives/23467186/a33b560a297f1719ad2ed7e12396b0fb_5393.gif
IP 104.21.235.114:0
File type GIF image data, version 89a, 728 x 90\012- data
Size 373 kB (373195 bytes)
Hash 13bbb2c7bc30b921b651447aa58d2599
aa374ffaf0fc6b375aa34dd16463315d73c94bca
fa8aeb111f0f3c3815a6ac19401f1b264dd25bf6b525d3e4e5b6c2022501cd70
GET /extban/298252620/creatives/23467186/a33b560a297f1719ad2ed7e12396b0fb_5393.gif HTTP/1.1
Host: crrepo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://clearonclick.com/
HTTP/1.1 200 OK
Date: Wed, 31 Aug 2022 07:10:39 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 02 Jun 2022 14:09:01 GMT
ETag: W/"6298c47d-5b64a"
Content-Encoding: gzip
Via: 1.1 google
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 5667
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Onj1VsHcjuzmcXuNr3vLUN0%2FqcxWqUsuJyoQguhJqPWmht64zhIVFZCcW1t4vsDA6oh%2B6%2BMRT0YVitqedW%2BPHoQX0x1dl59b%2BAlW7UevRb8mX3r%2FZo8VAERnU96b"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7433f2962a3371fe-LHR
alt-svc: h2=":443"; ma=60
www.effectivecreativeformats.com/02a8de4d3de79d2e028cff11c87e1aa7/invoke.js
192.243.59.13200 OK 9.8 kB URL HTTP/1.1 www.effectivecreativeformats.com/02a8de4d3de79d2e028cff11c87e1aa7/invoke.js
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (26945), with no line terminators
Hash dd603b72158c436c3b75a3160526806b
601826a05fddcaf4ac4aa283003c92bcd43f031e
9bd2b3cb8288559f2030bad9680fcd0f7c2b56cc958059dd1e0400179d757ba1
Analyzer Verdict Alert quad9 Sinkholed
GET /02a8de4d3de79d2e028cff11c87e1aa7/invoke.js HTTP/1.1
Host: www.effectivecreativeformats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nytesgoal.com/
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Wed, 31 Aug 2022 07:10:39 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 15927711d9bf4ab8b1c48e90e014895e
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4834c66793647764dd01bd834074cd0c
7efb9f5413fc92e83d208153a719cccfce09bddc
49e6ac84a1c7da226ab3531da0b7084edba6b312c93f20e73f9213a2b13abdce
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "49E6AC84A1C7DA226AB3531DA0B7084EDBA6B312C93F20E73F9213A2B13ABDCE"
Last-Modified: Tue, 30 Aug 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18564
Expires: Wed, 31 Aug 2022 12:20:03 GMT
Date: Wed, 31 Aug 2022 07:10:39 GMT
Connection: keep-alive
www.effectivecreativeformats.com/9d837cb1d974c225f10599ded2811521/invoke.js
192.243.59.13200 OK 9.8 kB URL HTTP/1.1 www.effectivecreativeformats.com/9d837cb1d974c225f10599ded2811521/invoke.js
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (26965), with no line terminators
Hash bf33e38ef889bf24e5c2ed38d604bf87
c1486bc7e12a6609e748475b109accbfc9edb8bd
abb1da613828a377c0e8b372e03eb3e9e3208ed9f1fe1e973adc1d0a076a2bdd
Analyzer Verdict Alert quad9 Sinkholed
GET /9d837cb1d974c225f10599ded2811521/invoke.js HTTP/1.1
Host: www.effectivecreativeformats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nytesgoal.com/
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Wed, 31 Aug 2022 07:10:39 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 3434cf1c28444104cd8d40d370bae7cf
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f0d01a647b6735857bd9232ca0852d21
7c00238b9022a013aaf100c7fc4c45911e78d358
5813452c3d297c4255397fedbb133f573629b0305f27863d65da6ddf8d42fff9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5813452C3D297C4255397FEDBB133F573629B0305F27863D65DA6DDF8D42FFF9"
Last-Modified: Wed, 31 Aug 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13450
Expires: Wed, 31 Aug 2022 10:54:49 GMT
Date: Wed, 31 Aug 2022 07:10:39 GMT
Connection: keep-alive
www.effectivecreativeformats.com/c5a970ac1bac2855ca2da085b39fd883/invoke.js
192.243.59.13200 OK 9.8 kB URL HTTP/1.1 www.effectivecreativeformats.com/c5a970ac1bac2855ca2da085b39fd883/invoke.js
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (26965), with no line terminators
Hash bf33e38ef889bf24e5c2ed38d604bf87
c1486bc7e12a6609e748475b109accbfc9edb8bd
abb1da613828a377c0e8b372e03eb3e9e3208ed9f1fe1e973adc1d0a076a2bdd
Analyzer Verdict Alert quad9 Sinkholed
GET /c5a970ac1bac2855ca2da085b39fd883/invoke.js HTTP/1.1
Host: www.effectivecreativeformats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nytesgoal.com/
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Wed, 31 Aug 2022 07:10:39 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 9b291b24515613d94be5533caf268130
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
stats.wp.com/e-202235.js
192.0.76.3200 OK 20 kB IP 192.0.76.3:0
File type ASCII text, with very long lines (2690)
Hash 12da050b34cada6fed76da8963a4ddef
7592a1d472b83d160e32b82a76d7a8804b1cf266
473eded171bbf52043cb122c9d3dcab7d4ac178ad0742d50489808b1aab7585c
GET /e-202235.js HTTP/1.1
Host: stats.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://nytesgoal.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 31 Aug 2022 07:10:38 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"6197c5cf-3508"
content-encoding: br
expires: Mon, 21 Aug 2023 04:16:22 GMT
cache-control: max-age=31536000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn
X-Firefox-Spdy: h2
fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2
142.250.74.163200 OK 23 kB URL HTTP/1.1 fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 23040, version 1.0\012- data
Hash de69cf9e514df447d1b0bb16f49d2457
2ac78601179c3a63ba3f3f3081556b12ddcaf655
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
GET /s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://nytesgoal.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 23040
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 30 Aug 2022 17:25:47 GMT
Expires: Wed, 30 Aug 2023 17:25:47 GMT
Cache-Control: public, max-age=31536000
Age: 49492
Last-Modified: Tue, 26 Apr 2022 15:56:42 GMT
Content-Type: font/woff2
fonts.gstatic.com/s/lato/v23/S6u8w4BMUTPHjxsAXC-q.woff2
142.250.74.163200 OK 24 kB URL HTTP/1.1 fonts.gstatic.com/s/lato/v23/S6u8w4BMUTPHjxsAXC-q.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 24408, version 1.0\012- data
Hash efee2d080d7bebdd2e0aeb2e030813a0
f8d38f9f9584e48c2e469877ebd94232265585f1
bca1d88ada544d9c80872d4da27133fab6d347361fa26e932b47ec9559088fd0
GET /s/lato/v23/S6u8w4BMUTPHjxsAXC-q.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://nytesgoal.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 24408
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 30 Aug 2022 22:01:34 GMT
Expires: Wed, 30 Aug 2023 22:01:34 GMT
Cache-Control: public, max-age=31536000
Age: 32945
Last-Modified: Tue, 26 Apr 2022 15:50:25 GMT
Content-Type: font/woff2
www.effectivecreativeformats.com/538cd5057511294899f77769e7b75f0d/invoke.js
192.243.59.13200 OK 9.8 kB URL HTTP/1.1 www.effectivecreativeformats.com/538cd5057511294899f77769e7b75f0d/invoke.js
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (26945), with no line terminators
Hash dd603b72158c436c3b75a3160526806b
601826a05fddcaf4ac4aa283003c92bcd43f031e
9bd2b3cb8288559f2030bad9680fcd0f7c2b56cc958059dd1e0400179d757ba1
Analyzer Verdict Alert quad9 Sinkholed
GET /538cd5057511294899f77769e7b75f0d/invoke.js HTTP/1.1
Host: www.effectivecreativeformats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nytesgoal.com/
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Wed, 31 Aug 2022 07:10:39 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 15972e3c11c65e0cde841fb4c10abcc8
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
nytesgoal.com/wp-content/themes/magbook/assets/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
94.242.61.186200 OK 77 kB URL HTTP/1.1 nytesgoal.com/wp-content/themes/magbook/assets/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
IP 94.242.61.186:0
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
GET /wp-content/themes/magbook/assets/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: nytesgoal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://nytesgoal.com/wp-content/themes/magbook/assets/font-awesome/css/font-awesome.min.css?ver=6.0.2
Cookie: dom3ic8zudi28v8lr6fgphwffqoz0j6c=8edd079d-31df-4ddd-9711-081466b22a0b%3A1%3A1
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Wed, 07 Sep 2022 07:10:39 GMT
content-type: font/woff2
last-modified: Wed, 15 Jun 2022 08:04:18 GMT
accept-ranges: bytes
content-length: 77160
date: Wed, 31 Aug 2022 07:10:39 GMT
server: LiteSpeed
vary: User-Agent
addresseepaper.com/sfp.js
104.21.234.254200 OK 23 kB URL HTTP/1.1 addresseepaper.com/sfp.js
IP 104.21.234.254:0
File type Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Hash 487ad2b48cd98e36abf708a3b60f4a36
ccf7b110523d50bb619becd48c3f013cc5fdce87
768eff747f795e1232d182eb859170e32d4f06ed29da872c09af5363c459668f
GET /sfp.js HTTP/1.1
Host: addresseepaper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nytesgoal.com/
HTTP/1.1 200 OK
Date: Wed, 31 Aug 2022 07:10:39 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: max-age=14400
X-Request-ID: cc12867824feb251c9c793a07f73c4f7
Strict-Transport-Security: max-age=0; includeSubdomains
CF-Cache-Status: EXPIRED
Last-Modified: Wed, 31 Aug 2022 07:10:39 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dtqv%2FTsO2S5DKlgYCaQ2qQnoyhL%2Fc20tYkQl38a25MOmV%2Bmr8Eji73HfOa%2FWJsTzWTvGbiqza5dUmKbc8gInJIoJHqxXVs1gfG7ORGJMTZMRvdnBLh%2BwugVv9C6R0RPg5R5Znys%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7433f299dc0a72ba-LHR
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
clearonclick.com/ad/display.php?stamat=m%257C%252C8diJ2Y3frB1dAN0dEdHP3xP.c1b%252CZMkKdRAQlkuDbgTABrav5AymH7Iajv9PxGwuHbNgYKxjGPipJBGo38AzyOgvy6JfjYjLrsyjZR6z8S9whVyRGWWN7BMWYniFdYP96mMjNX0%252C&cbpage=http://nytesgoal.com/&cbur=0.8303713068854441&cbtitle=NYTES%20GOAL%20%E2%80%93%20ALL%20ROUND%20SPORTS&cbiframe=0&cbWidth=1280&cbHeight=939&cbdescription=&cbkeywords=&cbref=
35.201.86.109200 OK 2.1 kB URL HTTP/1.1 clearonclick.com/ad/display.php?stamat=m%257C%252C8diJ2Y3frB1dAN0dEdHP3xP.c1b%252CZMkKdRAQlkuDbgTABrav5AymH7Iajv9PxGwuHbNgYKxjGPipJBGo38AzyOgvy6JfjYjLrsyjZR6z8S9whVyRGWWN7BMWYniFdYP96mMjNX0%252C&cbpage=http://nytesgoal.com/&cbur=0.8303713068854441&cbtitle=NYTES%20GOAL%20%E2%80%93%20ALL%20ROUND%20SPORTS&cbiframe=0&cbWidth=1280&cbHeight=939&cbdescription=&cbkeywords=&cbref=
IP 35.201.86.109:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (798)
Hash 6a4a86171adc0ecf05b582d5e24ed2cd
080d425b3389ab56fbb4861fa3c435fac85d479d
0c210fd9f964a4aad2bc20fa335777b8dd367657fb58d0ba7d5a51b30a82edee
GET /ad/display.php?stamat=m%257C%252C8diJ2Y3frB1dAN0dEdHP3xP.c1b%252CZMkKdRAQlkuDbgTABrav5AymH7Iajv9PxGwuHbNgYKxjGPipJBGo38AzyOgvy6JfjYjLrsyjZR6z8S9whVyRGWWN7BMWYniFdYP96mMjNX0%252C&cbpage=http://nytesgoal.com/&cbur=0.8303713068854441&cbtitle=NYTES%20GOAL%20%E2%80%93%20ALL%20ROUND%20SPORTS&cbiframe=0&cbWidth=1280&cbHeight=939&cbdescription=&cbkeywords=&cbref= HTTP/1.1
Host: clearonclick.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nytesgoal.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 31 Aug 2022 07:10:39 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Access-Control-Allow-Origin: *
Link: <//clearonclick.com>; rel=dns-prefetch,<//clearonclick.com>; rel=preconnect,<//t.whalehunter.cash>; rel=dns-prefetch,<//t.whalehunter.cash>; rel=preconnect
Content-Encoding: gzip
Via: 1.1 google
diminutioneconomy.com/ntv.json?key=8530d58aa280bb5d384234d51f7bba65&vstc=4
192.243.59.13200 OK 17 kB URL HTTP/1.1 diminutioneconomy.com/ntv.json?key=8530d58aa280bb5d384234d51f7bba65&vstc=4
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (16976), with no line terminators
Hash 10535df4ab0145651ee15bac1d786169
55568016f802b4dfd4de878f7f64502e29423a9a
16aad8b6f3381f0daeb41b233091b4689aaf63a5dee31ddae1af78bbdf3d7b06
Analyzer Verdict Alert quad9 Sinkholed
GET /ntv.json?key=8530d58aa280bb5d384234d51f7bba65&vstc=4 HTTP/1.1
Host: diminutioneconomy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://nytesgoal.com
Connection: keep-alive
Referer: http://nytesgoal.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Wed, 31 Aug 2022 07:10:39 GMT
Content-Type: application/json
Content-Length: 16978
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://nytesgoal.com
Access-Control-Allow-Origin: http://nytesgoal.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=17419530; expires=Thu, 01 Sep 2022 07:10:39 GMT; secure; SameSite=None
pdhtkv=true; expires=Thu, 01 Sep 2022 07:10:39 GMT; secure; SameSite=None
uncs=1; expires=Thu, 01 Sep 2022 07:10:39 GMT; secure; SameSite=None
pdhtkv49=true; expires=Thu, 01 Sep 2022 07:10:39 GMT; secure; SameSite=None
uncs49=1; expires=Thu, 01 Sep 2022 07:10:39 GMT; secure; SameSite=None
nlec8530d58aa280bb5d384234d51f7bba65=[3254335,3254354,3254334,3254345]; expires=Wed, 31 Aug 2022 07:10:44 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: c32c7a240320701ca369b6740d1111ed
Strict-Transport-Security: max-age=0; includeSubdomains
unwillingsnick.com/watch.879069820525.js?key=02a8de4d3de79d2e028cff11c87e1aa7&kw=%5B%22nytes%22%2C%22goal%22%2C%22%E2%80%93%22%2C%22all%22%2C%22round%22%2C%22sports%22%5D&refer=http%3A%2F%2Fnytesgoal.com%2F&tz=0&dev=r&res=12.29&uuid=8edd079d-31df-4ddd-9711-081466b22a0b%3A1%3A1
192.243.59.13307 Temporary Redirect 0 B URL HTTP/1.1 unwillingsnick.com/watch.879069820525.js?key=02a8de4d3de79d2e028cff11c87e1aa7&kw=%5B%22nytes%22%2C%22goal%22%2C%22%E2%80%93%22%2C%22all%22%2C%22round%22%2C%22sports%22%5D&refer=http%3A%2F%2Fnytesgoal.com%2F&tz=0&dev=r&res=12.29&uuid=8edd079d-31df-4ddd-9711-081466b22a0b%3A1%3A1
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.879069820525.js?key=02a8de4d3de79d2e028cff11c87e1aa7&kw=%5B%22nytes%22%2C%22goal%22%2C%22%E2%80%93%22%2C%22all%22%2C%22round%22%2C%22sports%22%5D&refer=http%3A%2F%2Fnytesgoal.com%2F&tz=0&dev=r&res=12.29&uuid=8edd079d-31df-4ddd-9711-081466b22a0b%3A1%3A1 HTTP/1.1
Host: unwillingsnick.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://nytesgoal.com
Connection: keep-alive
Referer: http://nytesgoal.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.17.6
Date: Wed, 31 Aug 2022 07:10:39 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://nytesgoal.com
Access-Control-Allow-Origin: http://nytesgoal.com
Access-Control-Allow-Credentials: true
Location: https://unwillingsnick.com/watch.879069820525.js?key=02a8de4d3de79d2e028cff11c87e1aa7&kw=%5B%22nytes%22%2C%22goal%22%2C%22%E2%80%93%22%2C%22all%22%2C%22round%22%2C%22sports%22%5D&refer=http%3A%2F%2Fnytesgoal.com%2F&tz=0&dev=r&res=12.29&uuid=8edd079d-31df-4ddd-9711-081466b22a0b%3A1%3A1&shu=9ab847fa4b71b9ec7fe3a09b2986e4bce9016dc466471e7190fb6646ce87610b72da654c683725ce54a1bf719470eaf617bbe024825b8154498ddea5c8c13035b7b147a6267a3ddea86a3871efa192d2f78bd22e&pst=1661929899&rmtc=t
Set-Cookie: u_pl=17423670; expires=Thu, 01 Sep 2022 07:10:39 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzQyMzY3MCwiayI6IjAyYThkZTRkM2RlNzlkMmUwMjhjZmYxMWM4N2UxYWE3Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxODY3NzQ4LCJwaWQiOjQ3MzczOSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxOSwiYWlkIjoyNywicHQiOjQsInBrIjoicmZ3bnZueW52cCIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo3OTk1NDE5NiwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMTY2NzAsImJuIjoiRmlyZWZveCIsImJ2IjoiOTYuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cDovL255dGVzZ29hbC5jb20vIn19.KAM8QKh5z9-yittwH9HTfIGHD_ZLUciNn0qTLRBXDWs; expires=Wed, 31 Aug 2022 07:11:39 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a3678c896a20d79647383a2e4e2e990b
Strict-Transport-Security: max-age=0; includeSubdomains
crrepo.com/extban/298055220/creatives/23472210/2b9c526b1f8098af39674183fa091b99_8128.jpg
104.21.235.114200 OK 13 kB URL HTTP/1.1 crrepo.com/extban/298055220/creatives/23472210/2b9c526b1f8098af39674183fa091b99_8128.jpg
IP 104.21.235.114:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 728x90, components 3\012- data
Hash 984112b2ce58c0eb36548d625023e1c5
7502423e47378ec30b60ed8704546aaffdd16d04
ff25bfd212b2d8a9347bf1737080f2f02a888bb6140b7ff6502b71a8219cda51
GET /extban/298055220/creatives/23472210/2b9c526b1f8098af39674183fa091b99_8128.jpg HTTP/1.1
Host: crrepo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://clearonclick.com/
HTTP/1.1 200 OK
Date: Wed, 31 Aug 2022 07:10:39 GMT
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 14 Jun 2022 11:29:20 GMT
ETag: W/"62a87110-3374"
Content-Encoding: gzip
Via: 1.1 google
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 3439
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LScWDtbShzUVkQm%2F42PD391tWMBm7Pcvago0%2BTcW42RNP%2Fw915oCMPrauxqtGOIH%2BSV9QEuH9Jz1E95lQ85%2FA3sb2JUXXcAXL3NMEFMqFcP4y5tqywrXdM60ClO2"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7433f29afa1d71fe-LHR
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 76e5794e744702cc05c5cf327d8d6e8b
0c0aa6e65d901d8e8b712231fb6947b7d904a8d1
8550ab486c08f26ef003f584f9d89ec65b758def9853a1f93d5517528d5fc380
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8550AB486C08F26EF003F584F9D89EC65B758DEF9853A1F93D5517528D5FC380"
Last-Modified: Tue, 30 Aug 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2379
Expires: Wed, 31 Aug 2022 07:50:18 GMT
Date: Wed, 31 Aug 2022 07:10:39 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 76e5794e744702cc05c5cf327d8d6e8b
0c0aa6e65d901d8e8b712231fb6947b7d904a8d1
8550ab486c08f26ef003f584f9d89ec65b758def9853a1f93d5517528d5fc380
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8550AB486C08F26EF003F584F9D89EC65B758DEF9853A1F93D5517528D5FC380"
Last-Modified: Tue, 30 Aug 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2379
Expires: Wed, 31 Aug 2022 07:50:18 GMT
Date: Wed, 31 Aug 2022 07:10:39 GMT
Connection: keep-alive
www.effectivecreativeformats.com/3c4c10986549ae28f8e5d4cfef45eea8/invoke.js
192.243.59.13200 OK 9.8 kB URL HTTP/1.1 www.effectivecreativeformats.com/3c4c10986549ae28f8e5d4cfef45eea8/invoke.js
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (26947), with no line terminators
Hash 50d9fd211fab19018a76e769e6da0a3c
ca1d22f3e74142a0a722233428f93cbac43c988f
c091f379d65d884407ca971b4637b28d6d441863bbcc1551a3e8d3f9875e0263
Analyzer Verdict Alert quad9 Sinkholed
GET /3c4c10986549ae28f8e5d4cfef45eea8/invoke.js HTTP/1.1
Host: www.effectivecreativeformats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nytesgoal.com/
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Wed, 31 Aug 2022 07:10:39 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d28d7a47746ab41d85fac1a0eb8cedaf
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
unwillingsnick.com/watch.383102762800.js?key=538cd5057511294899f77769e7b75f0d&kw=%5B%22nytes%22%2C%22goal%22%2C%22%E2%80%93%22%2C%22all%22%2C%22round%22%2C%22sports%22%5D&refer=http%3A%2F%2Fnytesgoal.com%2F&tz=0&dev=r&res=12.29&uuid=8edd079d-31df-4ddd-9711-081466b22a0b%3A1%3A1
192.243.59.13307 Temporary Redirect 0 B URL HTTP/1.1 unwillingsnick.com/watch.383102762800.js?key=538cd5057511294899f77769e7b75f0d&kw=%5B%22nytes%22%2C%22goal%22%2C%22%E2%80%93%22%2C%22all%22%2C%22round%22%2C%22sports%22%5D&refer=http%3A%2F%2Fnytesgoal.com%2F&tz=0&dev=r&res=12.29&uuid=8edd079d-31df-4ddd-9711-081466b22a0b%3A1%3A1
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.383102762800.js?key=538cd5057511294899f77769e7b75f0d&kw=%5B%22nytes%22%2C%22goal%22%2C%22%E2%80%93%22%2C%22all%22%2C%22round%22%2C%22sports%22%5D&refer=http%3A%2F%2Fnytesgoal.com%2F&tz=0&dev=r&res=12.29&uuid=8edd079d-31df-4ddd-9711-081466b22a0b%3A1%3A1 HTTP/1.1
Host: unwillingsnick.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://nytesgoal.com
Connection: keep-alive
Referer: http://nytesgoal.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.17.6
Date: Wed, 31 Aug 2022 07:10:39 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://nytesgoal.com
Access-Control-Allow-Origin: http://nytesgoal.com
Access-Control-Allow-Credentials: true
Location: https://unwillingsnick.com/watch.383102762800.js?key=538cd5057511294899f77769e7b75f0d&kw=%5B%22nytes%22%2C%22goal%22%2C%22%E2%80%93%22%2C%22all%22%2C%22round%22%2C%22sports%22%5D&refer=http%3A%2F%2Fnytesgoal.com%2F&tz=0&dev=r&res=12.29&uuid=8edd079d-31df-4ddd-9711-081466b22a0b%3A1%3A1&shu=e3b7b519dff8666bfd164fd0467c242d5a2367bdeb895a66082395ecd770ed227e282fc6ca7729890eec31c914d045508c20654f7c097abfca074dd39fd3f0254b1ab7d4e271b9d23c2db1038f2ce351d0ad108e4fa74cd2f449e16217&pst=1661929899&rmtc=t
Set-Cookie: u_pl=17423524; expires=Thu, 01 Sep 2022 07:10:39 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzQyMzUyNCwiayI6IjUzOGNkNTA1NzUxMTI5NDg5OWY3Nzc2OWU3Yjc1ZjBkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxODY3NzQ4LCJwaWQiOjQ3MzczOSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxOSwiYWlkIjozMiwicHQiOjQsInBrIjoidG44bTFoazQiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6Nzk5NTQxOTYsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjoxODExMCwib24iOiJMaW51eCIsIm92IjoiVW5rbm93biIsImJpZCI6MTE2NjcwLCJibiI6IkZpcmVmb3giLCJidiI6Ijk2LjAiLCJ3diI6ZmFsc2UsImUiOmZhbHNlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHA6Ly9ueXRlc2dvYWwuY29tLyJ9fQ.W2kD9lynCqwKkLBDisQSRZRudQlyQMipUMgFKEK_6MA; expires=Wed, 31 Aug 2022 07:11:39 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 37efb3666b39a40f2208516e3e273aa6
Strict-Transport-Security: max-age=0; includeSubdomains
cdn.cloudimagesb.com/si/c8/d2/75/c8d2755494a79da6a1198b4e843c465e/1645978536.jpg
45.133.44.9200 OK 21 kB URL HTTP/1.1 cdn.cloudimagesb.com/si/c8/d2/75/c8d2755494a79da6a1198b4e843c465e/1645978536.jpg
IP 45.133.44.9:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 320x240, components 3\012- data
Hash e76141a73e3867caa30e71f21f24f019
7664dbf096108e45ad2d376514565d1a859bd169
98acf73ddbba7ea1c25ae6edf6ab6817ef442cf1c2343909083b2601ea8b62ca
GET /si/c8/d2/75/c8d2755494a79da6a1198b4e843c465e/1645978536.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nytesgoal.com/
HTTP/1.1 200 OK
Date: Wed, 31 Aug 2022 07:10:39 GMT
Content-Type: image/jpeg
Content-Length: 21046
Connection: keep-alive
Server: nginx/1.17.6
Last-Modified: Sun, 27 Feb 2022 16:15:46 GMT
ETag: "621ba3b2-5236"
Expires: Fri, 02 Sep 2022 07:10:39 GMT
Cache-Control: max-age=172800
X-Proxy-Cache: HIT
Accept-Ranges: bytes
cdn.cloudimagesb.com/si/49/30/49/4930498805b27e2ddd2e8b730324d990/1645978709.jpg
45.133.44.9200 OK 22 kB URL HTTP/1.1 cdn.cloudimagesb.com/si/49/30/49/4930498805b27e2ddd2e8b730324d990/1645978709.jpg
IP 45.133.44.9:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 320x240, components 3\012- data
Hash dea5f1ea2c9a47f7f4d05c62e70a2527
b88486270a197dd93dfc0ec3d6609c35dda8f928
638a55cc2116fa90536d6c306d288d9400921d7b3338ec9ff374eabc218f8b9c
GET /si/49/30/49/4930498805b27e2ddd2e8b730324d990/1645978709.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nytesgoal.com/
HTTP/1.1 200 OK
Date: Wed, 31 Aug 2022 07:10:39 GMT
Content-Type: image/jpeg
Content-Length: 21546
Connection: keep-alive
Server: nginx/1.17.6
Last-Modified: Sun, 27 Feb 2022 16:18:35 GMT
ETag: "621ba45b-542a"
Expires: Fri, 02 Sep 2022 07:10:39 GMT
Cache-Control: max-age=172800
X-Proxy-Cache: HIT
Accept-Ranges: bytes
cdn.cloudimagesb.com/si/75/c9/28/75c92834ede96f2f4d3581e4d43e6e4f/1645978427.jpg
45.133.44.9200 OK 22 kB URL HTTP/1.1 cdn.cloudimagesb.com/si/75/c9/28/75c92834ede96f2f4d3581e4d43e6e4f/1645978427.jpg
IP 45.133.44.9:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 320x240, components 3\012- data
Hash 796d425c7dcd3be5c1cdc6cdd56c1dab
e8cc1589c53cccdd638d3a732fef9e97aa4a45bc
f73ea8486409b59615869827f5c1b1f322ee1374d506e7789019bb4967348437
GET /si/75/c9/28/75c92834ede96f2f4d3581e4d43e6e4f/1645978427.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nytesgoal.com/
HTTP/1.1 200 OK
Date: Wed, 31 Aug 2022 07:10:39 GMT
Content-Type: image/jpeg
Content-Length: 22212
Connection: keep-alive
Server: nginx/1.17.6
Last-Modified: Sun, 27 Feb 2022 16:14:00 GMT
ETag: "621ba348-56c4"
Expires: Fri, 02 Sep 2022 07:10:39 GMT
Cache-Control: max-age=172800
X-Proxy-Cache: HIT
Accept-Ranges: bytes
cdn.cloudimagesb.com/si/5d/19/5d/5d195d7de14d8e7d59a9c7b1330750de/1645978440.jpg
45.133.44.9200 OK 25 kB URL HTTP/1.1 cdn.cloudimagesb.com/si/5d/19/5d/5d195d7de14d8e7d59a9c7b1330750de/1645978440.jpg
IP 45.133.44.9:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 320x240, components 3\012- data
Hash f1a49a7d784361bbce9f7ed99c6fc6ec
bb1a5732dc954a89c85089d16d71a00ade1fe682
deb5daa6fcbf7a78b9361e5ac56f09b27986953f03977adbaf32d04a93996bdd
GET /si/5d/19/5d/5d195d7de14d8e7d59a9c7b1330750de/1645978440.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nytesgoal.com/
HTTP/1.1 200 OK
Date: Wed, 31 Aug 2022 07:10:39 GMT
Content-Type: image/jpeg
Content-Length: 25012
Connection: keep-alive
Server: nginx/1.17.6
Last-Modified: Sun, 27 Feb 2022 16:14:05 GMT
ETag: "621ba34d-61b4"
Expires: Fri, 02 Sep 2022 07:10:39 GMT
Cache-Control: max-age=172800
X-Proxy-Cache: HIT
Accept-Ranges: bytes
diminutioneconomy.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRSu3h3QXQ%2Bi5rLgYY4KMunumemZ7ILBGLME42bNKnpSqrt6JmWqq9qqrunJeDC4Igte5uBFT51vko0%2F1kX%2FABeZLIgGhcwtBwOC%2F4GwZ%2BlxcPRBv%2Fe%2B%2Fr7D996rT%2FbtOXFh6dnqa2rAhaCLzZpbfe5tz7tW3eDS9qv9dvBu0LhW1b2rS0HNfb56PY521KLveq7ruV51jeu4o%2FqLJQme3lvyaktureHXvGYDff1%2FbKwDQx2w3jl5GpxNKg%2BdBfBoDJl8txqbnUylL7ySWEEzpdFjR2%2FKHalyiWTedrSDjjyaqaHM6doDKHk4tQvV%2B1cY8glxfnqAUB7NTCLsHUx9hgKxRMieQN4bIxZjcDpGpG6Ds1MCRAw3NiGTuzeUzunuPywt2QmpPPoLPJ%2BQyu8LkMn9FcH71VtK2IwradDvFOD9MXh3jNQeIxtcAM%2BPEWUfgbPfyOKjDcjkYNMIBc6K6eycj8E7Y4h4CGoc2PLjDmzHgU0dJOysGnme13JZRN32UhTVWSsOA%2BZ6tNXxqOcGbdiotDdElg4RiSEivYdU72GHD6HtjzDbBQxzYLIJcV7fQ48VyGOC3BDklCDnBHlGkPeKQyaMb4q7TBgberPqz2q9GKmsu08PVdaNJdlPz8lT5V6cS79exk58Vm036y5rtin1224YNlm93fDrDdb0Oq0wpEEThhfg5sJ01AGfkGc%2F%2FBMpn5DHrn6KkB7DiGNE%2FBlQ64Hmo5bvgm6PGm0XA%2Fmt3M1i01VU1CKVgKkCaVZBtuvsi3NyZXog78tlxNHJ8seDP67fX%2FgAkS6Q6gLv8YcEXXFntKVycrClckO%2B30wznvABLY93K6NZfPHrV%2BPdXGm2vmqGX70UlUTZ3nsjNtkGlYzLriHfrHDGYr2mdBSTH9bNW3F405rtFaulTTduvry2nqQ6NoYrOQblp%2B8cIuIT8vj7v0xf5ZWBANdjaFsgsSdkFuDqGFG6B5PO3Rt1EVrMNWHqILfFSPvh%2FKfgBCKeYxoWMP%2FB4bzfN3fQ1T5odhsyKdDTBXqiABVDGHt5lKX6ZPnnz8v4AqGojEKhKweh0OKz6WrLtFWmF8u0DsPPqq163aXBUtNrtWjcCht%2BuxN4jFK%2FEfhBQOvIzCR68pL6GwAA%2F%2F8BAAD%2F%2F6VTfcVvBAAA
192.243.59.13200 OK 7 B URL HTTP/1.1 diminutioneconomy.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRSu3h3QXQ%2Bi5rLgYY4KMunumemZ7ILBGLME42bNKnpSqrt6JmWqq9qqrunJeDC4Igte5uBFT51vko0%2F1kX%2FABeZLIgGhcwtBwOC%2F4GwZ%2BlxcPRBv%2Fe%2B%2Fr7D996rT%2FbtOXFh6dnqa2rAhaCLzZpbfe5tz7tW3eDS9qv9dvBu0LhW1b2rS0HNfb56PY521KLveq7ruV51jeu4o%2FqLJQme3lvyaktureHXvGYDff1%2FbKwDQx2w3jl5GpxNKg%2BdBfBoDJl8txqbnUylL7ySWEEzpdFjR2%2FKHalyiWTedrSDjjyaqaHM6doDKHk4tQvV%2B1cY8glxfnqAUB7NTCLsHUx9hgKxRMieQN4bIxZjcDpGpG6Ds1MCRAw3NiGTuzeUzunuPywt2QmpPPoLPJ%2BQyu8LkMn9FcH71VtK2IwradDvFOD9MXh3jNQeIxtcAM%2BPEWUfgbPfyOKjDcjkYNMIBc6K6eycj8E7Y4h4CGoc2PLjDmzHgU0dJOysGnme13JZRN32UhTVWSsOA%2BZ6tNXxqOcGbdiotDdElg4RiSEivYdU72GHD6HtjzDbBQxzYLIJcV7fQ48VyGOC3BDklCDnBHlGkPeKQyaMb4q7TBgberPqz2q9GKmsu08PVdaNJdlPz8lT5V6cS79exk58Vm036y5rtin1224YNlm93fDrDdb0Oq0wpEEThhfg5sJ01AGfkGc%2F%2FBMpn5DHrn6KkB7DiGNE%2FBlQ64Hmo5bvgm6PGm0XA%2Fmt3M1i01VU1CKVgKkCaVZBtuvsi3NyZXog78tlxNHJ8seDP67fX%2FgAkS6Q6gLv8YcEXXFntKVycrClckO%2B30wznvABLY93K6NZfPHrV%2BPdXGm2vmqGX70UlUTZ3nsjNtkGlYzLriHfrHDGYr2mdBSTH9bNW3F405rtFaulTTduvry2nqQ6NoYrOQblp%2B8cIuIT8vj7v0xf5ZWBANdjaFsgsSdkFuDqGFG6B5PO3Rt1EVrMNWHqILfFSPvh%2FKfgBCKeYxoWMP%2FB4bzfN3fQ1T5odhsyKdDTBXqiABVDGHt5lKX6ZPnnz8v4AqGojEKhKweh0OKz6WrLtFWmF8u0DsPPqq163aXBUtNrtWjcCht%2BuxN4jFK%2FEfhBQOvIzCR68pL6GwAA%2F%2F8BAAD%2F%2F6VTfcVvBAAA
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRSu3h3QXQ%2Bi5rLgYY4KMunumemZ7ILBGLME42bNKnpSqrt6JmWqq9qqrunJeDC4Igte5uBFT51vko0%2F1kX%2FABeZLIgGhcwtBwOC%2F4GwZ%2BlxcPRBv%2Fe%2B%2Fr7D996rT%2FbtOXFh6dnqa2rAhaCLzZpbfe5tz7tW3eDS9qv9dvBu0LhW1b2rS0HNfb56PY521KLveq7ruV51jeu4o%2FqLJQme3lvyaktureHXvGYDff1%2FbKwDQx2w3jl5GpxNKg%2BdBfBoDJl8txqbnUylL7ySWEEzpdFjR2%2FKHalyiWTedrSDjjyaqaHM6doDKHk4tQvV%2B1cY8glxfnqAUB7NTCLsHUx9hgKxRMieQN4bIxZjcDpGpG6Ds1MCRAw3NiGTuzeUzunuPywt2QmpPPoLPJ%2BQyu8LkMn9FcH71VtK2IwradDvFOD9MXh3jNQeIxtcAM%2BPEWUfgbPfyOKjDcjkYNMIBc6K6eycj8E7Y4h4CGoc2PLjDmzHgU0dJOysGnme13JZRN32UhTVWSsOA%2BZ6tNXxqOcGbdiotDdElg4RiSEivYdU72GHD6HtjzDbBQxzYLIJcV7fQ48VyGOC3BDklCDnBHlGkPeKQyaMb4q7TBgberPqz2q9GKmsu08PVdaNJdlPz8lT5V6cS79exk58Vm036y5rtin1224YNlm93fDrDdb0Oq0wpEEThhfg5sJ01AGfkGc%2F%2FBMpn5DHrn6KkB7DiGNE%2FBlQ64Hmo5bvgm6PGm0XA%2Fmt3M1i01VU1CKVgKkCaVZBtuvsi3NyZXog78tlxNHJ8seDP67fX%2FgAkS6Q6gLv8YcEXXFntKVycrClckO%2B30wznvABLY93K6NZfPHrV%2BPdXGm2vmqGX70UlUTZ3nsjNtkGlYzLriHfrHDGYr2mdBSTH9bNW3F405rtFaulTTduvry2nqQ6NoYrOQblp%2B8cIuIT8vj7v0xf5ZWBANdjaFsgsSdkFuDqGFG6B5PO3Rt1EVrMNWHqILfFSPvh%2FKfgBCKeYxoWMP%2FB4bzfN3fQ1T5odhsyKdDTBXqiABVDGHt5lKX6ZPnnz8v4AqGojEKhKweh0OKz6WrLtFWmF8u0DsPPqq163aXBUtNrtWjcCht%2BuxN4jFK%2FEfhBQOvIzCR68pL6GwAA%2F%2F8BAAD%2F%2F6VTfcVvBAAA HTTP/1.1
Host: diminutioneconomy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://nytesgoal.com/
Cookie: u_pl=17419530; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; nlec8530d58aa280bb5d384234d51f7bba65=[3254335,3254354,3254334,3254345]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Wed, 31 Aug 2022 07:10:39 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: fd6fad214d0dc6fd7f4b5a19e06685c2
Strict-Transport-Security: max-age=0; includeSubdomains
duplicatepowerquay.com/pixel/purst?dl=0&th=0&sc=0&rs=1415&rd=1415&fd=620&bv=22.8.v.1&tmpl=70
192.243.59.12200 OK 0 B URL HTTP/1.1 duplicatepowerquay.com/pixel/purst?dl=0&th=0&sc=0&rs=1415&rd=1415&fd=620&bv=22.8.v.1&tmpl=70
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/purst?dl=0&th=0&sc=0&rs=1415&rd=1415&fd=620&bv=22.8.v.1&tmpl=70 HTTP/1.1
Host: duplicatepowerquay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nytesgoal.com/
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Wed, 31 Aug 2022 07:10:39 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8483eb99dbd130593ed0072e2fbaccf9
fcb83f0b4a448f0b94b0bf9db431cc802413dacd
5e07e7bbf5dd7a48f9330dbc0248b7a1aa69dff7a9a913f493a384d2ec332f74
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5E07E7BBF5DD7A48F9330DBC0248B7A1AA69DFF7A9A913F493A384D2EC332F74"
Last-Modified: Sun, 28 Aug 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4280
Expires: Wed, 31 Aug 2022 08:22:00 GMT
Date: Wed, 31 Aug 2022 07:10:40 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8483eb99dbd130593ed0072e2fbaccf9
fcb83f0b4a448f0b94b0bf9db431cc802413dacd
5e07e7bbf5dd7a48f9330dbc0248b7a1aa69dff7a9a913f493a384d2ec332f74
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5E07E7BBF5DD7A48F9330DBC0248B7A1AA69DFF7A9A913F493A384D2EC332F74"
Last-Modified: Sun, 28 Aug 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4280
Expires: Wed, 31 Aug 2022 08:22:00 GMT
Date: Wed, 31 Aug 2022 07:10:40 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8483eb99dbd130593ed0072e2fbaccf9
fcb83f0b4a448f0b94b0bf9db431cc802413dacd
5e07e7bbf5dd7a48f9330dbc0248b7a1aa69dff7a9a913f493a384d2ec332f74
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5E07E7BBF5DD7A48F9330DBC0248B7A1AA69DFF7A9A913F493A384D2EC332F74"
Last-Modified: Sun, 28 Aug 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4280
Expires: Wed, 31 Aug 2022 08:22:00 GMT
Date: Wed, 31 Aug 2022 07:10:40 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d2b8cd4-2da8-44e6-9499-b1190e129379.jpeg
34.120.237.76200 OK 6.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d2b8cd4-2da8-44e6-9499-b1190e129379.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9843fcd5eb49c75b942e3dd042f3a931
ff6de19656bc0ee5649c1367448116a9576a690a
8e9679e05e1b2194e44a962a19f226793b5d7fc2334df64f8dd560498532ad3a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d2b8cd4-2da8-44e6-9499-b1190e129379.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6266
x-amzn-requestid: 82231f45-328a-479a-b346-108fe6a0c190
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XjU6bEP5IAMFaGQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630acea8-6545154a39b44bb04d3bc18c;Sampled=0
x-amzn-remapped-date: Sun, 28 Aug 2022 02:10:48 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: P_a-E2SVJUpYrlOzoX9kDtHoAeyEpcqEXau-5wDupR-9AAk3gQgaHQ==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 31119c39c5a6dc62dfa1fe940afd7be2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 30 Aug 2022 11:52:53 GMT
age: 69467
etag: "ff6de19656bc0ee5649c1367448116a9576a690a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffecb9c4d-4c5b-4ac8-8afc-eb30449d31a6.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffecb9c4d-4c5b-4ac8-8afc-eb30449d31a6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c51bb130fc57dd07939eefca1788f2bf
fffae16c540075f7b9556bff9499fa42b96d1d5d
097cc700622c334f7e26d3e01da9b5b79ea914778bbdf5d327dfa035bf5d7065
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffecb9c4d-4c5b-4ac8-8afc-eb30449d31a6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11139
x-amzn-requestid: 6497a1a2-3c42-45e6-a4f7-804c10ab1cc1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XaHqZE7gIAMFm3w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63071fdb-5a6f1047389fe8c002ed28e6;Sampled=0
x-amzn-remapped-date: Thu, 25 Aug 2022 07:08:11 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: wwtNm3HyRtZkesTZ4V8vdgUaHM6D_EEHgnrDuRtoPuJkb89G6cHObA==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 30 Aug 2022 14:44:28 GMT
age: 59172
etag: "fffae16c540075f7b9556bff9499fa42b96d1d5d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.effectivecreativeformats.com/fdc80ce0a31b228294a750eb5cb3297e/invoke.js
192.243.59.13200 OK 9.8 kB URL HTTP/1.1 www.effectivecreativeformats.com/fdc80ce0a31b228294a750eb5cb3297e/invoke.js
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (26945), with no line terminators
Hash 42ed5eb7d9ad532c0e8adb24ffce7b40
eed2ae8aa3d27723a54709e286a2dd320a010ad6
235a3381c80bdd0ec27cd9bf62882d7b5ab8f2c9ea55abaa7c5dd55513ebc3ac
Analyzer Verdict Alert quad9 Sinkholed
GET /fdc80ce0a31b228294a750eb5cb3297e/invoke.js HTTP/1.1
Host: www.effectivecreativeformats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nytesgoal.com/
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Wed, 31 Aug 2022 07:10:40 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 5529a61c91f0baec6ad3e99bffa3ffc8
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe9551c30-d090-4465-bc2a-10ab11908481.jpeg
34.120.237.76200 OK 7.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe9551c30-d090-4465-bc2a-10ab11908481.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 64210c7890c4bffddca12e968ca8aeab
90810a5992bfb6e6706b5c8e3e90f81b5cb95d62
75f4ac933160807d3a459e734263d2c39414134c1a3d0d1982dc4a790e1f338c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe9551c30-d090-4465-bc2a-10ab11908481.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7878
x-amzn-requestid: 7383deb9-be9e-4b7d-b86f-47eff091662b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xsmo2HvoIAMFiHQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630e849e-62a64a0b20adff240839911f;Sampled=0
x-amzn-remapped-date: Tue, 30 Aug 2022 21:43:58 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Oi6ErhaoO04EBF7NVUH823c8gKNWv1VeZMm0C8xplN-9E_kFQR2vPg==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Tue, 30 Aug 2022 21:46:49 GMT
age: 33831
etag: "90810a5992bfb6e6706b5c8e3e90f81b5cb95d62"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F136de3c9-bb24-461a-b29f-fe7b7336b28c.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F136de3c9-bb24-461a-b29f-fe7b7336b28c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash db8548465788b6e73fc19c63575f7d32
0502c55da685e6a5bd3506b55cd96d639346ed82
c125a0828629e46996832fd04555f503e62c0dc0e8506f069487ba8ebb2db4a3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F136de3c9-bb24-461a-b29f-fe7b7336b28c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7582
x-amzn-requestid: 65712628-13c0-42e2-a090-b21fde8bd026
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xg0rgE_hIAMF1ng=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6309ce49-5feadfad6c342ae96a5a26d7;Sampled=0
x-amzn-remapped-date: Sat, 27 Aug 2022 07:56:57 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: AaCY2PsUVPfvdDwb7itAqcRV9NZPkDxFs1QEiYZ_FjTNp9sH4bn5rg==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Wed, 31 Aug 2022 06:11:47 GMT
age: 3533
etag: "0502c55da685e6a5bd3506b55cd96d639346ed82"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8483eb99dbd130593ed0072e2fbaccf9
fcb83f0b4a448f0b94b0bf9db431cc802413dacd
5e07e7bbf5dd7a48f9330dbc0248b7a1aa69dff7a9a913f493a384d2ec332f74
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5E07E7BBF5DD7A48F9330DBC0248B7A1AA69DFF7A9A913F493A384D2EC332F74"
Last-Modified: Sun, 28 Aug 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4280
Expires: Wed, 31 Aug 2022 08:22:00 GMT
Date: Wed, 31 Aug 2022 07:10:40 GMT
Connection: keep-alive
possessionaddictedflight.com/watch.1073569966017.js?key=c5a970ac1bac2855ca2da085b39fd883&kw=%5B%22nytes%22%2C%22goal%22%2C%22%E2%80%93%22%2C%22all%22%2C%22round%22%2C%22sports%22%5D&refer=http%3A%2F%2Fnytesgoal.com%2F&tz=0&dev=r&res=12.29&uuid=8edd079d-31df-4ddd-9711-081466b22a0b%3A1%3A1
192.243.59.20307 Temporary Redirect 0 B URL HTTP/1.1 possessionaddictedflight.com/watch.1073569966017.js?key=c5a970ac1bac2855ca2da085b39fd883&kw=%5B%22nytes%22%2C%22goal%22%2C%22%E2%80%93%22%2C%22all%22%2C%22round%22%2C%22sports%22%5D&refer=http%3A%2F%2Fnytesgoal.com%2F&tz=0&dev=r&res=12.29&uuid=8edd079d-31df-4ddd-9711-081466b22a0b%3A1%3A1
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1073569966017.js?key=c5a970ac1bac2855ca2da085b39fd883&kw=%5B%22nytes%22%2C%22goal%22%2C%22%E2%80%93%22%2C%22all%22%2C%22round%22%2C%22sports%22%5D&refer=http%3A%2F%2Fnytesgoal.com%2F&tz=0&dev=r&res=12.29&uuid=8edd079d-31df-4ddd-9711-081466b22a0b%3A1%3A1 HTTP/1.1
Host: possessionaddictedflight.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://nytesgoal.com
Connection: keep-alive
Referer: http://nytesgoal.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.17.9
Date: Wed, 31 Aug 2022 07:10:40 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://nytesgoal.com
Access-Control-Allow-Origin: http://nytesgoal.com
Access-Control-Allow-Credentials: true
Location: https://possessionaddictedflight.com/watch.1073569966017.js?key=c5a970ac1bac2855ca2da085b39fd883&kw=%5B%22nytes%22%2C%22goal%22%2C%22%E2%80%93%22%2C%22all%22%2C%22round%22%2C%22sports%22%5D&refer=http%3A%2F%2Fnytesgoal.com%2F&tz=0&dev=r&res=12.29&uuid=8edd079d-31df-4ddd-9711-081466b22a0b%3A1%3A1&shu=ace4d885b13f511c310584a4adc55895d0aad74919b37d281a3d660cc1f11a6d84b046d5015633cbdccb48ff9aea485cfc87ecb621b256467b8b5c09ebcc21237d4ac0e2b4d03a5c991a0e7da761b0f9c89f5327&pst=1661929900&rmtc=t
Set-Cookie: u_pl=17426926; expires=Thu, 01 Sep 2022 07:10:40 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzQyNjkyNiwiayI6ImM1YTk3MGFjMWJhYzI4NTVjYTJkYTA4NWIzOWZkODgzIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxODY3NzQ4LCJwaWQiOjQ3MzczOSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxOSwiYWlkIjo1LCJwdCI6NCwicGsiOiJ3NHRkdGc4MzgiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6Nzk5NTQxOTYsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjoxODExMCwib24iOiJMaW51eCIsIm92IjoiVW5rbm93biIsImJpZCI6MTE2NjcwLCJibiI6IkZpcmVmb3giLCJidiI6Ijk2LjAiLCJ3diI6ZmFsc2UsImUiOmZhbHNlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHA6Ly9ueXRlc2dvYWwuY29tLyJ9fQ.CSAEwbY47Kj9nta2cMTPxYNmHJI4AJpkermUiianbgw; expires=Wed, 31 Aug 2022 07:11:40 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: e406437249ad5c089255963e4a30cc5b
Strict-Transport-Security: max-age=0; includeSubdomains
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8483eb99dbd130593ed0072e2fbaccf9
fcb83f0b4a448f0b94b0bf9db431cc802413dacd
5e07e7bbf5dd7a48f9330dbc0248b7a1aa69dff7a9a913f493a384d2ec332f74
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5E07E7BBF5DD7A48F9330DBC0248B7A1AA69DFF7A9A913F493A384D2EC332F74"
Last-Modified: Sun, 28 Aug 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4280
Expires: Wed, 31 Aug 2022 08:22:00 GMT
Date: Wed, 31 Aug 2022 07:10:40 GMT
Connection: keep-alive
possessionaddictedflight.com/watch.324931473754.js?key=9d837cb1d974c225f10599ded2811521&kw=%5B%22nytes%22%2C%22goal%22%2C%22%E2%80%93%22%2C%22all%22%2C%22round%22%2C%22sports%22%5D&refer=http%3A%2F%2Fnytesgoal.com%2F&tz=0&dev=r&res=12.29&uuid=8edd079d-31df-4ddd-9711-081466b22a0b%3A1%3A1
192.243.59.20307 Temporary Redirect 0 B URL HTTP/1.1 possessionaddictedflight.com/watch.324931473754.js?key=9d837cb1d974c225f10599ded2811521&kw=%5B%22nytes%22%2C%22goal%22%2C%22%E2%80%93%22%2C%22all%22%2C%22round%22%2C%22sports%22%5D&refer=http%3A%2F%2Fnytesgoal.com%2F&tz=0&dev=r&res=12.29&uuid=8edd079d-31df-4ddd-9711-081466b22a0b%3A1%3A1
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.324931473754.js?key=9d837cb1d974c225f10599ded2811521&kw=%5B%22nytes%22%2C%22goal%22%2C%22%E2%80%93%22%2C%22all%22%2C%22round%22%2C%22sports%22%5D&refer=http%3A%2F%2Fnytesgoal.com%2F&tz=0&dev=r&res=12.29&uuid=8edd079d-31df-4ddd-9711-081466b22a0b%3A1%3A1 HTTP/1.1
Host: possessionaddictedflight.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://nytesgoal.com
Connection: keep-alive
Referer: http://nytesgoal.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.17.9
Date: Wed, 31 Aug 2022 07:10:40 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://nytesgoal.com
Access-Control-Allow-Origin: http://nytesgoal.com
Access-Control-Allow-Credentials: true
Location: https://possessionaddictedflight.com/watch.324931473754.js?key=9d837cb1d974c225f10599ded2811521&kw=%5B%22nytes%22%2C%22goal%22%2C%22%E2%80%93%22%2C%22all%22%2C%22round%22%2C%22sports%22%5D&refer=http%3A%2F%2Fnytesgoal.com%2F&tz=0&dev=r&res=12.29&uuid=8edd079d-31df-4ddd-9711-081466b22a0b%3A1%3A1&shu=a65ac27f908bc64c2f35aa7610d2e4ef00ac138f7acad8ab183e2ecd796f02dbd2a50e29787a3021f6f5fc98b3b3754c7c051a2330719b0f9dd3fe6aba3c60816c33756bcf87a7482b108de5fe73b3e2723cac54&pst=1661929900&rmtc=t
Set-Cookie: u_pl=17426916; expires=Thu, 01 Sep 2022 07:10:40 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzQyNjkxNiwiayI6IjlkODM3Y2IxZDk3NGMyMjVmMTA1OTlkZWQyODExNTIxIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxODY3NzQ4LCJwaWQiOjQ3MzczOSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxOSwiYWlkIjoyNiwicHQiOjQsInBrIjoibm1ibTkwZXhwMyIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo3OTk1NDE5NiwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMTY2NzAsImJuIjoiRmlyZWZveCIsImJ2IjoiOTYuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cDovL255dGVzZ29hbC5jb20vIn19.WpSLn5_0rECw2Rwc31XkHKB-yUs-Ay3y0LUBJcMcNqk; expires=Wed, 31 Aug 2022 07:11:40 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 68eea8d6eecc2a6a7be57dc8c0d6a883
Strict-Transport-Security: max-age=0; includeSubdomains
unwillingsnick.com/watch.383102762800.js?key=538cd5057511294899f77769e7b75f0d&kw=%5B%22nytes%22%2C%22goal%22%2C%22%E2%80%93%22%2C%22all%22%2C%22round%22%2C%22sports%22%5D&refer=http%3A%2F%2Fnytesgoal.com%2F&tz=0&dev=r&res=12.29&uuid=8edd079d-31df-4ddd-9711-081466b22a0b%3A1%3A1&shu=e3b7b519dff8666bfd164fd0467c242d5a2367bdeb895a66082395ecd770ed227e282fc6ca7729890eec31c914d045508c20654f7c097abfca074dd39fd3f0254b1ab7d4e271b9d23c2db1038f2ce351d0ad108e4fa74cd2f449e16217&pst=1661929899&rmtc=t
192.243.59.13200 OK 2.0 kB URL HTTP/1.1 unwillingsnick.com/watch.383102762800.js?key=538cd5057511294899f77769e7b75f0d&kw=%5B%22nytes%22%2C%22goal%22%2C%22%E2%80%93%22%2C%22all%22%2C%22round%22%2C%22sports%22%5D&refer=http%3A%2F%2Fnytesgoal.com%2F&tz=0&dev=r&res=12.29&uuid=8edd079d-31df-4ddd-9711-081466b22a0b%3A1%3A1&shu=e3b7b519dff8666bfd164fd0467c242d5a2367bdeb895a66082395ecd770ed227e282fc6ca7729890eec31c914d045508c20654f7c097abfca074dd39fd3f0254b1ab7d4e271b9d23c2db1038f2ce351d0ad108e4fa74cd2f449e16217&pst=1661929899&rmtc=t
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document, ASCII text, with very long lines (2435)
Hash 39739ba8fdf0a51d7b2ba65d53063da3
8bc031057f4381e0022df55866faa14b0715da69
b996a6ce55642a8d814ebb5b14d9a3ed073f9a04f6a21926630d89713e801b8e
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.383102762800.js?key=538cd5057511294899f77769e7b75f0d&kw=%5B%22nytes%22%2C%22goal%22%2C%22%E2%80%93%22%2C%22all%22%2C%22round%22%2C%22sports%22%5D&refer=http%3A%2F%2Fnytesgoal.com%2F&tz=0&dev=r&res=12.29&uuid=8edd079d-31df-4ddd-9711-081466b22a0b%3A1%3A1&shu=e3b7b519dff8666bfd164fd0467c242d5a2367bdeb895a66082395ecd770ed227e282fc6ca7729890eec31c914d045508c20654f7c097abfca074dd39fd3f0254b1ab7d4e271b9d23c2db1038f2ce351d0ad108e4fa74cd2f449e16217&pst=1661929899&rmtc=t HTTP/1.1
Host: unwillingsnick.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://nytesgoal.com
Referer: http://nytesgoal.com/
Connection: keep-alive
Cookie: u_pl=17423524; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzQyMzUyNCwiayI6IjUzOGNkNTA1NzUxMTI5NDg5OWY3Nzc2OWU3Yjc1ZjBkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxODY3NzQ4LCJwaWQiOjQ3MzczOSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxOSwiYWlkIjozMiwicHQiOjQsInBrIjoidG44bTFoazQiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6Nzk5NTQxOTYsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjoxODExMCwib24iOiJMaW51eCIsIm92IjoiVW5rbm93biIsImJpZCI6MTE2NjcwLCJibiI6IkZpcmVmb3giLCJidiI6Ijk2LjAiLCJ3diI6ZmFsc2UsImUiOmZhbHNlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHA6Ly9ueXRlc2dvYWwuY29tLyJ9fQ.W2kD9lynCqwKkLBDisQSRZRudQlyQMipUMgFKEK_6MA
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Wed, 31 Aug 2022 07:10:40 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://nytesgoal.com
Access-Control-Allow-Origin: http://nytesgoal.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=8edd079d-31df-4ddd-9711-081466b22a0b:1:1; expires=Wed, 07 Sep 2022 07:10:40 GMT; secure; SameSite=None
pdhtkv=true; expires=Thu, 01 Sep 2022 07:10:40 GMT; secure; SameSite=None
uncs=1; expires=Thu, 01 Sep 2022 07:10:40 GMT; secure; SameSite=None
pdhtkv32=true; expires=Thu, 01 Sep 2022 07:10:40 GMT; secure; SameSite=None
uncs32=1; expires=Thu, 01 Sep 2022 07:10:40 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: acfbe8be82e0bf663ff39af5c261a96d
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F141f656b-9191-4cf5-a05b-891ed5c9656f.jpeg
34.120.237.76200 OK 5.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F141f656b-9191-4cf5-a05b-891ed5c9656f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5c3b7580a37e6eb7e5bd18491f1d4dd6
288b82ad8f924eb9570ae1c55da84d041f862366
046d1ef76448c53446068ef5f8315b7299484996cdebfd9d1e749b4ded9c7d3c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F141f656b-9191-4cf5-a05b-891ed5c9656f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5079
x-amzn-requestid: 3b19c77a-2e9b-499f-890b-36fc4ee72ba7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XslOVEtZIAMFv1w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630e825b-01b7b71617b59f7414a0e5e5;Sampled=0
x-amzn-remapped-date: Tue, 30 Aug 2022 21:34:19 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: zYT0vF7Bxa5m84D12jI2w_A-MzR3wIMBOb0ubTEdNMlpYUes5aYdlQ==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 30 Aug 2022 21:44:23 GMT
age: 33977
etag: "288b82ad8f924eb9570ae1c55da84d041f862366"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb21182a7-c320-4c58-9822-7605821e65a5.jpeg
34.120.237.76200 OK 5.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb21182a7-c320-4c58-9822-7605821e65a5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7dcb5acc5186b678254184c5dac12079
d7c84b42a0dd5b86a0668127698fd5f25b647fcb
8173103eda58bf2f1af2d077fc90c2c1b6d2a93265092a9c3152b686e05a4f9d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb21182a7-c320-4c58-9822-7605821e65a5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5910
x-amzn-requestid: 935b97da-1473-4863-bad2-a732709de9d1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XslNHEfTIAMFWrQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630e8253-150847db7280350c19e2e464;Sampled=0
x-amzn-remapped-date: Tue, 30 Aug 2022 21:34:11 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 0RN7uc1rCMPWabmuO7QRLxIQ2mv0PFqTfL-dF7a6a3i1gFn0TtF8Nw==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 30 Aug 2022 21:45:19 GMT
age: 33921
etag: "d7c84b42a0dd5b86a0668127698fd5f25b647fcb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
diminutioneconomy.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRitzg7orgdRc1nwMEcFmXT3zPRMdsFgjFmCcbNmFT0p1V09kzLVVW1V1%2FRkPGxwRRa8zMGLnjpvko0%2F1kX%2FABeZLIgEhQxecjAg%2BB8Ie5Yeg%2BN%2B0N%2BPfu%2FwvvfVp3v2jLiw9HTlDTXgQtCFZs2tvvCu512trnNp%2B9V%2BO3g%2FaFyt6t6VxaDmvli9FkfbasF3Pdf1XK%2B6ynXcUf2FEgRP7y16tUW31vBrXrOBvn58NtaBoQ5Y74w8C84mlYfOPHg0hky%2BX4nNdqbSl15LrKCZ0uixw7fltlS5RDJrO9pBRx6es6HMyeoDKHkwlQvV%2B48Y8glxfn6AUB6ei0TY25%2FqDAViiZA9hbw3RizG4HSMSN0GZycEiBiub0Amd68rndOdf1FaohNSefQ3eD4hlT%2FmIZP7y4L3qzeVsBlX0qDfKcD7Y%2FDuGKk9QjaYA8%2BPEGUfg7PfyMKjdchkf8MIBc6K6e6cj8E7Y4h4CGoc2PLjDmzHgU0dJOy0Gnme13JZRN32YhTVWSsOA%2BZ6tNXxqOcGbdiolDdElg4RiSEivYtU72KbD6HtTzBbBQxzYLIJcd7cRY8VyGOC3BDklCDnBHlGkPeKAyaMb4q7TBgbeufVP6%2F1YqSy7h49UFk3lmQvPSPPlL44F3%2B9hO34tNpu1l3WbFPqt90wbLJ6u%2BHXG6zpdVphSIMmDC%2FAzdx01QGfkOdv%2FYWUT8gTVz5DSI9gxBEi%2Fhyo9UDzUct3QbdGjbaLgfxO7mSx6SoqapFKwFSBNKsg23H2xBm5PD2Q99Um4uh46ZPBn9fuz3%2BESBdIdYEP%2BEOCrrgz2lQ52d9UuSE%2FbKQZT%2FiAlse7mdEsvvDN6%2FFOrjRbWzHDr1%2BJSqBs770Vm2ydSsZl15BvlzljsV5VOorJj2vmnTi8Yc3WstXSpus3Xl1dS1IdG8OVHIPyk%2FcOEPEJefLD36ev8vLgFrgeQ9sCiT0m5wGujhCluzDpTL1RF6DFjBOmc8htMdJ%2BOPspOIGIZzMNC5j%2FzeGs3zN30NU%2BaHYbMinQ0wV6ogAVQxh7aZSl%2Bnjply%2FK%2BBKhqIxCoSv7odDi89Lapam%2FZXq5TGsw%2FLTaqtddGiw2vVaLxq2w4bc7gcco9RuBHwS0jsxMoqcvqn8AAAD%2F%2FwEAAP%2F%2FA9CVv28EAAA%3D
192.243.59.13200 OK 7 B URL HTTP/1.1 diminutioneconomy.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRitzg7orgdRc1nwMEcFmXT3zPRMdsFgjFmCcbNmFT0p1V09kzLVVW1V1%2FRkPGxwRRa8zMGLnjpvko0%2F1kX%2FABeZLIgEhQxecjAg%2BB8Ie5Yeg%2BN%2B0N%2BPfu%2FwvvfVp3v2jLiw9HTlDTXgQtCFZs2tvvCu512trnNp%2B9V%2BO3g%2FaFyt6t6VxaDmvli9FkfbasF3Pdf1XK%2B6ynXcUf2FEgRP7y16tUW31vBrXrOBvn58NtaBoQ5Y74w8C84mlYfOPHg0hky%2BX4nNdqbSl15LrKCZ0uixw7fltlS5RDJrO9pBRx6es6HMyeoDKHkwlQvV%2B48Y8glxfn6AUB6ei0TY25%2FqDAViiZA9hbw3RizG4HSMSN0GZycEiBiub0Amd68rndOdf1FaohNSefQ3eD4hlT%2FmIZP7y4L3qzeVsBlX0qDfKcD7Y%2FDuGKk9QjaYA8%2BPEGUfg7PfyMKjdchkf8MIBc6K6e6cj8E7Y4h4CGoc2PLjDmzHgU0dJOy0Gnme13JZRN32YhTVWSsOA%2BZ6tNXxqOcGbdiolDdElg4RiSEivYtU72KbD6HtTzBbBQxzYLIJcd7cRY8VyGOC3BDklCDnBHlGkPeKAyaMb4q7TBgbeufVP6%2F1YqSy7h49UFk3lmQvPSPPlL44F3%2B9hO34tNpu1l3WbFPqt90wbLJ6u%2BHXG6zpdVphSIMmDC%2FAzdx01QGfkOdv%2FYWUT8gTVz5DSI9gxBEi%2Fhyo9UDzUct3QbdGjbaLgfxO7mSx6SoqapFKwFSBNKsg23H2xBm5PD2Q99Um4uh46ZPBn9fuz3%2BESBdIdYEP%2BEOCrrgz2lQ52d9UuSE%2FbKQZT%2FiAlse7mdEsvvDN6%2FFOrjRbWzHDr1%2BJSqBs770Vm2ydSsZl15BvlzljsV5VOorJj2vmnTi8Yc3WstXSpus3Xl1dS1IdG8OVHIPyk%2FcOEPEJefLD36ev8vLgFrgeQ9sCiT0m5wGujhCluzDpTL1RF6DFjBOmc8htMdJ%2BOPspOIGIZzMNC5j%2FzeGs3zN30NU%2BaHYbMinQ0wV6ogAVQxh7aZSl%2Bnjply%2FK%2BBKhqIxCoSv7odDi89Lapam%2FZXq5TGsw%2FLTaqtddGiw2vVaLxq2w4bc7gcco9RuBHwS0jsxMoqcvqn8AAAD%2F%2FwEAAP%2F%2FA9CVv28EAAA%3D
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRitzg7orgdRc1nwMEcFmXT3zPRMdsFgjFmCcbNmFT0p1V09kzLVVW1V1%2FRkPGxwRRa8zMGLnjpvko0%2F1kX%2FABeZLIgEhQxecjAg%2BB8Ie5Yeg%2BN%2B0N%2BPfu%2FwvvfVp3v2jLiw9HTlDTXgQtCFZs2tvvCu512trnNp%2B9V%2BO3g%2FaFyt6t6VxaDmvli9FkfbasF3Pdf1XK%2B6ynXcUf2FEgRP7y16tUW31vBrXrOBvn58NtaBoQ5Y74w8C84mlYfOPHg0hky%2BX4nNdqbSl15LrKCZ0uixw7fltlS5RDJrO9pBRx6es6HMyeoDKHkwlQvV%2B48Y8glxfn6AUB6ei0TY25%2FqDAViiZA9hbw3RizG4HSMSN0GZycEiBiub0Amd68rndOdf1FaohNSefQ3eD4hlT%2FmIZP7y4L3qzeVsBlX0qDfKcD7Y%2FDuGKk9QjaYA8%2BPEGUfg7PfyMKjdchkf8MIBc6K6e6cj8E7Y4h4CGoc2PLjDmzHgU0dJOy0Gnme13JZRN32YhTVWSsOA%2BZ6tNXxqOcGbdiolDdElg4RiSEivYtU72KbD6HtTzBbBQxzYLIJcd7cRY8VyGOC3BDklCDnBHlGkPeKAyaMb4q7TBgbeufVP6%2F1YqSy7h49UFk3lmQvPSPPlL44F3%2B9hO34tNpu1l3WbFPqt90wbLJ6u%2BHXG6zpdVphSIMmDC%2FAzdx01QGfkOdv%2FYWUT8gTVz5DSI9gxBEi%2Fhyo9UDzUct3QbdGjbaLgfxO7mSx6SoqapFKwFSBNKsg23H2xBm5PD2Q99Um4uh46ZPBn9fuz3%2BESBdIdYEP%2BEOCrrgz2lQ52d9UuSE%2FbKQZT%2FiAlse7mdEsvvDN6%2FFOrjRbWzHDr1%2BJSqBs770Vm2ydSsZl15BvlzljsV5VOorJj2vmnTi8Yc3WstXSpus3Xl1dS1IdG8OVHIPyk%2FcOEPEJefLD36ev8vLgFrgeQ9sCiT0m5wGujhCluzDpTL1RF6DFjBOmc8htMdJ%2BOPspOIGIZzMNC5j%2FzeGs3zN30NU%2BaHYbMinQ0wV6ogAVQxh7aZSl%2Bnjply%2FK%2BBKhqIxCoSv7odDi89Lapam%2FZXq5TGsw%2FLTaqtddGiw2vVaLxq2w4bc7gcco9RuBHwS0jsxMoqcvqn8AAAD%2F%2FwEAAP%2F%2FA9CVv28EAAA%3D HTTP/1.1
Host: diminutioneconomy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://nytesgoal.com/
Cookie: u_pl=17419530; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; nlec8530d58aa280bb5d384234d51f7bba65=[3254335,3254354,3254334,3254345]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Wed, 31 Aug 2022 07:10:40 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 22f05ef6111e54c214b659fa5559f0b6
Strict-Transport-Security: max-age=0; includeSubdomains
unwillingsnick.com/watch.879069820525.js?key=02a8de4d3de79d2e028cff11c87e1aa7&kw=%5B%22nytes%22%2C%22goal%22%2C%22%E2%80%93%22%2C%22all%22%2C%22round%22%2C%22sports%22%5D&refer=http%3A%2F%2Fnytesgoal.com%2F&tz=0&dev=r&res=12.29&uuid=8edd079d-31df-4ddd-9711-081466b22a0b%3A1%3A1&shu=9ab847fa4b71b9ec7fe3a09b2986e4bce9016dc466471e7190fb6646ce87610b72da654c683725ce54a1bf719470eaf617bbe024825b8154498ddea5c8c13035b7b147a6267a3ddea86a3871efa192d2f78bd22e&pst=1661929899&rmtc=t
192.243.59.13200 OK 2.0 kB URL HTTP/1.1 unwillingsnick.com/watch.879069820525.js?key=02a8de4d3de79d2e028cff11c87e1aa7&kw=%5B%22nytes%22%2C%22goal%22%2C%22%E2%80%93%22%2C%22all%22%2C%22round%22%2C%22sports%22%5D&refer=http%3A%2F%2Fnytesgoal.com%2F&tz=0&dev=r&res=12.29&uuid=8edd079d-31df-4ddd-9711-081466b22a0b%3A1%3A1&shu=9ab847fa4b71b9ec7fe3a09b2986e4bce9016dc466471e7190fb6646ce87610b72da654c683725ce54a1bf719470eaf617bbe024825b8154498ddea5c8c13035b7b147a6267a3ddea86a3871efa192d2f78bd22e&pst=1661929899&rmtc=t
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document, ASCII text, with very long lines (2456)
Hash 0ad5fc482e80aee3b9941c158506673a
bd904bcb0535b422c2532e650cca8055c69a8e33
094055e81783f24f32bd7947441078166b27a9e6c707ce1ac380c88041847ed4
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.879069820525.js?key=02a8de4d3de79d2e028cff11c87e1aa7&kw=%5B%22nytes%22%2C%22goal%22%2C%22%E2%80%93%22%2C%22all%22%2C%22round%22%2C%22sports%22%5D&refer=http%3A%2F%2Fnytesgoal.com%2F&tz=0&dev=r&res=12.29&uuid=8edd079d-31df-4ddd-9711-081466b22a0b%3A1%3A1&shu=9ab847fa4b71b9ec7fe3a09b2986e4bce9016dc466471e7190fb6646ce87610b72da654c683725ce54a1bf719470eaf617bbe024825b8154498ddea5c8c13035b7b147a6267a3ddea86a3871efa192d2f78bd22e&pst=1661929899&rmtc=t HTTP/1.1
Host: unwillingsnick.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://nytesgoal.com
Referer: http://nytesgoal.com/
Connection: keep-alive
Cookie: u_pl=17423670; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzQyMzY3MCwiayI6IjAyYThkZTRkM2RlNzlkMmUwMjhjZmYxMWM4N2UxYWE3Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxODY3NzQ4LCJwaWQiOjQ3MzczOSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxOSwiYWlkIjoyNywicHQiOjQsInBrIjoicmZ3bnZueW52cCIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo3OTk1NDE5NiwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMTY2NzAsImJuIjoiRmlyZWZveCIsImJ2IjoiOTYuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cDovL255dGVzZ29hbC5jb20vIn19.KAM8QKh5z9-yittwH9HTfIGHD_ZLUciNn0qTLRBXDWs
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Wed, 31 Aug 2022 07:10:40 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://nytesgoal.com
Access-Control-Allow-Origin: http://nytesgoal.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=8edd079d-31df-4ddd-9711-081466b22a0b:1:1; expires=Wed, 07 Sep 2022 07:10:40 GMT; secure; SameSite=None
pdhtkv=true; expires=Thu, 01 Sep 2022 07:10:40 GMT; secure; SameSite=None
uncs=1; expires=Thu, 01 Sep 2022 07:10:40 GMT; secure; SameSite=None
pdhtkv27=true; expires=Thu, 01 Sep 2022 07:10:40 GMT; secure; SameSite=None
uncs27=1; expires=Thu, 01 Sep 2022 07:10:40 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: b39126393879dcac332b07dc3bc746f0
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
pixel.wp.com/g.gif?v=ext&j=1%3A11.1.2&blog=207900138&post=0&tz=0&srv=nytesgoal.com&host=nytesgoal.com&ref=&fcp=1228&rand=0.8839844606356648
192.0.76.3200 OK 50 B URL HTTP/1.1 pixel.wp.com/g.gif?v=ext&j=1%3A11.1.2&blog=207900138&post=0&tz=0&srv=nytesgoal.com&host=nytesgoal.com&ref=&fcp=1228&rand=0.8839844606356648
IP 192.0.76.3:0
File type GIF image data, version 89a, 6 x 5\012- data
Hash e4d673a55c5656f19ef81563fb10884c
1f2d8ed221d39329251ad3a6ff1edb20b7219443
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
GET /g.gif?v=ext&j=1%3A11.1.2&blog=207900138&post=0&tz=0&srv=nytesgoal.com&host=nytesgoal.com&ref=&fcp=1228&rand=0.8839844606356648 HTTP/1.1
Host: pixel.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nytesgoal.com/
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 31 Aug 2022 07:10:40 GMT
Content-Type: image/gif
Content-Length: 50
Connection: keep-alive
Cache-Control: no-cache
Access-Control-Allow-Origin: *
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8988cd1418012ccffc3e13fd8cde2e25
d727ee202af2f919f95faa7f18b86c660dd7f975
2b1176a1e9f36d78e2f59790cfe030803c56a6d8d6baa64ef72e0553b161d5d7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2B1176A1E9F36D78E2F59790CFE030803C56A6D8D6BAA64EF72E0553B161D5D7"
Last-Modified: Tue, 30 Aug 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7314
Expires: Wed, 31 Aug 2022 09:12:34 GMT
Date: Wed, 31 Aug 2022 07:10:40 GMT
Connection: keep-alive
fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh7USSwiPGQ.woff2
142.250.74.163200 OK 23 kB URL HTTP/1.1 fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh7USSwiPGQ.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 23236, version 1.0\012- data
Hash 716309aab2bca045f9627f63ad79d0bf
38804233a29aaf975d557fe14e762c627bef76e0
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
GET /s/lato/v23/S6u9w4BMUTPHh7USSwiPGQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://nytesgoal.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 23236
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Mon, 29 Aug 2022 23:06:16 GMT
Expires: Tue, 29 Aug 2023 23:06:16 GMT
Cache-Control: public, max-age=31536000
Age: 115464
Last-Modified: Tue, 26 Apr 2022 16:04:12 GMT
Content-Type: font/woff2
diminutioneconomy.com/ren.gif?sid=H4sIAAAAAAAC%2F1RST28bxRuebS39fi0HBPRSiYOPICFnd22vnVaiIoRUEaEpKQhOoNmdtTNkdmaZ2dl1zIGIIlSJiw9c4LR5nDT8KRV8ACrkVEIoolJ8y4FISHwDpJ7RuhGGV9r3zz7P4Xmfdz7btafEhaUny2%2BoIReCLrQbbv2Fdz3van2NSzuoD7rB%2B0Hral3nVxaDhvti%2FXocbakF3%2FVc13O9%2BgrXcU8NFioQPL236DUW3UbLb3jtFgb6v7OxDgx1wPJT8iw4m9YeOpfAowlk8sNybLYylb70WmIFzZRGzg7elltSFRLJvO1pBz15cMaGMscrD6Dk%2FkwuVP4PMeRT4vzyAKE8OBOJMN%2Bb6QwFYomQPYUinyAWE3A6QaRug7NjAkQMN9Yhk7s3lC7o9hOUVuiU1B7%2FBV5MSe33S5DJ%2FSXBB%2FVbStiMK2kw6JXggwl4f4LUHiIbngMvDhFln4CzR2Th8RpksrduhAJn5Wx3zifgvQlEPAI1Dmz1cQe258CmDhJ2Uo88z%2Bu4LKJudzGKmqwThwFzPdrpedRzgy5sVMkbIUtHiMQIkd5BqnewxUfQ9meYzRKGOTDZlDhv7iBnJYqYoDAEBSUoOEGRERR5uc%2BE8U15lwljQ%2B%2Bs%2Bme1WY5V1t%2Bl%2Byrrx5LspqfkmcoX58JvF7EVn9S77abL2l1K%2Fa4bhm3W7Lb8Zou1vV4nDGnQhuEluDk3W3XIp%2BT5j%2F9Eyqfkf1c%2BR0gPYcQhIv4cqPVAi3HHd0E3x62ui6H8Xm5nsekrKhqRSsBUiTSrIdt2dsUpuTw7kPf1KuLo6Nqnwz%2Bu37%2F0ESJdItUlPuAPCfriznhDFWRvQxWG%2FLieZjzhQ1od71ZGs%2Fj8t6%2FH24XSbHXZjL55JaqAqr33VmyyNSoZl31DvlvijMV6RekoJj%2Btmnfi8KY1m0tWS5uu3Xx1ZTVJdWwMV3ICyo%2Ff20fEp%2BT%2FHz6avcrLwxxcT6BticQekbMAV4eI0h2YdK7eqPPQYs4J0xoKW461H85%2FCk4g4vlMwxLmX3M473fNHfS1D5rdhkxK5LpELkpQMYKxF8dZqo%2Bu%2FfplFV8hFLVxKHRtLxRafFFZe61KG1V6%2BYnThp%2FUO82mS4PFttfp0LgTtvxuL%2FAYpX4r8IOANpGZafT0BfU3AAAA%2F%2F8BAAD%2F%2F%2FLzNG1vBAAA
192.243.59.13200 OK 7 B URL HTTP/1.1 diminutioneconomy.com/ren.gif?sid=H4sIAAAAAAAC%2F1RST28bxRuebS39fi0HBPRSiYOPICFnd22vnVaiIoRUEaEpKQhOoNmdtTNkdmaZ2dl1zIGIIlSJiw9c4LR5nDT8KRV8ACrkVEIoolJ8y4FISHwDpJ7RuhGGV9r3zz7P4Xmfdz7btafEhaUny2%2BoIReCLrQbbv2Fdz3van2NSzuoD7rB%2B0Hral3nVxaDhvti%2FXocbakF3%2FVc13O9%2BgrXcU8NFioQPL236DUW3UbLb3jtFgb6v7OxDgx1wPJT8iw4m9YeOpfAowlk8sNybLYylb70WmIFzZRGzg7elltSFRLJvO1pBz15cMaGMscrD6Dk%2FkwuVP4PMeRT4vzyAKE8OBOJMN%2Bb6QwFYomQPYUinyAWE3A6QaRug7NjAkQMN9Yhk7s3lC7o9hOUVuiU1B7%2FBV5MSe33S5DJ%2FSXBB%2FVbStiMK2kw6JXggwl4f4LUHiIbngMvDhFln4CzR2Th8RpksrduhAJn5Wx3zifgvQlEPAI1Dmz1cQe258CmDhJ2Uo88z%2Bu4LKJudzGKmqwThwFzPdrpedRzgy5sVMkbIUtHiMQIkd5BqnewxUfQ9meYzRKGOTDZlDhv7iBnJYqYoDAEBSUoOEGRERR5uc%2BE8U15lwljQ%2B%2Bs%2Bme1WY5V1t%2Bl%2Byrrx5LspqfkmcoX58JvF7EVn9S77abL2l1K%2Fa4bhm3W7Lb8Zou1vV4nDGnQhuEluDk3W3XIp%2BT5j%2F9Eyqfkf1c%2BR0gPYcQhIv4cqPVAi3HHd0E3x62ui6H8Xm5nsekrKhqRSsBUiTSrIdt2dsUpuTw7kPf1KuLo6Nqnwz%2Bu37%2F0ESJdItUlPuAPCfriznhDFWRvQxWG%2FLieZjzhQ1od71ZGs%2Fj8t6%2FH24XSbHXZjL55JaqAqr33VmyyNSoZl31DvlvijMV6RekoJj%2Btmnfi8KY1m0tWS5uu3Xx1ZTVJdWwMV3ICyo%2Ff20fEp%2BT%2FHz6avcrLwxxcT6BticQekbMAV4eI0h2YdK7eqPPQYs4J0xoKW461H85%2FCk4g4vlMwxLmX3M473fNHfS1D5rdhkxK5LpELkpQMYKxF8dZqo%2Bu%2FfplFV8hFLVxKHRtLxRafFFZe61KG1V6%2BYnThp%2FUO82mS4PFttfp0LgTtvxuL%2FAYpX4r8IOANpGZafT0BfU3AAAA%2F%2F8BAAD%2F%2F%2FLzNG1vBAAA
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RST28bxRuebS39fi0HBPRSiYOPICFnd22vnVaiIoRUEaEpKQhOoNmdtTNkdmaZ2dl1zIGIIlSJiw9c4LR5nDT8KRV8ACrkVEIoolJ8y4FISHwDpJ7RuhGGV9r3zz7P4Xmfdz7btafEhaUny2%2BoIReCLrQbbv2Fdz3van2NSzuoD7rB%2B0Hral3nVxaDhvti%2FXocbakF3%2FVc13O9%2BgrXcU8NFioQPL236DUW3UbLb3jtFgb6v7OxDgx1wPJT8iw4m9YeOpfAowlk8sNybLYylb70WmIFzZRGzg7elltSFRLJvO1pBz15cMaGMscrD6Dk%2FkwuVP4PMeRT4vzyAKE8OBOJMN%2Bb6QwFYomQPYUinyAWE3A6QaRug7NjAkQMN9Yhk7s3lC7o9hOUVuiU1B7%2FBV5MSe33S5DJ%2FSXBB%2FVbStiMK2kw6JXggwl4f4LUHiIbngMvDhFln4CzR2Th8RpksrduhAJn5Wx3zifgvQlEPAI1Dmz1cQe258CmDhJ2Uo88z%2Bu4LKJudzGKmqwThwFzPdrpedRzgy5sVMkbIUtHiMQIkd5BqnewxUfQ9meYzRKGOTDZlDhv7iBnJYqYoDAEBSUoOEGRERR5uc%2BE8U15lwljQ%2B%2Bs%2Bme1WY5V1t%2Bl%2Byrrx5LspqfkmcoX58JvF7EVn9S77abL2l1K%2Fa4bhm3W7Lb8Zou1vV4nDGnQhuEluDk3W3XIp%2BT5j%2F9Eyqfkf1c%2BR0gPYcQhIv4cqPVAi3HHd0E3x62ui6H8Xm5nsekrKhqRSsBUiTSrIdt2dsUpuTw7kPf1KuLo6Nqnwz%2Bu37%2F0ESJdItUlPuAPCfriznhDFWRvQxWG%2FLieZjzhQ1od71ZGs%2Fj8t6%2FH24XSbHXZjL55JaqAqr33VmyyNSoZl31DvlvijMV6RekoJj%2Btmnfi8KY1m0tWS5uu3Xx1ZTVJdWwMV3ICyo%2Ff20fEp%2BT%2FHz6avcrLwxxcT6BticQekbMAV4eI0h2YdK7eqPPQYs4J0xoKW461H85%2FCk4g4vlMwxLmX3M473fNHfS1D5rdhkxK5LpELkpQMYKxF8dZqo%2Bu%2FfplFV8hFLVxKHRtLxRafFFZe61KG1V6%2BYnThp%2FUO82mS4PFttfp0LgTtvxuL%2FAYpX4r8IOANpGZafT0BfU3AAAA%2F%2F8BAAD%2F%2F%2FLzNG1vBAAA HTTP/1.1
Host: diminutioneconomy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://nytesgoal.com/
Cookie: u_pl=17419530; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; nlec8530d58aa280bb5d384234d51f7bba65=[3254335,3254354,3254334,3254345]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Wed, 31 Aug 2022 07:10:40 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: bcac67768c8367f0647f03d70e77f2e6
Strict-Transport-Security: max-age=0; includeSubdomains
diminutioneconomy.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRit3h3QXQ%2Bi5rLgYY4KMunumemZ7ILBGLME42bNKnpSqrt6JuVUV7VVXdOT8WBwRRa8zMGLnjpvko0%2F1kX%2FABeZLIgGhcwtBwOC%2F4GwZ%2BkxOPpBfz%2F6vcP73lef7Nkz4sLS09XX1JALQRebNbf63Nued626waUdVAft4N2gca2q%2B1eXgpr7fPV6HPXUou96ruu5XnWN67ijBoslCJ7eW%2FJqS26t4de8ZgMD%2Ff%2FZWAeGOmD9M%2FI0OJtWHjoL4NEEMvluNTa9TKUvvJJYQTOl0WeHb8qeVLlEMm872kFHHp6zoczJ2gMoeTCTC9X%2FlxjyKXF%2BeoBQHp6LRNjfn%2BkMBWKJkD2BvD9BLCbgdIJI3QZnJwSIGG5sQiZ3byid051%2FUFqiU1J59Bd4PiWV3xcgk%2Fsrgg%2Bqt5SwGVfSYNApwAcT8O4EqT1CNrwAnh8hyj4CZ7%2BRxUcbkMn%2BphEKnBWz3TmfgHcmEPEI1Diw5ccd2I4DmzpI2Gk18jyv5bKIuu2lKKqzVhwGzPVoq%2BNRzw3asFEpb4QsHSESI0R6F6neRY%2BPoO2PMNsFDHNgsilxXt9FnxXIY4LcEOSUIOcEeUaQ94sDJoxvirtMGBt659U%2Fr%2FVirLLuHj1QWTeWZC89I0%2BVvjiXfr2MXnxabTfrLmu2KfXbbhg2Wb3d8OsN1vQ6rTCkQROGF%2BDmwmzVIZ%2BSZz%2F8EymfkseufoqQHsGII0T8GVDrgebjlu%2BCbo8bbRdD%2Ba3cyWLTVVTUIpWAqQJpVkG24%2ByJM3JldiDvyxcRR8fLHw%2F%2FuH5%2F4QNEukCqC7zHHxJ0xZ3xlsrJ%2FpbKDfl%2BM814woe0PN6tjGbxxa9fjXdypdn6qhl99VJUAmV7743YZBtUMi67hnyzwhmL9ZrSUUx%2BWDdvxeFNa7ZXrJY23bj58tp6kurYGK7kBJSfvHOAiE%2FJ4%2B%2F%2FMnuVV4Y9cD2BtgUSe0zOA1wdIUp3YdK5eqMuQos5J0wvIrfFWPvh%2FKfgBCKezzQsYP4zh%2FN%2Bz9xBV%2Fug2W3IpEBfF%2BiLAlSMYOzlcZbq4%2BWfPy%2FjC4SiMg6FruyHQovPSmuXy7Q1M7lM6zD8tNqq110aLDW9VovGrbDhtzuBxyj1G4EfBLSOzEyjJy%2BpvwEAAP%2F%2FAQAA%2F%2F%2BQb5e6bwQAAA%3D%3D
192.243.59.13200 OK 7 B URL HTTP/1.1 diminutioneconomy.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRit3h3QXQ%2Bi5rLgYY4KMunumemZ7ILBGLME42bNKnpSqrt6JuVUV7VVXdOT8WBwRRa8zMGLnjpvko0%2F1kX%2FABeZLIgGhcwtBwOC%2F4GwZ%2BkxOPpBfz%2F6vcP73lef7Nkz4sLS09XX1JALQRebNbf63Nued626waUdVAft4N2gca2q%2B1eXgpr7fPV6HPXUou96ruu5XnWN67ijBoslCJ7eW%2FJqS26t4de8ZgMD%2Ff%2FZWAeGOmD9M%2FI0OJtWHjoL4NEEMvluNTa9TKUvvJJYQTOl0WeHb8qeVLlEMm872kFHHp6zoczJ2gMoeTCTC9X%2FlxjyKXF%2BeoBQHp6LRNjfn%2BkMBWKJkD2BvD9BLCbgdIJI3QZnJwSIGG5sQiZ3byid051%2FUFqiU1J59Bd4PiWV3xcgk%2Fsrgg%2Bqt5SwGVfSYNApwAcT8O4EqT1CNrwAnh8hyj4CZ7%2BRxUcbkMn%2BphEKnBWz3TmfgHcmEPEI1Diw5ccd2I4DmzpI2Gk18jyv5bKIuu2lKKqzVhwGzPVoq%2BNRzw3asFEpb4QsHSESI0R6F6neRY%2BPoO2PMNsFDHNgsilxXt9FnxXIY4LcEOSUIOcEeUaQ94sDJoxvirtMGBt659U%2Fr%2FVirLLuHj1QWTeWZC89I0%2BVvjiXfr2MXnxabTfrLmu2KfXbbhg2Wb3d8OsN1vQ6rTCkQROGF%2BDmwmzVIZ%2BSZz%2F8EymfkseufoqQHsGII0T8GVDrgebjlu%2BCbo8bbRdD%2Ba3cyWLTVVTUIpWAqQJpVkG24%2ByJM3JldiDvyxcRR8fLHw%2F%2FuH5%2F4QNEukCqC7zHHxJ0xZ3xlsrJ%2FpbKDfl%2BM814woe0PN6tjGbxxa9fjXdypdn6qhl99VJUAmV7743YZBtUMi67hnyzwhmL9ZrSUUx%2BWDdvxeFNa7ZXrJY23bj58tp6kurYGK7kBJSfvHOAiE%2FJ4%2B%2F%2FMnuVV4Y9cD2BtgUSe0zOA1wdIUp3YdK5eqMuQos5J0wvIrfFWPvh%2FKfgBCKezzQsYP4zh%2FN%2Bz9xBV%2Fug2W3IpEBfF%2BiLAlSMYOzlcZbq4%2BWfPy%2FjC4SiMg6FruyHQovPSmuXy7Q1M7lM6zD8tNqq110aLDW9VovGrbDhtzuBxyj1G4EfBLSOzEyjJy%2BpvwEAAP%2F%2FAQAA%2F%2F%2BQb5e6bwQAAA%3D%3D
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRit3h3QXQ%2Bi5rLgYY4KMunumemZ7ILBGLME42bNKnpSqrt6JuVUV7VVXdOT8WBwRRa8zMGLnjpvko0%2F1kX%2FABeZLIgGhcwtBwOC%2F4GwZ%2BkxOPpBfz%2F6vcP73lef7Nkz4sLS09XX1JALQRebNbf63Nued626waUdVAft4N2gca2q%2B1eXgpr7fPV6HPXUou96ruu5XnWN67ijBoslCJ7eW%2FJqS26t4de8ZgMD%2Ff%2FZWAeGOmD9M%2FI0OJtWHjoL4NEEMvluNTa9TKUvvJJYQTOl0WeHb8qeVLlEMm872kFHHp6zoczJ2gMoeTCTC9X%2FlxjyKXF%2BeoBQHp6LRNjfn%2BkMBWKJkD2BvD9BLCbgdIJI3QZnJwSIGG5sQiZ3byid051%2FUFqiU1J59Bd4PiWV3xcgk%2Fsrgg%2Bqt5SwGVfSYNApwAcT8O4EqT1CNrwAnh8hyj4CZ7%2BRxUcbkMn%2BphEKnBWz3TmfgHcmEPEI1Diw5ccd2I4DmzpI2Gk18jyv5bKIuu2lKKqzVhwGzPVoq%2BNRzw3asFEpb4QsHSESI0R6F6neRY%2BPoO2PMNsFDHNgsilxXt9FnxXIY4LcEOSUIOcEeUaQ94sDJoxvirtMGBt659U%2Fr%2FVirLLuHj1QWTeWZC89I0%2BVvjiXfr2MXnxabTfrLmu2KfXbbhg2Wb3d8OsN1vQ6rTCkQROGF%2BDmwmzVIZ%2BSZz%2F8EymfkseufoqQHsGII0T8GVDrgebjlu%2BCbo8bbRdD%2Ba3cyWLTVVTUIpWAqQJpVkG24%2ByJM3JldiDvyxcRR8fLHw%2F%2FuH5%2F4QNEukCqC7zHHxJ0xZ3xlsrJ%2FpbKDfl%2BM814woe0PN6tjGbxxa9fjXdypdn6qhl99VJUAmV7743YZBtUMi67hnyzwhmL9ZrSUUx%2BWDdvxeFNa7ZXrJY23bj58tp6kurYGK7kBJSfvHOAiE%2FJ4%2B%2F%2FMnuVV4Y9cD2BtgUSe0zOA1wdIUp3YdK5eqMuQos5J0wvIrfFWPvh%2FKfgBCKezzQsYP4zh%2FN%2Bz9xBV%2Fug2W3IpEBfF%2BiLAlSMYOzlcZbq4%2BWfPy%2FjC4SiMg6FruyHQovPSmuXy7Q1M7lM6zD8tNqq110aLDW9VovGrbDhtzuBxyj1G4EfBLSOzEyjJy%2BpvwEAAP%2F%2FAQAA%2F%2F%2BQb5e6bwQAAA%3D%3D HTTP/1.1
Host: diminutioneconomy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://nytesgoal.com/
Cookie: u_pl=17419530; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; nlec8530d58aa280bb5d384234d51f7bba65=[3254335,3254354,3254334,3254345]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Wed, 31 Aug 2022 07:10:40 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 97a05d5b69e6499422b9c33a834393ee
Strict-Transport-Security: max-age=0; includeSubdomains
diminutioneconomy.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSS2skVRi9lWnQGReiZjPgopcK0qnqd2bAYIwZgnEyZhRdKffVnWtu1S3vrerqtIsJjsiAm1640VXldDLxMQ76AxykMyASFNK4ycKA4D8QZi3VBtv5oL5HnbM43%2Fnup3vpGfGR0tOVN8xAaU0XGhW%2F%2FMK7QXC1vK6itF%2Fut5vvN%2BtXy7Z3ZbFZ8V8sX5N82yxU%2FcD3Az8oryorO6a%2FUIBQ8b3FoLLoV%2BrVStCoo28fn13qwVEPondGnoUSk9JDbx6KjxGF369It52Y%2BKXXwlTTxFj0xOHb0XZksgjhrO1YD53o8JwN405WH8BEB1O5ML3%2FiExNiPfzA7Do8FwkWG9%2FqpNpyAhMPIWsN4bUYyg6Bje3ocQJAbjA9Q1E4d3rxmZ051%2BUFuiElB79DZVNSOmPeUTh%2FWWt%2BuWbRqeJMpFDv5ND9cdQ3THi9AjJYA4qOwJPPoYSv5GFR%2BuIwv0Npw2UyKe7KzWG6oyh5RDUeUiLT3lIOx7S2EMoTss8CIKWLzj124uc10RLsqbwA9rqBDTwm22kvJA3RBIPwfUQ3O4itrvYVkPY9Ce4rRxOeHDJhHhv7qIncmSSIHMEGSXIFEGWEGS9%2FEBoV3X5XaFdyoLzWj2vtXxkku4ePTBJV0ZkLz4jzxS%2BeBd%2FvYRteVpuN2q%2BaLQprbZ9xhqi1q5Xa3XRCDotxmizAadyKDc3XXWgJuT5W38hVhPyxJXPwOgRnD4CV8%2BBpgFoNmpVfdCtUb3tYxB9F%2B0k0nUN1RVuQgiTI05KSHa8PX1GLk8PFHy1CcmPlz4Z%2FHnt%2FvxH4DZHbHN8oB4SdPWd0abJyP6myRz5YSNOVKgGtDjezYQm8sI3r8udzFixtuKGX7%2FCC6Bo770lXbJOI6GiriPfLishpF01lkvy45p7R7IbqdtaTm2Uxus3Xl1dC2MrnVMmGoOqk%2FcOwNWEPPnh79NXeXlwC8qOYdMcYXpMzgPKHIHHu3DxTL0zF2D1jMPiOWRpPrJVNvupFYGWs5myHO5%2FM5v1e%2B4OurYKmtxGFObo2Rw9nYPqIVx6aZTE9njply%2BK%2BBJMl0ZM29I%2B01Z%2FXli7NPW3SC8XaQ1OnZZrvmgx2ZEtJuuNekdywRoN5vMOZzXRbnMkbsKfvmj%2BAQAA%2F%2F8BAAD%2F%2F4MEQFdvBAAA
192.243.59.13200 OK 7 B URL HTTP/1.1 diminutioneconomy.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSS2skVRi9lWnQGReiZjPgopcK0qnqd2bAYIwZgnEyZhRdKffVnWtu1S3vrerqtIsJjsiAm1640VXldDLxMQ76AxykMyASFNK4ycKA4D8QZi3VBtv5oL5HnbM43%2Fnup3vpGfGR0tOVN8xAaU0XGhW%2F%2FMK7QXC1vK6itF%2Fut5vvN%2BtXy7Z3ZbFZ8V8sX5N82yxU%2FcD3Az8oryorO6a%2FUIBQ8b3FoLLoV%2BrVStCoo28fn13qwVEPondGnoUSk9JDbx6KjxGF369It52Y%2BKXXwlTTxFj0xOHb0XZksgjhrO1YD53o8JwN405WH8BEB1O5ML3%2FiExNiPfzA7Do8FwkWG9%2FqpNpyAhMPIWsN4bUYyg6Bje3ocQJAbjA9Q1E4d3rxmZ051%2BUFuiElB79DZVNSOmPeUTh%2FWWt%2BuWbRqeJMpFDv5ND9cdQ3THi9AjJYA4qOwJPPoYSv5GFR%2BuIwv0Npw2UyKe7KzWG6oyh5RDUeUiLT3lIOx7S2EMoTss8CIKWLzj124uc10RLsqbwA9rqBDTwm22kvJA3RBIPwfUQ3O4itrvYVkPY9Ce4rRxOeHDJhHhv7qIncmSSIHMEGSXIFEGWEGS9%2FEBoV3X5XaFdyoLzWj2vtXxkku4ePTBJV0ZkLz4jzxS%2BeBd%2FvYRteVpuN2q%2BaLQprbZ9xhqi1q5Xa3XRCDotxmizAadyKDc3XXWgJuT5W38hVhPyxJXPwOgRnD4CV8%2BBpgFoNmpVfdCtUb3tYxB9F%2B0k0nUN1RVuQgiTI05KSHa8PX1GLk8PFHy1CcmPlz4Z%2FHnt%2FvxH4DZHbHN8oB4SdPWd0abJyP6myRz5YSNOVKgGtDjezYQm8sI3r8udzFixtuKGX7%2FCC6Bo770lXbJOI6GiriPfLishpF01lkvy45p7R7IbqdtaTm2Uxus3Xl1dC2MrnVMmGoOqk%2FcOwNWEPPnh79NXeXlwC8qOYdMcYXpMzgPKHIHHu3DxTL0zF2D1jMPiOWRpPrJVNvupFYGWs5myHO5%2FM5v1e%2B4OurYKmtxGFObo2Rw9nYPqIVx6aZTE9njply%2BK%2BBJMl0ZM29I%2B01Z%2FXli7NPW3SC8XaQ1OnZZrvmgx2ZEtJuuNekdywRoN5vMOZzXRbnMkbsKfvmj%2BAQAA%2F%2F8BAAD%2F%2F4MEQFdvBAAA
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSS2skVRi9lWnQGReiZjPgopcK0qnqd2bAYIwZgnEyZhRdKffVnWtu1S3vrerqtIsJjsiAm1640VXldDLxMQ76AxykMyASFNK4ycKA4D8QZi3VBtv5oL5HnbM43%2Fnup3vpGfGR0tOVN8xAaU0XGhW%2F%2FMK7QXC1vK6itF%2Fut5vvN%2BtXy7Z3ZbFZ8V8sX5N82yxU%2FcD3Az8oryorO6a%2FUIBQ8b3FoLLoV%2BrVStCoo28fn13qwVEPondGnoUSk9JDbx6KjxGF369It52Y%2BKXXwlTTxFj0xOHb0XZksgjhrO1YD53o8JwN405WH8BEB1O5ML3%2FiExNiPfzA7Do8FwkWG9%2FqpNpyAhMPIWsN4bUYyg6Bje3ocQJAbjA9Q1E4d3rxmZ051%2BUFuiElB79DZVNSOmPeUTh%2FWWt%2BuWbRqeJMpFDv5ND9cdQ3THi9AjJYA4qOwJPPoYSv5GFR%2BuIwv0Npw2UyKe7KzWG6oyh5RDUeUiLT3lIOx7S2EMoTss8CIKWLzj124uc10RLsqbwA9rqBDTwm22kvJA3RBIPwfUQ3O4itrvYVkPY9Ce4rRxOeHDJhHhv7qIncmSSIHMEGSXIFEGWEGS9%2FEBoV3X5XaFdyoLzWj2vtXxkku4ePTBJV0ZkLz4jzxS%2BeBd%2FvYRteVpuN2q%2BaLQprbZ9xhqi1q5Xa3XRCDotxmizAadyKDc3XXWgJuT5W38hVhPyxJXPwOgRnD4CV8%2BBpgFoNmpVfdCtUb3tYxB9F%2B0k0nUN1RVuQgiTI05KSHa8PX1GLk8PFHy1CcmPlz4Z%2FHnt%2FvxH4DZHbHN8oB4SdPWd0abJyP6myRz5YSNOVKgGtDjezYQm8sI3r8udzFixtuKGX7%2FCC6Bo770lXbJOI6GiriPfLishpF01lkvy45p7R7IbqdtaTm2Uxus3Xl1dC2MrnVMmGoOqk%2FcOwNWEPPnh79NXeXlwC8qOYdMcYXpMzgPKHIHHu3DxTL0zF2D1jMPiOWRpPrJVNvupFYGWs5myHO5%2FM5v1e%2B4OurYKmtxGFObo2Rw9nYPqIVx6aZTE9njply%2BK%2BBJMl0ZM29I%2B01Z%2FXli7NPW3SC8XaQ1OnZZrvmgx2ZEtJuuNekdywRoN5vMOZzXRbnMkbsKfvmj%2BAQAA%2F%2F8BAAD%2F%2F4MEQFdvBAAA HTTP/1.1
Host: diminutioneconomy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://nytesgoal.com/
Cookie: u_pl=17419530; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; nlec8530d58aa280bb5d384234d51f7bba65=[3254335,3254354,3254334,3254345]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Wed, 31 Aug 2022 07:10:40 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: c6b58435235fe9e1f99db1a30e761659
Strict-Transport-Security: max-age=0; includeSubdomains
diminutioneconomy.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSTWskVRR9NdOgMy5Enc2Ai14qSKeqvzMDDsaYIRgnY0bRlfK%2BqvPMq3rle1VdnXZhcEQG3PTCja4qp5OJH%2BOgP8BBOgOiQSG9y8KA4D8QZi3VBlsv1L331DmLc%2B99n%2Bxmp8RHRk%2BWXzNDpTVdaNX86nNvB8HV6pqKs0F10G2%2F225erdr%2BlcV2zX%2B%2Bel3yLbNQ9wPfD%2FyguqKsDM1goSShknuLQW3RrzXrtaDVxMD%2BH7vMg6MeRP%2BUPA0lppWH3iUoPkEcfbcs3VZqkhdeiTJNU2PRFwdvxluxyWNE8za0HsL44EwN445XHsDE%2BzO7MP1%2FhUxNiffTA7D44MwkWH9v5pNpyBhMPIG8P4HUEyg6ATe3ocQxAbjAjXXE0d0bxuZ0%2Bx%2BWluyUVB79BZVPSeX3S4ij%2B0taDaq3jM5SZWKHQVhADSZQvQmS7BDp8BxUfgiefgQlfiMLj9YQR3vrThsoUcxmV2oCFU6g5QjUecjKT3nIQg9Z4iESJ1UeBEHHF5z63UXOG6IjWVv4Ae2EAQ38dhcZL%2B2NkCYjcD0CtztI7A621Ag2%2BxFus4ATHlw6Jd7rO%2BiLArkkyB1BTglyRZCnBHm%2F2Bfa1V1xV2iXseCs1s9qoxibtLdL903akzHZTU7JU%2BVevAu%2FXsSWPKl2Ww1ftLqU1rs%2BYy3R6DbrjaZoBWGHMdpuwakCyp2bjTpUU%2FLsh38iUVPy2JVPweghnD4EV8%2BAZgFoPu7UfdDNcbPrYxh%2FG2%2Bn0vUM1TVuIghTIEkrSLe9XX1KLs8OFHx5DZIfXft4%2BMf1%2B5c%2BALcFElvgPfWQoKfvjDdMTvY2TO7I9%2BtJqiI1pOXxbqU0lee%2FflVu58aK1WU3%2BuolXhJle%2B8N6dI1GgsV9xz5ZkkJIe2KsVySH1bdW5LdzNzmUmbjLFm7%2BfLKapRY6Zwy8QRUHb%2BzD66m5PH3f5m9ystDDWUnsFmBKDsiZwFlDsGTHbhk7t6Z87B6rmGJhzwrxrbO5j%2B1ItByjikr4P6D2bzfdXfQs3XQ9DbiqEDfFujrAlSP4LKL4zSxR9d%2B%2FryML8B0Zcy0rewxbfVns9WWaaNML5ZpFU6dVBu%2B6DAZyg6TzVYzlFywVov5POSsIbpdjtRN%2BZMXzN8AAAD%2F%2FwEAAP%2F%2FJYeoLW8EAAA%3D
192.243.59.13200 OK 7 B URL HTTP/1.1 diminutioneconomy.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSTWskVRR9NdOgMy5Enc2Ai14qSKeqvzMDDsaYIRgnY0bRlfK%2BqvPMq3rle1VdnXZhcEQG3PTCja4qp5OJH%2BOgP8BBOgOiQSG9y8KA4D8QZi3VBlsv1L331DmLc%2B99n%2Bxmp8RHRk%2BWXzNDpTVdaNX86nNvB8HV6pqKs0F10G2%2F225erdr%2BlcV2zX%2B%2Bel3yLbNQ9wPfD%2FyguqKsDM1goSShknuLQW3RrzXrtaDVxMD%2BH7vMg6MeRP%2BUPA0lppWH3iUoPkEcfbcs3VZqkhdeiTJNU2PRFwdvxluxyWNE8za0HsL44EwN445XHsDE%2BzO7MP1%2FhUxNiffTA7D44MwkWH9v5pNpyBhMPIG8P4HUEyg6ATe3ocQxAbjAjXXE0d0bxuZ0%2Bx%2BWluyUVB79BZVPSeX3S4ij%2B0taDaq3jM5SZWKHQVhADSZQvQmS7BDp8BxUfgiefgQlfiMLj9YQR3vrThsoUcxmV2oCFU6g5QjUecjKT3nIQg9Z4iESJ1UeBEHHF5z63UXOG6IjWVv4Ae2EAQ38dhcZL%2B2NkCYjcD0CtztI7A621Ag2%2BxFus4ATHlw6Jd7rO%2BiLArkkyB1BTglyRZCnBHm%2F2Bfa1V1xV2iXseCs1s9qoxibtLdL903akzHZTU7JU%2BVevAu%2FXsSWPKl2Ww1ftLqU1rs%2BYy3R6DbrjaZoBWGHMdpuwakCyp2bjTpUU%2FLsh38iUVPy2JVPweghnD4EV8%2BAZgFoPu7UfdDNcbPrYxh%2FG2%2Bn0vUM1TVuIghTIEkrSLe9XX1KLs8OFHx5DZIfXft4%2BMf1%2B5c%2BALcFElvgPfWQoKfvjDdMTvY2TO7I9%2BtJqiI1pOXxbqU0lee%2FflVu58aK1WU3%2BuolXhJle%2B8N6dI1GgsV9xz5ZkkJIe2KsVySH1bdW5LdzNzmUmbjLFm7%2BfLKapRY6Zwy8QRUHb%2BzD66m5PH3f5m9ystDDWUnsFmBKDsiZwFlDsGTHbhk7t6Z87B6rmGJhzwrxrbO5j%2B1ItByjikr4P6D2bzfdXfQs3XQ9DbiqEDfFujrAlSP4LKL4zSxR9d%2B%2FryML8B0Zcy0rewxbfVns9WWaaNML5ZpFU6dVBu%2B6DAZyg6TzVYzlFywVov5POSsIbpdjtRN%2BZMXzN8AAAD%2F%2FwEAAP%2F%2FJYeoLW8EAAA%3D
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSTWskVRR9NdOgMy5Enc2Ai14qSKeqvzMDDsaYIRgnY0bRlfK%2BqvPMq3rle1VdnXZhcEQG3PTCja4qp5OJH%2BOgP8BBOgOiQSG9y8KA4D8QZi3VBlsv1L331DmLc%2B99n%2Bxmp8RHRk%2BWXzNDpTVdaNX86nNvB8HV6pqKs0F10G2%2F225erdr%2BlcV2zX%2B%2Bel3yLbNQ9wPfD%2FyguqKsDM1goSShknuLQW3RrzXrtaDVxMD%2BH7vMg6MeRP%2BUPA0lppWH3iUoPkEcfbcs3VZqkhdeiTJNU2PRFwdvxluxyWNE8za0HsL44EwN445XHsDE%2BzO7MP1%2FhUxNiffTA7D44MwkWH9v5pNpyBhMPIG8P4HUEyg6ATe3ocQxAbjAjXXE0d0bxuZ0%2Bx%2BWluyUVB79BZVPSeX3S4ij%2B0taDaq3jM5SZWKHQVhADSZQvQmS7BDp8BxUfgiefgQlfiMLj9YQR3vrThsoUcxmV2oCFU6g5QjUecjKT3nIQg9Z4iESJ1UeBEHHF5z63UXOG6IjWVv4Ae2EAQ38dhcZL%2B2NkCYjcD0CtztI7A621Ag2%2BxFus4ATHlw6Jd7rO%2BiLArkkyB1BTglyRZCnBHm%2F2Bfa1V1xV2iXseCs1s9qoxibtLdL903akzHZTU7JU%2BVevAu%2FXsSWPKl2Ww1ftLqU1rs%2BYy3R6DbrjaZoBWGHMdpuwakCyp2bjTpUU%2FLsh38iUVPy2JVPweghnD4EV8%2BAZgFoPu7UfdDNcbPrYxh%2FG2%2Bn0vUM1TVuIghTIEkrSLe9XX1KLs8OFHx5DZIfXft4%2BMf1%2B5c%2BALcFElvgPfWQoKfvjDdMTvY2TO7I9%2BtJqiI1pOXxbqU0lee%2FflVu58aK1WU3%2BuolXhJle%2B8N6dI1GgsV9xz5ZkkJIe2KsVySH1bdW5LdzNzmUmbjLFm7%2BfLKapRY6Zwy8QRUHb%2BzD66m5PH3f5m9ystDDWUnsFmBKDsiZwFlDsGTHbhk7t6Z87B6rmGJhzwrxrbO5j%2B1ItByjikr4P6D2bzfdXfQs3XQ9DbiqEDfFujrAlSP4LKL4zSxR9d%2B%2FryML8B0Zcy0rewxbfVns9WWaaNML5ZpFU6dVBu%2B6DAZyg6TzVYzlFywVov5POSsIbpdjtRN%2BZMXzN8AAAD%2F%2FwEAAP%2F%2FJYeoLW8EAAA%3D HTTP/1.1
Host: diminutioneconomy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://nytesgoal.com/
Cookie: u_pl=17419530; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; nlec8530d58aa280bb5d384234d51f7bba65=[3254335,3254354,3254334,3254345]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Wed, 31 Aug 2022 07:10:40 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 0c0934c651900301895eb27008df3562
Strict-Transport-Security: max-age=0; includeSubdomains
possessionaddictedflight.com/watch.1073569966017.js?key=c5a970ac1bac2855ca2da085b39fd883&kw=%5B%22nytes%22%2C%22goal%22%2C%22%E2%80%93%22%2C%22all%22%2C%22round%22%2C%22sports%22%5D&refer=http%3A%2F%2Fnytesgoal.com%2F&tz=0&dev=r&res=12.29&uuid=8edd079d-31df-4ddd-9711-081466b22a0b%3A1%3A1&shu=ace4d885b13f511c310584a4adc55895d0aad74919b37d281a3d660cc1f11a6d84b046d5015633cbdccb48ff9aea485cfc87ecb621b256467b8b5c09ebcc21237d4ac0e2b4d03a5c991a0e7da761b0f9c89f5327&pst=1661929900&rmtc=t
192.243.59.20200 OK 2.0 kB URL HTTP/1.1 possessionaddictedflight.com/watch.1073569966017.js?key=c5a970ac1bac2855ca2da085b39fd883&kw=%5B%22nytes%22%2C%22goal%22%2C%22%E2%80%93%22%2C%22all%22%2C%22round%22%2C%22sports%22%5D&refer=http%3A%2F%2Fnytesgoal.com%2F&tz=0&dev=r&res=12.29&uuid=8edd079d-31df-4ddd-9711-081466b22a0b%3A1%3A1&shu=ace4d885b13f511c310584a4adc55895d0aad74919b37d281a3d660cc1f11a6d84b046d5015633cbdccb48ff9aea485cfc87ecb621b256467b8b5c09ebcc21237d4ac0e2b4d03a5c991a0e7da761b0f9c89f5327&pst=1661929900&rmtc=t
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document, ASCII text, with very long lines (2472)
Hash 957c52433e64146eb70e7eb2a16a1013
72f42d708da84e0136849cd70e94866e3dbd0771
214fdf1b53b1e5f365a4a79688d3b342fb83a079cf327cd7844ca74de6cf1645
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.1073569966017.js?key=c5a970ac1bac2855ca2da085b39fd883&kw=%5B%22nytes%22%2C%22goal%22%2C%22%E2%80%93%22%2C%22all%22%2C%22round%22%2C%22sports%22%5D&refer=http%3A%2F%2Fnytesgoal.com%2F&tz=0&dev=r&res=12.29&uuid=8edd079d-31df-4ddd-9711-081466b22a0b%3A1%3A1&shu=ace4d885b13f511c310584a4adc55895d0aad74919b37d281a3d660cc1f11a6d84b046d5015633cbdccb48ff9aea485cfc87ecb621b256467b8b5c09ebcc21237d4ac0e2b4d03a5c991a0e7da761b0f9c89f5327&pst=1661929900&rmtc=t HTTP/1.1
Host: possessionaddictedflight.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://nytesgoal.com
Referer: http://nytesgoal.com/
Connection: keep-alive
Cookie: u_pl=17426916; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzQyNjkxNiwiayI6IjlkODM3Y2IxZDk3NGMyMjVmMTA1OTlkZWQyODExNTIxIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxODY3NzQ4LCJwaWQiOjQ3MzczOSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxOSwiYWlkIjoyNiwicHQiOjQsInBrIjoibm1ibTkwZXhwMyIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo3OTk1NDE5NiwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMTY2NzAsImJuIjoiRmlyZWZveCIsImJ2IjoiOTYuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cDovL255dGVzZ29hbC5jb20vIn19.WpSLn5_0rECw2Rwc31XkHKB-yUs-Ay3y0LUBJcMcNqk
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Wed, 31 Aug 2022 07:10:40 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://nytesgoal.com
Access-Control-Allow-Origin: http://nytesgoal.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=17426916,17426926; expires=Thu, 01 Sep 2022 07:10:40 GMT; secure; SameSite=None
uid_id2=8edd079d-31df-4ddd-9711-081466b22a0b:1:1; expires=Wed, 07 Sep 2022 07:10:40 GMT; secure; SameSite=None
pdhtkv=true; expires=Thu, 01 Sep 2022 07:10:40 GMT; secure; SameSite=None
uncs=1; expires=Thu, 01 Sep 2022 07:10:40 GMT; secure; SameSite=None
pdhtkv5=true; expires=Thu, 01 Sep 2022 07:10:40 GMT; secure; SameSite=None
uncs5=1; expires=Thu, 01 Sep 2022 07:10:40 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ac9df9271ee7fa7cbbef24e70fa2cc9b
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
diminutioneconomy.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSS2skVRi9NdOgMy5EzWbARS8VpFPV78yAwRgzBONkzCi6Uu6rO9e%2BVbe8t6qr0y4MjsiAm1640VXldDLxMQ76AxykMyAaFNK7LAwI%2FgNh1lJtsPWD%2Bh51zuJ857uf7KVnxEdKT1dfM0OlNV1sVPzyc28HwbXyhorSQXnQbr7brF8r2%2F7VpWbFf758XfKeWaz6ge8HflBeU1Z2zGCxAKHie0tBZcmv1KuVoFHHwP5%2FdqkHRz2I%2Fhl5GkpMSw%2B9BSg%2BQRR%2BtypdLzHxC6%2BEqaaJseiLwzejXmSyCOG87VgPnejwnA3jTtYewEQHM7kw%2FX%2BJTE2J99MDsOjwXCRYf3%2Bmk2nICEw8gaw%2FgdQTKDoBN7ehxAkBuMCNTUTh3RvGZnTnH5QW6JSUHv0FlU1J6fcFROH9Fa0G5VtGp4kykcOgk0MNJlDdCeL0CMnwAlR2BJ58BCV%2BI4uPNhCF%2B5tOGyiRz3ZXagLVmUDLEajzkBaf8pB2PKSxh1CclnkQBC1fcOq3lziviZZkTeEHtNUJaOA320h5IW%2BEJB6B6xG43UVsd9FTI9j0R7jtHE54cMmUeK%2Fvoi9yZJIgcwQZJcgUQZYQZP38QGhXdfldoV3KgvNaPa%2B1fGyS7h49MElXRmQvPiNPFb54l369jJ48LbcbNV802pRW2z5jDVFr16u1umgEnRZjtNmAUzmUuzBbdaim5NkP%2F0SspuSxq5%2BC0SM4fQSungFNA9Bs3Kr6oNvjetvHMPo22kmk6xqqK9yEECZHnJSQ7Hh7%2BoxcmR0o%2BPJFSH68%2FPHwj%2Bv3Fz4Atzlim%2BM99ZCgq%2B%2BMt0xG9rdM5sj3m3GiQjWkxfFuJTSRF79%2BVe5kxor1VTf66iVeAEV77w3pkg0aCRV1HflmRQkh7ZqxXJIf1t1bkt1M3fZKaqM03rj58tp6GFvpnDLRBFSdvHMArqbk8fd%2Fmb3KK8MelJ3ApjnC9JicB5Q5Ao934eK5emcuwuo5h8UXkaX52FbZ%2FKdWBFrOZ8pyuP%2FMbN7vuTvo2ipochtRmKNvc%2FR1DqpHcOnlcRLb4%2BWfPy%2FiCzBdGjNtS%2FtMW%2F1ZYe1ykbZmJhdpHU6dlmu%2BaDHZkS0m6416R3LBGg3m8w5nNdFucyRuyp%2B8ZP4GAAD%2F%2FwEAAP%2F%2FELtCUm8EAAA%3D
192.243.59.13200 OK 7 B URL HTTP/1.1 diminutioneconomy.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSS2skVRi9NdOgMy5EzWbARS8VpFPV78yAwRgzBONkzCi6Uu6rO9e%2BVbe8t6qr0y4MjsiAm1640VXldDLxMQ76AxykMyAaFNK7LAwI%2FgNh1lJtsPWD%2Bh51zuJ857uf7KVnxEdKT1dfM0OlNV1sVPzyc28HwbXyhorSQXnQbr7brF8r2%2F7VpWbFf758XfKeWaz6ge8HflBeU1Z2zGCxAKHie0tBZcmv1KuVoFHHwP5%2FdqkHRz2I%2Fhl5GkpMSw%2B9BSg%2BQRR%2BtypdLzHxC6%2BEqaaJseiLwzejXmSyCOG87VgPnejwnA3jTtYewEQHM7kw%2FX%2BJTE2J99MDsOjwXCRYf3%2Bmk2nICEw8gaw%2FgdQTKDoBN7ehxAkBuMCNTUTh3RvGZnTnH5QW6JSUHv0FlU1J6fcFROH9Fa0G5VtGp4kykcOgk0MNJlDdCeL0CMnwAlR2BJ58BCV%2BI4uPNhCF%2B5tOGyiRz3ZXagLVmUDLEajzkBaf8pB2PKSxh1CclnkQBC1fcOq3lziviZZkTeEHtNUJaOA320h5IW%2BEJB6B6xG43UVsd9FTI9j0R7jtHE54cMmUeK%2Fvoi9yZJIgcwQZJcgUQZYQZP38QGhXdfldoV3KgvNaPa%2B1fGyS7h49MElXRmQvPiNPFb54l369jJ48LbcbNV802pRW2z5jDVFr16u1umgEnRZjtNmAUzmUuzBbdaim5NkP%2F0SspuSxq5%2BC0SM4fQSungFNA9Bs3Kr6oNvjetvHMPo22kmk6xqqK9yEECZHnJSQ7Hh7%2BoxcmR0o%2BPJFSH68%2FPHwj%2Bv3Fz4Atzlim%2BM99ZCgq%2B%2BMt0xG9rdM5sj3m3GiQjWkxfFuJTSRF79%2BVe5kxor1VTf66iVeAEV77w3pkg0aCRV1HflmRQkh7ZqxXJIf1t1bkt1M3fZKaqM03rj58tp6GFvpnDLRBFSdvHMArqbk8fd%2Fmb3KK8MelJ3ApjnC9JicB5Q5Ao934eK5emcuwuo5h8UXkaX52FbZ%2FKdWBFrOZ8pyuP%2FMbN7vuTvo2ipochtRmKNvc%2FR1DqpHcOnlcRLb4%2BWfPy%2FiCzBdGjNtS%2FtMW%2F1ZYe1ykbZmJhdpHU6dlmu%2BaDHZkS0m6416R3LBGg3m8w5nNdFucyRuyp%2B8ZP4GAAD%2F%2FwEAAP%2F%2FELtCUm8EAAA%3D
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSS2skVRi9NdOgMy5EzWbARS8VpFPV78yAwRgzBONkzCi6Uu6rO9e%2BVbe8t6qr0y4MjsiAm1640VXldDLxMQ76AxykMyAaFNK7LAwI%2FgNh1lJtsPWD%2Bh51zuJ857uf7KVnxEdKT1dfM0OlNV1sVPzyc28HwbXyhorSQXnQbr7brF8r2%2F7VpWbFf758XfKeWaz6ge8HflBeU1Z2zGCxAKHie0tBZcmv1KuVoFHHwP5%2FdqkHRz2I%2Fhl5GkpMSw%2B9BSg%2BQRR%2BtypdLzHxC6%2BEqaaJseiLwzejXmSyCOG87VgPnejwnA3jTtYewEQHM7kw%2FX%2BJTE2J99MDsOjwXCRYf3%2Bmk2nICEw8gaw%2FgdQTKDoBN7ehxAkBuMCNTUTh3RvGZnTnH5QW6JSUHv0FlU1J6fcFROH9Fa0G5VtGp4kykcOgk0MNJlDdCeL0CMnwAlR2BJ58BCV%2BI4uPNhCF%2B5tOGyiRz3ZXagLVmUDLEajzkBaf8pB2PKSxh1CclnkQBC1fcOq3lziviZZkTeEHtNUJaOA320h5IW%2BEJB6B6xG43UVsd9FTI9j0R7jtHE54cMmUeK%2Fvoi9yZJIgcwQZJcgUQZYQZP38QGhXdfldoV3KgvNaPa%2B1fGyS7h49MElXRmQvPiNPFb54l369jJ48LbcbNV802pRW2z5jDVFr16u1umgEnRZjtNmAUzmUuzBbdaim5NkP%2F0SspuSxq5%2BC0SM4fQSungFNA9Bs3Kr6oNvjetvHMPo22kmk6xqqK9yEECZHnJSQ7Hh7%2BoxcmR0o%2BPJFSH68%2FPHwj%2Bv3Fz4Atzlim%2BM99ZCgq%2B%2BMt0xG9rdM5sj3m3GiQjWkxfFuJTSRF79%2BVe5kxor1VTf66iVeAEV77w3pkg0aCRV1HflmRQkh7ZqxXJIf1t1bkt1M3fZKaqM03rj58tp6GFvpnDLRBFSdvHMArqbk8fd%2Fmb3KK8MelJ3ApjnC9JicB5Q5Ao934eK5emcuwuo5h8UXkaX52FbZ%2FKdWBFrOZ8pyuP%2FMbN7vuTvo2ipochtRmKNvc%2FR1DqpHcOnlcRLb4%2BWfPy%2FiCzBdGjNtS%2FtMW%2F1ZYe1ykbZmJhdpHU6dlmu%2BaDHZkS0m6416R3LBGg3m8w5nNdFucyRuyp%2B8ZP4GAAD%2F%2FwEAAP%2F%2FELtCUm8EAAA%3D HTTP/1.1
Host: diminutioneconomy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://nytesgoal.com/
Cookie: u_pl=17419530; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; nlec8530d58aa280bb5d384234d51f7bba65=[3254335,3254354,3254334,3254345]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Wed, 31 Aug 2022 07:10:40 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 7af4e0565cd97b56a918709a9a8cc0d9
Strict-Transport-Security: max-age=0; includeSubdomains
possessionaddictedflight.com/watch.324931473754.js?key=9d837cb1d974c225f10599ded2811521&kw=%5B%22nytes%22%2C%22goal%22%2C%22%E2%80%93%22%2C%22all%22%2C%22round%22%2C%22sports%22%5D&refer=http%3A%2F%2Fnytesgoal.com%2F&tz=0&dev=r&res=12.29&uuid=8edd079d-31df-4ddd-9711-081466b22a0b%3A1%3A1&shu=a65ac27f908bc64c2f35aa7610d2e4ef00ac138f7acad8ab183e2ecd796f02dbd2a50e29787a3021f6f5fc98b3b3754c7c051a2330719b0f9dd3fe6aba3c60816c33756bcf87a7482b108de5fe73b3e2723cac54&pst=1661929900&rmtc=t
192.243.59.20200 OK 2.0 kB URL HTTP/1.1 possessionaddictedflight.com/watch.324931473754.js?key=9d837cb1d974c225f10599ded2811521&kw=%5B%22nytes%22%2C%22goal%22%2C%22%E2%80%93%22%2C%22all%22%2C%22round%22%2C%22sports%22%5D&refer=http%3A%2F%2Fnytesgoal.com%2F&tz=0&dev=r&res=12.29&uuid=8edd079d-31df-4ddd-9711-081466b22a0b%3A1%3A1&shu=a65ac27f908bc64c2f35aa7610d2e4ef00ac138f7acad8ab183e2ecd796f02dbd2a50e29787a3021f6f5fc98b3b3754c7c051a2330719b0f9dd3fe6aba3c60816c33756bcf87a7482b108de5fe73b3e2723cac54&pst=1661929900&rmtc=t
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document, ASCII text, with very long lines (2456)
Hash a10a57eb2dd8fb19cad1b84391094aec
dd5c147b17147962372bf58e6bd9df9871ff4ad7
0eda6f15be7ef6707d0dada9bd458a9bf28c6c1583cb05210fca1947e13af845
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.324931473754.js?key=9d837cb1d974c225f10599ded2811521&kw=%5B%22nytes%22%2C%22goal%22%2C%22%E2%80%93%22%2C%22all%22%2C%22round%22%2C%22sports%22%5D&refer=http%3A%2F%2Fnytesgoal.com%2F&tz=0&dev=r&res=12.29&uuid=8edd079d-31df-4ddd-9711-081466b22a0b%3A1%3A1&shu=a65ac27f908bc64c2f35aa7610d2e4ef00ac138f7acad8ab183e2ecd796f02dbd2a50e29787a3021f6f5fc98b3b3754c7c051a2330719b0f9dd3fe6aba3c60816c33756bcf87a7482b108de5fe73b3e2723cac54&pst=1661929900&rmtc=t HTTP/1.1
Host: possessionaddictedflight.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://nytesgoal.com
Referer: http://nytesgoal.com/
Connection: keep-alive
Cookie: u_pl=17426916; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzQyNjkxNiwiayI6IjlkODM3Y2IxZDk3NGMyMjVmMTA1OTlkZWQyODExNTIxIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxODY3NzQ4LCJwaWQiOjQ3MzczOSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxOSwiYWlkIjoyNiwicHQiOjQsInBrIjoibm1ibTkwZXhwMyIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo3OTk1NDE5NiwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMTY2NzAsImJuIjoiRmlyZWZveCIsImJ2IjoiOTYuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cDovL255dGVzZ29hbC5jb20vIn19.WpSLn5_0rECw2Rwc31XkHKB-yUs-Ay3y0LUBJcMcNqk
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Wed, 31 Aug 2022 07:10:40 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://nytesgoal.com
Access-Control-Allow-Origin: http://nytesgoal.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=8edd079d-31df-4ddd-9711-081466b22a0b:1:1; expires=Wed, 07 Sep 2022 07:10:40 GMT; secure; SameSite=None
pdhtkv=true; expires=Thu, 01 Sep 2022 07:10:40 GMT; secure; SameSite=None
uncs=1; expires=Thu, 01 Sep 2022 07:10:40 GMT; secure; SameSite=None
pdhtkv26=true; expires=Thu, 01 Sep 2022 07:10:40 GMT; secure; SameSite=None
uncs26=1; expires=Thu, 01 Sep 2022 07:10:40 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 83ec1902157b8bca4e016dbba3dcec84
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
diminutioneconomy.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSzWtc1Rs%2Btx34%2FVoXonZTcDFLBZncO99pwWKMKcHY1FTRlXK%2BZnLMufdcz7kfk3FhsCIFN7Nwo6ubZ5LGj1r0D7DIpCASLGR2WRgQ%2FA%2BEruVOg6Mv3PfjPs%2FieZ%2F3fLabnhIfKT1ZfsMMldZ0oVXzqy%2B8GwRXq2sqSgfVQbf9frt5tWqzK4vtmv9i9brkW2ah7ge%2BH%2FhBdUVZ2TODhRKEiu8tBrVFv9as14JWEwP739mlHhz1ILJT8iyUmFYeepeg%2BARR%2BMOydFuJiV96LUw1TYxFJg7ejrYik0cI523PeuhFB2dsGHe88gAm2p%2FJhcn%2BITI1Jd4vD8CigzORYNneTCfTkBGYeAp5NoHUEyg6ATe3ocQxAbjAjXVE4d0bxuZ0%2BwlKS3RKKo%2F%2FgsqnpPL7JUTh%2FSWtBtVbRqeJMpHDoFdADSZQ%2FQni9BDJ8BxUfgiefAIlHpGFx2uIwr11pw2UKGa7KzWB6k2g5QjUeUjLT3lIex7S2EMoTqo8CIKOLzj1u4ucN0RHsrbwA9rpBTTw212kvJQ3QhKPwPUI3O4gtjvYUiPY9Ge4zQJOeHDJlHhv7iATBXJJkDuCnBLkiiBPCPKs2Bfa1V1xV2iXsuCs1s9qoxibpL9L903SlxHZjU%2FJM6Uv3oXfLmJLnlS7rYYvWl1K612fsZZodJv1RlO0gl6HMdpuwakCyp2brTpUU%2FL8x38iVlPyvyufg9FDOH0Irp4DTQPQfNyp%2B6Cb42bXxzD6PtpOpOsbqmvchBCmQJxUkGx7u%2FqUXJ4dKPh6FZIfXft0%2BMf1%2B5c%2BArcFYlvgA%2FWQoK%2FvjDdMTvY2TO7Ij%2BtxokI1pOXxbiU0kee%2FfV1u58aK1WU3%2BuYVXgJle%2B8t6ZI1GgkV9R35bkkJIe2KsVySn1bdO5LdTN3mUmqjNF67%2BerKahhb6Zwy0QRUHb%2B3D66m5P8fPpq9ysvDDMpOYNMCYXpEzgLKHILHO3DxXL0z52H1nMPiCvK0GNs6m%2F%2FUikDL%2BUxZAfevmc37XXcHfVsHTW4jCgtktkCmC1A9gksvjpPYHl379csyvgLTlTHTtrLHtNVflNZeK9NGmV5%2B4rRTJ9WGLzpM9mSHyWar2ZNcsFaL%2BbzHWUN0uxyJm%2FKnL5i%2FAQAA%2F%2F8BAAD%2F%2F3In4YVvBAAA
192.243.59.13200 OK 7 B URL HTTP/1.1 diminutioneconomy.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSzWtc1Rs%2Btx34%2FVoXonZTcDFLBZncO99pwWKMKcHY1FTRlXK%2BZnLMufdcz7kfk3FhsCIFN7Nwo6ubZ5LGj1r0D7DIpCASLGR2WRgQ%2FA%2BEruVOg6Mv3PfjPs%2FieZ%2F3fLabnhIfKT1ZfsMMldZ0oVXzqy%2B8GwRXq2sqSgfVQbf9frt5tWqzK4vtmv9i9brkW2ah7ge%2BH%2FhBdUVZ2TODhRKEiu8tBrVFv9as14JWEwP739mlHhz1ILJT8iyUmFYeepeg%2BARR%2BMOydFuJiV96LUw1TYxFJg7ejrYik0cI523PeuhFB2dsGHe88gAm2p%2FJhcn%2BITI1Jd4vD8CigzORYNneTCfTkBGYeAp5NoHUEyg6ATe3ocQxAbjAjXVE4d0bxuZ0%2BwlKS3RKKo%2F%2FgsqnpPL7JUTh%2FSWtBtVbRqeJMpHDoFdADSZQ%2FQni9BDJ8BxUfgiefAIlHpGFx2uIwr11pw2UKGa7KzWB6k2g5QjUeUjLT3lIex7S2EMoTqo8CIKOLzj1u4ucN0RHsrbwA9rpBTTw212kvJQ3QhKPwPUI3O4gtjvYUiPY9Ge4zQJOeHDJlHhv7iATBXJJkDuCnBLkiiBPCPKs2Bfa1V1xV2iXsuCs1s9qoxibpL9L903SlxHZjU%2FJM6Uv3oXfLmJLnlS7rYYvWl1K612fsZZodJv1RlO0gl6HMdpuwakCyp2brTpUU%2FL8x38iVlPyvyufg9FDOH0Irp4DTQPQfNyp%2B6Cb42bXxzD6PtpOpOsbqmvchBCmQJxUkGx7u%2FqUXJ4dKPh6FZIfXft0%2BMf1%2B5c%2BArcFYlvgA%2FWQoK%2FvjDdMTvY2TO7Ij%2BtxokI1pOXxbiU0kee%2FfV1u58aK1WU3%2BuYVXgJle%2B8t6ZI1GgkV9R35bkkJIe2KsVySn1bdO5LdTN3mUmqjNF67%2BerKahhb6Zwy0QRUHb%2B3D66m5P8fPpq9ysvDDMpOYNMCYXpEzgLKHILHO3DxXL0z52H1nMPiCvK0GNs6m%2F%2FUikDL%2BUxZAfevmc37XXcHfVsHTW4jCgtktkCmC1A9gksvjpPYHl379csyvgLTlTHTtrLHtNVflNZeK9NGmV5%2B4rRTJ9WGLzpM9mSHyWar2ZNcsFaL%2BbzHWUN0uxyJm%2FKnL5i%2FAQAA%2F%2F8BAAD%2F%2F3In4YVvBAAA
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSzWtc1Rs%2Btx34%2FVoXonZTcDFLBZncO99pwWKMKcHY1FTRlXK%2BZnLMufdcz7kfk3FhsCIFN7Nwo6ubZ5LGj1r0D7DIpCASLGR2WRgQ%2FA%2BEruVOg6Mv3PfjPs%2FieZ%2F3fLabnhIfKT1ZfsMMldZ0oVXzqy%2B8GwRXq2sqSgfVQbf9frt5tWqzK4vtmv9i9brkW2ah7ge%2BH%2FhBdUVZ2TODhRKEiu8tBrVFv9as14JWEwP739mlHhz1ILJT8iyUmFYeepeg%2BARR%2BMOydFuJiV96LUw1TYxFJg7ejrYik0cI523PeuhFB2dsGHe88gAm2p%2FJhcn%2BITI1Jd4vD8CigzORYNneTCfTkBGYeAp5NoHUEyg6ATe3ocQxAbjAjXVE4d0bxuZ0%2BwlKS3RKKo%2F%2FgsqnpPL7JUTh%2FSWtBtVbRqeJMpHDoFdADSZQ%2FQni9BDJ8BxUfgiefAIlHpGFx2uIwr11pw2UKGa7KzWB6k2g5QjUeUjLT3lIex7S2EMoTqo8CIKOLzj1u4ucN0RHsrbwA9rpBTTw212kvJQ3QhKPwPUI3O4gtjvYUiPY9Ge4zQJOeHDJlHhv7iATBXJJkDuCnBLkiiBPCPKs2Bfa1V1xV2iXsuCs1s9qoxibpL9L903SlxHZjU%2FJM6Uv3oXfLmJLnlS7rYYvWl1K612fsZZodJv1RlO0gl6HMdpuwakCyp2brTpUU%2FL8x38iVlPyvyufg9FDOH0Irp4DTQPQfNyp%2B6Cb42bXxzD6PtpOpOsbqmvchBCmQJxUkGx7u%2FqUXJ4dKPh6FZIfXft0%2BMf1%2B5c%2BArcFYlvgA%2FWQoK%2FvjDdMTvY2TO7Ij%2BtxokI1pOXxbiU0kee%2FfV1u58aK1WU3%2BuYVXgJle%2B8t6ZI1GgkV9R35bkkJIe2KsVySn1bdO5LdTN3mUmqjNF67%2BerKahhb6Zwy0QRUHb%2B3D66m5P8fPpq9ysvDDMpOYNMCYXpEzgLKHILHO3DxXL0z52H1nMPiCvK0GNs6m%2F%2FUikDL%2BUxZAfevmc37XXcHfVsHTW4jCgtktkCmC1A9gksvjpPYHl379csyvgLTlTHTtrLHtNVflNZeK9NGmV5%2B4rRTJ9WGLzpM9mSHyWar2ZNcsFaL%2BbzHWUN0uxyJm%2FKnL5i%2FAQAA%2F%2F8BAAD%2F%2F3In4YVvBAAA HTTP/1.1
Host: diminutioneconomy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://nytesgoal.com/
Cookie: u_pl=17419530; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1; nlec8530d58aa280bb5d384234d51f7bba65=[3254335,3254354,3254334,3254345]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Wed, 31 Aug 2022 07:10:40 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 17177f4fb85a665ef8d8b76cbf7e4ce9
Strict-Transport-Security: max-age=0; includeSubdomains
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 44f5b82c370258db6b5e292381511843
d0753817b1ca79ca8fa4d15b58acabb7bf2bbfc1
a3b28fba3beddb8b9041f48c3fa062913ea5bb82fb3a6c7a3b76ea874d8f0112
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A3B28FBA3BEDDB8B9041F48C3FA062913EA5BB82FB3A6C7A3B76EA874D8F0112"
Last-Modified: Tue, 30 Aug 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4190
Expires: Wed, 31 Aug 2022 08:20:30 GMT
Date: Wed, 31 Aug 2022 07:10:40 GMT
Connection: keep-alive
cdn.cloudimagesb.com/cti/7f/17/5a/7f175ae83b480b2a0af0c355f8843c70/1627916108.png
45.133.44.9200 OK 20 kB URL HTTP/2 cdn.cloudimagesb.com/cti/7f/17/5a/7f175ae83b480b2a0af0c355f8843c70/1627916108.png
IP 45.133.44.9:0
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 320 x 50, 8-bit/color RGB, non-interlaced\012- data
Hash 5f3ab32ca06df0759e895b9445c491a5
2b95dabc7bf6288fc1cce7383ec7183db0f504c4
f590884a93d3d362bef6712b73e9a725cca99b18f725b1e6a8b92bac60249dc5
GET /cti/7f/17/5a/7f175ae83b480b2a0af0c355f8843c70/1627916108.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 31 Aug 2022 07:10:40 GMT
content-type: image/png
content-length: 19457
server: nginx/1.17.6
last-modified: Mon, 02 Aug 2021 14:55:18 GMT
etag: "61080756-4c01"
expires: Fri, 02 Sep 2022 07:10:40 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
youradexchange.com/script/push.php?r=6118290&ipp=1&mads=2&position=top&cbpage=http%3A%2F%2Fnytesgoal.com%2F&cbref=
35.190.41.116200 OK 1.1 kB URL HTTP/1.1 youradexchange.com/script/push.php?r=6118290&ipp=1&mads=2&position=top&cbpage=http%3A%2F%2Fnytesgoal.com%2F&cbref=
IP 35.190.41.116:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (1465)
Hash 64a52d151960731a33c84fc51356def9
7706b5873a1af153bbcb250cb9d68de22ce6a233
d4ae06a6df04541a740ab6e7c4e20abac87e3245d995660162f95f55564cbd3d
GET /script/push.php?r=6118290&ipp=1&mads=2&position=top&cbpage=http%3A%2F%2Fnytesgoal.com%2F&cbref= HTTP/1.1
Host: youradexchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://nytesgoal.com/
Origin: http://nytesgoal.com
Connection: keep-alive
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 31 Aug 2022 07:10:40 GMT
Content-Type: application/json; charset=utf-8
Transfer-Encoding: chunked
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 google
cdn.cloudimagesb.com/695/23a/2f1/mc_ns_26.06.2018_468x60_4_en.jpg
45.133.44.9200 OK 44 kB URL HTTP/2 cdn.cloudimagesb.com/695/23a/2f1/mc_ns_26.06.2018_468x60_4_en.jpg
IP 45.133.44.9:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 468x60, components 3\012- data
Hash 8d88cc38b6012dd1344e8e5f513cfb8d
6a0afc5301af9c06ac2793f38c52e6ecb828ae00
264ec52472af81300ef33bb0343d512f9df48fbab863855fe9db250cf6b56e97
GET /695/23a/2f1/mc_ns_26.06.2018_468x60_4_en.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 31 Aug 2022 07:10:40 GMT
content-type: image/jpeg
content-length: 44549
server: nginx/1.17.6
last-modified: Tue, 24 Sep 2019 10:48:54 GMT
etag: "5d89f496-ae05"
expires: Fri, 02 Sep 2022 07:10:40 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
obituaryfuneral.com/watch.84291211926.js?key=3c4c10986549ae28f8e5d4cfef45eea8&kw=%5B%22nytes%22%2C%22goal%22%2C%22%E2%80%93%22%2C%22all%22%2C%22round%22%2C%22sports%22%5D&refer=http%3A%2F%2Fnytesgoal.com%2F&tz=0&dev=r&res=12.29&uuid=8edd079d-31df-4ddd-9711-081466b22a0b%3A1%3A1
192.243.59.12307 Temporary Redirect 0 B URL HTTP/1.1 obituaryfuneral.com/watch.84291211926.js?key=3c4c10986549ae28f8e5d4cfef45eea8&kw=%5B%22nytes%22%2C%22goal%22%2C%22%E2%80%93%22%2C%22all%22%2C%22round%22%2C%22sports%22%5D&refer=http%3A%2F%2Fnytesgoal.com%2F&tz=0&dev=r&res=12.29&uuid=8edd079d-31df-4ddd-9711-081466b22a0b%3A1%3A1
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.84291211926.js?key=3c4c10986549ae28f8e5d4cfef45eea8&kw=%5B%22nytes%22%2C%22goal%22%2C%22%E2%80%93%22%2C%22all%22%2C%22round%22%2C%22sports%22%5D&refer=http%3A%2F%2Fnytesgoal.com%2F&tz=0&dev=r&res=12.29&uuid=8edd079d-31df-4ddd-9711-081466b22a0b%3A1%3A1 HTTP/1.1
Host: obituaryfuneral.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://nytesgoal.com
Connection: keep-alive
Referer: http://nytesgoal.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.17.6
Date: Wed, 31 Aug 2022 07:10:40 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://nytesgoal.com
Access-Control-Allow-Origin: http://nytesgoal.com
Access-Control-Allow-Credentials: true
Location: https://obituaryfuneral.com/watch.84291211926.js?key=3c4c10986549ae28f8e5d4cfef45eea8&kw=%5B%22nytes%22%2C%22goal%22%2C%22%E2%80%93%22%2C%22all%22%2C%22round%22%2C%22sports%22%5D&refer=http%3A%2F%2Fnytesgoal.com%2F&tz=0&dev=r&res=12.29&uuid=8edd079d-31df-4ddd-9711-081466b22a0b%3A1%3A1&shu=6ca3d4131124c9267e57bab07c613b9ac5296503e71296aacf6e19785e7ccdaaad4485ea8db761ca80ca7432b1231cffe8ad5855d5257103961ac46fba8d5d8f20ec67a0c183dd8571e532d57f3f3de080b70a23&pst=1661929900&rmtc=t
Set-Cookie: u_pl=17423614; expires=Thu, 01 Sep 2022 07:10:40 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzQyMzYxNCwiayI6IjNjNGMxMDk4NjU0OWFlMjhmOGU1ZDRjZmVmNDVlZWE4Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxODY3NzQ4LCJwaWQiOjQ3MzczOSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxOSwiYWlkIjoyMywicHQiOjQsInBrIjoiY2FzNm1xcXVwcCIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo3OTk1NDE5NiwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMTY2NzAsImJuIjoiRmlyZWZveCIsImJ2IjoiOTYuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cDovL255dGVzZ29hbC5jb20vIn19.7y0KHcdf7f28XB9Ylzi8-0ThIcHrPEzCtSxts4TOd7I; expires=Wed, 31 Aug 2022 07:11:40 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ef35d1f7e8c67b7a3d0a0af878505fc6
Strict-Transport-Security: max-age=0; includeSubdomains
cdn.cloudimagesb.com/1/template/1/973355/1571930000/123.jpg
45.133.44.9200 OK 77 kB URL HTTP/2 cdn.cloudimagesb.com/1/template/1/973355/1571930000/123.jpg
IP 45.133.44.9:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 160x300, components 3\012- data
Hash b5baa29585946a73b8cd09479212955f
4594f7296a7c18dc4d6dafe294a615743c48739f
8a7df88f21acab0e9343ec5c3ac4b11cd2e4af2a5a2de0456be0f489993b4d7b
GET /1/template/1/973355/1571930000/123.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 31 Aug 2022 07:10:40 GMT
content-type: image/jpeg
content-length: 76697
server: nginx/1.17.6
last-modified: Thu, 24 Oct 2019 15:13:22 GMT
etag: "5db1bf92-12b99"
expires: Fri, 02 Sep 2022 07:10:40 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.cloudimagesb.com/3ac/48e/797/mc_na_09.07.2018_300x250_13_en.gif
45.133.44.9200 OK 620 kB URL HTTP/2 cdn.cloudimagesb.com/3ac/48e/797/mc_na_09.07.2018_300x250_13_en.gif
IP 45.133.44.9:0
ASN #39572 DataWeb Global Group B.V.
File type GIF image data, version 89a, 300 x 250\012- data
Size 620 kB (620219 bytes)
Hash e91d614145e5d8eca861ded0d26aa5ee
89cb2b1af3c1d4040a70d6da6ebc35826f3e4861
2ec9b6b79b38115672735e66ccbfab9aa56c18c9e07fe22eb8b7a2cb4b2c1f18
GET /3ac/48e/797/mc_na_09.07.2018_300x250_13_en.gif HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 31 Aug 2022 07:10:40 GMT
content-type: image/gif
content-length: 620219
server: nginx/1.17.6
last-modified: Tue, 01 Oct 2019 12:36:49 GMT
etag: "5d934861-976bb"
expires: Fri, 02 Sep 2022 07:10:40 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 502539da3064a6312c77ff29782ece38
1512dd1fc44ce3df5c88a1a1b38237e0c8f1ae58
e15fb978b159ba5c2429a13e8e88c25457dab65de814181df6524f68973dfece
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E15FB978B159BA5C2429A13E8E88C25457DAB65DE814181DF6524F68973DFECE"
Last-Modified: Tue, 30 Aug 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2006
Expires: Wed, 31 Aug 2022 07:44:06 GMT
Date: Wed, 31 Aug 2022 07:10:40 GMT
Connection: keep-alive
obituaryfuneral.com/watch.84291211926.js?key=3c4c10986549ae28f8e5d4cfef45eea8&kw=%5B%22nytes%22%2C%22goal%22%2C%22%E2%80%93%22%2C%22all%22%2C%22round%22%2C%22sports%22%5D&refer=http%3A%2F%2Fnytesgoal.com%2F&tz=0&dev=r&res=12.29&uuid=8edd079d-31df-4ddd-9711-081466b22a0b%3A1%3A1&shu=6ca3d4131124c9267e57bab07c613b9ac5296503e71296aacf6e19785e7ccdaaad4485ea8db761ca80ca7432b1231cffe8ad5855d5257103961ac46fba8d5d8f20ec67a0c183dd8571e532d57f3f3de080b70a23&pst=1661929900&rmtc=t
192.243.59.12200 OK 2.0 kB URL HTTP/1.1 obituaryfuneral.com/watch.84291211926.js?key=3c4c10986549ae28f8e5d4cfef45eea8&kw=%5B%22nytes%22%2C%22goal%22%2C%22%E2%80%93%22%2C%22all%22%2C%22round%22%2C%22sports%22%5D&refer=http%3A%2F%2Fnytesgoal.com%2F&tz=0&dev=r&res=12.29&uuid=8edd079d-31df-4ddd-9711-081466b22a0b%3A1%3A1&shu=6ca3d4131124c9267e57bab07c613b9ac5296503e71296aacf6e19785e7ccdaaad4485ea8db761ca80ca7432b1231cffe8ad5855d5257103961ac46fba8d5d8f20ec67a0c183dd8571e532d57f3f3de080b70a23&pst=1661929900&rmtc=t
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document, ASCII text, with very long lines (2409)
Hash 2c14b2743e513716cf5e43fdc6edad71
a2727e4977bd75dfd352af806875e19e51bc0193
7441557439316d809005f3c34f45db6bcbdfe5e7773b32a832c0a31e680ca8c3
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.84291211926.js?key=3c4c10986549ae28f8e5d4cfef45eea8&kw=%5B%22nytes%22%2C%22goal%22%2C%22%E2%80%93%22%2C%22all%22%2C%22round%22%2C%22sports%22%5D&refer=http%3A%2F%2Fnytesgoal.com%2F&tz=0&dev=r&res=12.29&uuid=8edd079d-31df-4ddd-9711-081466b22a0b%3A1%3A1&shu=6ca3d4131124c9267e57bab07c613b9ac5296503e71296aacf6e19785e7ccdaaad4485ea8db761ca80ca7432b1231cffe8ad5855d5257103961ac46fba8d5d8f20ec67a0c183dd8571e532d57f3f3de080b70a23&pst=1661929900&rmtc=t HTTP/1.1
Host: obituaryfuneral.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://nytesgoal.com
Referer: http://nytesgoal.com/
Connection: keep-alive
Cookie: u_pl=17423614; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzQyMzYxNCwiayI6IjNjNGMxMDk4NjU0OWFlMjhmOGU1ZDRjZmVmNDVlZWE4Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxODY3NzQ4LCJwaWQiOjQ3MzczOSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxOSwiYWlkIjoyMywicHQiOjQsInBrIjoiY2FzNm1xcXVwcCIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo3OTk1NDE5NiwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMTY2NzAsImJuIjoiRmlyZWZveCIsImJ2IjoiOTYuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cDovL255dGVzZ29hbC5jb20vIn19.7y0KHcdf7f28XB9Ylzi8-0ThIcHrPEzCtSxts4TOd7I
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Wed, 31 Aug 2022 07:10:40 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://nytesgoal.com
Access-Control-Allow-Origin: http://nytesgoal.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=8edd079d-31df-4ddd-9711-081466b22a0b:1:1; expires=Wed, 07 Sep 2022 07:10:40 GMT; secure; SameSite=None
pdhtkv=true; expires=Thu, 01 Sep 2022 07:10:40 GMT; secure; SameSite=None
uncs=1; expires=Thu, 01 Sep 2022 07:10:40 GMT; secure; SameSite=None
pdhtkv23=true; expires=Thu, 01 Sep 2022 07:10:40 GMT; secure; SameSite=None
uncs23=1; expires=Thu, 01 Sep 2022 07:10:40 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 11ad45e61c4fc8e6ed0bfde35faed8c6
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
youradexchange.com/script/i.php?stamat=m%257C%252C%252CAhJuIjZrtGU3Bp-GH0dEdHP3xP.eb3%252Cw62cooRGBVP77L65VqpfuuD2NPYmZNp-wV9tqrdTHcIr1dG3ytmfMdzrhAjs7MZqnAS5mi009iYdzS6EWN4P7cPhC191ZgaFgnwzoIUqOp2zm3D5igSYb_1AXWTrXqLn79gFmw55Rl8D1AzjYBvLr7tzL0Q6m2rfFPulAAcj23zL2gqQB5DgPgB4Ye8cgyBfI4nm9SuFhJVoOttZKaPvAj1bgGjdPnu_3P3KV6Ju_7EypaaPUUgApYnyJ9TIVHzy_nb-uZ11DDnEv2R_8c2iyYllZv5EGd-LyV4UwuyUYNhix4kacB10SFuZu3LhMm7_-AxbCL3aP1Ip50dotZfmMVC6Mwu5Tg1QvI3X1ztFeKvU_DH-lw0OjsSKHp-2KhgPSGhH6iMALUz-V_FnKTd2tAcPBLPYbb15kEwSyfHNSKEta7gSYMEmxatfZ2efAig442kOockaLMOGFkDtzIH6L3V0aLUkirE_Dk48cQ0q5LWuFofP3cyJ6UAvgp2WVOlGVz0IHWc4gIQ91hBTF5Ackg%252C%252C&cbpage=http%3A%2F%2Fnytesgoal.com%2F&cbref=&templ=-tempB_orange_CPA
35.190.41.116204 No Content 0 B URL HTTP/1.1 youradexchange.com/script/i.php?stamat=m%257C%252C%252CAhJuIjZrtGU3Bp-GH0dEdHP3xP.eb3%252Cw62cooRGBVP77L65VqpfuuD2NPYmZNp-wV9tqrdTHcIr1dG3ytmfMdzrhAjs7MZqnAS5mi009iYdzS6EWN4P7cPhC191ZgaFgnwzoIUqOp2zm3D5igSYb_1AXWTrXqLn79gFmw55Rl8D1AzjYBvLr7tzL0Q6m2rfFPulAAcj23zL2gqQB5DgPgB4Ye8cgyBfI4nm9SuFhJVoOttZKaPvAj1bgGjdPnu_3P3KV6Ju_7EypaaPUUgApYnyJ9TIVHzy_nb-uZ11DDnEv2R_8c2iyYllZv5EGd-LyV4UwuyUYNhix4kacB10SFuZu3LhMm7_-AxbCL3aP1Ip50dotZfmMVC6Mwu5Tg1QvI3X1ztFeKvU_DH-lw0OjsSKHp-2KhgPSGhH6iMALUz-V_FnKTd2tAcPBLPYbb15kEwSyfHNSKEta7gSYMEmxatfZ2efAig442kOockaLMOGFkDtzIH6L3V0aLUkirE_Dk48cQ0q5LWuFofP3cyJ6UAvgp2WVOlGVz0IHWc4gIQ91hBTF5Ackg%252C%252C&cbpage=http%3A%2F%2Fnytesgoal.com%2F&cbref=&templ=-tempB_orange_CPA
IP 35.190.41.116:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /script/i.php?stamat=m%257C%252C%252CAhJuIjZrtGU3Bp-GH0dEdHP3xP.eb3%252Cw62cooRGBVP77L65VqpfuuD2NPYmZNp-wV9tqrdTHcIr1dG3ytmfMdzrhAjs7MZqnAS5mi009iYdzS6EWN4P7cPhC191ZgaFgnwzoIUqOp2zm3D5igSYb_1AXWTrXqLn79gFmw55Rl8D1AzjYBvLr7tzL0Q6m2rfFPulAAcj23zL2gqQB5DgPgB4Ye8cgyBfI4nm9SuFhJVoOttZKaPvAj1bgGjdPnu_3P3KV6Ju_7EypaaPUUgApYnyJ9TIVHzy_nb-uZ11DDnEv2R_8c2iyYllZv5EGd-LyV4UwuyUYNhix4kacB10SFuZu3LhMm7_-AxbCL3aP1Ip50dotZfmMVC6Mwu5Tg1QvI3X1ztFeKvU_DH-lw0OjsSKHp-2KhgPSGhH6iMALUz-V_FnKTd2tAcPBLPYbb15kEwSyfHNSKEta7gSYMEmxatfZ2efAig442kOockaLMOGFkDtzIH6L3V0aLUkirE_Dk48cQ0q5LWuFofP3cyJ6UAvgp2WVOlGVz0IHWc4gIQ91hBTF5Ackg%252C%252C&cbpage=http%3A%2F%2Fnytesgoal.com%2F&cbref=&templ=-tempB_orange_CPA HTTP/1.1
Host: youradexchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nytesgoal.com/
HTTP/1.1 204 No Content
Server: openresty
Date: Wed, 31 Aug 2022 07:10:40 GMT
Access-Control-Allow-Origin: *
Referrer-Policy: no-referrer
Via: 1.1 google
banquetunarmedgrater.com/advertisers.js
192.243.59.13200 OK 0 B URL HTTP/1.1 banquetunarmedgrater.com/advertisers.js
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /advertisers.js HTTP/1.1
Host: banquetunarmedgrater.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nytesgoal.com/
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Wed, 31 Aug 2022 07:10:40 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 16aff55d203dabeaaf91d64b4edc58ed
Strict-Transport-Security: max-age=0; includeSubdomains
cdn.cloudimagesb.com/cti/27/cf/a9/27cfa94bc21f8231e12ae94f4cebe367/1627917273.png
45.133.44.9200 OK 56 kB URL HTTP/2 cdn.cloudimagesb.com/cti/27/cf/a9/27cfa94bc21f8231e12ae94f4cebe367/1627917273.png
IP 45.133.44.9:0
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 728 x 90, 8-bit/color RGB, non-interlaced\012- data
Hash 231d615f0b920b0f0c8758342141193b
ca68f0f6e4c9124bbe61c49d789d0447076b0332
3e24999c26c1c68485e879756ea30639ccee4d7f30f1e2c0e5190818cbab8996
GET /cti/27/cf/a9/27cfa94bc21f8231e12ae94f4cebe367/1627917273.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 31 Aug 2022 07:10:40 GMT
content-type: image/png
content-length: 56505
server: nginx/1.17.6
last-modified: Mon, 02 Aug 2021 15:14:41 GMT
etag: "61080be1-dcb9"
expires: Fri, 02 Sep 2022 07:10:40 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
falconisleclip.com/watch.790918193272.js?key=fdc80ce0a31b228294a750eb5cb3297e&kw=%5B%22nytes%22%2C%22goal%22%2C%22%E2%80%93%22%2C%22all%22%2C%22round%22%2C%22sports%22%5D&refer=http%3A%2F%2Fnytesgoal.com%2F&tz=0&dev=r&res=12.29&uuid=8edd079d-31df-4ddd-9711-081466b22a0b%3A1%3A1
192.243.59.13307 Temporary Redirect 0 B URL HTTP/1.1 falconisleclip.com/watch.790918193272.js?key=fdc80ce0a31b228294a750eb5cb3297e&kw=%5B%22nytes%22%2C%22goal%22%2C%22%E2%80%93%22%2C%22all%22%2C%22round%22%2C%22sports%22%5D&refer=http%3A%2F%2Fnytesgoal.com%2F&tz=0&dev=r&res=12.29&uuid=8edd079d-31df-4ddd-9711-081466b22a0b%3A1%3A1
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.790918193272.js?key=fdc80ce0a31b228294a750eb5cb3297e&kw=%5B%22nytes%22%2C%22goal%22%2C%22%E2%80%93%22%2C%22all%22%2C%22round%22%2C%22sports%22%5D&refer=http%3A%2F%2Fnytesgoal.com%2F&tz=0&dev=r&res=12.29&uuid=8edd079d-31df-4ddd-9711-081466b22a0b%3A1%3A1 HTTP/1.1
Host: falconisleclip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://nytesgoal.com
Connection: keep-alive
Referer: http://nytesgoal.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.17.6
Date: Wed, 31 Aug 2022 07:10:40 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://nytesgoal.com
Access-Control-Allow-Origin: http://nytesgoal.com
Access-Control-Allow-Credentials: true
Location: https://falconisleclip.com/watch.790918193272.js?key=fdc80ce0a31b228294a750eb5cb3297e&kw=%5B%22nytes%22%2C%22goal%22%2C%22%E2%80%93%22%2C%22all%22%2C%22round%22%2C%22sports%22%5D&refer=http%3A%2F%2Fnytesgoal.com%2F&tz=0&dev=r&res=12.29&uuid=8edd079d-31df-4ddd-9711-081466b22a0b%3A1%3A1&shu=fe4a18651a405f0c5e204edcf8ca4915ef26c779cb71adcc8d57b11aee98e50f4f0d004d60d692339b6124244966e478857cca8c34942be3471ac1e6bba029f917391c4af79d68cea4f4b78bfaa51b10d5a14f26&pst=1661929900&rmtc=t
Set-Cookie: u_pl=17426941; expires=Thu, 01 Sep 2022 07:10:40 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzQyNjk0MSwiayI6ImZkYzgwY2UwYTMxYjIyODI5NGE3NTBlYjVjYjMyOTdlIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxODY3NzQ4LCJwaWQiOjQ3MzczOSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxOSwiYWlkIjoyNSwicHQiOjQsInBrIjoid3N0dWdkbmEycSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo3OTk1NDE5NiwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMTY2NzAsImJuIjoiRmlyZWZveCIsImJ2IjoiOTYuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cDovL255dGVzZ29hbC5jb20vIn19.KiMzhpc0j0r2QcOWcmo94MysYV2SmjqZPDArWV9jtcY; expires=Wed, 31 Aug 2022 07:11:40 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 07c27997d6a14174e3916eef6656be52
Strict-Transport-Security: max-age=0; includeSubdomains
falconisleclip.com/watch.790918193272.js?key=fdc80ce0a31b228294a750eb5cb3297e&kw=%5B%22nytes%22%2C%22goal%22%2C%22%E2%80%93%22%2C%22all%22%2C%22round%22%2C%22sports%22%5D&refer=http%3A%2F%2Fnytesgoal.com%2F&tz=0&dev=r&res=12.29&uuid=8edd079d-31df-4ddd-9711-081466b22a0b%3A1%3A1&shu=fe4a18651a405f0c5e204edcf8ca4915ef26c779cb71adcc8d57b11aee98e50f4f0d004d60d692339b6124244966e478857cca8c34942be3471ac1e6bba029f917391c4af79d68cea4f4b78bfaa51b10d5a14f26&pst=1661929900&rmtc=t
192.243.59.13200 OK 2.0 kB URL HTTP/1.1 falconisleclip.com/watch.790918193272.js?key=fdc80ce0a31b228294a750eb5cb3297e&kw=%5B%22nytes%22%2C%22goal%22%2C%22%E2%80%93%22%2C%22all%22%2C%22round%22%2C%22sports%22%5D&refer=http%3A%2F%2Fnytesgoal.com%2F&tz=0&dev=r&res=12.29&uuid=8edd079d-31df-4ddd-9711-081466b22a0b%3A1%3A1&shu=fe4a18651a405f0c5e204edcf8ca4915ef26c779cb71adcc8d57b11aee98e50f4f0d004d60d692339b6124244966e478857cca8c34942be3471ac1e6bba029f917391c4af79d68cea4f4b78bfaa51b10d5a14f26&pst=1661929900&rmtc=t
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document, ASCII text, with very long lines (2417)
Hash 7b2972a1100400427ab02a80201c38d2
6882a476749929d532917225845e4f7552e87556
ca140182cfd1d241473978264abf1aa9b7dbff17a179509ce25e333f6e1247c7
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.790918193272.js?key=fdc80ce0a31b228294a750eb5cb3297e&kw=%5B%22nytes%22%2C%22goal%22%2C%22%E2%80%93%22%2C%22all%22%2C%22round%22%2C%22sports%22%5D&refer=http%3A%2F%2Fnytesgoal.com%2F&tz=0&dev=r&res=12.29&uuid=8edd079d-31df-4ddd-9711-081466b22a0b%3A1%3A1&shu=fe4a18651a405f0c5e204edcf8ca4915ef26c779cb71adcc8d57b11aee98e50f4f0d004d60d692339b6124244966e478857cca8c34942be3471ac1e6bba029f917391c4af79d68cea4f4b78bfaa51b10d5a14f26&pst=1661929900&rmtc=t HTTP/1.1
Host: falconisleclip.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://nytesgoal.com
Referer: http://nytesgoal.com/
Connection: keep-alive
Cookie: u_pl=17426941; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNzQyNjk0MSwiayI6ImZkYzgwY2UwYTMxYjIyODI5NGE3NTBlYjVjYjMyOTdlIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxODY3NzQ4LCJwaWQiOjQ3MzczOSwiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxOSwiYWlkIjoyNSwicHQiOjQsInBrIjoid3N0dWdkbmEycSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo3OTk1NDE5NiwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMTY2NzAsImJuIjoiRmlyZWZveCIsImJ2IjoiOTYuMCIsInd2IjpmYWxzZSwiZSI6ZmFsc2UsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cDovL255dGVzZ29hbC5jb20vIn19.KiMzhpc0j0r2QcOWcmo94MysYV2SmjqZPDArWV9jtcY
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Wed, 31 Aug 2022 07:10:40 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://nytesgoal.com
Access-Control-Allow-Origin: http://nytesgoal.com
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=8edd079d-31df-4ddd-9711-081466b22a0b:1:1; expires=Wed, 07 Sep 2022 07:10:40 GMT; secure; SameSite=None
pdhtkv=true; expires=Thu, 01 Sep 2022 07:10:40 GMT; secure; SameSite=None
uncs=1; expires=Thu, 01 Sep 2022 07:10:40 GMT; secure; SameSite=None
pdhtkv25=true; expires=Thu, 01 Sep 2022 07:10:40 GMT; secure; SameSite=None
uncs25=1; expires=Thu, 01 Sep 2022 07:10:40 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 5f9732065c3c803be8e85e6032eb7a25
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
nytesgoal.com/favicon.ico
94.242.61.186404 Not Found 1.2 kB URL HTTP/1.1 nytesgoal.com/favicon.ico
IP 94.242.61.186:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 0bde7d4b3da67537eaf9188e6f8049cf
64300fc482d01d38b40ab20e15960b6509665e5a
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807
GET /favicon.ico HTTP/1.1
Host: nytesgoal.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nytesgoal.com/
Cookie: dom3ic8zudi28v8lr6fgphwffqoz0j6c=8edd079d-31df-4ddd-9711-081466b22a0b%3A1%3A1; m5a4xojbcp2nx3gptmm633qal3gzmadn=diminutioneconomy.com; ppu_main_8278b008d2fa2a9b216e3768fac50fa9=1; cookielawinfo-checkbox-necessary=yes; cookielawinfo-checkbox-functional=no; cookielawinfo-checkbox-performance=no; cookielawinfo-checkbox-analytics=no; cookielawinfo-checkbox-advertisement=no; cookielawinfo-checkbox-others=no
HTTP/1.1 404 Not Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 1238
date: Wed, 31 Aug 2022 07:10:40 GMT
server: LiteSpeed
vary: User-Agent
crrepo.com/extban/303803220/creatives/23499182/e21b129e863b875a6c8d3d2f27a050be_8046.png
104.21.235.114200 OK 1.7 MB URL HTTP/2 crrepo.com/extban/303803220/creatives/23499182/e21b129e863b875a6c8d3d2f27a050be_8046.png
IP 104.21.235.114:0
File type PNG image data, 1096 x 1096, 8-bit/color RGBA, non-interlaced\012- data
Size 1.7 MB (1736584 bytes)
Hash a6ab17ac2cff0e8f2f04482286da9f7a
9c642ef53759bf5ea752e410d0e720ad5837a451
16f40d63a21d5920dea54761dd081612028e275821b4b9b3009699859dff8ca6
GET /extban/303803220/creatives/23499182/e21b129e863b875a6c8d3d2f27a050be_8046.png HTTP/1.1
Host: crrepo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://nytesgoal.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 31 Aug 2022 07:10:40 GMT
content-type: image/png
last-modified: Tue, 09 Aug 2022 08:21:29 GMT
etag: W/"62f21909-199fa3"
via: 1.1 google
cache-control: max-age=14400
cf-cache-status: REVALIDATED
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ze%2BYmNMvvSEL9r2bSrO48%2Bt2LrtM1B4muWAkJjQbPYeen4%2F2gEUb4jdEi1Me%2B7T9GscCHdOn6%2BWAuZ2VH6IVbxvVCH50kBCqYETyxzRXeOQplSZIy97ForzmLGeh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7433f29f683c76f9-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.cloudimagesb.com/cti/ef/06/31/ef0631ed0253c5a713569fa28086ba82/1627915747.png
45.133.44.9200 OK 100 kB URL HTTP/2 cdn.cloudimagesb.com/cti/ef/06/31/ef0631ed0253c5a713569fa28086ba82/1627915747.png
IP 45.133.44.9:0
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 160 x 600, 8-bit/color RGB, non-interlaced\012- data
Size 100 kB (100017 bytes)
Hash a2f3ad70558731363cc9e4c236b85164
31dead0c8bb32efa2870e3bdbc5b35a77a963735
0aa6cf6ed34931123c4d6a58f015ac928725fc7174a0ab61b734410dd27e142f
GET /cti/ef/06/31/ef0631ed0253c5a713569fa28086ba82/1627915747.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 31 Aug 2022 07:10:41 GMT
content-type: image/png
content-length: 100017
server: nginx/1.17.6
last-modified: Mon, 02 Aug 2021 14:49:16 GMT
etag: "610805ec-186b1"
expires: Fri, 02 Sep 2022 07:10:41 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
superonclick.com/script/native_server.js
104.21.41.60200 OK 3.0 kB URL HTTP/1.1 superonclick.com/script/native_server.js
IP 104.21.41.60:0
File type ASCII text, with very long lines (9260), with no line terminators
Hash fef133fd80f96d16621d517f8284faf8
ceef92cbdaa2a5eb78a767e5a808fb55b4c72917
7fd13a6d73c493a626b98d72167ecce7547bda71a8bac7eb26ee32aedff141b3
GET /script/native_server.js HTTP/1.1
Host: superonclick.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nytesgoal.com/
HTTP/1.1 200 OK
Date: Wed, 31 Aug 2022 07:10:41 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
X-GUploader-UploadID: ADPycdtt2MsOxBTyp24RcF5JL2Md2lozd8rfudOEDTyb1kZBruT9DzgpYc3rqT4P_GG1vz59kW6HXduepeidMYY1AqLKuA
x-goog-generation: 1550052952705094
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 9260
x-goog-hash: crc32c=RAjq/g==, md5=Udh+nr2DH8yragFgeaYHkw==
x-goog-storage-class: MULTI_REGIONAL
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
Expires: Wed, 31 Aug 2022 07:39:10 GMT
Cache-Control: public, max-age=14400
Age: 1891
Last-Modified: Wed, 13 Feb 2019 10:15:52 GMT
ETag: W/"51d87e9ebd831fccab6a016079a60793"
CF-Cache-Status: HIT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JQUMNsIuLMQHXDqr92Aa6OoTYjWIexAbnubtf9JYk70hfZ1otQtp3ydZe0yxMbI2ntjOsboI9ECotC0GXhndx9VZERQrAseijvTeQBrmOgsySIJvnASei3wMdKiopnwx4KDY"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7433f2a2f8e4b527-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
superonclick.com/script/native_render.js
104.21.41.60200 OK 1.6 kB URL HTTP/1.1 superonclick.com/script/native_render.js
IP 104.21.41.60:0
File type HTML document, ASCII text, with very long lines (4285), with no line terminators
Hash 18e733ef7fceb5ca3a29f28ad760b9de
5eabd37b22a3d7bf5dac24f1cfbf007cb1068cba
e448e622d72add1a1e35359beede408f584b490a93e0c9bb545ba991e2585937
GET /script/native_render.js HTTP/1.1
Host: superonclick.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nytesgoal.com/
HTTP/1.1 200 OK
Date: Wed, 31 Aug 2022 07:10:41 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
X-GUploader-UploadID: ADPycdvyAoaZHK2sFLWr8sgKutgDPuIqEoC-Uqy3Mme-VYeGTJboTPL3I2cGq09JsWK0sgQW4Fop8VS5LoHeOkisA043R1hnhA
x-goog-generation: 1550052950916101
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 4285
x-goog-hash: crc32c=rXethw==, md5=i4AdaMb2P574qaeqSEucdQ==
x-goog-storage-class: MULTI_REGIONAL
Access-Control-Allow-Origin: *
Expires: Wed, 31 Aug 2022 07:06:58 GMT
Cache-Control: public, max-age=14400
Age: 3403
Last-Modified: Wed, 13 Feb 2019 10:15:50 GMT
ETag: W/"8b801d68c6f63f9ef8a9a7aa484b9c75"
CF-Cache-Status: HIT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dmDAvsoBOiKy0QUD6Qgq45yQ0oV7Zp7eOBOnVvkbY8h5LImlwpVM09QAd8WpZ%2FrO9zgZzp%2BB%2BbJhpMtb%2FBXeoNCUzfWTknlS7KOHDEPIyCUQB2ugzbK7Csm5QISwEyOotewS"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7433f2a2fe31b52d-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
clearonclick.com/script/i.php?stamat=m%257C%252C%252Cw3dnt2YjtGU3Bk-GH0dEdHP3xP.3ca%252C9BnnEWIhDV0vFszywil_bVjQvn_1KsfLn9OMXz3SsuwYtWQPpwhX6RMTlou0Y3OXNeA5ba6mCnnUPDK5_sETRJqPd8vQqf0unZh0HcO1FD1KNyFfUAK1bZKdzTUdjOrI-O4vF4uUlxExJ489tSRul0nX1PCOljuWk-lf1crcsg8LkLbgZWNMPlZYV-NLg4OdL1EFWiqLqboA0F8AvY2pGhwzky49FuQJCwtSF14D6UHl2YPG2uRXsGD8EjX3PK7yT_D0KkMS5gUCTG-16GXsaKL_5l3_xB-h3b8U5_JmZV3c6Jc0Vt6a599mr7M-yK75Dg0tiaV90JWdKxRiCTaN5Q2HFd6Mg_Kg0fB2LTo2y5Vrlqddj06K_-qTOVyRhA3V9_Xo3E6xqaOwS__jz8Ay5_fZijB31hMq6QLgvqzpTT59wIn9wXxl4jFfWeBuf33gRe8yQLto_okmgvMWEEYy8x23CDcD_ECcluj7miDwO2ObmfEHccubTRgVQnnLQ_UiQKDOKEhfZNf9p2JdzZA7JRUw7wfHroSUUISqQXO9P30%252C
35.201.86.109204 No Content 0 B URL HTTP/1.1 clearonclick.com/script/i.php?stamat=m%257C%252C%252Cw3dnt2YjtGU3Bk-GH0dEdHP3xP.3ca%252C9BnnEWIhDV0vFszywil_bVjQvn_1KsfLn9OMXz3SsuwYtWQPpwhX6RMTlou0Y3OXNeA5ba6mCnnUPDK5_sETRJqPd8vQqf0unZh0HcO1FD1KNyFfUAK1bZKdzTUdjOrI-O4vF4uUlxExJ489tSRul0nX1PCOljuWk-lf1crcsg8LkLbgZWNMPlZYV-NLg4OdL1EFWiqLqboA0F8AvY2pGhwzky49FuQJCwtSF14D6UHl2YPG2uRXsGD8EjX3PK7yT_D0KkMS5gUCTG-16GXsaKL_5l3_xB-h3b8U5_JmZV3c6Jc0Vt6a599mr7M-yK75Dg0tiaV90JWdKxRiCTaN5Q2HFd6Mg_Kg0fB2LTo2y5Vrlqddj06K_-qTOVyRhA3V9_Xo3E6xqaOwS__jz8Ay5_fZijB31hMq6QLgvqzpTT59wIn9wXxl4jFfWeBuf33gRe8yQLto_okmgvMWEEYy8x23CDcD_ECcluj7miDwO2ObmfEHccubTRgVQnnLQ_UiQKDOKEhfZNf9p2JdzZA7JRUw7wfHroSUUISqQXO9P30%252C
IP 35.201.86.109:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /script/i.php?stamat=m%257C%252C%252Cw3dnt2YjtGU3Bk-GH0dEdHP3xP.3ca%252C9BnnEWIhDV0vFszywil_bVjQvn_1KsfLn9OMXz3SsuwYtWQPpwhX6RMTlou0Y3OXNeA5ba6mCnnUPDK5_sETRJqPd8vQqf0unZh0HcO1FD1KNyFfUAK1bZKdzTUdjOrI-O4vF4uUlxExJ489tSRul0nX1PCOljuWk-lf1crcsg8LkLbgZWNMPlZYV-NLg4OdL1EFWiqLqboA0F8AvY2pGhwzky49FuQJCwtSF14D6UHl2YPG2uRXsGD8EjX3PK7yT_D0KkMS5gUCTG-16GXsaKL_5l3_xB-h3b8U5_JmZV3c6Jc0Vt6a599mr7M-yK75Dg0tiaV90JWdKxRiCTaN5Q2HFd6Mg_Kg0fB2LTo2y5Vrlqddj06K_-qTOVyRhA3V9_Xo3E6xqaOwS__jz8Ay5_fZijB31hMq6QLgvqzpTT59wIn9wXxl4jFfWeBuf33gRe8yQLto_okmgvMWEEYy8x23CDcD_ECcluj7miDwO2ObmfEHccubTRgVQnnLQ_UiQKDOKEhfZNf9p2JdzZA7JRUw7wfHroSUUISqQXO9P30%252C HTTP/1.1
Host: clearonclick.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://clearonclick.com/ad/display.php?stamat=m%257C%252CUYiNmYhNqB1dAN0dEdHP3xP.d0f%252CZMkKdRAQlkuDbgTABrav5P_Y-78xF79JQBkeOeCwRP734bdyzKlNNl49ZVXBjASvnG4uT0BJ0SuZE-V8mkr1XGb2BNt72eFkyJeUg7rgaQA%252C&cbpage=http://nytesgoal.com/&cbur=0.8363113437749143&cbtitle=NYTES%20GOAL%20%E2%80%93%20ALL%20ROUND%20SPORTS&cbiframe=0&cbWidth=1280&cbHeight=939&cbdescription=&cbkeywords=&cbref=
HTTP/1.1 204 No Content
Server: openresty
Date: Wed, 31 Aug 2022 07:10:41 GMT
Access-Control-Allow-Origin: *
Referrer-Policy: no-referrer
Via: 1.1 google
clearonclick.com/script/i.php?stamat=m%257C%252C%252CwiK2oiMmtGU3Bp-GH0dEdHP3xP.583%252C5WIKLImANACHdOVUNYqNFFG3hOEY2kHtYSD1AyCSrFm2kPGS6BJAWMFfCRvpUdsrsqdxQPsR0nBiRSakNDkifmgDLutLyyyphDIf_IGsn71bqFFiHy4qbqJXZuvEtm7h_OMAYaOeAI5kzed7TfLce2Ud0SgJURJ9YwRSPlp68KCV7gC1_NUsBdQfIB4Jej3yiTRx4xudo4jPKbpHPkihSyMiSOZ00DnzFmobiuEYlJxZ5oelrKrHm_L7lmw0P9xLl3QAVTbEQTpT9nq00KUFBe2MZGGbaEWJVD7mRMEPS_vomFKs4SGgMcLu-NyY6QewfppFcWfWjjM96hhAfQ_2Rm1xMFkGoLwOuMrBMscWTDorGmXY1UptV5twge5eDWfy6K_CG8SwU3szP9cNMyBEYFWmFWKBeby3xXhojBBoLnXLYK8hVYIh4rd8rKOl4z5npxsTBUIfQNe80r4V8OC_vmgPK7RbFp17rQdjIR8C3iO5cO3TV7XWegSExruL6dh1sSZf5aoLCFQeNhLYFvin9g%252C%252C
35.201.86.109204 No Content 0 B URL HTTP/1.1 clearonclick.com/script/i.php?stamat=m%257C%252C%252CwiK2oiMmtGU3Bp-GH0dEdHP3xP.583%252C5WIKLImANACHdOVUNYqNFFG3hOEY2kHtYSD1AyCSrFm2kPGS6BJAWMFfCRvpUdsrsqdxQPsR0nBiRSakNDkifmgDLutLyyyphDIf_IGsn71bqFFiHy4qbqJXZuvEtm7h_OMAYaOeAI5kzed7TfLce2Ud0SgJURJ9YwRSPlp68KCV7gC1_NUsBdQfIB4Jej3yiTRx4xudo4jPKbpHPkihSyMiSOZ00DnzFmobiuEYlJxZ5oelrKrHm_L7lmw0P9xLl3QAVTbEQTpT9nq00KUFBe2MZGGbaEWJVD7mRMEPS_vomFKs4SGgMcLu-NyY6QewfppFcWfWjjM96hhAfQ_2Rm1xMFkGoLwOuMrBMscWTDorGmXY1UptV5twge5eDWfy6K_CG8SwU3szP9cNMyBEYFWmFWKBeby3xXhojBBoLnXLYK8hVYIh4rd8rKOl4z5npxsTBUIfQNe80r4V8OC_vmgPK7RbFp17rQdjIR8C3iO5cO3TV7XWegSExruL6dh1sSZf5aoLCFQeNhLYFvin9g%252C%252C
IP 35.201.86.109:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /script/i.php?stamat=m%257C%252C%252CwiK2oiMmtGU3Bp-GH0dEdHP3xP.583%252C5WIKLImANACHdOVUNYqNFFG3hOEY2kHtYSD1AyCSrFm2kPGS6BJAWMFfCRvpUdsrsqdxQPsR0nBiRSakNDkifmgDLutLyyyphDIf_IGsn71bqFFiHy4qbqJXZuvEtm7h_OMAYaOeAI5kzed7TfLce2Ud0SgJURJ9YwRSPlp68KCV7gC1_NUsBdQfIB4Jej3yiTRx4xudo4jPKbpHPkihSyMiSOZ00DnzFmobiuEYlJxZ5oelrKrHm_L7lmw0P9xLl3QAVTbEQTpT9nq00KUFBe2MZGGbaEWJVD7mRMEPS_vomFKs4SGgMcLu-NyY6QewfppFcWfWjjM96hhAfQ_2Rm1xMFkGoLwOuMrBMscWTDorGmXY1UptV5twge5eDWfy6K_CG8SwU3szP9cNMyBEYFWmFWKBeby3xXhojBBoLnXLYK8hVYIh4rd8rKOl4z5npxsTBUIfQNe80r4V8OC_vmgPK7RbFp17rQdjIR8C3iO5cO3TV7XWegSExruL6dh1sSZf5aoLCFQeNhLYFvin9g%252C%252C HTTP/1.1
Host: clearonclick.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://clearonclick.com/ad/display.php?stamat=m%257C%252Ck93a3NjEqB1dAN0dEdHP3xP.ea3%252CZMkKdRAQlkuDbgTABrav5OFQ0MJAykODZWsP5sOFWCEkum2tVRL4Kc_Hm7gVKUFqlR1_o_RCbGJJtED9bbP3AtPuoMi7-hl0E82swKBQG4w%252C&cbpage=http://nytesgoal.com/&cbur=0.8991103859842993&cbtitle=NYTES%20GOAL%20%E2%80%93%20ALL%20ROUND%20SPORTS&cbiframe=0&cbWidth=1280&cbHeight=939&cbdescription=&cbkeywords=&cbref=
HTTP/1.1 204 No Content
Server: openresty
Date: Wed, 31 Aug 2022 07:10:41 GMT
Access-Control-Allow-Origin: *
Referrer-Policy: no-referrer
Via: 1.1 google
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash ef80a390dc7608c27e29fe3516eb0565
5062143217d04ed6de8fa77555d9a83938391c87
373c43367776cfcbb9f69a45443f59dfb774eab11241928134a25bcb7d75e83b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 31 Aug 2022 07:10:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/html/r20220829/r20190131/zrt_lookup.html
142.250.74.98200 OK 4.4 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/html/r20220829/r20190131/zrt_lookup.html
IP 142.250.74.98:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1731)
Hash 09a8bd805dba1307ae0bd76a0c9ca73d
bdc16e7610abae944da47ff3a0e5fea818241fb0
e3978f36e9c5f0b909ed64015db629e2c64b46e75d165c6d1d146fcb792cdbde
GET /pagead/html/r20220829/r20190131/zrt_lookup.html HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://nytesgoal.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4412
x-xss-protection: 0
date: Wed, 31 Aug 2022 05:02:28 GMT
expires: Wed, 14 Sep 2022 05:02:28 GMT
cache-control: public, max-age=1209600
etag: 8616628553774171045
content-type: text/html; charset=UTF-8
age: 7693
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash ef80a390dc7608c27e29fe3516eb0565
5062143217d04ed6de8fa77555d9a83938391c87
373c43367776cfcbb9f69a45443f59dfb774eab11241928134a25bcb7d75e83b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 31 Aug 2022 07:10:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
clearonclick.com/script/i.php?stamat=m%257C%252C%252CQ2djY2dnoGU3Bk-GH0dEdHP3xP.bb8%252CkO9UR_jHJm11mE-eM3-PitcF1G2iFHmWVG-N8uhHAK4nSpjRSXvredEA9IVpCzCzO_uJSDKIvy8F4cjcuK6y1b5t1Uz3KSVz_vPbBtm8B4CGzsmur3QmjmPTyEo9ig5t4kT0eKlk51jRNCzHdgMxGxn2B8ls94wMoUP3m9KA8ZXDeKex-1PSVM4CWnvYMpFwJLJxtpEZcuLNPE8Hr_ZBPL3xghDOkGrik2OFsJ4TtoS3MDLHnUr5MMcx0t-c3wOUmeh-ZVxxAYLV6V0GYYRec31jHlKSHFM8FN6RVzl-QRa8ca3tts2QzPzhVo1S3fiJ5IzMUMlTajgF6bxyC_wr6MZsDmlS8TEfn7Frzd0jroJXV1X6iyESemzQI3HKcqkbTiUL8Q9KwdI_UKapOcnVKY_8q7jGFz4lLp970pLrI-EL7MnC4NBQJRdYs-RG_B5e052iUVi_Yr3GR3uksQJnGy5MIwjNGJ8R55zLgMF1UL5Gm1KmPGIf2YPSbZv7nK3OGU_Ete8Z6QtwHkhmqzFbMDb8Pfb0WJOdqNpLN54E41w%252C
35.201.86.109204 No Content 0 B URL HTTP/1.1 clearonclick.com/script/i.php?stamat=m%257C%252C%252CQ2djY2dnoGU3Bk-GH0dEdHP3xP.bb8%252CkO9UR_jHJm11mE-eM3-PitcF1G2iFHmWVG-N8uhHAK4nSpjRSXvredEA9IVpCzCzO_uJSDKIvy8F4cjcuK6y1b5t1Uz3KSVz_vPbBtm8B4CGzsmur3QmjmPTyEo9ig5t4kT0eKlk51jRNCzHdgMxGxn2B8ls94wMoUP3m9KA8ZXDeKex-1PSVM4CWnvYMpFwJLJxtpEZcuLNPE8Hr_ZBPL3xghDOkGrik2OFsJ4TtoS3MDLHnUr5MMcx0t-c3wOUmeh-ZVxxAYLV6V0GYYRec31jHlKSHFM8FN6RVzl-QRa8ca3tts2QzPzhVo1S3fiJ5IzMUMlTajgF6bxyC_wr6MZsDmlS8TEfn7Frzd0jroJXV1X6iyESemzQI3HKcqkbTiUL8Q9KwdI_UKapOcnVKY_8q7jGFz4lLp970pLrI-EL7MnC4NBQJRdYs-RG_B5e052iUVi_Yr3GR3uksQJnGy5MIwjNGJ8R55zLgMF1UL5Gm1KmPGIf2YPSbZv7nK3OGU_Ete8Z6QtwHkhmqzFbMDb8Pfb0WJOdqNpLN54E41w%252C
IP 35.201.86.109:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /script/i.php?stamat=m%257C%252C%252CQ2djY2dnoGU3Bk-GH0dEdHP3xP.bb8%252CkO9UR_jHJm11mE-eM3-PitcF1G2iFHmWVG-N8uhHAK4nSpjRSXvredEA9IVpCzCzO_uJSDKIvy8F4cjcuK6y1b5t1Uz3KSVz_vPbBtm8B4CGzsmur3QmjmPTyEo9ig5t4kT0eKlk51jRNCzHdgMxGxn2B8ls94wMoUP3m9KA8ZXDeKex-1PSVM4CWnvYMpFwJLJxtpEZcuLNPE8Hr_ZBPL3xghDOkGrik2OFsJ4TtoS3MDLHnUr5MMcx0t-c3wOUmeh-ZVxxAYLV6V0GYYRec31jHlKSHFM8FN6RVzl-QRa8ca3tts2QzPzhVo1S3fiJ5IzMUMlTajgF6bxyC_wr6MZsDmlS8TEfn7Frzd0jroJXV1X6iyESemzQI3HKcqkbTiUL8Q9KwdI_UKapOcnVKY_8q7jGFz4lLp970pLrI-EL7MnC4NBQJRdYs-RG_B5e052iUVi_Yr3GR3uksQJnGy5MIwjNGJ8R55zLgMF1UL5Gm1KmPGIf2YPSbZv7nK3OGU_Ete8Z6QtwHkhmqzFbMDb8Pfb0WJOdqNpLN54E41w%252C HTTP/1.1
Host: clearonclick.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://clearonclick.com/ad/display.php?stamat=m%257C%252CgoiNSIjarB1dAN0dEdHP3xP.445%252CZMkKdRAQlkuDbgTABrav5HpP176zkQqxAH738cXuHuZLJD3q01P2_IWjwRXLCtsINGDWsuzqTIk7h_IBTCdbit95hx54Iacsl84AvPyGnC4%252C&cbpage=http://nytesgoal.com/&cbur=0.30406272024071657&cbtitle=NYTES%20GOAL%20%E2%80%93%20ALL%20ROUND%20SPORTS&cbiframe=0&cbWidth=1280&cbHeight=939&cbdescription=&cbkeywords=&cbref=
HTTP/1.1 204 No Content
Server: openresty
Date: Wed, 31 Aug 2022 07:10:41 GMT
Access-Control-Allow-Origin: *
Referrer-Policy: no-referrer
Via: 1.1 google
achcdn.com/script/ut.js?cb=1661929839657
172.67.151.56200 OK 24 kB URL HTTP/1.1 achcdn.com/script/ut.js?cb=1661929839657
IP 172.67.151.56:0
File type Unicode text, UTF-8 text, with very long lines (65535), with no line terminators
Hash 247b9ea3eb310459e21f78029267717c
1d7ea226aaf8046de5af9ef7975ad30398f517ad
dd787f72c85d7d6b736c0563371ea98a66542289101d8001a186d5a595ac05dc
GET /script/ut.js?cb=1661929839657 HTTP/1.1
Host: achcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nytesgoal.com/
HTTP/1.1 200 OK
Date: Wed, 31 Aug 2022 07:10:41 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
X-GUploader-UploadID: ADPycduQc_-Q_yReIjFJgwVVT0zrYteLdYonr0bTqZ1yhOWtytGGRamRauYRrQSHeWt_hzZMc_u8V8APdTAv9p7CZxlNrfpK24t0
x-goog-generation: 1661773552581597
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 71356
x-goog-hash: crc32c=PTRdbg==, md5=xzBO68tQafaL0/qedCGKNg==
x-goog-storage-class: MULTI_REGIONAL
Access-Control-Allow-Origin: *
Expires: Wed, 31 Aug 2022 07:40:46 GMT
Cache-Control: public, max-age=14400
Last-Modified: Mon, 29 Aug 2022 11:45:52 GMT
ETag: W/"c7304eebcb5069f68bd3fa9e74218a36"
Age: 1665
CF-Cache-Status: HIT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eylBv4kL%2FZsydSRzta9tEf5kXXmAeEPMFKwMTuBzrp6kI%2B387P4KIUIEEKn40z9sLgoBqRW6RcMkZrUkIfg%2FW0nSEyuwyRPHk3hSYhmc%2FiR8VBn9LQ5rlgTiml7F"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7433f2a42d700b59-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
youradexchange.com/ad/czcf.php?cz=xicgec9slg
35.190.41.116200 OK 199 B URL HTTP/1.1 youradexchange.com/ad/czcf.php?cz=xicgec9slg
IP 35.190.41.116:0
File type JSON data\012- , ASCII text, with very long lines (305)
Hash c3e01e22843ba1659c183f52496e9729
4116656d1b37c10c3dc571a3d38387ac69eb6bb4
9cd472db5030469bc4c562f9dd44c839b6547e17ac340b5b551d6f2ae76eb152
GET /ad/czcf.php?cz=xicgec9slg HTTP/1.1
Host: youradexchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://nytesgoal.com/
Origin: http://nytesgoal.com
Connection: keep-alive
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 31 Aug 2022 07:10:41 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 google
achcdn.com/script/ippg.js
172.67.151.56200 OK 38 kB URL HTTP/1.1 achcdn.com/script/ippg.js
IP 172.67.151.56:0
File type Unicode text, UTF-8 text, with very long lines (43546), with NEL line terminators
Hash ab0a746fd316e563662f3bea5cc5f8aa
5896bdce5cb563304e20795cee5049fdcec63247
420a858dbd807d33ef190ef8ed30405943e014b82071cd4e506e1806ee54e03a
GET /script/ippg.js HTTP/1.1
Host: achcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nytesgoal.com/
HTTP/1.1 200 OK
Date: Wed, 31 Aug 2022 07:10:41 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
X-GUploader-UploadID: ADPycdt-XzrLj2LPqFQTyUgOtMQbes6soMw2vDQhjnNlo0mcQkS8F4Er_3Amavr1y-i_k1eaN4H_IAniGzvGRxtEST9A
x-goog-generation: 1661259344618739
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 127045
x-goog-hash: crc32c=rafFLA==, md5=Gb2XZnq3zpK0hg0rZDHbLQ==
x-goog-storage-class: MULTI_REGIONAL
Access-Control-Allow-Origin: *
Expires: Wed, 31 Aug 2022 07:19:52 GMT
Cache-Control: public, max-age=14400
Last-Modified: Tue, 23 Aug 2022 12:55:44 GMT
ETag: W/"19bd97667ab7ce92b4860d2b6431db2d"
Age: 2426
CF-Cache-Status: HIT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QOTXknlVg7vFtKJC3SFonNzNpEcC4q5BJRyotJ3i5Oc7Fhtl01OHbK6vivXOIYIhL2vAO4T%2Fg8Dc9m%2BEl9NYUGPgwUQa45QDKK6mIffWblQDcfi%2BtDeNLopkrKxR"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7433f2a55e9a0b59-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
achcdn.com/script/suv4.js
172.67.151.56200 OK 33 kB URL HTTP/1.1 achcdn.com/script/suv4.js
IP 172.67.151.56:0
File type Unicode text, UTF-8 text, with very long lines (37814), with NEL line terminators
Hash 776aefd4b5a2f1a7078a7e7d3c1543c4
821dc7b678eb6ead6010562c5278867372c1d918
451909a624ec6e2f5340d2d1501ba54cae803b12a7a41b7da5130476edd8679e
GET /script/suv4.js HTTP/1.1
Host: achcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nytesgoal.com/
HTTP/1.1 200 OK
Date: Wed, 31 Aug 2022 07:10:41 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
X-GUploader-UploadID: ADPycdt8MWq2dCp9B7p-3lOenS1oOkPHU6MfPsP0FGNEsNFGrQ3_78YfKr_zt8w2GNh8G0aicJ3FUIcECFXeG6PO8HVJ3g
x-goog-generation: 1661773532689529
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 100513
x-goog-hash: crc32c=WehUDA==, md5=9jHiYpdGH4yLDJgV+eejRA==
x-goog-storage-class: MULTI_REGIONAL
Access-Control-Allow-Origin: *
Expires: Wed, 31 Aug 2022 07:10:51 GMT
Cache-Control: public, max-age=14400
Last-Modified: Mon, 29 Aug 2022 11:45:32 GMT
ETag: W/"f631e26297461f8c8b0c9815f9e7a344"
Age: 1762
CF-Cache-Status: HIT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TYZAeS92chDEVIMMOaQx7CbSJk%2FIjcf%2BqFU%2B1XLyHTA%2Fs9eM0StwN1BVN%2FjW3aRmMLudtB7UpAU%2BOztkAyqpLCxEPidCocpnoq8nGsq2s25hO5MxfG2zcVqXJw6C"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7433f2a558c3b51d-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
achcdn.com/script/ut.js?cb=1661929841597
172.67.151.56200 OK 24 kB URL HTTP/1.1 achcdn.com/script/ut.js?cb=1661929841597
IP 172.67.151.56:0
File type Unicode text, UTF-8 text, with very long lines (65535), with no line terminators
Hash 247b9ea3eb310459e21f78029267717c
1d7ea226aaf8046de5af9ef7975ad30398f517ad
dd787f72c85d7d6b736c0563371ea98a66542289101d8001a186d5a595ac05dc
GET /script/ut.js?cb=1661929841597 HTTP/1.1
Host: achcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nytesgoal.com/
HTTP/1.1 200 OK
Date: Wed, 31 Aug 2022 07:10:41 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
X-GUploader-UploadID: ADPycduQc_-Q_yReIjFJgwVVT0zrYteLdYonr0bTqZ1yhOWtytGGRamRauYRrQSHeWt_hzZMc_u8V8APdTAv9p7CZxlNrfpK24t0
x-goog-generation: 1661773552581597
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 71356
x-goog-hash: crc32c=PTRdbg==, md5=xzBO68tQafaL0/qedCGKNg==
x-goog-storage-class: MULTI_REGIONAL
Access-Control-Allow-Origin: *
Expires: Wed, 31 Aug 2022 07:40:46 GMT
Cache-Control: public, max-age=14400
Last-Modified: Mon, 29 Aug 2022 11:45:52 GMT
ETag: W/"c7304eebcb5069f68bd3fa9e74218a36"
Age: 1665
CF-Cache-Status: HIT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hTb5Q%2FsAfNom%2FEqZozVYk20whnfWR7PE4JFBfjSBonM0nLeLvpuqq8bmWsEOgUkyFRBYJwU42ZWTCJxZq0jY65fWTuNbNEklIsiBNdljsQuUGZC69BvP4SbU8ZO0"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7433f2a5ef330b59-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
youradexchange.com/n/display.php?r=6072530&atag=1&czid=xicgec9slg&aggr=2&ppv=1
35.190.41.116200 OK 4.9 kB URL HTTP/1.1 youradexchange.com/n/display.php?r=6072530&atag=1&czid=xicgec9slg&aggr=2&ppv=1
IP 35.190.41.116:0
File type ASCII text, with very long lines (10729)
Hash e9bb5a3fe2396163890201b75df35131
ddee294e915033f270d3aeeb5f8e5a54494c19ce
ec455f69a43b4986b7cf3965e1f79cfc522b32d23c40326d4cce31396e75c063
GET /n/display.php?r=6072530&atag=1&czid=xicgec9slg&aggr=2&ppv=1 HTTP/1.1
Host: youradexchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nytesgoal.com/
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 31 Aug 2022 07:10:41 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Access-Control-Allow-Origin: *
Link: <www.gaming-adult.com>; rel=dns-prefetch,<www.gaming-adult.com>; rel=preconnect,<youradexchange.com>; rel=dns-prefetch,<youradexchange.com>; rel=preconnect
Content-Encoding: gzip
Via: 1.1 google
unseenreport.com/pxf.gif?uuid=8edd079d-31df-4ddd-9711-081466b22a0b&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=12.29&b_frame=0&pk=8278b008d2fa2a9b216e3768fac50fa9&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=7
192.243.59.13200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=8edd079d-31df-4ddd-9711-081466b22a0b&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=12.29&b_frame=0&pk=8278b008d2fa2a9b216e3768fac50fa9&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=7
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=8edd079d-31df-4ddd-9711-081466b22a0b&eb=da08d6844107154a138edda4653a0f4b&te=f6ce28b9ffd697cd2ee52a12f20448bb&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=12.29&b_frame=0&pk=8278b008d2fa2a9b216e3768fac50fa9&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=7 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nytesgoal.com/
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Wed, 31 Aug 2022 07:10:41 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 93d5105b2787e1a0d32f363bdca16634
Strict-Transport-Security: max-age=0; includeSubdomains
youradexchange.com/script/suurl4.php?r=6072538&atag=1&czid=xicgec9slg&cbur=0.1943553362959448&cbiframe=0&cbWidth=1280&cbHeight=939&cbtitle=NYTES%20GOAL%20%E2%80%93%20ALL%20ROUND%20SPORTS&cbpage=http%3A%2F%2Fnytesgoal.com%2F&cbref=&cbdescription=&cbkeywords=&cbcdn=achcdn.com&aggr=2
35.190.41.116200 OK 784 B URL HTTP/1.1 youradexchange.com/script/suurl4.php?r=6072538&atag=1&czid=xicgec9slg&cbur=0.1943553362959448&cbiframe=0&cbWidth=1280&cbHeight=939&cbtitle=NYTES%20GOAL%20%E2%80%93%20ALL%20ROUND%20SPORTS&cbpage=http%3A%2F%2Fnytesgoal.com%2F&cbref=&cbdescription=&cbkeywords=&cbcdn=achcdn.com&aggr=2
IP 35.190.41.116:0
File type JSON data\012- , ASCII text, with very long lines (963)
Hash e9560106390bb028de66b2cc317b2e3d
6a86f606b4e0366abf81cec53e01ae4fd0a5c43b
ff1a07a0a82061e161a6b19c7e9170c3e72813710f3a8ee92de9c3ee324df658
GET /script/suurl4.php?r=6072538&atag=1&czid=xicgec9slg&cbur=0.1943553362959448&cbiframe=0&cbWidth=1280&cbHeight=939&cbtitle=NYTES%20GOAL%20%E2%80%93%20ALL%20ROUND%20SPORTS&cbpage=http%3A%2F%2Fnytesgoal.com%2F&cbref=&cbdescription=&cbkeywords=&cbcdn=achcdn.com&aggr=2 HTTP/1.1
Host: youradexchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://nytesgoal.com/
Origin: http://nytesgoal.com
Connection: keep-alive
HTTP/1.1 200 OK
Server: openresty
Date: Wed, 31 Aug 2022 07:10:41 GMT
Content-Type: application/json; charset=utf-8
Transfer-Encoding: chunked
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 google
clearonclick.com/script/i.php?stamat=m%257C%252C%252CQjKSYhdToGU3Bk-GH0dEdHP3xP.3e4%252CQs1Sk2WoVkIv7JJfAmtiEC1_ZgnCb1Y-pKWvll6Ytfv9UhOH-fKe2NoYxL5ZIqTNeXEwCgEs2HgAGkZzWt1hdZIkfDJWYkcniDzkXROS77rRT6xLH-4A4BLZZSMDFXrK5xFZ_f_l6Y9fpZ31YBgrRlv2LhaxN6ALnAnfT4ACtNBAmJ9FdUtmj8Ir69n0VOwI0eIHlZX8B1ySOQWzI0rmBpv3PTEo1hbcFMZQ5_DwjBFpmLeA6SZzmnS7474ERxqLUWDGlpkn-3dwklK6NKDApGvABNefLnuKfN7xvfEcwENhWfEMuBWVuuHVQhZ3-x1pcr-hRKdJBAIe5q1AWzldgaQRNnYC-4pC_GYTlPC7ug-n4NmrLrhezk_yw0a19OHFA-gDLE3OVmHUbt5e64Icymmm0q1bWGHsnq3d4MUiVVKcKhp12TYvZmbzLi7Eo1uG1K5Z1FtAI9knZ9XgoLFyxtswd1P8AGYnnmEIx_GV6FwroMYF9-XW_5UZjyUCFixqf9ETe3co_Klt99LTohqWMjKM9IQLsW625Bf9MaNuwB8%252C
35.201.86.109204 No Content 0 B URL HTTP/1.1 clearonclick.com/script/i.php?stamat=m%257C%252C%252CQjKSYhdToGU3Bk-GH0dEdHP3xP.3e4%252CQs1Sk2WoVkIv7JJfAmtiEC1_ZgnCb1Y-pKWvll6Ytfv9UhOH-fKe2NoYxL5ZIqTNeXEwCgEs2HgAGkZzWt1hdZIkfDJWYkcniDzkXROS77rRT6xLH-4A4BLZZSMDFXrK5xFZ_f_l6Y9fpZ31YBgrRlv2LhaxN6ALnAnfT4ACtNBAmJ9FdUtmj8Ir69n0VOwI0eIHlZX8B1ySOQWzI0rmBpv3PTEo1hbcFMZQ5_DwjBFpmLeA6SZzmnS7474ERxqLUWDGlpkn-3dwklK6NKDApGvABNefLnuKfN7xvfEcwENhWfEMuBWVuuHVQhZ3-x1pcr-hRKdJBAIe5q1AWzldgaQRNnYC-4pC_GYTlPC7ug-n4NmrLrhezk_yw0a19OHFA-gDLE3OVmHUbt5e64Icymmm0q1bWGHsnq3d4MUiVVKcKhp12TYvZmbzLi7Eo1uG1K5Z1FtAI9knZ9XgoLFyxtswd1P8AGYnnmEIx_GV6FwroMYF9-XW_5UZjyUCFixqf9ETe3co_Klt99LTohqWMjKM9IQLsW625Bf9MaNuwB8%252C
IP 35.201.86.109:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /script/i.php?stamat=m%257C%252C%252CQjKSYhdToGU3Bk-GH0dEdHP3xP.3e4%252CQs1Sk2WoVkIv7JJfAmtiEC1_ZgnCb1Y-pKWvll6Ytfv9UhOH-fKe2NoYxL5ZIqTNeXEwCgEs2HgAGkZzWt1hdZIkfDJWYkcniDzkXROS77rRT6xLH-4A4BLZZSMDFXrK5xFZ_f_l6Y9fpZ31YBgrRlv2LhaxN6ALnAnfT4ACtNBAmJ9FdUtmj8Ir69n0VOwI0eIHlZX8B1ySOQWzI0rmBpv3PTEo1hbcFMZQ5_DwjBFpmLeA6SZzmnS7474ERxqLUWDGlpkn-3dwklK6NKDApGvABNefLnuKfN7xvfEcwENhWfEMuBWVuuHVQhZ3-x1pcr-hRKdJBAIe5q1AWzldgaQRNnYC-4pC_GYTlPC7ug-n4NmrLrhezk_yw0a19OHFA-gDLE3OVmHUbt5e64Icymmm0q1bWGHsnq3d4MUiVVKcKhp12TYvZmbzLi7Eo1uG1K5Z1FtAI9knZ9XgoLFyxtswd1P8AGYnnmEIx_GV6FwroMYF9-XW_5UZjyUCFixqf9ETe3co_Klt99LTohqWMjKM9IQLsW625Bf9MaNuwB8%252C HTTP/1.1
Host: clearonclick.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://clearonclick.com/ad/display.php?stamat=m%257C%252C8diJ2Y3frB1dAN0dEdHP3xP.c1b%252CZMkKdRAQlkuDbgTABrav5AymH7Iajv9PxGwuHbNgYKxjGPipJBGo38AzyOgvy6JfjYjLrsyjZR6z8S9whVyRGWWN7BMWYniFdYP96mMjNX0%252C&cbpage=http://nytesgoal.com/&cbur=0.8303713068854441&cbtitle=NYTES%20GOAL%20%E2%80%93%20ALL%20ROUND%20SPORTS&cbiframe=0&cbWidth=1280&cbHeight=939&cbdescription=&cbkeywords=&cbref=
HTTP/1.1 204 No Content
Server: openresty
Date: Wed, 31 Aug 2022 07:10:41 GMT
Access-Control-Allow-Origin: *
Referrer-Policy: no-referrer
Via: 1.1 google
crrepo.com/extban/301478220/creatives/23484228/a4a9c48ba58e37139977a2d5f181f434_3320.jpg
104.21.235.114200 OK 172 kB URL HTTP/1.1 crrepo.com/extban/301478220/creatives/23484228/a4a9c48ba58e37139977a2d5f181f434_3320.jpg
IP 104.21.235.114:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 23.3 (Windows), datetime=2022:05:12 18:47:09], baseline, precision 8, 500x500, components 3\012- data
Size 172 kB (171977 bytes)
Hash 5a5fd8db37fcd29610e39cd673a940b8
6539b545e9542a8b47d804cce41580caa4b1d177
03bc8fb64795d31dede2f33733ca38489a899c4b2da3a3055ffa8efedef2a909
GET /extban/301478220/creatives/23484228/a4a9c48ba58e37139977a2d5f181f434_3320.jpg HTTP/1.1
Host: crrepo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://nytesgoal.com/
HTTP/1.1 200 OK
Date: Wed, 31 Aug 2022 07:10:46 GMT
Content-Type: image/jpeg
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 12 Jul 2022 14:58:23 GMT
ETag: W/"62cd8c0f-2c688"
Content-Encoding: gzip
Via: 1.1 google
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BmQREjB%2F3hOnNS1ksqgvZ4rqrhBxPxBRdRcJJtIji2GDDlBDq4Mc3GONNfQl1IJ8yPJwYkCCWNcTz31YW95rVMnvR7fTeQCyg1ivglCit6BTGPnUAF5mdik4bn%2Bt"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7433f2c5ceb771fe-LHR
alt-svc: h2=":443"; ma=60
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa81f5f31-aa9c-40a0-ba4f-62065104ae68.jpeg
34.120.237.76200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa81f5f31-aa9c-40a0-ba4f-62065104ae68.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6db4af6bbf368aff4fde380eefd6d6ef
18f24ef5c18b95b4f538420dbac23a5c024b08bb
1851ae5d587772dac4a0c7bdf7f5aef7059bcd52d477d3e5f786ca44d2cfaa58
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa81f5f31-aa9c-40a0-ba4f-62065104ae68.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 7750
x-amzn-requestid: b76f3f28-20d2-4781-8d00-3e1c334340e5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XnYSbG-aIAMFwTA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630c6da8-4d3d8d50041c6f3b73993f06;Sampled=0
x-amzn-remapped-date: Mon, 29 Aug 2022 07:41:29 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: xJ-tsk3eQEam5H1bmN_dlvRPr9-vTSSchNX1uF45T76rc2ZDrMSNUQ==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Tue, 30 Aug 2022 22:08:12 GMT
age: 32554
etag: "18f24ef5c18b95b4f538420dbac23a5c024b08bb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2