r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 3bbb845b153026fc5332dd4506585b57
3cad200fac28fd00f34ce6ef79373e661e188743
6035871c0de6ff2d120921461207cfa32bc286e1fe78849ce74815ffbb9ff950
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6035871C0DE6FF2D120921461207CFA32BC286E1FE78849CE74815FFBB9FF950"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13585
Expires: Sat, 03 Dec 2022 11:27:35 GMT
Date: Sat, 03 Dec 2022 07:41:10 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7439fb99a444b66db1e68ffbfaa38451
4b7742d7956485906f1c392c478515ff89a46184
636327ce88f733e5a1d39af212f97242717a39ce20edaef330fafea238e3a309
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 552
Cache-Control: max-age=97157
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 07:41:10 GMT
Etag: "6389d3f3-1d7"
Expires: Sun, 04 Dec 2022 10:40:27 GMT
Last-Modified: Fri, 02 Dec 2022 10:31:15 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 03 Dec 2022 07:19:59 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1271
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 55b4c61a1e99001307750e3647fe1102
7559f9f6770b7d3f45b723167062096312641e08
39f6bb64420bcfc8f0b010168fd35b67732984cd0698409f04d5ae40410422aa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39F6BB64420BCFC8F0B010168FD35B67732984CD0698409F04D5AE40410422AA"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7585
Expires: Sat, 03 Dec 2022 09:47:35 GMT
Date: Sat, 03 Dec 2022 07:41:10 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 97/Y5SsxfSokOlrDg73KxWudcI3rKb1uSGdjEA5dW7aWjGxy8PcY+cZHMUiWmdZYRHConUUZaHc=
x-amz-request-id: P7E1A2PHTRBSWCZ0
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 03 Dec 2022 06:47:01 GMT
age: 3249
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 07:41:11 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
kittyland.ws/
103.109.100.248200 OK 8.0 kB IP 103.109.100.248:0
ASN #206264 Amarutu Technology Ltd
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1170), with CRLF, LF line terminators
Hash 952944a2b80bea2ae7f56c2336a139cf
f6d42f7b00ff389adb2bfe885574940ac781965d
4de5c7524af46fe52f7053e4c6758fc3857a3a6779cfa7a29213f0a78914937d
GET / HTTP/1.1
Host: kittyland.ws
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 03 Dec 2022 07:41:11 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 8000
Connection: keep-alive
Set-Cookie: mybb[lastvisit]=1670053270; expires=Sun, 03-Dec-2023 07:41:10 GMT; path=/; domain=.kittyland.ws
mybb[lastactive]=1670053270; expires=Sun, 03-Dec-2023 07:41:10 GMT; path=/; domain=.kittyland.ws
sid=ce7271ba07925e8998e6468f9e3434ec; path=/; domain=.kittyland.ws; HttpOnly
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PHP/7.0.33, PleskLin
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 98fe7e5fd6b778bcdcc63028c3a49fbd
06b34160c344526fbe14ce41445b9fe76c0a878d
d45d898dfe5bf1151557bbbc3be6e6878fbadce386136d60777b4464199173a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 07:41:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash e63a3fb1ef1a4ebbbd126969d6ee68ca
8bc9c26950b3899087e25ddea159c28f57b47200
f2ec30377e239f64286ae7dde8032e4e332b6c123f7decc07126fbbcff460a69
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 07:41:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 19a09dc440c5dff064eb9410b47caa48
7140f506d82dc1a62ae02a2b135485ce3f51ed4b
420957a48c24036f62864447c5e72096d3151f392e8cebbc2310e9a7cdbd1998
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 319
Cache-Control: max-age=102661
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 07:41:11 GMT
Etag: "6389ea5d-117"
Expires: Sun, 04 Dec 2022 12:12:12 GMT
Last-Modified: Fri, 02 Dec 2022 12:06:53 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 279
www.googletagmanager.com/gtag/js?id=UA-135448172-1
142.250.74.40200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-135448172-1
IP 142.250.74.40:0
File type ASCII text, with very long lines (1921)
Hash 75ba0338c7f45baf0f867ff2e3d0034e
f448fd846b9677d34897a20ad1177921a753fb04
d1dd59241ee02816963c0e922f34380671604ec7a64135bef843f26988ff4c25
GET /gtag/js?id=UA-135448172-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kittyland.ws/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 03 Dec 2022 07:41:11 GMT
expires: Sat, 03 Dec 2022 07:41:11 GMT
cache-control: private, max-age=900
last-modified: Sat, 03 Dec 2022 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43574
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 98fe7e5fd6b778bcdcc63028c3a49fbd
06b34160c344526fbe14ce41445b9fe76c0a878d
d45d898dfe5bf1151557bbbc3be6e6878fbadce386136d60777b4464199173a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 07:41:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash e63a3fb1ef1a4ebbbd126969d6ee68ca
8bc9c26950b3899087e25ddea159c28f57b47200
f2ec30377e239f64286ae7dde8032e4e332b6c123f7decc07126fbbcff460a69
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 07:41:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, ETag, Alert, Expires, Cache-Control, Backoff, Content-Length, Content-Type, Pragma, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 03 Dec 2022 07:08:58 GMT
cache-control: public,max-age=3600
age: 1933
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 19a09dc440c5dff064eb9410b47caa48
7140f506d82dc1a62ae02a2b135485ce3f51ed4b
420957a48c24036f62864447c5e72096d3151f392e8cebbc2310e9a7cdbd1998
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 319
Cache-Control: max-age=102661
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 07:41:11 GMT
Etag: "6389ea5d-117"
Expires: Sun, 04 Dec 2022 12:12:12 GMT
Last-Modified: Fri, 02 Dec 2022 12:06:53 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7f1f8fc556d1f7e0aea3e1208ee2fd1c
09c341a56ff876479cfc8a0505a5fef4a5d110f1
65adcf58887bcc23f73379f74ab19a61cfbb93285c95c64b44a6716eeacc1482
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 546
Cache-Control: max-age=92089
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 07:41:11 GMT
Etag: "6389c02e-1d7"
Expires: Sun, 04 Dec 2022 09:16:00 GMT
Last-Modified: Fri, 02 Dec 2022 09:06:54 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471
kittyland.ws/jscripts/jquery.plugins.min.js?ver=1820
103.109.100.248200 OK 24 kB URL HTTP/1.1 kittyland.ws/jscripts/jquery.plugins.min.js?ver=1820
IP 103.109.100.248:0
ASN #206264 Amarutu Technology Ltd
File type ASCII text, with very long lines (23521), with no line terminators
Hash e94aaa8d2ae5c69287d9f693a3134d15
36b5272e62b12eec3e8345a68350369e61b875e0
8c18ebcc8fdcbc4296e86684bf4d6c668aaa415cad2c3be0c1304a9d69eb8b81
GET /jscripts/jquery.plugins.min.js?ver=1820 HTTP/1.1
Host: kittyland.ws
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kittyland.ws/
Cookie: mybb[lastvisit]=1670053270; mybb[lastactive]=1670053270; sid=ce7271ba07925e8998e6468f9e3434ec
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 03 Dec 2022 07:41:11 GMT
Content-Type: application/javascript
Content-Length: 23521
Last-Modified: Fri, 13 Sep 2019 05:35:18 GMT
Connection: keep-alive
ETag: "5d7b2a96-5be1"
X-Powered-By: PleskLin
Accept-Ranges: bytes
kittyland.ws/cache/themes/theme11/navigation.css
103.109.100.248200 OK 3.4 kB URL HTTP/1.1 kittyland.ws/cache/themes/theme11/navigation.css
IP 103.109.100.248:0
ASN #206264 Amarutu Technology Ltd
File type ASCII text, with CRLF, LF line terminators
Hash 2b523c4d47e4511121bba561171d6d8b
105723ef6ac00beb388ec1f370bde9dd173f04d2
fb303efa70a1cbf2218c2abf30a3319ab1bb9665f815f86d859922ded0554149
GET /cache/themes/theme11/navigation.css HTTP/1.1
Host: kittyland.ws
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kittyland.ws/
Cookie: mybb[lastvisit]=1670053270; mybb[lastactive]=1670053270; sid=ce7271ba07925e8998e6468f9e3434ec
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 03 Dec 2022 07:41:11 GMT
Content-Type: text/css
Content-Length: 3356
Last-Modified: Sun, 15 Sep 2019 16:30:26 GMT
Connection: keep-alive
ETag: "5d7e6722-d1c"
X-Powered-By: PleskLin
Accept-Ranges: bytes
kittyland.ws/cache/themes/theme11/css3.css
103.109.100.248200 OK 3.3 kB URL HTTP/1.1 kittyland.ws/cache/themes/theme11/css3.css
IP 103.109.100.248:0
ASN #206264 Amarutu Technology Ltd
File type ASCII text, with CRLF, LF line terminators
Hash 10aab34a1453c64b284046a6e9a3ecdb
a63e194e84887b8e1643548507fc9018dd186c6d
b7e527ffd36053b01ec0deffafea3079546d5cd50c41a7b94f9be45013c96a27
GET /cache/themes/theme11/css3.css HTTP/1.1
Host: kittyland.ws
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kittyland.ws/
Cookie: mybb[lastvisit]=1670053270; mybb[lastactive]=1670053270; sid=ce7271ba07925e8998e6468f9e3434ec
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 03 Dec 2022 07:41:11 GMT
Content-Type: text/css
Content-Length: 3264
Last-Modified: Sat, 14 Sep 2019 01:13:38 GMT
Connection: keep-alive
ETag: "5d7c3ec2-cc0"
X-Powered-By: PleskLin
Accept-Ranges: bytes
terminusbedsexchanged.com/a2/89/ce/a289cea0efc01ecc6d483b54b6e14570.js
192.243.59.12200 OK 17 kB URL HTTP/1.1 terminusbedsexchanged.com/a2/89/ce/a289cea0efc01ecc6d483b54b6e14570.js
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with very long lines (53731), with no line terminators
Hash 6d16488e2a5a6f5d345d93d22d7ae307
6b6f8d2f8e8ba2f9eba9585051b657a1b88b1d81
09a3bc4ca524a12bb96a2ccc6498b3782156b92f36f094ee6d7d00e0d9be4a87
GET /a2/89/ce/a289cea0efc01ecc6d483b54b6e14570.js HTTP/1.1
Host: terminusbedsexchanged.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kittyland.ws/
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sat, 03 Dec 2022 07:41:11 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: abfa2ad8e915358edf33814412de8e26
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
push.services.mozilla.com/
35.163.49.154101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.163.49.154:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: UhgTaI/CBLy1HIbKVWgg2A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: bLcB7lTbnOdoqcyoaFvq3lYNwvs=
kittyland.ws/jscripts/general.js?ver=1817
103.109.100.248200 OK 14 kB URL HTTP/1.1 kittyland.ws/jscripts/general.js?ver=1817
IP 103.109.100.248:0
ASN #206264 Amarutu Technology Ltd
File type ASCII text, with very long lines (322)
Hash 1ceee3d93269eec42d3deeff783f2b87
cabe55334c28136b5c8cc843c1fc2caed2666130
a67789463ec702f1ad2f23abedd1eab92965b6b6c97c061702c9b87c1370e004
GET /jscripts/general.js?ver=1817 HTTP/1.1
Host: kittyland.ws
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kittyland.ws/
Cookie: mybb[lastvisit]=1670053270; mybb[lastactive]=1670053270; sid=ce7271ba07925e8998e6468f9e3434ec
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 03 Dec 2022 07:41:11 GMT
Content-Type: application/javascript
Content-Length: 14480
Last-Modified: Fri, 13 Sep 2019 05:35:20 GMT
Connection: keep-alive
ETag: "5d7b2a98-3890"
X-Powered-By: PleskLin
Accept-Ranges: bytes
kittyland.ws/cache/themes/theme11/color_green.css
103.109.100.248200 OK 1.5 kB URL HTTP/1.1 kittyland.ws/cache/themes/theme11/color_green.css
IP 103.109.100.248:0
ASN #206264 Amarutu Technology Ltd
File type ASCII text, with CRLF line terminators
Hash 2ebe5c4b1f87556173fcd89cbccdfd64
f942af7effe01b85eb5e62cdb28ab435e4cff737
291e20afe6ad5201c5129f0129fdb8b40c42725fcb4b8732c4225e50a29a49fe
GET /cache/themes/theme11/color_green.css HTTP/1.1
Host: kittyland.ws
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kittyland.ws/
Cookie: mybb[lastvisit]=1670053270; mybb[lastactive]=1670053270; sid=ce7271ba07925e8998e6468f9e3434ec
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 03 Dec 2022 07:41:11 GMT
Content-Type: text/css
Content-Length: 1463
Last-Modified: Sun, 15 Sep 2019 16:31:06 GMT
Connection: keep-alive
ETag: "5d7e674a-5b7"
X-Powered-By: PleskLin
Accept-Ranges: bytes
kittyland.ws/jscripts/jquery.js?ver=1820
103.109.100.248200 OK 97 kB URL HTTP/1.1 kittyland.ws/jscripts/jquery.js?ver=1820
IP 103.109.100.248:0
ASN #206264 Amarutu Technology Ltd
File type ASCII text, with very long lines (32077)
Hash 4f252523d4af0b478c810c2547a63e19
5a9dcfbef655a2668e78baebeaa8dc6f41d8dabb
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
GET /jscripts/jquery.js?ver=1820 HTTP/1.1
Host: kittyland.ws
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kittyland.ws/
Cookie: mybb[lastvisit]=1670053270; mybb[lastactive]=1670053270; sid=ce7271ba07925e8998e6468f9e3434ec
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 03 Dec 2022 07:41:11 GMT
Content-Type: application/javascript
Content-Length: 97163
Last-Modified: Fri, 13 Sep 2019 05:35:20 GMT
Connection: keep-alive
ETag: "5d7b2a98-17b8b"
X-Powered-By: PleskLin
Accept-Ranges: bytes
kittyland.ws/cache/themes/theme11/global.css
103.109.100.248200 OK 36 kB URL HTTP/1.1 kittyland.ws/cache/themes/theme11/global.css
IP 103.109.100.248:0
ASN #206264 Amarutu Technology Ltd
File type ASCII text, with CRLF line terminators
Hash 21ba6b824cebc1f0139885c11bc712d7
3d8dd1386f8919c2f81012095f65685150dd1acd
49aa06230cabf9a720dc98c17573c301a7f0ef032a08359479e7f09dd5a192ad
GET /cache/themes/theme11/global.css HTTP/1.1
Host: kittyland.ws
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kittyland.ws/
Cookie: mybb[lastvisit]=1670053270; mybb[lastactive]=1670053270; sid=ce7271ba07925e8998e6468f9e3434ec
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 03 Dec 2022 07:41:11 GMT
Content-Type: text/css
Content-Length: 36334
Last-Modified: Thu, 17 Oct 2019 15:49:01 GMT
Connection: keep-alive
ETag: "5da88d6d-8dee"
X-Powered-By: PleskLin
Accept-Ranges: bytes
i.imgur.com/DcHg2p9.jpg
151.101.84.193200 OK 34 kB IP 151.101.84.193:0
File type JPEG image data, progressive, precision 8, 468x60, components 3\012- data
Hash 2a79130b4ba1136e696b4b36f115b29c
eb8658ab5b046ed3b1e7baf10df40bd2b28c750f
a91f53939225509f2d1c7a0ae49ad3bed703746e26605dfcd15a67477c79fa24
GET /DcHg2p9.jpg HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kittyland.ws/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Sat, 23 Oct 2021 00:58:56 GMT
etag: "2a79130b4ba1136e696b4b36f115b29c"
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Sat, 03 Dec 2022 07:41:12 GMT
age: 4452903
x-served-by: cache-iad-kiad7000169-IAD, cache-bma1646-BMA
x-cache: HIT, HIT
x-cache-hits: 25479, 6
x-timer: S1670053272.174347,VS0,VE0
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 33958
X-Firefox-Spdy: h2
i.imgur.com/QMlh9xK.png
151.101.84.193200 OK 98 kB IP 151.101.84.193:0
File type PNG image data, 728 x 90, 8-bit/color RGBA, non-interlaced\012- data
Hash 4372b0d9947e29db3cb5e6f3f06beb80
ee5bd644788d39f97966fbe23b82a4f93f25823e
217234b460c615adc8f4863a1764b250145ee21db520699acb1419d95a76df2b
GET /QMlh9xK.png HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kittyland.ws/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Mon, 26 Sep 2022 17:51:05 GMT
etag: "4372b0d9947e29db3cb5e6f3f06beb80"
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Sat, 03 Dec 2022 07:41:12 GMT
age: 5838607
x-served-by: cache-iad-kiad7000047-IAD, cache-bma1646-BMA
x-cache: HIT, HIT
x-cache-hits: 35470, 1
x-timer: S1670053272.174362,VS0,VE1
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 98245
X-Firefox-Spdy: h2
i.imgur.com/eGAPiV3.jpg
151.101.84.193200 OK 30 kB IP 151.101.84.193:0
File type JPEG image data, progressive, precision 8, 468x60, components 3\012- data
Hash d9897ee1e7b8410064cfeda76e85f00a
9a7748d890f28d678ee285d03bc4bf965feb3aee
8ffa5f10a26db6f85fb5a4a0ade16389cca0d63f2e341388036b5fde1c0f19d1
GET /eGAPiV3.jpg HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kittyland.ws/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Thu, 23 Jul 2020 00:59:14 GMT
etag: "d9897ee1e7b8410064cfeda76e85f00a"
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Sat, 03 Dec 2022 07:41:12 GMT
age: 4499278
x-served-by: cache-iad-kcgs7200149-IAD, cache-bma1646-BMA
x-cache: HIT, HIT
x-cache-hits: 23906, 1
x-timer: S1670053272.176461,VS0,VE1
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 30540
X-Firefox-Spdy: h2
i.imgur.com/VJtJxdE.jpg
151.101.84.193200 OK 43 kB IP 151.101.84.193:0
File type JPEG image data, progressive, precision 8, 468x60, components 3\012- data
Hash a8d7bc442b2474a75351d7becbf0d65a
da43cbf04c33c7c9180142371eea02768ce8aeee
5b3f733bb04a31aa4f489752f8a8872ec2b4c6f269cdb9377bef71184eeda355
GET /VJtJxdE.jpg HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kittyland.ws/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Mon, 26 Sep 2022 17:45:51 GMT
etag: "a8d7bc442b2474a75351d7becbf0d65a"
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Sat, 03 Dec 2022 07:41:12 GMT
age: 3954833
x-served-by: cache-iad-kcgs7200131-IAD, cache-bma1646-BMA
x-cache: HIT, HIT
x-cache-hits: 27911, 2
x-timer: S1670053272.179294,VS0,VE0
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 42562
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash baaba92c2ccd740f080a25a9ea5cb3ad
3322d5a9fb0b3a2ec83247eac9865234cbcefece
5150dcbc7293378fff4a337fd0f61bdbbf6b4f64bddba6d0fd270be37e81fe07
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 07:41:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/lobster/v28/neILzCirqoswsqX9zoKmMw.woff2
142.250.74.35200 OK 33 kB URL HTTP/2 fonts.gstatic.com/s/lobster/v28/neILzCirqoswsqX9zoKmMw.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 33436, version 1.0\012- data
Hash b9b4c932ef89c39525bfe1b604cda3a1
767246e4c7df1b6c32f590c16c135808382b1aba
9a932e49823b59769330d1ce8ef9f1b90e5ae8ecd5f2bb388d19bf684cdb7ebd
GET /s/lobster/v28/neILzCirqoswsqX9zoKmMw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://kittyland.ws
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 33436
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 17:49:38 GMT
expires: Wed, 29 Nov 2023 17:49:38 GMT
cache-control: public, max-age=31536000
age: 309094
last-modified: Tue, 26 Apr 2022 15:01:13 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
mindless-series.pro/cnD/9_6eb.2Y5-l/SCWXQh9qNuDREN3/MCzAIY3OMyw_
188.72.219.36301 Moved Permanently 162 B URL HTTP/1.1 mindless-series.pro/cnD/9_6eb.2Y5-l/SCWXQh9qNuDREN3/MCzAIY3OMyw_
IP 188.72.219.36:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /cnD/9_6eb.2Y5-l/SCWXQh9qNuDREN3/MCzAIY3OMyw_ HTTP/1.1
Host: mindless-series.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kittyland.ws/
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 03 Dec 2022 07:41:12 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://mindless-series.pro/cnD/9_6eb.2Y5-l/SCWXQh9qNuDREN3/MCzAIY3OMyw_
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Content-Type-Options: nosniff
ocsp.pki.goog/s/gts1p5/UPLqyfpVwpM
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/UPLqyfpVwpM
IP 142.250.74.131:0
Hash b2267fcbe6f45647ba4f909028409412
9befe247cfe184cbcf39a100fbccaa1a4b46e101
5d1b7fa1f9485d78bf33ed8c58ca8222222b155f0f3d41c4d1774bcc4059dde6
POST /s/gts1p5/UPLqyfpVwpM HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 07:41:12 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
use.fontawesome.com/releases/v5.5.0/webfonts/fa-solid-900.woff2
172.64.133.15200 OK 74 kB URL HTTP/2 use.fontawesome.com/releases/v5.5.0/webfonts/fa-solid-900.woff2
IP 172.64.133.15:0
File type Web Open Font Format (Version 2), TrueType, length 73852, version 1.0\012- data
Hash fb493903265cad425ccdf8e04fc2de61
fef2f08d60e907750df0bc41ce64a7139642ddf0
7798165ee5a3c6809310d8261dcbe7c8d0c12d795b7b09a71af3eb86ec8f33f2
GET /releases/v5.5.0/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://kittyland.ws
Connection: keep-alive
Referer: https://use.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 07:41:12 GMT
content-type: font/woff2
content-length: 73852
x-amz-id-2: NcVVWRcP6ZfjYXyJItBqRJTpEbB9ftFwu3pavtfDPG7ufHwsJSJlqYo4LB5NLNKwiyGAHmMC1nQ=
x-amz-request-id: VAFCPTQNPG56AB61
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:43:51 GMT
etag: "fb493903265cad425ccdf8e04fc2de61"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 555508
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zNGFvIC2HkI9XPoNC31ypzhq6JK0loQTJXpTzH%2FOJSLDAaVvQ3ukpy0HAQQGVInjGBG37%2FzbdVtOIQ5cxUP6WBQrkFrIiuP7Cr1kQRnENLKKX8VJXkQPRKjjkNjw7WZQOGT%2FLDtW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 773aa8977a91773b-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
use.fontawesome.com/releases/v5.5.0/webfonts/fa-regular-400.woff2
172.64.133.15200 OK 15 kB URL HTTP/2 use.fontawesome.com/releases/v5.5.0/webfonts/fa-regular-400.woff2
IP 172.64.133.15:0
File type Web Open Font Format (Version 2), TrueType, length 14844, version 1.0\012- data
Hash bdadb6ce95c5a2e7b673940721450d3c
f1e8cb035436d638da83d4696248cec831dcbe7a
92ba7bfaa43a35c94353e96860d99376313ee9b5fce6124d4e64067280f9a841
GET /releases/v5.5.0/webfonts/fa-regular-400.woff2 HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://kittyland.ws
Connection: keep-alive
Referer: https://use.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 07:41:12 GMT
content-type: font/woff2
content-length: 14844
x-amz-id-2: qC3NNNWqDG39pwyo7xWZmkL2x2LEdXGZ2c1SrAp9EjwfxKBhq5IBsUTsOCy5MNSIMaCCCkSiVEA=
x-amz-request-id: E3MQT4FP9ZJYXGCQ
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:43:51 GMT
etag: "bdadb6ce95c5a2e7b673940721450d3c"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 2629225
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QAo3yh3SJ2k1zVgC2TEKKTxJbUJ0xxjEV71054qG6RrNinwzpICyLs87pCUhm8TF2PMGWSj4ZhG7BXS2cP62RIvo%2Bj%2B3%2BNgwqm9xJBSMRdDi%2FOsViDnXLbHwZMSX97Wes4uPhSJs"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 773aa8979aad773b-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash baaba92c2ccd740f080a25a9ea5cb3ad
3322d5a9fb0b3a2ec83247eac9865234cbcefece
5150dcbc7293378fff4a337fd0f61bdbbf6b4f64bddba6d0fd270be37e81fe07
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 07:41:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
primejb.top/images/banner.jpg
188.114.96.1200 OK 46 kB URL HTTP/2 primejb.top/images/banner.jpg
IP 188.114.96.1:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=81, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=640], progressive, precision 8, 468x60, components 3\012- data
Hash 4c0a26a7c2f61094bc42b21d93f577a1
9f8ea928bb5487d4401784f1defddbb4f6a40ce3
d6e84160752fc3634eb3dc68f6ab8c682dc206ba396ec907288208f843150c2e
GET /images/banner.jpg HTTP/1.1
Host: primejb.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kittyland.ws/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 07:41:12 GMT
content-type: image/jpeg
content-length: 46115
last-modified: Tue, 27 Sep 2022 17:35:52 GMT
etag: "63333478-b423"
x-powered-by: PleskLin
cache-control: max-age=14400
cf-cache-status: HIT
age: 6189
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x5g4FXIsnUJo31IrYlpK%2B2Wi6G5%2BVKLZrKFGnYFSPhvMMCIDHNzR19prY0fuSAl%2FJkefzL%2BOV6dcwJzC%2Bg0ulg4wPYXp9GIWwR5sypa3htHQs530VPEOviyuUrhLpg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 773aa897df100af6-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
addresseepaper.com/sfp.js
34.160.73.230200 OK 2.6 kB URL HTTP/1.1 addresseepaper.com/sfp.js
IP 34.160.73.230:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2551), with no line terminators
Hash 41f66bb0ac50f2d851236170e7c71341
59bcec216302151922219b51be8ad8ab6d0b8384
ec99cca58b612ce268e6ada818dfcec0acc22dd1bbe372487be9abbdd07ce073
GET /sfp.js HTTP/1.1
Host: addresseepaper.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kittyland.ws/
HTTP/1.1 200 OK
Server: openresty
Date: Sat, 03 Dec 2022 07:41:12 GMT
Content-Type: text/html
Content-Length: 2551
Last-Modified: Sun, 27 Nov 2022 01:56:48 GMT
ETag: "6382c3e0-9f7"
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_ksH1sTc9EjXCmWZup74uFSR+dkwy0KAqHyDjqCX5+b0zeGjsBDwHGeUXqHO1YTnGXNMqi9DZqRg/7nsDREvaAw
Cache-Control: no-cache
X-Content-Type-Options: nosniff
Set-Cookie: caf_ipaddr=34.160.73.230;Path=/;Max-Age=86400;
country=US;Path=/;Max-Age=86400;
city="";Path=/;Max-Age=86400;
expiry_partner=enom.EXPIRED.305E185C-5D0C-4AD0-86FE-5F99F413CC83;Path=/;Max-Age=86400;
Accept-Ranges: bytes
Via: 1.1 google
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 784dcd5aaaa1913421d41fe3a6ac8d5f
4fed30769ea5ef1166f1e9a3fcee025cf3e59b56
f5ab1170cbcf8efad0719b543b1d7d7fc84d55b9f2af74904ef624f534b3a366
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F5AB1170CBCF8EFAD0719B543B1D7D7FC84D55B9F2AF74904EF624F534B3A366"
Last-Modified: Wed, 30 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7818
Expires: Sat, 03 Dec 2022 09:51:30 GMT
Date: Sat, 03 Dec 2022 07:41:12 GMT
Connection: keep-alive
kittyland.ws/images/collapse.png
103.109.100.248200 OK 369 B URL HTTP/1.1 kittyland.ws/images/collapse.png
IP 103.109.100.248:0
ASN #206264 Amarutu Technology Ltd
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 6af553ac5e86504743b02f220405abdd
c07e8d586443c0ace4d91eea0d46476845b6baec
408e40949e493302b9fd79a82e68c13509ba6370f04be5088ccd7503a4d1f94c
GET /images/collapse.png HTTP/1.1
Host: kittyland.ws
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kittyland.ws/
Cookie: mybb[lastvisit]=1670053270; mybb[lastactive]=1670053270; sid=ce7271ba07925e8998e6468f9e3434ec
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 03 Dec 2022 07:41:12 GMT
Content-Type: image/png
Content-Length: 369
Connection: keep-alive
X-Accel-Version: 0.01
Last-Modified: Fri, 13 Sep 2019 05:34:32 GMT
ETag: "171-592689bd16a00"
Accept-Ranges: bytes
X-Powered-By: PleskLin
kittyland.ws/images/kittyland_logo.png
103.109.100.248200 OK 51 kB URL HTTP/1.1 kittyland.ws/images/kittyland_logo.png
IP 103.109.100.248:0
ASN #206264 Amarutu Technology Ltd
File type PNG image data, 330 x 116, 8-bit/color RGBA, non-interlaced\012- data
Hash 9ef84d514d84be50579b37b8eea23513
bf5253c09376a483a8bb7579fc34afbfe90a20e4
cd444c8e03c6b3729bde000c8da0e6e5821391452fb3f70b5df129f5ecb42d19
GET /images/kittyland_logo.png HTTP/1.1
Host: kittyland.ws
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kittyland.ws/
Cookie: mybb[lastvisit]=1670053270; mybb[lastactive]=1670053270; sid=ce7271ba07925e8998e6468f9e3434ec
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 03 Dec 2022 07:41:12 GMT
Content-Type: image/png
Content-Length: 51412
Last-Modified: Mon, 16 Nov 2020 17:55:46 GMT
Connection: keep-alive
ETag: "5fb2bd22-c8d4"
X-Powered-By: PleskLin
Accept-Ranges: bytes
kittyland.ws/images/focus/pattern.png
103.109.100.248404 Not Found 808 B URL HTTP/1.1 kittyland.ws/images/focus/pattern.png
IP 103.109.100.248:0
ASN #206264 Amarutu Technology Ltd
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a943672a32297727bab01c3e76977550
3a667c4b7a457ef6c586cc581d533c128737bf53
b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187
GET /images/focus/pattern.png HTTP/1.1
Host: kittyland.ws
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kittyland.ws/cache/themes/theme11/global.css
Cookie: mybb[lastvisit]=1670053270; mybb[lastactive]=1670053270; sid=ce7271ba07925e8998e6468f9e3434ec; 149b4=bm9yZWZ8fHwxfDB8MHxub25lfDA6; 149b4b=1670053271
HTTP/1.1 404 Not Found
Server: nginx
Date: Sat, 03 Dec 2022 07:41:12 GMT
Content-Type: text/html
Content-Length: 808
Connection: keep-alive
Last-Modified: Sun, 24 Oct 2021 23:56:16 GMT
ETag: "328-5cf21fd70b29e"
Accept-Ranges: bytes
jbworld.ws/images/banner.jpg
185.126.237.166200 OK 31 kB URL HTTP/2 jbworld.ws/images/banner.jpg
IP 185.126.237.166:0
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=60, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=468], progressive, precision 8, 468x60, components 3\012- data
Hash e75815489a7bac8d98ddaf28dfa7dffd
d0c9ee7b82b4ed0943856a10086beed429e01f9a
0a7d6d5f25f93a3bdec9b0838364451867ea309e434875cd76b9323f3beeda42
GET /images/banner.jpg HTTP/1.1
Host: jbworld.ws
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kittyland.ws/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 07:41:12 GMT
content-type: image/jpeg
content-length: 30880
last-modified: Sun, 28 Aug 2022 18:25:47 GMT
etag: "630bb32b-78a0"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/UPLqyfpVwpM
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/UPLqyfpVwpM
IP 142.250.74.131:0
Hash b2267fcbe6f45647ba4f909028409412
9befe247cfe184cbcf39a100fbccaa1a4b46e101
5d1b7fa1f9485d78bf33ed8c58ca8222222b155f0f3d41c4d1774bcc4059dde6
POST /s/gts1p5/UPLqyfpVwpM HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 07:41:12 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
kittyland.ws/images/forum_icon_sprite.png
103.109.100.248200 OK 1.1 kB URL HTTP/1.1 kittyland.ws/images/forum_icon_sprite.png
IP 103.109.100.248:0
ASN #206264 Amarutu Technology Ltd
File type PNG image data, 30 x 120, 8-bit colormap, non-interlaced\012- data
Hash 212f6e3895ee44bf54b31cf39a162611
7d1f15044536b4f243495c47b03b2334b5493b4f
b95e7d7fb4d9efd1e305194cd5ec83f0b16a02baad62b355c66f1af8688a528b
GET /images/forum_icon_sprite.png HTTP/1.1
Host: kittyland.ws
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kittyland.ws/cache/themes/theme11/global.css
Cookie: mybb[lastvisit]=1670053270; mybb[lastactive]=1670053270; sid=ce7271ba07925e8998e6468f9e3434ec; 149b4=bm9yZWZ8fHwxfDB8MHxub25lfDA6; 149b4b=1670053271
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 03 Dec 2022 07:41:12 GMT
Content-Type: image/png
Content-Length: 1130
Last-Modified: Fri, 13 Sep 2019 05:34:30 GMT
Connection: keep-alive
ETag: "5d7b2a66-46a"
X-Powered-By: PleskLin
Accept-Ranges: bytes
wastedinvaluable.com/43/75/f7/4375f70441eacfde85e17f2cc1e0a66f.js
173.233.137.44200 OK 13 kB URL HTTP/1.1 wastedinvaluable.com/43/75/f7/4375f70441eacfde85e17f2cc1e0a66f.js
IP 173.233.137.44:0
File type ASCII text, with very long lines (37158), with no line terminators
Hash 0cbec197d28dbb39d279fa60042b3f9c
87714c6a8dc07616f2b2db22627eb605109adb3a
0afdb6b816fa5d8cb50108fb8aeaf426e38e461da6a9636c0d06d99cfb856d7c
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /43/75/f7/4375f70441eacfde85e17f2cc1e0a66f.js HTTP/1.1
Host: wastedinvaluable.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kittyland.ws/
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 03 Dec 2022 07:41:12 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 28ef6e6440883abf1256d17fada16be6
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
mindless-series.pro/cnD/9_6eb.2Y5-l/SCWXQh9qNuDREN3/MCzAIY3OMyw_
188.72.219.36200 OK 42 kB URL HTTP/2 mindless-series.pro/cnD/9_6eb.2Y5-l/SCWXQh9qNuDREN3/MCzAIY3OMyw_
IP 188.72.219.36:0
File type Unicode text, UTF-8 text, with very long lines (5600)
Hash 9cafcc2039a7bf56b55a4c336d4e5bdc
fc9a3fd54c94913d9a048fca72231641b594cf2e
fc4721e912c7ec4e0fd4f8270be380f37000b478cfe09d6bba2e9afe84686379
GET /cnD/9_6eb.2Y5-l/SCWXQh9qNuDREN3/MCzAIY3OMyw_ HTTP/1.1
Host: mindless-series.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://kittyland.ws/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 07:41:12 GMT
content-type: application/javascript
vary: Accept-Encoding
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64
expires: Mon, 26 Jul 2011 05:00:00 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
last-modified: Sat, 03 Dec 2022 07:41:12 GMT
access-control-allow-methods: GET
access-control-allow-headers: Content-Type
set-cookie: kadSlcJ=eyJ0aW1lU3RhbXAiOjE2NzAwMzY4ODUsInpvbmVzIjp7IjQxNzMyNzMiOls0MTczMjczLDEsMTY3MDA1MzI3Ml0sIjQ1NTI4MjgiOls0NTUyODI4LDEsMTY3MDAzNjg4NV19fQ==; max-age=1701589272; path=/
x-content-type-options: nosniff
content-encoding: br
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash 8be4570a1d9d09c7b793e97ee1f6edaf
cb101195afa0dbb473bcd5050ee2ab4a25af825f
b69ece6aab66eec92b6b3bd8c8e6febd027c8dac1a86faaed1b217dec8e784b1
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=113780
Date: Sat, 03 Dec 2022 07:41:12 GMT
Etag: "6389fe18-1d7"
Expires: Sun, 04 Dec 2022 15:17:32 GMT
Last-Modified: Fri, 02 Dec 2022 13:31:04 GMT
Server: ECS (nyb/1D0E)
X-Cache: Miss from cloudfront
Via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: -K7T7KBNpXP8H_GDVOZ6kycFSy2kgsVYmkr57EBikruW3mMaTq00_w==
Age: 6388
simplewebanalysis.com/stats
52.28.211.11200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 52.28.211.11:0
File type ASCII text, with no line terminators
Hash f23a1a1c4af8ed07d3af0b9dcefb1a36
8bd033ad43370fee00c56858076727f4bce919c8
b5e5e89671a175617d06507de52a7be9f298c8ed82397f776128271851124946
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://kittyland.ws
Connection: keep-alive
Referer: http://kittyland.ws/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 07:41:12 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: http://kittyland.ws
access-control-allow-credentials: true
set-cookie: uid_id2=10b83ff3-c7d4-4432-9730-25fbbce3a4af:3:1; expires=Tue, 30 Nov 2032 07:41:12 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
www.google.com/s2/favicons?domain=jviral.buzz
142.250.74.132301 Moved Permanently 331 B URL HTTP/1.1 www.google.com/s2/favicons?domain=jviral.buzz
IP 142.250.74.132:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash ce6d26b0aa59059525761d1e033fafdb
bdc70748c330be8dbc7800dfd5a0faa332943050
2f43b2361f0c38c7d0e48413d4ebe07df850a1a56997e711d951a02183e6760f
GET /s2/favicons?domain=jviral.buzz HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kittyland.ws/
HTTP/1.1 301 Moved Permanently
Location: https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://jviral.buzz&size=16
X-Content-Type-Options: nosniff
Server: sffe
Content-Length: 331
X-XSS-Protection: 0
Date: Sat, 03 Dec 2022 07:15:18 GMT
Expires: Sat, 03 Dec 2022 07:45:18 GMT
Cache-Control: public, max-age=1800
Content-Type: text/html; charset=UTF-8
Age: 1554
www.google.com/s2/favicons?domain=blackdaddy.top
142.250.74.132301 Moved Permanently 334 B URL HTTP/1.1 www.google.com/s2/favicons?domain=blackdaddy.top
IP 142.250.74.132:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 4e3785bdf84164cc667b4d83088108cf
79f44f763ce2d9f088c96f70f060cd8e61943266
c10f5962e62ed1bcc972890e85ea8aab45db0193308f2dfe0a321d22403fb719
GET /s2/favicons?domain=blackdaddy.top HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kittyland.ws/
HTTP/1.1 301 Moved Permanently
Location: https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://blackdaddy.top&size=16
X-Content-Type-Options: nosniff
Server: sffe
Content-Length: 334
X-XSS-Protection: 0
Date: Sat, 03 Dec 2022 07:15:18 GMT
Expires: Sat, 03 Dec 2022 07:45:18 GMT
Cache-Control: public, max-age=1800
Content-Type: text/html; charset=UTF-8
Age: 1554
www.google.com/s2/favicons?domain=jrice.buzz
142.250.74.132301 Moved Permanently 330 B URL HTTP/1.1 www.google.com/s2/favicons?domain=jrice.buzz
IP 142.250.74.132:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 10d10dfbdccf4f6f0390617a004cc189
c84d193d101cb7cd34ef92a54c7b2dc80d535d91
7a7906857058e892fe7162062903e71b4bf73b234beef7e5a61bcdf23c7fd9db
GET /s2/favicons?domain=jrice.buzz HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kittyland.ws/
HTTP/1.1 301 Moved Permanently
Location: https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://jrice.buzz&size=16
X-Content-Type-Options: nosniff
Server: sffe
Content-Length: 330
X-XSS-Protection: 0
Date: Sat, 03 Dec 2022 07:15:19 GMT
Expires: Sat, 03 Dec 2022 07:45:19 GMT
Cache-Control: public, max-age=1800
Content-Type: text/html; charset=UTF-8
Age: 1553
www.google.com/s2/favicons?domain=candyhub.ga
142.250.74.132301 Moved Permanently 331 B URL HTTP/1.1 www.google.com/s2/favicons?domain=candyhub.ga
IP 142.250.74.132:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 691441a9edf2e2071c59dd44322d3d1d
4a5fe190184c189eaa1713242b3065529ca6baca
a0bb8c4e2dd9176287b060f5d280e7b882a3470b6225c275ecd2c013150587f1
GET /s2/favicons?domain=candyhub.ga HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kittyland.ws/
HTTP/1.1 301 Moved Permanently
Location: https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://candyhub.ga&size=16
X-Content-Type-Options: nosniff
Server: sffe
Content-Length: 331
X-XSS-Protection: 0
Date: Sat, 03 Dec 2022 07:15:18 GMT
Expires: Sat, 03 Dec 2022 07:45:18 GMT
Cache-Control: public, max-age=1800
Content-Type: text/html; charset=UTF-8
Age: 1554
www.google.com/s2/favicons?domain=tubepornstars.tv
142.250.74.132301 Moved Permanently 336 B URL HTTP/1.1 www.google.com/s2/favicons?domain=tubepornstars.tv
IP 142.250.74.132:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 6d323114530829630422d325fb7e57e4
b23e1019e4f40b9ef7324242337e19830b781398
ca165f1923303d0348d40d623eeeb437dd68996368d24e10223f7b19ff8e369d
GET /s2/favicons?domain=tubepornstars.tv HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kittyland.ws/
HTTP/1.1 301 Moved Permanently
Location: https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://tubepornstars.tv&size=16
X-Content-Type-Options: nosniff
Server: sffe
Content-Length: 336
X-XSS-Protection: 0
Date: Sat, 03 Dec 2022 07:15:19 GMT
Expires: Sat, 03 Dec 2022 07:45:19 GMT
Cache-Control: public, max-age=1800
Content-Type: text/html; charset=UTF-8
Age: 1553
www.google.com/s2/favicons?domain=jlove.pw
142.250.74.132301 Moved Permanently 328 B URL HTTP/1.1 www.google.com/s2/favicons?domain=jlove.pw
IP 142.250.74.132:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 4e8372e82f64661ac50fc64481f62fe5
7ef63bf5ca83cd9cf3eae9b36530105039652322
f4b4466c870a2a2ee9ad9c15dff42c634ed1c793d038dd9e7f6b67dae5abcb09
GET /s2/favicons?domain=jlove.pw HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kittyland.ws/
HTTP/1.1 301 Moved Permanently
Location: https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://jlove.pw&size=16
X-Content-Type-Options: nosniff
Server: sffe
Content-Length: 328
X-XSS-Protection: 0
Date: Sat, 03 Dec 2022 07:15:19 GMT
Expires: Sat, 03 Dec 2022 07:45:19 GMT
Cache-Control: public, max-age=1800
Content-Type: text/html; charset=UTF-8
Age: 1553
www.google.com/s2/favicons?domain=bodyxxx.top
142.250.74.132301 Moved Permanently 331 B URL HTTP/1.1 www.google.com/s2/favicons?domain=bodyxxx.top
IP 142.250.74.132:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash c0b7e47d250238c949e1d4a4694723fe
75cfba07ea9a0acc252ed4d4b21b461b9d146754
89a97835fd23d5dbc83452a39e2e9825680af919b005fa2884fd16d9179a5917
GET /s2/favicons?domain=bodyxxx.top HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kittyland.ws/
HTTP/1.1 301 Moved Permanently
Location: https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://bodyxxx.top&size=16
X-Content-Type-Options: nosniff
Server: sffe
Content-Length: 331
X-XSS-Protection: 0
Date: Sat, 03 Dec 2022 07:15:19 GMT
Expires: Sat, 03 Dec 2022 07:45:19 GMT
Cache-Control: public, max-age=1800
Content-Type: text/html; charset=UTF-8
Age: 1553
www.google.com/s2/favicons?domain=sybilleporn.com
142.250.74.132301 Moved Permanently 335 B URL HTTP/1.1 www.google.com/s2/favicons?domain=sybilleporn.com
IP 142.250.74.132:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash f1ae652700d296f0308ff40d56e32de5
3138318d0a28cad8e64d798196261b3fad429378
3d429d23026d0c77ce0eaeeca8248a89f482fded36b0aa052d190adb2fb44c91
GET /s2/favicons?domain=sybilleporn.com HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kittyland.ws/
HTTP/1.1 301 Moved Permanently
Location: https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://sybilleporn.com&size=16
X-Content-Type-Options: nosniff
Server: sffe
Content-Length: 335
X-XSS-Protection: 0
Date: Sat, 03 Dec 2022 07:15:19 GMT
Expires: Sat, 03 Dec 2022 07:45:19 GMT
Cache-Control: public, max-age=1800
Content-Type: text/html; charset=UTF-8
Age: 1553
www.google.com/s2/favicons?domain=24porn.tv
142.250.74.132301 Moved Permanently 329 B URL HTTP/1.1 www.google.com/s2/favicons?domain=24porn.tv
IP 142.250.74.132:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash c285bf144091591fe3e1fe9e142bd28e
4ab7e4e1eb71e08cf4276854a3cc19fc510c50f1
6c743500ae9f6b7bd701bcb6b87ca930d5e3b69ae94bd5ba49e664d376e924e0
GET /s2/favicons?domain=24porn.tv HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kittyland.ws/
HTTP/1.1 301 Moved Permanently
Location: https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://24porn.tv&size=16
X-Content-Type-Options: nosniff
Server: sffe
Content-Length: 329
X-XSS-Protection: 0
Date: Sat, 03 Dec 2022 07:15:19 GMT
Expires: Sat, 03 Dec 2022 07:45:19 GMT
Cache-Control: public, max-age=1800
Content-Type: text/html; charset=UTF-8
Age: 1553
www.google.com/s2/favicons?domain=24porn.pro
142.250.74.132301 Moved Permanently 330 B URL HTTP/1.1 www.google.com/s2/favicons?domain=24porn.pro
IP 142.250.74.132:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash a0f169f20975f5ac60bffdaba1e32cb0
b439624ba8a04dec78da1485a1547a1d8b07485e
4d21dc849a365f5e6820768d04844f2f68df334cfeb5d4b6e32d10e07cfdd5e1
GET /s2/favicons?domain=24porn.pro HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kittyland.ws/
HTTP/1.1 301 Moved Permanently
Location: https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://24porn.pro&size=16
X-Content-Type-Options: nosniff
Server: sffe
Content-Length: 330
X-XSS-Protection: 0
Date: Sat, 03 Dec 2022 07:15:19 GMT
Expires: Sat, 03 Dec 2022 07:45:19 GMT
Cache-Control: public, max-age=1800
Content-Type: text/html; charset=UTF-8
Age: 1553
www.google.com/s2/favicons?domain=lilibox.top
142.250.74.132301 Moved Permanently 331 B URL HTTP/1.1 www.google.com/s2/favicons?domain=lilibox.top
IP 142.250.74.132:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 8c43373fb7efdc76e106a4cc4ed3d14b
e2e370194eca22bb298a4963e679e08800575493
29e6e4495715c02aa29641bd6f62fa3057f864a1f65d79e7f019b5123ed54e01
GET /s2/favicons?domain=lilibox.top HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kittyland.ws/
HTTP/1.1 301 Moved Permanently
Location: https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://lilibox.top&size=16
X-Content-Type-Options: nosniff
Server: sffe
Content-Length: 331
X-XSS-Protection: 0
Date: Sat, 03 Dec 2022 07:15:19 GMT
Expires: Sat, 03 Dec 2022 07:45:19 GMT
Cache-Control: public, max-age=1800
Content-Type: text/html; charset=UTF-8
Age: 1553
www.sizokiwhe.pro/dca454/896c4467b56b.js
67.216.91.5200 OK 26 kB URL HTTP/2 www.sizokiwhe.pro/dca454/896c4467b56b.js
IP 67.216.91.5:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash d28f772d17ab6fc0adddf108b81b4747
0e635f207068d015445c1f6c8422cd585ce74b1b
6b93c67da428757a010006bb15ccee37e33ece33e28c92eae70627f902f284ab
GET /dca454/896c4467b56b.js HTTP/1.1
Host: www.sizokiwhe.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kittyland.ws/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: ucdn/1.22.1
date: Sat, 03 Dec 2022 07:41:12 GMT
content-type: application/javascript
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315357528, public
x-ureq-id: XDrrrzssYKy7XniAYHDaCxO/1BtQYlPAo1HVcwFLMsqzmAdmqk/B6ooG0EIWoxnf5jngzO4v15H/4XOXMHf5kBdesHq2ojvvXowTQOwGQ5U=
x-served-from: l1
x-vhostid: 138, 21723
content-encoding: br
X-Firefox-Spdy: h2
www.google.com/s2/favicons?domain=hdpornfree.tv
142.250.74.132301 Moved Permanently 333 B URL HTTP/1.1 www.google.com/s2/favicons?domain=hdpornfree.tv
IP 142.250.74.132:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash e1733fb1beacc2583122988f5c869399
c65b7784398a06e836939591c106b0a06685562f
3dc11492779d428c5a27bb09b732dee76813c9376587eabb17d5f5baf3785e26
GET /s2/favicons?domain=hdpornfree.tv HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kittyland.ws/
HTTP/1.1 301 Moved Permanently
Location: https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://hdpornfree.tv&size=16
X-Content-Type-Options: nosniff
Server: sffe
Content-Length: 333
X-XSS-Protection: 0
Date: Sat, 03 Dec 2022 07:15:19 GMT
Expires: Sat, 03 Dec 2022 07:45:19 GMT
Cache-Control: public, max-age=1800
Content-Type: text/html; charset=UTF-8
Age: 1553
www.sizokiwhe.pro/dca454/896c4467b56b.js
67.216.91.5200 OK 26 kB URL HTTP/2 www.sizokiwhe.pro/dca454/896c4467b56b.js
IP 67.216.91.5:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 1470da11169a36bc5112aed3ff5a2c5a
6c0123256bdef19458c8b5dfff4f1650d517a60e
76d03c0d2eaa1608a51162a083f1a7d6bf3af3261325ad417de790e93417b367
GET /dca454/896c4467b56b.js HTTP/1.1
Host: www.sizokiwhe.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: text/plain
Origin: http://kittyland.ws
Connection: keep-alive
Referer: http://kittyland.ws/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: ucdn/1.22.1
date: Sat, 03 Dec 2022 07:41:12 GMT
content-type: application/javascript
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315357528, public
x-ureq-id: XDrrrzssYKy7XniAYHDaCxO/1BtQYlPAo1HVcwFLMsqzmAdmqk/B6ooG0EIWoxnf5jngzO4v15H/4XOXMHf5kBdesHq2ojvvXowTQOwGQ5U=
x-served-from: l1
x-vhostid: 138, 21661
content-encoding: br
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Lobster
142.250.74.106200 OK 803 B URL HTTP/2 fonts.googleapis.com/css?family=Lobster
IP 142.250.74.106:0
Hash 34034cc8525196af15e733c43edcbae5
c207b2f9f83ca3ef7afacbb7345f80cf59a75930
b766a57d7e6c948a8e77f47bea74b7529d266bba0bd168803e30033699624018
GET /css?family=Lobster HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kittyland.ws/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 03 Dec 2022 07:41:11 GMT
date: Sat, 03 Dec 2022 07:41:11 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/s2/favicons?domain=hdsextube.tv
142.250.74.132301 Moved Permanently 332 B URL HTTP/1.1 www.google.com/s2/favicons?domain=hdsextube.tv
IP 142.250.74.132:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash b6e59ebcfa87ea6eeea1298b512888d5
a4d4eb71e095a0f72cb43d479cdd31f3b8102661
9da2fe5098ea567388dfc8651a389543cf3953674351f9cec6834f0409026e0b
GET /s2/favicons?domain=hdsextube.tv HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kittyland.ws/
HTTP/1.1 301 Moved Permanently
Location: https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://hdsextube.tv&size=16
X-Content-Type-Options: nosniff
Server: sffe
Content-Length: 332
X-XSS-Protection: 0
Date: Sat, 03 Dec 2022 07:15:19 GMT
Expires: Sat, 03 Dec 2022 07:45:19 GMT
Cache-Control: public, max-age=1800
Content-Type: text/html; charset=UTF-8
Age: 1553
www.google-analytics.com/analytics.js
142.250.74.46200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.46:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kittyland.ws/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Sat, 03 Dec 2022 06:46:55 GMT
expires: Sat, 03 Dec 2022 08:46:55 GMT
cache-control: public, max-age=7200
age: 3257
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/s2/favicons?domain=anyxxx.me
142.250.74.132301 Moved Permanently 329 B URL HTTP/1.1 www.google.com/s2/favicons?domain=anyxxx.me
IP 142.250.74.132:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash bad540107e78e90b1ab42c810a6f64ca
524783c2531f2c2085f55d1ad332728ad22ef95d
55b4dd6cf63fc96d5af7efc90844c2a8f836406d9971c43145affc5957ca84e4
GET /s2/favicons?domain=anyxxx.me HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kittyland.ws/
HTTP/1.1 301 Moved Permanently
Location: https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://anyxxx.me&size=16
X-Content-Type-Options: nosniff
Server: sffe
Content-Length: 329
X-XSS-Protection: 0
Date: Sat, 03 Dec 2022 07:15:19 GMT
Expires: Sat, 03 Dec 2022 07:45:19 GMT
Cache-Control: public, max-age=1800
Content-Type: text/html; charset=UTF-8
Age: 1553
www.google.com/s2/favicons?domain=hdpornmax.net
142.250.74.132301 Moved Permanently 333 B URL HTTP/1.1 www.google.com/s2/favicons?domain=hdpornmax.net
IP 142.250.74.132:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash a20c91a7c716e28bd3090aacae5fe28a
cf56821b102edcfeb9de038370153b3c5f2343cc
99cf74f810465c81760d74876f61b41d250c365fed9a2429db5d9d1a94a2fbc1
GET /s2/favicons?domain=hdpornmax.net HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kittyland.ws/
HTTP/1.1 301 Moved Permanently
Location: https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://hdpornmax.net&size=16
X-Content-Type-Options: nosniff
Server: sffe
Content-Length: 333
X-XSS-Protection: 0
Date: Sat, 03 Dec 2022 07:15:19 GMT
Expires: Sat, 03 Dec 2022 07:45:19 GMT
Cache-Control: public, max-age=1800
Content-Type: text/html; charset=UTF-8
Age: 1553
www.google.com/s2/favicons?domain=jbslist.top
142.250.74.132301 Moved Permanently 331 B URL HTTP/1.1 www.google.com/s2/favicons?domain=jbslist.top
IP 142.250.74.132:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 43ff4e1eac235bc6f40e8c2414aac681
792bdc2be97b5534cd0958306a701876ac67b5f9
74f125c07a9bf46abbae5f182dfaf47bdf112468fee50c233983f3dfc55feccf
GET /s2/favicons?domain=jbslist.top HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kittyland.ws/
HTTP/1.1 301 Moved Permanently
Location: https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://jbslist.top&size=16
Content-Type: text/html; charset=UTF-8
X-Content-Type-Options: nosniff
Date: Sat, 03 Dec 2022 07:41:12 GMT
Expires: Sat, 03 Dec 2022 08:11:12 GMT
Cache-Control: public, max-age=1800
Server: sffe
Content-Length: 331
X-XSS-Protection: 0
www.google.com/s2/favicons?domain=anyxxx.tv
142.250.74.132301 Moved Permanently 329 B URL HTTP/1.1 www.google.com/s2/favicons?domain=anyxxx.tv
IP 142.250.74.132:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash ed93b876ca9356565c586b780210b243
8531babc04a6bf94677bdbf3c19355701d3103dc
72ea9f5c11e4a2b48d59e3429aa6ebafd5ebd0b077ffb75febc5da2e139f4c45
GET /s2/favicons?domain=anyxxx.tv HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kittyland.ws/
HTTP/1.1 301 Moved Permanently
Location: https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://anyxxx.tv&size=16
X-Content-Type-Options: nosniff
Server: sffe
Content-Length: 329
X-XSS-Protection: 0
Date: Sat, 03 Dec 2022 07:15:19 GMT
Expires: Sat, 03 Dec 2022 07:45:19 GMT
Cache-Control: public, max-age=1800
Content-Type: text/html; charset=UTF-8
Age: 1553
www.google-analytics.com/j/collect?v=1&_v=j98&a=1164273757&t=pageview&_s=1&dl=http%3A%2F%2Fkittyland.ws%2F&ul=en-us&de=UTF-8&dt=Kittyland.ws%20%7C%20Teen%20Porn%20Forum&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAUABAAAAACAAI~&jid=146630459&gjid=353042154&cid=2012465956.1670053271&tid=UA-135448172-1&_gid=1665275430.1670053271&_r=1>m=2oubu0&z=332054512
142.250.74.46200 OK 1 B URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j98&a=1164273757&t=pageview&_s=1&dl=http%3A%2F%2Fkittyland.ws%2F&ul=en-us&de=UTF-8&dt=Kittyland.ws%20%7C%20Teen%20Porn%20Forum&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAUABAAAAACAAI~&jid=146630459&gjid=353042154&cid=2012465956.1670053271&tid=UA-135448172-1&_gid=1665275430.1670053271&_r=1>m=2oubu0&z=332054512
IP 142.250.74.46:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?v=1&_v=j98&a=1164273757&t=pageview&_s=1&dl=http%3A%2F%2Fkittyland.ws%2F&ul=en-us&de=UTF-8&dt=Kittyland.ws%20%7C%20Teen%20Porn%20Forum&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAUABAAAAACAAI~&jid=146630459&gjid=353042154&cid=2012465956.1670053271&tid=UA-135448172-1&_gid=1665275430.1670053271&_r=1>m=2oubu0&z=332054512 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: http://kittyland.ws
Connection: keep-alive
Referer: http://kittyland.ws/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: http://kittyland.ws
date: Sat, 03 Dec 2022 07:41:13 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://24porn.tv&size=16
142.250.74.100200 OK 283 B URL HTTP/2 t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://24porn.tv&size=16
IP 142.250.74.100:0
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Hash c5b1698c4d26c2d63bbfc124b0681b71
844d2dee7415a3cae8350499ec0b12add789e156
d38e45cf8affd70e0de47b9b36c37fc23a510ea14faf40b614c16bd0c37cdf1a
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://24porn.tv&size=16 HTTP/1.1
Host: t3.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://kittyland.ws/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-location: https://24porn.tv/i/favicon/apple-icon-57x57.png
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 283
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 02 Dec 2022 05:38:18 GMT
expires: Fri, 09 Dec 2022 05:38:18 GMT
cache-control: public, max-age=604800
age: 93775
last-modified: Sat, 25 Jul 2020 09:55:50 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://jviral.buzz&size=16
142.250.74.100404 Not Found 726 B URL HTTP/2 t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://jviral.buzz&size=16
IP 142.250.74.100:0
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash b8a0bf372c762e966cc99ede8682bc71
2d7c9b60d1e2b4f4726141de2e4ab738110b9287
59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://jviral.buzz&size=16 HTTP/1.1
Host: t3.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://kittyland.ws/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
cross-origin-resource-policy: cross-origin
content-type: image/png
x-content-type-options: nosniff
date: Sat, 03 Dec 2022 07:41:13 GMT
server: sffe
content-length: 726
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://anyxxx.tv&size=16
142.250.74.100200 OK 239 B URL HTTP/2 t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://anyxxx.tv&size=16
IP 142.250.74.100:0
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Hash cde8fdf8fde40716549d2933804709a8
ad4183499e9608046dc9e01808e6f815f9125df8
a48d941fdd18a8a0fbd797121e1edb17e5dd110d54b3cc26ad9afd45c813ab11
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://anyxxx.tv&size=16 HTTP/1.1
Host: t3.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://kittyland.ws/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-location: https://anyxxx.tv/i/favicon/apple-icon-57x57.png
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 239
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 16:53:11 GMT
expires: Tue, 06 Dec 2022 16:53:11 GMT
cache-control: public, max-age=604800
last-modified: Sun, 17 Nov 2019 05:28:33 GMT
content-type: image/png
age: 312482
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://anyxxx.me&size=16
142.250.74.100200 OK 279 B URL HTTP/2 t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://anyxxx.me&size=16
IP 142.250.74.100:0
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Hash 867b7763cb66e3b52e1cab9f44e457ed
1286d804ffe272238c8c7ed575c64e9c67f0814b
f973e57a107e1664720b3a88ce9a55afea5338e2caca4a1bd5c4e3edac091437
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://anyxxx.me&size=16 HTTP/1.1
Host: t3.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://kittyland.ws/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-location: https://anyxxx.me/i/favicon/apple-icon-60x60.png
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 279
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 02 Dec 2022 21:40:33 GMT
expires: Fri, 09 Dec 2022 21:40:33 GMT
cache-control: public, max-age=604800
last-modified: Sun, 26 Jul 2020 15:31:28 GMT
content-type: image/png
age: 36040
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://jbslist.top&size=16
142.250.74.100200 OK 690 B URL HTTP/2 t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://jbslist.top&size=16
IP 142.250.74.100:0
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 60071760c88670cbaeebbd793fec5a88
2cf1582f9da6c2e0aac3debe5768be31c63df3f6
4d8b81e2b4a3309a4867ceebb9aa434d35bc323976d190a6a2146beda40e5bf1
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://jbslist.top&size=16 HTTP/1.1
Host: t3.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://kittyland.ws/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-location: http://jbslist.top/images/focus/favicon.ico
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 690
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 16:49:34 GMT
expires: Wed, 07 Dec 2022 16:49:34 GMT
cache-control: public, max-age=604800
age: 226299
last-modified: Sat, 20 Apr 2019 09:44:17 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://niceporn.tv&size=16
142.250.74.100200 OK 205 B URL HTTP/2 t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://niceporn.tv&size=16
IP 142.250.74.100:0
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Hash 1225e3807d6f671d1c728aa090b8afca
bc6b16cbdcc786788df549928c503e944737072b
48a22e814a57399c87d77d1f0b2de40e4426425a37ba63338ad610644d1364eb
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://niceporn.tv&size=16 HTTP/1.1
Host: t3.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://kittyland.ws/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-location: https://niceporn.tv/i/favicon/apple-icon-57x57.png
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 205
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 00:14:53 GMT
expires: Tue, 06 Dec 2022 00:14:53 GMT
cache-control: public, max-age=604800
age: 372380
last-modified: Sat, 16 Nov 2019 04:54:39 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://lilibox.top&size=16
142.250.74.100200 OK 565 B URL HTTP/2 t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://lilibox.top&size=16
IP 142.250.74.100:0
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Hash 63f22f1ceefc11f583c1ef226bc113bc
03c1ad8c4ef751dab23658a66e1f70fe5a364558
3247333430d523ab8e1e023b9f2e1f5a7e592e705fb911940cfd2262cce78719
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://lilibox.top&size=16 HTTP/1.1
Host: t2.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://kittyland.ws/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-location: https://lilibox.top/favicon.ico
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 565
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Dec 2022 06:46:33 GMT
expires: Thu, 08 Dec 2022 06:46:33 GMT
cache-control: public, max-age=604800
age: 176080
last-modified: Sun, 05 Jul 2020 03:07:18 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://hdsextube.tv&size=16
142.250.74.100200 OK 225 B URL HTTP/2 t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://hdsextube.tv&size=16
IP 142.250.74.100:0
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Hash 698f5b42114422890362881124e590c7
95c0a0d9e12d8ef4581734799ae72befb7134354
a59cc0779b9c9c887e8f3ac12eeacefcc4d2945d5f4a8ff21ac52b787ce67a6e
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://hdsextube.tv&size=16 HTTP/1.1
Host: t2.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://kittyland.ws/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-location: https://hdsextube.tv/i/favicon/apple-icon-57x57.png
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 225
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 26 Nov 2022 08:14:06 GMT
expires: Sat, 03 Dec 2022 08:14:06 GMT
cache-control: public, max-age=604800
age: 602827
last-modified: Thu, 15 Jul 2021 14:22:52 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://sexyhouse.top&size=16
142.250.74.100200 OK 565 B URL HTTP/2 t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://sexyhouse.top&size=16
IP 142.250.74.100:0
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Hash 63f22f1ceefc11f583c1ef226bc113bc
03c1ad8c4ef751dab23658a66e1f70fe5a364558
3247333430d523ab8e1e023b9f2e1f5a7e592e705fb911940cfd2262cce78719
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://sexyhouse.top&size=16 HTTP/1.1
Host: t2.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://kittyland.ws/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-location: https://sexyhouse.top/favicon.ico
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 565
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 27 Nov 2022 10:49:14 GMT
expires: Sun, 04 Dec 2022 10:49:14 GMT
cache-control: public, max-age=604800
age: 507119
last-modified: Sun, 05 Jul 2020 03:07:18 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://jlove.pw&size=16
142.250.74.100404 Not Found 726 B URL HTTP/2 t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://jlove.pw&size=16
IP 142.250.74.100:0
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash b8a0bf372c762e966cc99ede8682bc71
2d7c9b60d1e2b4f4726141de2e4ab738110b9287
59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://jlove.pw&size=16 HTTP/1.1
Host: t3.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://kittyland.ws/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
cross-origin-resource-policy: cross-origin
content-type: image/png
x-content-type-options: nosniff
date: Sat, 03 Dec 2022 07:41:13 GMT
server: sffe
content-length: 726
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://24porn.pro&size=16
142.250.74.68200 OK 276 B URL HTTP/2 t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://24porn.pro&size=16
IP 142.250.74.68:0
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Hash c53cd36e5c2e30ee797e90c6a9795bb3
b21981ff3828dc30b8a8db43679dbdcae73e12ce
3668974c9c95935a9ef62cbb92e8e4c50a2d149fb13029b89be20c70e140f0a4
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://24porn.pro&size=16 HTTP/1.1
Host: t1.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://kittyland.ws/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-location: https://24porn.pro/i/favicon/apple-icon-57x57.png
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 276
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 02 Dec 2022 17:43:31 GMT
expires: Fri, 09 Dec 2022 17:43:31 GMT
cache-control: public, max-age=604800
age: 50262
last-modified: Fri, 27 Aug 2021 19:26:29 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://hdpornfree.tv&size=16
142.250.74.132200 OK 413 B URL HTTP/2 t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://hdpornfree.tv&size=16
IP 142.250.74.132:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 16x16, components 3\012- data
Hash 9d84b798ec786a0f39557740f90dbed5
3c598cebc1eb1947499741e023dc4716f04f6e8f
6b87bc8e850b520a9ce6c99b9e6f9782296a320de1460b52ff7fc574ab6bf3df
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://hdpornfree.tv&size=16 HTTP/1.1
Host: t0.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://kittyland.ws/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-location: https://hdpornfree.tv/i/favicon/apple-icon-57x57.png
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 413
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 21:15:38 GMT
expires: Tue, 06 Dec 2022 21:15:38 GMT
cache-control: public, max-age=604800
age: 296735
last-modified: Mon, 17 Aug 2020 04:03:03 GMT
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://fap18.tv&size=16
142.250.74.68200 OK 248 B URL HTTP/2 t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://fap18.tv&size=16
IP 142.250.74.68:0
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Hash 8e6ba5af4906e0f7e0278ffeb02bdedc
907b0b3dd605218b7f84c0eb8cc16edceb0ebe20
000bb8316fbe3758f43c20aa99c67cb869cfe42de916afdcdcb71d4f72449c6c
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://fap18.tv&size=16 HTTP/1.1
Host: t1.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://kittyland.ws/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-location: https://fap18.tv/i/favicon/apple-icon-57x57.png
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 248
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Dec 2022 10:11:58 GMT
expires: Thu, 08 Dec 2022 10:11:58 GMT
cache-control: public, max-age=604800
age: 163755
last-modified: Tue, 07 Dec 2021 12:56:04 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://blackdaddy.top&size=16
142.250.74.132404 Not Found 726 B URL HTTP/2 t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://blackdaddy.top&size=16
IP 142.250.74.132:0
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash b8a0bf372c762e966cc99ede8682bc71
2d7c9b60d1e2b4f4726141de2e4ab738110b9287
59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://blackdaddy.top&size=16 HTTP/1.1
Host: t0.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://kittyland.ws/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
cross-origin-resource-policy: cross-origin
content-type: image/png
x-content-type-options: nosniff
date: Sat, 03 Dec 2022 07:41:13 GMT
server: sffe
content-length: 726
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://sybilleporn.com&size=16
142.250.74.100404 Not Found 726 B URL HTTP/2 t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://sybilleporn.com&size=16
IP 142.250.74.100:0
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash b8a0bf372c762e966cc99ede8682bc71
2d7c9b60d1e2b4f4726141de2e4ab738110b9287
59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://sybilleporn.com&size=16 HTTP/1.1
Host: t2.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://kittyland.ws/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
cross-origin-resource-policy: cross-origin
content-type: image/png
x-content-type-options: nosniff
date: Sat, 03 Dec 2022 07:41:13 GMT
server: sffe
content-length: 726
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://hdpornmax.net&size=16
142.250.74.68200 OK 218 B URL HTTP/2 t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://hdpornmax.net&size=16
IP 142.250.74.68:0
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Hash 23e7c74eb1c0d8c317fd1e522496a999
8b5f32b58d0e610aff161adb60c201066a4760b5
02c4e5409423f4284363cb06f5108d7234cdd15d15ab9377d16067fe981423fe
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://hdpornmax.net&size=16 HTTP/1.1
Host: t1.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://kittyland.ws/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-location: https://hdpornmax.net/i/favicon/apple-icon-57x57.png
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 218
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 18:55:01 GMT
expires: Tue, 06 Dec 2022 18:55:01 GMT
cache-control: public, max-age=604800
age: 305172
last-modified: Sun, 16 Aug 2020 18:06:23 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://jrice.buzz&size=16
142.250.74.68404 Not Found 726 B URL HTTP/2 t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://jrice.buzz&size=16
IP 142.250.74.68:0
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash b8a0bf372c762e966cc99ede8682bc71
2d7c9b60d1e2b4f4726141de2e4ab738110b9287
59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://jrice.buzz&size=16 HTTP/1.1
Host: t1.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://kittyland.ws/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
cross-origin-resource-policy: cross-origin
content-type: image/png
x-content-type-options: nosniff
date: Sat, 03 Dec 2022 07:41:13 GMT
server: sffe
content-length: 726
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://tubepornstars.tv&size=16
142.250.74.100200 OK 311 B URL HTTP/2 t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://tubepornstars.tv&size=16
IP 142.250.74.100:0
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Hash c2909676a97b1fdabd860e42061291f7
a0a396b2972582da6a8755bf83ecaf786d7595cb
5663a817552e2624296bf8f86aea6c8f444b80f314376d675154247ac9dd8e6e
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://tubepornstars.tv&size=16 HTTP/1.1
Host: t2.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://kittyland.ws/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-location: https://tubepornstars.tv/i/favicon/apple-icon-57x57.png
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 311
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 07:38:35 GMT
expires: Tue, 06 Dec 2022 07:38:35 GMT
cache-control: public, max-age=604800
age: 345758
last-modified: Mon, 09 Nov 2020 21:21:25 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://bodyxxx.top&size=16
142.250.74.132404 Not Found 726 B URL HTTP/2 t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://bodyxxx.top&size=16
IP 142.250.74.132:0
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash b8a0bf372c762e966cc99ede8682bc71
2d7c9b60d1e2b4f4726141de2e4ab738110b9287
59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://bodyxxx.top&size=16 HTTP/1.1
Host: t0.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://kittyland.ws/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
cross-origin-resource-policy: cross-origin
content-type: image/png
x-content-type-options: nosniff
date: Sat, 03 Dec 2022 07:41:13 GMT
server: sffe
content-length: 726
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://candyhub.ga&size=16
142.250.74.100404 Not Found 726 B URL HTTP/2 t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://candyhub.ga&size=16
IP 142.250.74.100:0
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash b8a0bf372c762e966cc99ede8682bc71
2d7c9b60d1e2b4f4726141de2e4ab738110b9287
59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://candyhub.ga&size=16 HTTP/1.1
Host: t2.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://kittyland.ws/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
cross-origin-resource-policy: cross-origin
content-type: image/png
x-content-type-options: nosniff
date: Sat, 03 Dec 2022 07:41:13 GMT
server: sffe
content-length: 726
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
d24ak3f2b.top/advertisers.js
142.0.204.220301 Moved Permanently 169 B URL HTTP/1.1 d24ak3f2b.top/advertisers.js
IP 142.0.204.220:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash b67ff43c74c409b92738a1ffb1f475d1
a2412a605ea6acb486140efeaa8724437f1ca2d4
ed0e3abc38200f1ac27c81af2b64db537ceb7379bf2554b7cb6d697aa7daf014
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /advertisers.js HTTP/1.1
Host: d24ak3f2b.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kittyland.ws/
HTTP/1.1 301 Moved Permanently
Server: nginx/1.17.6
Date: Sat, 03 Dec 2022 07:41:13 GMT
Content-Type: text/html
Content-Length: 169
Connection: keep-alive
Location: https://d24ak3f2b.top/advertisers.js
kittyland.ws/favicon.ico
103.109.100.248200 OK 801 B IP 103.109.100.248:0
ASN #206264 Amarutu Technology Ltd
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash b7f2dffaa88cad48dde72cd70b61b82b
04a8b696763c6d0186aca72fd7c48cd51b4d9e97
62151b674703a300dd668ccad9550335d2b687b12a9cda00a53581c3c83c2868
GET /favicon.ico HTTP/1.1
Host: kittyland.ws
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kittyland.ws/
Cookie: mybb[lastvisit]=1670053270; mybb[lastactive]=1670053270; sid=ce7271ba07925e8998e6468f9e3434ec; 149b4=bm9yZWZ8fHwxfDB8MHxub25lfDA6; 149b4b=1670053271; ppu_main_a289cea0efc01ecc6d483b54b6e14570=1; dom3ic8zudi28v8lr6fgphwffqoz0j6c=10b83ff3-c7d4-4432-9730-25fbbce3a4af%3A3%3A1
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 03 Dec 2022 07:41:12 GMT
Content-Type: image/vnd.microsoft.icon
Content-Length: 801
Connection: keep-alive
X-Accel-Version: 0.01
Last-Modified: Fri, 13 Sep 2019 05:33:54 GMT
ETag: "321-59268998d9480"
Accept-Ranges: bytes
X-Powered-By: PleskLin
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5896
Expires: Sat, 03 Dec 2022 09:19:29 GMT
Date: Sat, 03 Dec 2022 07:41:13 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5896
Expires: Sat, 03 Dec 2022 09:19:29 GMT
Date: Sat, 03 Dec 2022 07:41:13 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5896
Expires: Sat, 03 Dec 2022 09:19:29 GMT
Date: Sat, 03 Dec 2022 07:41:13 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5898
Expires: Sat, 03 Dec 2022 09:19:31 GMT
Date: Sat, 03 Dec 2022 07:41:13 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5896
Expires: Sat, 03 Dec 2022 09:19:29 GMT
Date: Sat, 03 Dec 2022 07:41:13 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59297fb7-bcb3-48eb-83b5-7d264b21c3db.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59297fb7-bcb3-48eb-83b5-7d264b21c3db.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 436b46a2eea584bd8ec1dba5603c8659
fed437d1919af63f9d58396f318568aadae3d868
fff21dd129f35807bfc29c6582661a79e764238076e540968b57fcad18811566
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59297fb7-bcb3-48eb-83b5-7d264b21c3db.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8016
x-amzn-requestid: bfb5f288-4467-467a-9b30-1055a4e6bc54
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ciZPeE4nIAMFvnQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638a6f2f-53a5a66704157f4e003ecfa4;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 21:33:35 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: lUqXgbpEaZh9DO_rv0K5pzHUAF1DsASkKYNTU6t5AUWZjHNV9LRojA==
via: 1.1 aabd01c4a20dae837d162bd972422efc.cloudfront.net (CloudFront), 1.1 36810aa1793ee589dc8c194860296078.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 22:01:05 GMT
age: 34808
etag: "fed437d1919af63f9d58396f318568aadae3d868"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5e765102-d7b9-4765-a166-db04ae6113bc.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5e765102-d7b9-4765-a166-db04ae6113bc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dcdb77a21f91a4a280ac9a8efbc48bbd
74c974eaf1cbdf6c5ae11793e42caf4c4e4cb25d
5ee7c45f21b38c653d03a24b10a190a9e9266226d221b006e787cd3719088d7f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5e765102-d7b9-4765-a166-db04ae6113bc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11233
x-amzn-requestid: 89afb72e-6967-47d0-a0ad-48cad8cd08e3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cIpgOEi0oAMFstg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638022ce-1e8087e734e71d611df75830;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 02:05:02 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: d9wLy3xAxK6RiYf25v_GFT1gdezT8IzMxaFyGRuGm2nxOBh6uEOg3w==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 22:01:29 GMT
age: 34784
etag: "74c974eaf1cbdf6c5ae11793e42caf4c4e4cb25d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg
34.120.237.76200 OK 2.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b47431190f34eccf0a6efb98e2a32b7d
9fc7ab3a4eb2d36fd6df7e0267a26a47627d1704
08d3b6be354cafb70c20e6865788cb375adbf88d47711651fe1a3b855094daf2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 2942
x-amzn-requestid: ed26679f-cd56-477f-9914-f9afbcaaeea6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGeoGFYoAMFWgA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891df7-4ec6bebe21656d5026456994;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:47 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XvG2dAUeB914GQ1qJwQRHovAtra8OSjG-CsXeR8UOBq5r8qVjEbPBQ==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 05:02:08 GMT
age: 9545
etag: "9fc7ab3a4eb2d36fd6df7e0267a26a47627d1704"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F73b53015-e415-4fff-9252-8a16bbe000f5.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F73b53015-e415-4fff-9252-8a16bbe000f5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 45182367fd4f8b6dd234eef1022acdb1
d4b3052021ff3ad1dc4134fa25eb12a98e7c17da
a57fadaf74db2fb457cfe761314d56f021d22146f5bdb6a8bf11b6519e8a558d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F73b53015-e415-4fff-9252-8a16bbe000f5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9715
x-amzn-requestid: c8102cfa-78dc-4d81-ad6a-e16b9132e238
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ciZO2HQKIAMF8IA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638a6f2b-350c586b568e6565763376bd;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 21:33:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 0QkVKyYm9UwlF5FEeli9UsRAQwEi3-c3bMR-QSJxIKRQe7WWT76dGQ==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 21:51:06 GMT
age: 35407
etag: "d4b3052021ff3ad1dc4134fa25eb12a98e7c17da"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e545217-31b4-442a-abef-bcaaffcd0407.png
34.120.237.76200 OK 9.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e545217-31b4-442a-abef-bcaaffcd0407.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 249aec334460c66dc88b9e8def4e48df
f86d1d278ba5b24587b10519b1b30d75044efd97
b083151804ced0533a5b33302ef110b50ddc4bf653de0fb8f6c7711f4bc29fe2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e545217-31b4-442a-abef-bcaaffcd0407.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9449
x-amzn-requestid: c21c52f9-d971-46d9-b632-0439a0e23da4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ciZkxHKbIAMFxkQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638a6fb7-2b8cc0982af568626f4a4bbf;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 21:35:51 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XFIpOllaPcRJOsgZI2EVDyFv-Doz62OcY6gxFlejoXxdeVGya-PNFg==
via: 1.1 b838ef1ff22a4a994af82d5178c30e1c.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 21:53:26 GMT
age: 35267
etag: "f86d1d278ba5b24587b10519b1b30d75044efd97"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8498f68-55a6-46be-9eb1-671b7a90a148.jpeg
34.120.237.76200 OK 3.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8498f68-55a6-46be-9eb1-671b7a90a148.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ce5811e1c83156e6a6d4557c33faafe5
ba23b3c6adc42832ccd60941123d78dab3e435d5
a9394a4f8f80733a19fb03bc3ad216f4e15c9ba7110e2e181272304ea2f3f2df
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8498f68-55a6-46be-9eb1-671b7a90a148.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3321
x-amzn-requestid: b418b18c-969e-4525-8263-0c910593f7fa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ciZN2HJaoAMFQ2Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638a6f25-5196fa3028f5fb80160617af;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 21:33:25 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: zjXwnCMm7SoCWDGhO71JV6Itob3-rdlXetrU2UmDw6p-eeFt0T6sfA==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 21:49:27 GMT
etag: "ba23b3c6adc42832ccd60941123d78dab3e435d5"
content-type: image/jpeg
age: 35506
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c3ffcfe4805f6021008d31295afd1cc9
9e948781f867b213b5c8d57e860db7fb90893764
c0e18d4fbffbd76492c76fabc6bbfc3e96d023cc1c0cff6db1da24365226c44e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C0E18D4FBFFBD76492C76FABC6BBFC3E96D023CC1C0CFF6DB1DA24365226C44E"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14775
Expires: Sat, 03 Dec 2022 11:47:28 GMT
Date: Sat, 03 Dec 2022 07:41:13 GMT
Connection: keep-alive
d24ak3f2b.top/advertisers.js
142.0.204.220200 OK 0 B URL HTTP/1.1 d24ak3f2b.top/advertisers.js
IP 142.0.204.220:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /advertisers.js HTTP/1.1
Host: d24ak3f2b.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://kittyland.ws/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sat, 03 Dec 2022 07:41:13 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
unseenreport.com/pxf.gif?uuid=10b83ff3-c7d4-4432-9730-25fbbce3a4af&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1053&b_frame=0&pk=a289cea0efc01ecc6d483b54b6e14570&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=7
192.243.59.12200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=10b83ff3-c7d4-4432-9730-25fbbce3a4af&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1053&b_frame=0&pk=a289cea0efc01ecc6d483b54b6e14570&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=7
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=10b83ff3-c7d4-4432-9730-25fbbce3a4af&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1053&b_frame=0&pk=a289cea0efc01ecc6d483b54b6e14570&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=7 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kittyland.ws/
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sat, 03 Dec 2022 07:41:14 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 2dd257c93adca5a220474ab80f2ea3c3
Strict-Transport-Security: max-age=0; includeSubdomains
unseenreport.com/pxf.gif?uuid=10b83ff3-c7d4-4432-9730-25fbbce3a4af&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1053&b_frame=0&pk=4375f70441eacfde85e17f2cc1e0a66f&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=7
192.243.59.12200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=10b83ff3-c7d4-4432-9730-25fbbce3a4af&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1053&b_frame=0&pk=4375f70441eacfde85e17f2cc1e0a66f&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=7
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=10b83ff3-c7d4-4432-9730-25fbbce3a4af&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1053&b_frame=0&pk=4375f70441eacfde85e17f2cc1e0a66f&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=7 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kittyland.ws/
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sat, 03 Dec 2022 07:41:14 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 16efe7b146d29a706e9b3042ef2f7efe
Strict-Transport-Security: max-age=0; includeSubdomains
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 2aecb4f85e02ebc697bb91bb67456d82
2ef35add95a18ac5846ee32df0dd0a63700a2133
4bc2f398453e4555768605e037634156176592626df384f881d782e85b316ca9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4BC2F398453E4555768605E037634156176592626DF384F881D782E85B316CA9"
Last-Modified: Fri, 02 Dec 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9261
Expires: Sat, 03 Dec 2022 10:15:39 GMT
Date: Sat, 03 Dec 2022 07:41:18 GMT
Connection: keep-alive
organexpectationsmaintain.com/sbar.json?key=4375f70441eacfde85e17f2cc1e0a66f&uuid=10b83ff3-c7d4-4432-9730-25fbbce3a4af%3A3%3A1
192.243.59.12403 Forbidden 0 B URL HTTP/1.1 organexpectationsmaintain.com/sbar.json?key=4375f70441eacfde85e17f2cc1e0a66f&uuid=10b83ff3-c7d4-4432-9730-25fbbce3a4af%3A3%3A1
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /sbar.json?key=4375f70441eacfde85e17f2cc1e0a66f&uuid=10b83ff3-c7d4-4432-9730-25fbbce3a4af%3A3%3A1 HTTP/1.1
Host: organexpectationsmaintain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://kittyland.ws
Connection: keep-alive
Referer: http://kittyland.ws/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 403 Forbidden
Server: nginx/1.17.6
Date: Sat, 03 Dec 2022 07:41:18 GMT
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
organexpectationsmaintain.com/pixel/sbe?t=1&error=timeout
192.243.59.12200 OK 0 B URL HTTP/1.1 organexpectationsmaintain.com/pixel/sbe?t=1&error=timeout
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbe?t=1&error=timeout HTTP/1.1
Host: organexpectationsmaintain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kittyland.ws/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sat, 03 Dec 2022 07:41:18 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
use.fontawesome.com/releases/v5.5.0/css/all.css
172.64.133.15200 OK 0 B URL HTTP/2 use.fontawesome.com/releases/v5.5.0/css/all.css
IP 172.64.133.15:0
GET /releases/v5.5.0/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://kittyland.ws
Connection: keep-alive
Referer: http://kittyland.ws/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 07:41:11 GMT
content-type: text/css
x-amz-id-2: wZ9BtsRgr5gZ2v6YayPSG+L4OUC88JpTz+G8bQtF+0KHbphgqr/wfFTOUBA/WkSbskwBhBVjqz4=
x-amz-request-id: 3JAS5C4QMC17M595
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:43:32 GMT
etag: W/"1cc6c92172d124fbd305ba3d8e263333"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 555827
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cD3lrpT2ZWG0ghN5CvF8tUBTcB5XHc6lj8JULn1SKAyR0zE593ieah42dudWs%2F8oLyxsKL%2FwLlyJBuC2nkUJ3HXYknLCQwt%2FCo%2FhUjqocDU0fgDprfthp2OC12KM07W5OXyYJ8zO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 773aa8923c10773b-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2