Report - kittyland.ws/

Report Overview

Submitted URL
kittyland.ws/
IP
103.109.100.248
ASN
#206264 Amarutu Technology Ltd
Submitted
2022-12-03 07:41:21
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
20

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
www.googletagmanager.com	75	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	381 B	44 kB	142.250.74.40
terminusbedsexchanged.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	320 B	18 kB	192.243.59.12
use.fontawesome.com	942	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	92 kB	172.64.133.15
wastedinvaluable.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	315 B	14 kB	173.233.137.44
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	51 kB	34.120.237.76
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	35.163.49.154
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	478 B	34 kB	142.250.74.35
addresseepaper.com	18169	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	275 B	3.3 kB	34.160.73.230
mindless-series.pro	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	709 B	44 kB	188.72.219.36
t0.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	3.7 kB	142.250.74.132
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.8 kB	5.6 kB	142.250.74.131
www.google-analytics.com	40	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.1 kB	21 kB	142.250.74.46
t3.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.3 kB	8.8 kB	142.250.74.100
t1.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.9 kB	4.8 kB	142.250.74.68
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	34.102.187.140
kittyland.ws	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	5.6 kB	246 kB	103.109.100.248
www.google.com	7	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	5.4 kB	13 kB	142.250.74.132
www.sizokiwhe.pro	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	793 B	53 kB	67.216.91.5
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	2.8 kB	93.184.220.29
primejb.top	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	381 B	47 kB	188.114.96.1
ocsp.sca1b.amazontrust.com	1015	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	350 B	1.0 kB	143.204.42.165
i.imgur.com	5110	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.5 kB	208 kB	151.101.84.193
jbworld.ws	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	380 B	31 kB	185.126.237.166
d24ak3f2b.top	105412	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	637 B	535 B	142.0.204.220
simplewebanalysis.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	383 B	404 B	52.28.211.11
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	384 B	1.5 kB	142.250.74.106
t2.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.8 kB	7.8 kB	142.250.74.100
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.4 kB	8.9 kB	23.33.119.27
unseenreport.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.3 kB	846 B	192.243.59.12
organexpectationsmaintain.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	891 B	911 B	192.243.59.12

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-12-03	medium	wastedinvaluable.com/43/75/f7/4375f70441eacfde85e17f2cc1e0a66f.js	Phishing
2022-12-03	medium	d24ak3f2b.top/advertisers.js	Malware
2022-12-03	medium	d24ak3f2b.top/advertisers.js	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-12-02	medium	wastedinvaluable.com	Sinkholed
2022-12-03	medium	d24ak3f2b.top	Sinkholed
2022-12-03	medium	d24ak3f2b.top	Sinkholed
2022-12-03	medium	unseenreport.com	Sinkholed
2022-12-03	medium	unseenreport.com	Sinkholed
2022-12-03	medium	organexpectationsmaintain.com	Sinkholed
2022-12-03	medium	organexpectationsmaintain.com	Sinkholed

JavaScript (18)

	URL	Size	First Seen	Last Seen
	kittyland.ws/jscripts/jquery.plugins.min.js?ver=1820	24 kB	2023-03-08	2024-01-10
Pretty URL kittyland.ws/jscripts/jquery.plugins.min.js?ver=1820 IP 103.109.100.248 ASN #206264 Amarutu Technology Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:10:19 Last Seen2024-01-10 03:22:53 Times Seen159 Hash e94aaa8d2ae5c69287d9f693a3134d15 36b5272e62b12eec3e8345a68350369e61b875e0 8c18ebcc8fdcbc4296e86684bf4d6c668aaa415cad2c3be0c1304a9d69eb8b81 Loading...

	kittyland.ws/jscripts/general.js?ver=1817	14 kB	2023-03-08	2024-01-10
Pretty URL kittyland.ws/jscripts/general.js?ver=1817 IP 103.109.100.248 ASN #206264 Amarutu Technology Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:10:19 Last Seen2024-01-10 03:22:53 Times Seen36 Hash 1ceee3d93269eec42d3deeff783f2b87 cabe55334c28136b5c8cc843c1fc2caed2666130 a67789463ec702f1ad2f23abedd1eab92965b6b6c97c061702c9b87c1370e004 Loading...

	kittyland.ws/	389 B	2023-03-07	2024-01-22
Pretty URL kittyland.ws/ IP 103.109.100.248 ASN #206264 Amarutu Technology Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 21:24:09 Last Seen2024-01-22 01:33:49 Times Seen21 Hash 86d09c00f11a34ef49395ceab782c902 3f899636bb799302e7da2f54f7abe09131ce700a 1baf79ec6bdd893d2de86736aa3c3a5aec13bd2c31a9094f615c6cc978f7fc3c Loading...

	wastedinvaluable.com/43/75/f7/4375f70441eacfde85e17f2cc1e0a66f.js	37 kB	2023-03-08	2023-03-08
Pretty URL wastedinvaluable.com/43/75/f7/4375f70441eacfde85e17f2cc1e0a66f.js IP 173.233.137.44 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:10:19 Last Seen2023-03-08 15:10:19 Times Seen1 Hash bb995da2538230b145f0f40893f2f8c9 146b252ccfc25b6d0812a136c81f0b0dbcf4911e 3f910e1242dd2c921269fc9fdc9f164b597e9fc8354527ed374bd30e2880a61c Loading...

	mindless-series.pro/cnD/9_6eb.2Y5-l/SCWXQh9qNuDREN3/MCzAIY3OMyw_	50 kB	2023-03-08	2023-03-08
Pretty URL mindless-series.pro/cnD/9_6eb.2Y5-l/SCWXQh9qNuDREN3/MCzAIY3OMyw_ IP 188.72.219.36 ASN #35415 Webzilla B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:10:19 Last Seen2023-03-08 15:10:19 Times Seen1 Hash 680f7dd54cd96eb17083bbe4d49724fe 52f6b6e4e87b35fe985c356d9947f09f487fe686 68e5c65fc82ac3dae985aaa1154749c57b95f8143ab0687f5e18590ad7fc19c2 Loading...

	terminusbedsexchanged.com/a2/89/ce/a289cea0efc01ecc6d483b54b6e14570.js	54 kB	2023-03-08	2023-03-08
Pretty URL terminusbedsexchanged.com/a2/89/ce/a289cea0efc01ecc6d483b54b6e14570.js IP 192.243.59.12 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:10:19 Last Seen2023-03-08 15:10:19 Times Seen1 Hash 3d986ad0b6ae530d47082705e071daf2 6c0960412b1905376bcf631d381951b4233db550 35569b42c72502a56bf444123b7b8214e99579d8941338effa3b5242dfe6ec69 Loading...

	unknown	0 B	2023-03-07	2024-04-26
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-26 21:14:03 Times Seen37101139 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	kittyland.ws/2eddb609da.php	9.8 kB	2023-03-08	2023-03-08
Pretty URL kittyland.ws/2eddb609da.php IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:10:19 Last Seen2023-03-08 15:10:19 Times Seen1 Hash f6a01f865972940af269de2041b6fbbf 1c59c9150670eeeddaf09ffa2c002c33bd5e0337 5539e5a21eee8d9abe799927cebebc5ff70f98fc2edfe7c17ee1d5fc7496f3c2 Loading...

	kittyland.ws/	199 B	2023-03-08	2023-03-08
Pretty URL kittyland.ws/ IP 103.109.100.248 ASN #206264 Amarutu Technology Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:10:19 Last Seen2023-03-08 15:10:19 Times Seen1 Hash 9bc06dafc8e8a0a84aedc96f386d4462 9aa7894b118e6cc42d4171b2dc9428c50a4d85cf e8ca7543aa2d37ad1ea2abb0f43b6d16fbd22f357218c9af0ba720d717847219 Loading...

	kittyland.ws/	77 B	2023-03-07	2024-04-07
Pretty URL kittyland.ws/ IP 103.109.100.248 ASN #206264 Amarutu Technology Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:26 Last Seen2024-04-07 14:53:23 Times Seen203 Hash e0e774c6eac4073121eb55b9e21d3511 5156ea2435d223d0519ddce05085a2510c7b1807 45a342390daafbd778ec29ac08c0cd3273410c225c6c1101306700c811b530b5 Loading...

	kittyland.ws/	1.6 kB	2023-03-08	2023-03-11
Pretty URL kittyland.ws/ IP 103.109.100.248 ASN #206264 Amarutu Technology Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:10:19 Last Seen2023-03-11 19:05:15 Times Seen1 Hash 738329b868b849ce8d20121d060c9702 0f5e9447a2dc82682547df46def16d4e0f14b6f4 ceccef814223f96dfe4c8fc63bf96b00623d208f77797f70d6c5a39b78b10be1 Loading...

	kittyland.ws/	155 B	2023-03-08	2023-05-23
Pretty URL kittyland.ws/ IP 103.109.100.248 ASN #206264 Amarutu Technology Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:10:19 Last Seen2023-05-23 12:23:33 Times Seen5 Hash 170565d54046494ed18eeb012a7dc8dc 6ee70fe78186113cbeb7c068e37358691636b0ee b3d3c24431696b65371aad7ae684fa4b820399a1192198a10db382a4258ae98e Loading...

	www.googletagmanager.com/gtag/js?id=UA-135448172-1	112 kB	2023-03-08	2023-03-08
Pretty URL www.googletagmanager.com/gtag/js?id=UA-135448172-1 IP 142.250.74.40 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:10:19 Last Seen2023-03-08 15:10:19 Times Seen1 Hash cfcf2d22a924bdd8e3f1464d46c9ecb3 af1b0d3df44e8652132b4fe2d039880bb919aa55 a35f0c9c409fb7d4adc2347f674e0a97a8d2485eaf57b21c5082ea509ce961c5 Loading...

	www.sizokiwhe.pro/dca454/896c4467b56b.js	70 kB	2023-03-08	2023-03-08
Pretty URL www.sizokiwhe.pro/dca454/896c4467b56b.js IP 67.216.91.5 ASN #35415 Webzilla B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:10:19 Last Seen2023-03-08 15:10:19 Times Seen1 Hash ad9a1a00bb1574e9cd8dc06e4466bd4a 7fc5f013f3e3851eed5f83b327ada19cf3faf125 5f08f593236367d24c4c521a1da7e51992cd46060df839aceba3c238a65e139f Loading...

	kittyland.ws/	125 B	2023-03-07	2024-03-31
Pretty URL kittyland.ws/ IP 103.109.100.248 ASN #206264 Amarutu Technology Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:37:29 Last Seen2024-03-31 12:42:55 Times Seen92 Hash 3e778a0599600893f6740e061f0db321 a9f01d1beac63e231a419894462ddf00adcd86ae 391dc11066c3b8e2f89bfe77f24d5ccb9f39c5ab3a499559caa7a4d5a8b175c6 Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-08	2024-04-26
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.46 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:22:31 Last Seen2024-04-26 05:50:27 Times Seen1534 Hash fda30e8a22c9bcd954fd8d0fadd0e77c ae47cd34cbde081a48d7f92fc80aaf06a1381193 b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 1b68a60b02f6e3732b1a1403190e2a87	1.6 kB	2023-03-08	2023-03-08
Pretty Observations First Seen2023-03-08 15:10:19 Last Seen2023-03-08 15:10:19 Times Seen1 Hash 1b68a60b02f6e3732b1a1403190e2a87 03503adfee0c5f74f9bc3d02f445df58d4c9b8e3 7e2497277a1b3d483def41420616ab65abc1416f4ab432ba5bab450fb5bf87a8 Loading...

	#2 Eval - 6d27a5e94c70001aebc29cc9607e8965	209 B	2023-03-08	2023-03-08
Pretty Observations First Seen2023-03-08 15:10:19 Last Seen2023-03-08 15:10:19 Times Seen1 Hash 6d27a5e94c70001aebc29cc9607e8965 d7486ba350ae2b0648015ad413492cefe5c84813 52aa4694cdbd71cd0bfbbbfbf434e1ee920ad1e03c1100e5c76b6181187d2209 Loading...

HTTP Transactions (112)

URL IP Response Size

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3bbb845b153026fc5332dd4506585b57
3cad200fac28fd00f34ce6ef79373e661e188743
6035871c0de6ff2d120921461207cfa32bc286e1fe78849ce74815ffbb9ff950

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6035871C0DE6FF2D120921461207CFA32BC286E1FE78849CE74815FFBB9FF950"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13585
Expires: Sat, 03 Dec 2022 11:27:35 GMT
Date: Sat, 03 Dec 2022 07:41:10 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
7439fb99a444b66db1e68ffbfaa38451
4b7742d7956485906f1c392c478515ff89a46184
636327ce88f733e5a1d39af212f97242717a39ce20edaef330fafea238e3a309

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 552
Cache-Control: max-age=97157
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 07:41:10 GMT
Etag: "6389d3f3-1d7"
Expires: Sun, 04 Dec 2022 10:40:27 GMT
Last-Modified: Fri, 02 Dec 2022 10:31:15 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 03 Dec 2022 07:19:59 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1271
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
55b4c61a1e99001307750e3647fe1102
7559f9f6770b7d3f45b723167062096312641e08
39f6bb64420bcfc8f0b010168fd35b67732984cd0698409f04d5ae40410422aa

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39F6BB64420BCFC8F0B010168FD35B67732984CD0698409F04D5AE40410422AA"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7585
Expires: Sat, 03 Dec 2022 09:47:35 GMT
Date: Sat, 03 Dec 2022 07:41:10 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: 97/Y5SsxfSokOlrDg73KxWudcI3rKb1uSGdjEA5dW7aWjGxy8PcY+cZHMUiWmdZYRHConUUZaHc=
x-amz-request-id: P7E1A2PHTRBSWCZ0
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 03 Dec 2022 06:47:01 GMT
age: 3249
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 07:41:11 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

kittyland.ws/

103.109.100.248

200 OK

8.0 kB

URL HTTP/1.1
kittyland.ws/
IP
103.109.100.248:0
ASN
#206264 Amarutu Technology Ltd

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1170), with CRLF, LF line terminators
Size
8.0 kB (8000 bytes)
Hash
952944a2b80bea2ae7f56c2336a139cf
f6d42f7b00ff389adb2bfe885574940ac781965d
4de5c7524af46fe52f7053e4c6758fc3857a3a6779cfa7a29213f0a78914937d

HTTP Headers

GET / HTTP/1.1
Host: kittyland.ws
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 03 Dec 2022 07:41:11 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 8000
Connection: keep-alive
Set-Cookie: mybb[lastvisit]=1670053270; expires=Sun, 03-Dec-2023 07:41:10 GMT; path=/; domain=.kittyland.ws
mybb[lastactive]=1670053270; expires=Sun, 03-Dec-2023 07:41:10 GMT; path=/; domain=.kittyland.ws
sid=ce7271ba07925e8998e6468f9e3434ec; path=/; domain=.kittyland.ws; HttpOnly
Vary: Accept-Encoding
Content-Encoding: gzip
X-Powered-By: PHP/7.0.33, PleskLin

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
98fe7e5fd6b778bcdcc63028c3a49fbd
06b34160c344526fbe14ce41445b9fe76c0a878d
d45d898dfe5bf1151557bbbc3be6e6878fbadce386136d60777b4464199173a6

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 07:41:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e63a3fb1ef1a4ebbbd126969d6ee68ca
8bc9c26950b3899087e25ddea159c28f57b47200
f2ec30377e239f64286ae7dde8032e4e332b6c123f7decc07126fbbcff460a69

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 07:41:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
19a09dc440c5dff064eb9410b47caa48
7140f506d82dc1a62ae02a2b135485ce3f51ed4b
420957a48c24036f62864447c5e72096d3151f392e8cebbc2310e9a7cdbd1998

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 319
Cache-Control: max-age=102661
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 07:41:11 GMT
Etag: "6389ea5d-117"
Expires: Sun, 04 Dec 2022 12:12:12 GMT
Last-Modified: Fri, 02 Dec 2022 12:06:53 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 279

www.googletagmanager.com/gtag/js?id=UA-135448172-1

142.250.74.40

200 OK

44 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=UA-135448172-1
IP
142.250.74.40:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1921)
Size
44 kB (43574 bytes)
Hash
75ba0338c7f45baf0f867ff2e3d0034e
f448fd846b9677d34897a20ad1177921a753fb04
d1dd59241ee02816963c0e922f34380671604ec7a64135bef843f26988ff4c25

HTTP Headers

GET /gtag/js?id=UA-135448172-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kittyland.ws/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 03 Dec 2022 07:41:11 GMT
expires: Sat, 03 Dec 2022 07:41:11 GMT
cache-control: private, max-age=900
last-modified: Sat, 03 Dec 2022 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43574
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
98fe7e5fd6b778bcdcc63028c3a49fbd
06b34160c344526fbe14ce41445b9fe76c0a878d
d45d898dfe5bf1151557bbbc3be6e6878fbadce386136d60777b4464199173a6

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 07:41:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e63a3fb1ef1a4ebbbd126969d6ee68ca
8bc9c26950b3899087e25ddea159c28f57b47200
f2ec30377e239f64286ae7dde8032e4e332b6c123f7decc07126fbbcff460a69

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 07:41:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, ETag, Alert, Expires, Cache-Control, Backoff, Content-Length, Content-Type, Pragma, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 03 Dec 2022 07:08:58 GMT
cache-control: public,max-age=3600
age: 1933
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
19a09dc440c5dff064eb9410b47caa48
7140f506d82dc1a62ae02a2b135485ce3f51ed4b
420957a48c24036f62864447c5e72096d3151f392e8cebbc2310e9a7cdbd1998

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 319
Cache-Control: max-age=102661
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 07:41:11 GMT
Etag: "6389ea5d-117"
Expires: Sun, 04 Dec 2022 12:12:12 GMT
Last-Modified: Fri, 02 Dec 2022 12:06:53 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 279

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
7f1f8fc556d1f7e0aea3e1208ee2fd1c
09c341a56ff876479cfc8a0505a5fef4a5d110f1
65adcf58887bcc23f73379f74ab19a61cfbb93285c95c64b44a6716eeacc1482

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 546
Cache-Control: max-age=92089
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 07:41:11 GMT
Etag: "6389c02e-1d7"
Expires: Sun, 04 Dec 2022 09:16:00 GMT
Last-Modified: Fri, 02 Dec 2022 09:06:54 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471

kittyland.ws/jscripts/jquery.plugins.min.js?ver=1820

103.109.100.248

200 OK

24 kB

URL HTTP/1.1
kittyland.ws/jscripts/jquery.plugins.min.js?ver=1820
IP
103.109.100.248:0
ASN
#206264 Amarutu Technology Ltd

File type
ASCII text, with very long lines (23521), with no line terminators
Size
24 kB (23521 bytes)
Hash
e94aaa8d2ae5c69287d9f693a3134d15
36b5272e62b12eec3e8345a68350369e61b875e0
8c18ebcc8fdcbc4296e86684bf4d6c668aaa415cad2c3be0c1304a9d69eb8b81

HTTP Headers

GET /jscripts/jquery.plugins.min.js?ver=1820 HTTP/1.1
Host: kittyland.ws
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kittyland.ws/
Cookie: mybb[lastvisit]=1670053270; mybb[lastactive]=1670053270; sid=ce7271ba07925e8998e6468f9e3434ec

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 03 Dec 2022 07:41:11 GMT
Content-Type: application/javascript
Content-Length: 23521
Last-Modified: Fri, 13 Sep 2019 05:35:18 GMT
Connection: keep-alive
ETag: "5d7b2a96-5be1"
X-Powered-By: PleskLin
Accept-Ranges: bytes

kittyland.ws/cache/themes/theme11/navigation.css

103.109.100.248

200 OK

3.4 kB

URL HTTP/1.1
kittyland.ws/cache/themes/theme11/navigation.css
IP
103.109.100.248:0
ASN
#206264 Amarutu Technology Ltd

File type
ASCII text, with CRLF, LF line terminators
Size
3.4 kB (3356 bytes)
Hash
2b523c4d47e4511121bba561171d6d8b
105723ef6ac00beb388ec1f370bde9dd173f04d2
fb303efa70a1cbf2218c2abf30a3319ab1bb9665f815f86d859922ded0554149

HTTP Headers

GET /cache/themes/theme11/navigation.css HTTP/1.1
Host: kittyland.ws
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kittyland.ws/
Cookie: mybb[lastvisit]=1670053270; mybb[lastactive]=1670053270; sid=ce7271ba07925e8998e6468f9e3434ec

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 03 Dec 2022 07:41:11 GMT
Content-Type: text/css
Content-Length: 3356
Last-Modified: Sun, 15 Sep 2019 16:30:26 GMT
Connection: keep-alive
ETag: "5d7e6722-d1c"
X-Powered-By: PleskLin
Accept-Ranges: bytes

kittyland.ws/cache/themes/theme11/css3.css

103.109.100.248

200 OK

3.3 kB

URL HTTP/1.1
kittyland.ws/cache/themes/theme11/css3.css
IP
103.109.100.248:0
ASN
#206264 Amarutu Technology Ltd

File type
ASCII text, with CRLF, LF line terminators
Size
3.3 kB (3264 bytes)
Hash
10aab34a1453c64b284046a6e9a3ecdb
a63e194e84887b8e1643548507fc9018dd186c6d
b7e527ffd36053b01ec0deffafea3079546d5cd50c41a7b94f9be45013c96a27

HTTP Headers

GET /cache/themes/theme11/css3.css HTTP/1.1
Host: kittyland.ws
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kittyland.ws/
Cookie: mybb[lastvisit]=1670053270; mybb[lastactive]=1670053270; sid=ce7271ba07925e8998e6468f9e3434ec

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 03 Dec 2022 07:41:11 GMT
Content-Type: text/css
Content-Length: 3264
Last-Modified: Sat, 14 Sep 2019 01:13:38 GMT
Connection: keep-alive
ETag: "5d7c3ec2-cc0"
X-Powered-By: PleskLin
Accept-Ranges: bytes

terminusbedsexchanged.com/a2/89/ce/a289cea0efc01ecc6d483b54b6e14570.js

192.243.59.12

200 OK

17 kB

URL HTTP/1.1
terminusbedsexchanged.com/a2/89/ce/a289cea0efc01ecc6d483b54b6e14570.js
IP
192.243.59.12:0
ASN
#39572 DataWeb Global Group B.V.

File type
ASCII text, with very long lines (53731), with no line terminators
Size
17 kB (17164 bytes)
Hash
6d16488e2a5a6f5d345d93d22d7ae307
6b6f8d2f8e8ba2f9eba9585051b657a1b88b1d81
09a3bc4ca524a12bb96a2ccc6498b3782156b92f36f094ee6d7d00e0d9be4a87

HTTP Headers

GET /a2/89/ce/a289cea0efc01ecc6d483b54b6e14570.js HTTP/1.1
Host: terminusbedsexchanged.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kittyland.ws/

HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sat, 03 Dec 2022 07:41:11 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: abfa2ad8e915358edf33814412de8e26
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

push.services.mozilla.com/

35.163.49.154

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.163.49.154:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: UhgTaI/CBLy1HIbKVWgg2A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: bLcB7lTbnOdoqcyoaFvq3lYNwvs=

kittyland.ws/jscripts/general.js?ver=1817

103.109.100.248

200 OK

14 kB

URL HTTP/1.1
kittyland.ws/jscripts/general.js?ver=1817
IP
103.109.100.248:0
ASN
#206264 Amarutu Technology Ltd

File type
ASCII text, with very long lines (322)
Size
14 kB (14480 bytes)
Hash
1ceee3d93269eec42d3deeff783f2b87
cabe55334c28136b5c8cc843c1fc2caed2666130
a67789463ec702f1ad2f23abedd1eab92965b6b6c97c061702c9b87c1370e004

HTTP Headers

GET /jscripts/general.js?ver=1817 HTTP/1.1
Host: kittyland.ws
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kittyland.ws/
Cookie: mybb[lastvisit]=1670053270; mybb[lastactive]=1670053270; sid=ce7271ba07925e8998e6468f9e3434ec

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 03 Dec 2022 07:41:11 GMT
Content-Type: application/javascript
Content-Length: 14480
Last-Modified: Fri, 13 Sep 2019 05:35:20 GMT
Connection: keep-alive
ETag: "5d7b2a98-3890"
X-Powered-By: PleskLin
Accept-Ranges: bytes

kittyland.ws/cache/themes/theme11/color_green.css

103.109.100.248

200 OK

1.5 kB

URL HTTP/1.1
kittyland.ws/cache/themes/theme11/color_green.css
IP
103.109.100.248:0
ASN
#206264 Amarutu Technology Ltd

File type
ASCII text, with CRLF line terminators
Size
1.5 kB (1463 bytes)
Hash
2ebe5c4b1f87556173fcd89cbccdfd64
f942af7effe01b85eb5e62cdb28ab435e4cff737
291e20afe6ad5201c5129f0129fdb8b40c42725fcb4b8732c4225e50a29a49fe

HTTP Headers

GET /cache/themes/theme11/color_green.css HTTP/1.1
Host: kittyland.ws
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kittyland.ws/
Cookie: mybb[lastvisit]=1670053270; mybb[lastactive]=1670053270; sid=ce7271ba07925e8998e6468f9e3434ec

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 03 Dec 2022 07:41:11 GMT
Content-Type: text/css
Content-Length: 1463
Last-Modified: Sun, 15 Sep 2019 16:31:06 GMT
Connection: keep-alive
ETag: "5d7e674a-5b7"
X-Powered-By: PleskLin
Accept-Ranges: bytes

kittyland.ws/jscripts/jquery.js?ver=1820

103.109.100.248

200 OK

97 kB

URL HTTP/1.1
kittyland.ws/jscripts/jquery.js?ver=1820
IP
103.109.100.248:0
ASN
#206264 Amarutu Technology Ltd

File type
ASCII text, with very long lines (32077)
Size
97 kB (97163 bytes)
Hash
4f252523d4af0b478c810c2547a63e19
5a9dcfbef655a2668e78baebeaa8dc6f41d8dabb
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

HTTP Headers

GET /jscripts/jquery.js?ver=1820 HTTP/1.1
Host: kittyland.ws
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kittyland.ws/
Cookie: mybb[lastvisit]=1670053270; mybb[lastactive]=1670053270; sid=ce7271ba07925e8998e6468f9e3434ec

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 03 Dec 2022 07:41:11 GMT
Content-Type: application/javascript
Content-Length: 97163
Last-Modified: Fri, 13 Sep 2019 05:35:20 GMT
Connection: keep-alive
ETag: "5d7b2a98-17b8b"
X-Powered-By: PleskLin
Accept-Ranges: bytes

kittyland.ws/cache/themes/theme11/global.css

103.109.100.248

200 OK

36 kB

URL HTTP/1.1
kittyland.ws/cache/themes/theme11/global.css
IP
103.109.100.248:0
ASN
#206264 Amarutu Technology Ltd

File type
ASCII text, with CRLF line terminators
Size
36 kB (36334 bytes)
Hash
21ba6b824cebc1f0139885c11bc712d7
3d8dd1386f8919c2f81012095f65685150dd1acd
49aa06230cabf9a720dc98c17573c301a7f0ef032a08359479e7f09dd5a192ad

HTTP Headers

GET /cache/themes/theme11/global.css HTTP/1.1
Host: kittyland.ws
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kittyland.ws/
Cookie: mybb[lastvisit]=1670053270; mybb[lastactive]=1670053270; sid=ce7271ba07925e8998e6468f9e3434ec

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 03 Dec 2022 07:41:11 GMT
Content-Type: text/css
Content-Length: 36334
Last-Modified: Thu, 17 Oct 2019 15:49:01 GMT
Connection: keep-alive
ETag: "5da88d6d-8dee"
X-Powered-By: PleskLin
Accept-Ranges: bytes

i.imgur.com/DcHg2p9.jpg

151.101.84.193

200 OK

34 kB

URL HTTP/2
i.imgur.com/DcHg2p9.jpg
IP
151.101.84.193:0
ASN
#54113 FASTLY

File type
JPEG image data, progressive, precision 8, 468x60, components 3\012- data
Size
34 kB (33958 bytes)
Hash
2a79130b4ba1136e696b4b36f115b29c
eb8658ab5b046ed3b1e7baf10df40bd2b28c750f
a91f53939225509f2d1c7a0ae49ad3bed703746e26605dfcd15a67477c79fa24

HTTP Headers

GET /DcHg2p9.jpg HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kittyland.ws/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
last-modified: Sat, 23 Oct 2021 00:58:56 GMT
etag: "2a79130b4ba1136e696b4b36f115b29c"
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Sat, 03 Dec 2022 07:41:12 GMT
age: 4452903
x-served-by: cache-iad-kiad7000169-IAD, cache-bma1646-BMA
x-cache: HIT, HIT
x-cache-hits: 25479, 6
x-timer: S1670053272.174347,VS0,VE0
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 33958
X-Firefox-Spdy: h2

i.imgur.com/QMlh9xK.png

151.101.84.193

200 OK

98 kB

URL HTTP/2
i.imgur.com/QMlh9xK.png
IP
151.101.84.193:0
ASN
#54113 FASTLY

File type
PNG image data, 728 x 90, 8-bit/color RGBA, non-interlaced\012- data
Size
98 kB (98245 bytes)
Hash
4372b0d9947e29db3cb5e6f3f06beb80
ee5bd644788d39f97966fbe23b82a4f93f25823e
217234b460c615adc8f4863a1764b250145ee21db520699acb1419d95a76df2b

HTTP Headers

GET /QMlh9xK.png HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kittyland.ws/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
last-modified: Mon, 26 Sep 2022 17:51:05 GMT
etag: "4372b0d9947e29db3cb5e6f3f06beb80"
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Sat, 03 Dec 2022 07:41:12 GMT
age: 5838607
x-served-by: cache-iad-kiad7000047-IAD, cache-bma1646-BMA
x-cache: HIT, HIT
x-cache-hits: 35470, 1
x-timer: S1670053272.174362,VS0,VE1
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 98245
X-Firefox-Spdy: h2

i.imgur.com/eGAPiV3.jpg

151.101.84.193

200 OK

30 kB

URL HTTP/2
i.imgur.com/eGAPiV3.jpg
IP
151.101.84.193:0
ASN
#54113 FASTLY

File type
JPEG image data, progressive, precision 8, 468x60, components 3\012- data
Size
30 kB (30540 bytes)
Hash
d9897ee1e7b8410064cfeda76e85f00a
9a7748d890f28d678ee285d03bc4bf965feb3aee
8ffa5f10a26db6f85fb5a4a0ade16389cca0d63f2e341388036b5fde1c0f19d1

HTTP Headers

GET /eGAPiV3.jpg HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kittyland.ws/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
last-modified: Thu, 23 Jul 2020 00:59:14 GMT
etag: "d9897ee1e7b8410064cfeda76e85f00a"
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Sat, 03 Dec 2022 07:41:12 GMT
age: 4499278
x-served-by: cache-iad-kcgs7200149-IAD, cache-bma1646-BMA
x-cache: HIT, HIT
x-cache-hits: 23906, 1
x-timer: S1670053272.176461,VS0,VE1
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 30540
X-Firefox-Spdy: h2

i.imgur.com/VJtJxdE.jpg

151.101.84.193

200 OK

43 kB

URL HTTP/2
i.imgur.com/VJtJxdE.jpg
IP
151.101.84.193:0
ASN
#54113 FASTLY

File type
JPEG image data, progressive, precision 8, 468x60, components 3\012- data
Size
43 kB (42562 bytes)
Hash
a8d7bc442b2474a75351d7becbf0d65a
da43cbf04c33c7c9180142371eea02768ce8aeee
5b3f733bb04a31aa4f489752f8a8872ec2b4c6f269cdb9377bef71184eeda355

HTTP Headers

GET /VJtJxdE.jpg HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kittyland.ws/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
last-modified: Mon, 26 Sep 2022 17:45:51 GMT
etag: "a8d7bc442b2474a75351d7becbf0d65a"
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Sat, 03 Dec 2022 07:41:12 GMT
age: 3954833
x-served-by: cache-iad-kcgs7200131-IAD, cache-bma1646-BMA
x-cache: HIT, HIT
x-cache-hits: 27911, 2
x-timer: S1670053272.179294,VS0,VE0
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 42562
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
baaba92c2ccd740f080a25a9ea5cb3ad
3322d5a9fb0b3a2ec83247eac9865234cbcefece
5150dcbc7293378fff4a337fd0f61bdbbf6b4f64bddba6d0fd270be37e81fe07

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 07:41:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/lobster/v28/neILzCirqoswsqX9zoKmMw.woff2

142.250.74.35

200 OK

33 kB

URL HTTP/2
fonts.gstatic.com/s/lobster/v28/neILzCirqoswsqX9zoKmMw.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 33436, version 1.0\012- data
Size
33 kB (33436 bytes)
Hash
b9b4c932ef89c39525bfe1b604cda3a1
767246e4c7df1b6c32f590c16c135808382b1aba
9a932e49823b59769330d1ce8ef9f1b90e5ae8ecd5f2bb388d19bf684cdb7ebd

HTTP Headers

GET /s/lobster/v28/neILzCirqoswsqX9zoKmMw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://kittyland.ws
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 33436
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 17:49:38 GMT
expires: Wed, 29 Nov 2023 17:49:38 GMT
cache-control: public, max-age=31536000
age: 309094
last-modified: Tue, 26 Apr 2022 15:01:13 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

mindless-series.pro/cnD/9_6eb.2Y5-l/SCWXQh9qNuDREN3/MCzAIY3OMyw_

188.72.219.36

301 Moved Permanently

162 B

URL HTTP/1.1
mindless-series.pro/cnD/9_6eb.2Y5-l/SCWXQh9qNuDREN3/MCzAIY3OMyw_
IP
188.72.219.36:0
ASN
#35415 Webzilla B.V.

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

HTTP Headers

GET /cnD/9_6eb.2Y5-l/SCWXQh9qNuDREN3/MCzAIY3OMyw_ HTTP/1.1
Host: mindless-series.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kittyland.ws/

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 03 Dec 2022 07:41:12 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://mindless-series.pro/cnD/9_6eb.2Y5-l/SCWXQh9qNuDREN3/MCzAIY3OMyw_
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Content-Type-Options: nosniff

ocsp.pki.goog/s/gts1p5/UPLqyfpVwpM

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1p5/UPLqyfpVwpM
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
b2267fcbe6f45647ba4f909028409412
9befe247cfe184cbcf39a100fbccaa1a4b46e101
5d1b7fa1f9485d78bf33ed8c58ca8222222b155f0f3d41c4d1774bcc4059dde6

HTTP Headers

POST /s/gts1p5/UPLqyfpVwpM HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 07:41:12 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

use.fontawesome.com/releases/v5.5.0/webfonts/fa-solid-900.woff2

172.64.133.15

200 OK

74 kB

URL HTTP/2
use.fontawesome.com/releases/v5.5.0/webfonts/fa-solid-900.woff2
IP
172.64.133.15:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format (Version 2), TrueType, length 73852, version 1.0\012- data
Size
74 kB (73852 bytes)
Hash
fb493903265cad425ccdf8e04fc2de61
fef2f08d60e907750df0bc41ce64a7139642ddf0
7798165ee5a3c6809310d8261dcbe7c8d0c12d795b7b09a71af3eb86ec8f33f2

HTTP Headers

GET /releases/v5.5.0/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://kittyland.ws
Connection: keep-alive
Referer: https://use.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 03 Dec 2022 07:41:12 GMT
content-type: font/woff2
content-length: 73852
x-amz-id-2: NcVVWRcP6ZfjYXyJItBqRJTpEbB9ftFwu3pavtfDPG7ufHwsJSJlqYo4LB5NLNKwiyGAHmMC1nQ=
x-amz-request-id: VAFCPTQNPG56AB61
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:43:51 GMT
etag: "fb493903265cad425ccdf8e04fc2de61"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 555508
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zNGFvIC2HkI9XPoNC31ypzhq6JK0loQTJXpTzH%2FOJSLDAaVvQ3ukpy0HAQQGVInjGBG37%2FzbdVtOIQ5cxUP6WBQrkFrIiuP7Cr1kQRnENLKKX8VJXkQPRKjjkNjw7WZQOGT%2FLDtW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 773aa8977a91773b-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

use.fontawesome.com/releases/v5.5.0/webfonts/fa-regular-400.woff2

172.64.133.15

200 OK

15 kB

URL HTTP/2
use.fontawesome.com/releases/v5.5.0/webfonts/fa-regular-400.woff2
IP
172.64.133.15:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format (Version 2), TrueType, length 14844, version 1.0\012- data
Size
15 kB (14844 bytes)
Hash
bdadb6ce95c5a2e7b673940721450d3c
f1e8cb035436d638da83d4696248cec831dcbe7a
92ba7bfaa43a35c94353e96860d99376313ee9b5fce6124d4e64067280f9a841

HTTP Headers

GET /releases/v5.5.0/webfonts/fa-regular-400.woff2 HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://kittyland.ws
Connection: keep-alive
Referer: https://use.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 03 Dec 2022 07:41:12 GMT
content-type: font/woff2
content-length: 14844
x-amz-id-2: qC3NNNWqDG39pwyo7xWZmkL2x2LEdXGZ2c1SrAp9EjwfxKBhq5IBsUTsOCy5MNSIMaCCCkSiVEA=
x-amz-request-id: E3MQT4FP9ZJYXGCQ
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:43:51 GMT
etag: "bdadb6ce95c5a2e7b673940721450d3c"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 2629225
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QAo3yh3SJ2k1zVgC2TEKKTxJbUJ0xxjEV71054qG6RrNinwzpICyLs87pCUhm8TF2PMGWSj4ZhG7BXS2cP62RIvo%2Bj%2B3%2BNgwqm9xJBSMRdDi%2FOsViDnXLbHwZMSX97Wes4uPhSJs"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 773aa8979aad773b-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
baaba92c2ccd740f080a25a9ea5cb3ad
3322d5a9fb0b3a2ec83247eac9865234cbcefece
5150dcbc7293378fff4a337fd0f61bdbbf6b4f64bddba6d0fd270be37e81fe07

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 07:41:12 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

primejb.top/images/banner.jpg

188.114.96.1

200 OK

46 kB

URL HTTP/2
primejb.top/images/banner.jpg
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=81, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=640], progressive, precision 8, 468x60, components 3\012- data
Size
46 kB (46115 bytes)
Hash
4c0a26a7c2f61094bc42b21d93f577a1
9f8ea928bb5487d4401784f1defddbb4f6a40ce3
d6e84160752fc3634eb3dc68f6ab8c682dc206ba396ec907288208f843150c2e

HTTP Headers

GET /images/banner.jpg HTTP/1.1
Host: primejb.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kittyland.ws/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 03 Dec 2022 07:41:12 GMT
content-type: image/jpeg
content-length: 46115
last-modified: Tue, 27 Sep 2022 17:35:52 GMT
etag: "63333478-b423"
x-powered-by: PleskLin
cache-control: max-age=14400
cf-cache-status: HIT
age: 6189
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x5g4FXIsnUJo31IrYlpK%2B2Wi6G5%2BVKLZrKFGnYFSPhvMMCIDHNzR19prY0fuSAl%2FJkefzL%2BOV6dcwJzC%2Bg0ulg4wPYXp9GIWwR5sypa3htHQs530VPEOviyuUrhLpg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 773aa897df100af6-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

addresseepaper.com/sfp.js

34.160.73.230

200 OK

2.6 kB

URL HTTP/1.1
addresseepaper.com/sfp.js
IP
34.160.73.230:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2551), with no line terminators
Size
2.6 kB (2551 bytes)
Hash
41f66bb0ac50f2d851236170e7c71341
59bcec216302151922219b51be8ad8ab6d0b8384
ec99cca58b612ce268e6ada818dfcec0acc22dd1bbe372487be9abbdd07ce073

HTTP Headers

GET /sfp.js HTTP/1.1
Host: addresseepaper.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kittyland.ws/

HTTP/1.1 200 OK
Server: openresty
Date: Sat, 03 Dec 2022 07:41:12 GMT
Content-Type: text/html
Content-Length: 2551
Last-Modified: Sun, 27 Nov 2022 01:56:48 GMT
ETag: "6382c3e0-9f7"
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJRmzcpTevQqkWn6dJuX/N/Hxl7YxbOwy8+73ijqYSQEN+WGxrruAKtZtliWC86+ewQ0msW1W8psOFL/b00zWqsCAwEAAQ_ksH1sTc9EjXCmWZup74uFSR+dkwy0KAqHyDjqCX5+b0zeGjsBDwHGeUXqHO1YTnGXNMqi9DZqRg/7nsDREvaAw
Cache-Control: no-cache
X-Content-Type-Options: nosniff
Set-Cookie: caf_ipaddr=34.160.73.230;Path=/;Max-Age=86400;
country=US;Path=/;Max-Age=86400;
city="";Path=/;Max-Age=86400;
expiry_partner=enom.EXPIRED.305E185C-5D0C-4AD0-86FE-5F99F413CC83;Path=/;Max-Age=86400;
Accept-Ranges: bytes
Via: 1.1 google

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
784dcd5aaaa1913421d41fe3a6ac8d5f
4fed30769ea5ef1166f1e9a3fcee025cf3e59b56
f5ab1170cbcf8efad0719b543b1d7d7fc84d55b9f2af74904ef624f534b3a366

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F5AB1170CBCF8EFAD0719B543B1D7D7FC84D55B9F2AF74904EF624F534B3A366"
Last-Modified: Wed, 30 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7818
Expires: Sat, 03 Dec 2022 09:51:30 GMT
Date: Sat, 03 Dec 2022 07:41:12 GMT
Connection: keep-alive

kittyland.ws/images/collapse.png

103.109.100.248

200 OK

369 B

URL HTTP/1.1
kittyland.ws/images/collapse.png
IP
103.109.100.248:0
ASN
#206264 Amarutu Technology Ltd

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Size
369 B (369 bytes)
Hash
6af553ac5e86504743b02f220405abdd
c07e8d586443c0ace4d91eea0d46476845b6baec
408e40949e493302b9fd79a82e68c13509ba6370f04be5088ccd7503a4d1f94c

HTTP Headers

GET /images/collapse.png HTTP/1.1
Host: kittyland.ws
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kittyland.ws/
Cookie: mybb[lastvisit]=1670053270; mybb[lastactive]=1670053270; sid=ce7271ba07925e8998e6468f9e3434ec

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 03 Dec 2022 07:41:12 GMT
Content-Type: image/png
Content-Length: 369
Connection: keep-alive
X-Accel-Version: 0.01
Last-Modified: Fri, 13 Sep 2019 05:34:32 GMT
ETag: "171-592689bd16a00"
Accept-Ranges: bytes
X-Powered-By: PleskLin

kittyland.ws/images/kittyland_logo.png

103.109.100.248

200 OK

51 kB

URL HTTP/1.1
kittyland.ws/images/kittyland_logo.png
IP
103.109.100.248:0
ASN
#206264 Amarutu Technology Ltd

File type
PNG image data, 330 x 116, 8-bit/color RGBA, non-interlaced\012- data
Size
51 kB (51412 bytes)
Hash
9ef84d514d84be50579b37b8eea23513
bf5253c09376a483a8bb7579fc34afbfe90a20e4
cd444c8e03c6b3729bde000c8da0e6e5821391452fb3f70b5df129f5ecb42d19

HTTP Headers

GET /images/kittyland_logo.png HTTP/1.1
Host: kittyland.ws
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kittyland.ws/
Cookie: mybb[lastvisit]=1670053270; mybb[lastactive]=1670053270; sid=ce7271ba07925e8998e6468f9e3434ec

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 03 Dec 2022 07:41:12 GMT
Content-Type: image/png
Content-Length: 51412
Last-Modified: Mon, 16 Nov 2020 17:55:46 GMT
Connection: keep-alive
ETag: "5fb2bd22-c8d4"
X-Powered-By: PleskLin
Accept-Ranges: bytes

kittyland.ws/images/focus/pattern.png

103.109.100.248

404 Not Found

808 B

URL HTTP/1.1
kittyland.ws/images/focus/pattern.png
IP
103.109.100.248:0
ASN
#206264 Amarutu Technology Ltd

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
808 B (808 bytes)
Hash
a943672a32297727bab01c3e76977550
3a667c4b7a457ef6c586cc581d533c128737bf53
b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187

HTTP Headers

GET /images/focus/pattern.png HTTP/1.1
Host: kittyland.ws
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kittyland.ws/cache/themes/theme11/global.css
Cookie: mybb[lastvisit]=1670053270; mybb[lastactive]=1670053270; sid=ce7271ba07925e8998e6468f9e3434ec; 149b4=bm9yZWZ8fHwxfDB8MHxub25lfDA6; 149b4b=1670053271

HTTP/1.1 404 Not Found
Server: nginx
Date: Sat, 03 Dec 2022 07:41:12 GMT
Content-Type: text/html
Content-Length: 808
Connection: keep-alive
Last-Modified: Sun, 24 Oct 2021 23:56:16 GMT
ETag: "328-5cf21fd70b29e"
Accept-Ranges: bytes

jbworld.ws/images/banner.jpg

185.126.237.166

200 OK

31 kB

URL HTTP/2
jbworld.ws/images/banner.jpg
IP
185.126.237.166:0
ASN
#9009 M247 Ltd

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=60, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=468], progressive, precision 8, 468x60, components 3\012- data
Size
31 kB (30880 bytes)
Hash
e75815489a7bac8d98ddaf28dfa7dffd
d0c9ee7b82b4ed0943856a10086beed429e01f9a
0a7d6d5f25f93a3bdec9b0838364451867ea309e434875cd76b9323f3beeda42

HTTP Headers

GET /images/banner.jpg HTTP/1.1
Host: jbworld.ws
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kittyland.ws/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 07:41:12 GMT
content-type: image/jpeg
content-length: 30880
last-modified: Sun, 28 Aug 2022 18:25:47 GMT
etag: "630bb32b-78a0"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

ocsp.pki.goog/s/gts1p5/UPLqyfpVwpM

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1p5/UPLqyfpVwpM
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
b2267fcbe6f45647ba4f909028409412
9befe247cfe184cbcf39a100fbccaa1a4b46e101
5d1b7fa1f9485d78bf33ed8c58ca8222222b155f0f3d41c4d1774bcc4059dde6

HTTP Headers

POST /s/gts1p5/UPLqyfpVwpM HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 07:41:12 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

kittyland.ws/images/forum_icon_sprite.png

103.109.100.248

200 OK

1.1 kB

URL HTTP/1.1
kittyland.ws/images/forum_icon_sprite.png
IP
103.109.100.248:0
ASN
#206264 Amarutu Technology Ltd

File type
PNG image data, 30 x 120, 8-bit colormap, non-interlaced\012- data
Size
1.1 kB (1130 bytes)
Hash
212f6e3895ee44bf54b31cf39a162611
7d1f15044536b4f243495c47b03b2334b5493b4f
b95e7d7fb4d9efd1e305194cd5ec83f0b16a02baad62b355c66f1af8688a528b

HTTP Headers

GET /images/forum_icon_sprite.png HTTP/1.1
Host: kittyland.ws
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kittyland.ws/cache/themes/theme11/global.css
Cookie: mybb[lastvisit]=1670053270; mybb[lastactive]=1670053270; sid=ce7271ba07925e8998e6468f9e3434ec; 149b4=bm9yZWZ8fHwxfDB8MHxub25lfDA6; 149b4b=1670053271

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 03 Dec 2022 07:41:12 GMT
Content-Type: image/png
Content-Length: 1130
Last-Modified: Fri, 13 Sep 2019 05:34:30 GMT
Connection: keep-alive
ETag: "5d7b2a66-46a"
X-Powered-By: PleskLin
Accept-Ranges: bytes

wastedinvaluable.com/43/75/f7/4375f70441eacfde85e17f2cc1e0a66f.js

173.233.137.44

200 OK

13 kB

URL HTTP/1.1
wastedinvaluable.com/43/75/f7/4375f70441eacfde85e17f2cc1e0a66f.js
IP
173.233.137.44:0
ASN
#7979 SERVERS-COM

File type
ASCII text, with very long lines (37158), with no line terminators
Size
13 kB (13415 bytes)
Hash
0cbec197d28dbb39d279fa60042b3f9c
87714c6a8dc07616f2b2db22627eb605109adb3a
0afdb6b816fa5d8cb50108fb8aeaf426e38e461da6a9636c0d06d99cfb856d7c

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /43/75/f7/4375f70441eacfde85e17f2cc1e0a66f.js HTTP/1.1
Host: wastedinvaluable.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kittyland.ws/

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 03 Dec 2022 07:41:12 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 28ef6e6440883abf1256d17fada16be6
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

mindless-series.pro/cnD/9_6eb.2Y5-l/SCWXQh9qNuDREN3/MCzAIY3OMyw_

188.72.219.36

200 OK

42 kB

URL HTTP/2
mindless-series.pro/cnD/9_6eb.2Y5-l/SCWXQh9qNuDREN3/MCzAIY3OMyw_
IP
188.72.219.36:0
ASN
#35415 Webzilla B.V.

File type
Unicode text, UTF-8 text, with very long lines (5600)
Size
42 kB (42227 bytes)
Hash
9cafcc2039a7bf56b55a4c336d4e5bdc
fc9a3fd54c94913d9a048fca72231641b594cf2e
fc4721e912c7ec4e0fd4f8270be380f37000b478cfe09d6bba2e9afe84686379

HTTP Headers

GET /cnD/9_6eb.2Y5-l/SCWXQh9qNuDREN3/MCzAIY3OMyw_ HTTP/1.1
Host: mindless-series.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://kittyland.ws/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 07:41:12 GMT
content-type: application/javascript
vary: Accept-Encoding
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-WoW64
expires: Mon, 26 Jul 2011 05:00:00 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
last-modified: Sat, 03 Dec 2022 07:41:12 GMT
access-control-allow-methods: GET
access-control-allow-headers: Content-Type
set-cookie: kadSlcJ=eyJ0aW1lU3RhbXAiOjE2NzAwMzY4ODUsInpvbmVzIjp7IjQxNzMyNzMiOls0MTczMjczLDEsMTY3MDA1MzI3Ml0sIjQ1NTI4MjgiOls0NTUyODI4LDEsMTY3MDAzNjg4NV19fQ==; max-age=1701589272; path=/
x-content-type-options: nosniff
content-encoding: br
X-Firefox-Spdy: h2

ocsp.sca1b.amazontrust.com/

143.204.42.165

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.165:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
8be4570a1d9d09c7b793e97ee1f6edaf
cb101195afa0dbb473bcd5050ee2ab4a25af825f
b69ece6aab66eec92b6b3bd8c8e6febd027c8dac1a86faaed1b217dec8e784b1

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=113780
Date: Sat, 03 Dec 2022 07:41:12 GMT
Etag: "6389fe18-1d7"
Expires: Sun, 04 Dec 2022 15:17:32 GMT
Last-Modified: Fri, 02 Dec 2022 13:31:04 GMT
Server: ECS (nyb/1D0E)
X-Cache: Miss from cloudfront
Via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: -K7T7KBNpXP8H_GDVOZ6kycFSy2kgsVYmkr57EBikruW3mMaTq00_w==
Age: 6388

simplewebanalysis.com/stats

52.28.211.11

200 OK

40 B

URL HTTP/2
simplewebanalysis.com/stats
IP
52.28.211.11:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
f23a1a1c4af8ed07d3af0b9dcefb1a36
8bd033ad43370fee00c56858076727f4bce919c8
b5e5e89671a175617d06507de52a7be9f298c8ed82397f776128271851124946

HTTP Headers

GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://kittyland.ws
Connection: keep-alive
Referer: http://kittyland.ws/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 03 Dec 2022 07:41:12 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: http://kittyland.ws
access-control-allow-credentials: true
set-cookie: uid_id2=10b83ff3-c7d4-4432-9730-25fbbce3a4af:3:1; expires=Tue, 30 Nov 2032 07:41:12 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

www.google.com/s2/favicons?domain=jviral.buzz

142.250.74.132

301 Moved Permanently

331 B

URL HTTP/1.1
www.google.com/s2/favicons?domain=jviral.buzz
IP
142.250.74.132:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Size
331 B (331 bytes)
Hash
ce6d26b0aa59059525761d1e033fafdb
bdc70748c330be8dbc7800dfd5a0faa332943050
2f43b2361f0c38c7d0e48413d4ebe07df850a1a56997e711d951a02183e6760f

HTTP Headers

GET /s2/favicons?domain=jviral.buzz HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kittyland.ws/

HTTP/1.1 301 Moved Permanently
Location: https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://jviral.buzz&size=16
X-Content-Type-Options: nosniff
Server: sffe
Content-Length: 331
X-XSS-Protection: 0
Date: Sat, 03 Dec 2022 07:15:18 GMT
Expires: Sat, 03 Dec 2022 07:45:18 GMT
Cache-Control: public, max-age=1800
Content-Type: text/html; charset=UTF-8
Age: 1554

www.google.com/s2/favicons?domain=blackdaddy.top

142.250.74.132

301 Moved Permanently

334 B

URL HTTP/1.1
www.google.com/s2/favicons?domain=blackdaddy.top
IP
142.250.74.132:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Size
334 B (334 bytes)
Hash
4e3785bdf84164cc667b4d83088108cf
79f44f763ce2d9f088c96f70f060cd8e61943266
c10f5962e62ed1bcc972890e85ea8aab45db0193308f2dfe0a321d22403fb719

HTTP Headers

GET /s2/favicons?domain=blackdaddy.top HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kittyland.ws/

HTTP/1.1 301 Moved Permanently
Location: https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://blackdaddy.top&size=16
X-Content-Type-Options: nosniff
Server: sffe
Content-Length: 334
X-XSS-Protection: 0
Date: Sat, 03 Dec 2022 07:15:18 GMT
Expires: Sat, 03 Dec 2022 07:45:18 GMT
Cache-Control: public, max-age=1800
Content-Type: text/html; charset=UTF-8
Age: 1554

www.google.com/s2/favicons?domain=jrice.buzz

142.250.74.132

301 Moved Permanently

330 B

URL HTTP/1.1
www.google.com/s2/favicons?domain=jrice.buzz
IP
142.250.74.132:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Size
330 B (330 bytes)
Hash
10d10dfbdccf4f6f0390617a004cc189
c84d193d101cb7cd34ef92a54c7b2dc80d535d91
7a7906857058e892fe7162062903e71b4bf73b234beef7e5a61bcdf23c7fd9db

HTTP Headers

GET /s2/favicons?domain=jrice.buzz HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kittyland.ws/

HTTP/1.1 301 Moved Permanently
Location: https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://jrice.buzz&size=16
X-Content-Type-Options: nosniff
Server: sffe
Content-Length: 330
X-XSS-Protection: 0
Date: Sat, 03 Dec 2022 07:15:19 GMT
Expires: Sat, 03 Dec 2022 07:45:19 GMT
Cache-Control: public, max-age=1800
Content-Type: text/html; charset=UTF-8
Age: 1553

www.google.com/s2/favicons?domain=candyhub.ga

142.250.74.132

301 Moved Permanently

331 B

URL HTTP/1.1
www.google.com/s2/favicons?domain=candyhub.ga
IP
142.250.74.132:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Size
331 B (331 bytes)
Hash
691441a9edf2e2071c59dd44322d3d1d
4a5fe190184c189eaa1713242b3065529ca6baca
a0bb8c4e2dd9176287b060f5d280e7b882a3470b6225c275ecd2c013150587f1

HTTP Headers

GET /s2/favicons?domain=candyhub.ga HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kittyland.ws/

HTTP/1.1 301 Moved Permanently
Location: https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://candyhub.ga&size=16
X-Content-Type-Options: nosniff
Server: sffe
Content-Length: 331
X-XSS-Protection: 0
Date: Sat, 03 Dec 2022 07:15:18 GMT
Expires: Sat, 03 Dec 2022 07:45:18 GMT
Cache-Control: public, max-age=1800
Content-Type: text/html; charset=UTF-8
Age: 1554

www.google.com/s2/favicons?domain=tubepornstars.tv

142.250.74.132

301 Moved Permanently

336 B

URL HTTP/1.1
www.google.com/s2/favicons?domain=tubepornstars.tv
IP
142.250.74.132:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Size
336 B (336 bytes)
Hash
6d323114530829630422d325fb7e57e4
b23e1019e4f40b9ef7324242337e19830b781398
ca165f1923303d0348d40d623eeeb437dd68996368d24e10223f7b19ff8e369d

HTTP Headers

GET /s2/favicons?domain=tubepornstars.tv HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kittyland.ws/

HTTP/1.1 301 Moved Permanently
Location: https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://tubepornstars.tv&size=16
X-Content-Type-Options: nosniff
Server: sffe
Content-Length: 336
X-XSS-Protection: 0
Date: Sat, 03 Dec 2022 07:15:19 GMT
Expires: Sat, 03 Dec 2022 07:45:19 GMT
Cache-Control: public, max-age=1800
Content-Type: text/html; charset=UTF-8
Age: 1553

www.google.com/s2/favicons?domain=jlove.pw

142.250.74.132

301 Moved Permanently

328 B

URL HTTP/1.1
www.google.com/s2/favicons?domain=jlove.pw
IP
142.250.74.132:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Size
328 B (328 bytes)
Hash
4e8372e82f64661ac50fc64481f62fe5
7ef63bf5ca83cd9cf3eae9b36530105039652322
f4b4466c870a2a2ee9ad9c15dff42c634ed1c793d038dd9e7f6b67dae5abcb09

HTTP Headers

GET /s2/favicons?domain=jlove.pw HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kittyland.ws/

HTTP/1.1 301 Moved Permanently
Location: https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://jlove.pw&size=16
X-Content-Type-Options: nosniff
Server: sffe
Content-Length: 328
X-XSS-Protection: 0
Date: Sat, 03 Dec 2022 07:15:19 GMT
Expires: Sat, 03 Dec 2022 07:45:19 GMT
Cache-Control: public, max-age=1800
Content-Type: text/html; charset=UTF-8
Age: 1553

www.google.com/s2/favicons?domain=bodyxxx.top

142.250.74.132

301 Moved Permanently

331 B

URL HTTP/1.1
www.google.com/s2/favicons?domain=bodyxxx.top
IP
142.250.74.132:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Size
331 B (331 bytes)
Hash
c0b7e47d250238c949e1d4a4694723fe
75cfba07ea9a0acc252ed4d4b21b461b9d146754
89a97835fd23d5dbc83452a39e2e9825680af919b005fa2884fd16d9179a5917

HTTP Headers

GET /s2/favicons?domain=bodyxxx.top HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kittyland.ws/

HTTP/1.1 301 Moved Permanently
Location: https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://bodyxxx.top&size=16
X-Content-Type-Options: nosniff
Server: sffe
Content-Length: 331
X-XSS-Protection: 0
Date: Sat, 03 Dec 2022 07:15:19 GMT
Expires: Sat, 03 Dec 2022 07:45:19 GMT
Cache-Control: public, max-age=1800
Content-Type: text/html; charset=UTF-8
Age: 1553

www.google.com/s2/favicons?domain=sybilleporn.com

142.250.74.132

301 Moved Permanently

335 B

URL HTTP/1.1
www.google.com/s2/favicons?domain=sybilleporn.com
IP
142.250.74.132:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Size
335 B (335 bytes)
Hash
f1ae652700d296f0308ff40d56e32de5
3138318d0a28cad8e64d798196261b3fad429378
3d429d23026d0c77ce0eaeeca8248a89f482fded36b0aa052d190adb2fb44c91

HTTP Headers

GET /s2/favicons?domain=sybilleporn.com HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kittyland.ws/

HTTP/1.1 301 Moved Permanently
Location: https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://sybilleporn.com&size=16
X-Content-Type-Options: nosniff
Server: sffe
Content-Length: 335
X-XSS-Protection: 0
Date: Sat, 03 Dec 2022 07:15:19 GMT
Expires: Sat, 03 Dec 2022 07:45:19 GMT
Cache-Control: public, max-age=1800
Content-Type: text/html; charset=UTF-8
Age: 1553

www.google.com/s2/favicons?domain=24porn.tv

142.250.74.132

301 Moved Permanently

329 B

URL HTTP/1.1
www.google.com/s2/favicons?domain=24porn.tv
IP
142.250.74.132:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Size
329 B (329 bytes)
Hash
c285bf144091591fe3e1fe9e142bd28e
4ab7e4e1eb71e08cf4276854a3cc19fc510c50f1
6c743500ae9f6b7bd701bcb6b87ca930d5e3b69ae94bd5ba49e664d376e924e0

HTTP Headers

GET /s2/favicons?domain=24porn.tv HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kittyland.ws/

HTTP/1.1 301 Moved Permanently
Location: https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://24porn.tv&size=16
X-Content-Type-Options: nosniff
Server: sffe
Content-Length: 329
X-XSS-Protection: 0
Date: Sat, 03 Dec 2022 07:15:19 GMT
Expires: Sat, 03 Dec 2022 07:45:19 GMT
Cache-Control: public, max-age=1800
Content-Type: text/html; charset=UTF-8
Age: 1553

www.google.com/s2/favicons?domain=24porn.pro

142.250.74.132

301 Moved Permanently

330 B

URL HTTP/1.1
www.google.com/s2/favicons?domain=24porn.pro
IP
142.250.74.132:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Size
330 B (330 bytes)
Hash
a0f169f20975f5ac60bffdaba1e32cb0
b439624ba8a04dec78da1485a1547a1d8b07485e
4d21dc849a365f5e6820768d04844f2f68df334cfeb5d4b6e32d10e07cfdd5e1

HTTP Headers

GET /s2/favicons?domain=24porn.pro HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kittyland.ws/

HTTP/1.1 301 Moved Permanently
Location: https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://24porn.pro&size=16
X-Content-Type-Options: nosniff
Server: sffe
Content-Length: 330
X-XSS-Protection: 0
Date: Sat, 03 Dec 2022 07:15:19 GMT
Expires: Sat, 03 Dec 2022 07:45:19 GMT
Cache-Control: public, max-age=1800
Content-Type: text/html; charset=UTF-8
Age: 1553

www.google.com/s2/favicons?domain=lilibox.top

142.250.74.132

301 Moved Permanently

331 B

URL HTTP/1.1
www.google.com/s2/favicons?domain=lilibox.top
IP
142.250.74.132:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Size
331 B (331 bytes)
Hash
8c43373fb7efdc76e106a4cc4ed3d14b
e2e370194eca22bb298a4963e679e08800575493
29e6e4495715c02aa29641bd6f62fa3057f864a1f65d79e7f019b5123ed54e01

HTTP Headers

GET /s2/favicons?domain=lilibox.top HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kittyland.ws/

HTTP/1.1 301 Moved Permanently
Location: https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://lilibox.top&size=16
X-Content-Type-Options: nosniff
Server: sffe
Content-Length: 331
X-XSS-Protection: 0
Date: Sat, 03 Dec 2022 07:15:19 GMT
Expires: Sat, 03 Dec 2022 07:45:19 GMT
Cache-Control: public, max-age=1800
Content-Type: text/html; charset=UTF-8
Age: 1553

www.sizokiwhe.pro/dca454/896c4467b56b.js

67.216.91.5

200 OK

26 kB

URL HTTP/2
www.sizokiwhe.pro/dca454/896c4467b56b.js
IP
67.216.91.5:0
ASN
#35415 Webzilla B.V.

File type
ASCII text, with very long lines (65536), with no line terminators
Size
26 kB (26097 bytes)
Hash
d28f772d17ab6fc0adddf108b81b4747
0e635f207068d015445c1f6c8422cd585ce74b1b
6b93c67da428757a010006bb15ccee37e33ece33e28c92eae70627f902f284ab

HTTP Headers

GET /dca454/896c4467b56b.js HTTP/1.1
Host: www.sizokiwhe.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kittyland.ws/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: ucdn/1.22.1
date: Sat, 03 Dec 2022 07:41:12 GMT
content-type: application/javascript
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315357528, public
x-ureq-id: XDrrrzssYKy7XniAYHDaCxO/1BtQYlPAo1HVcwFLMsqzmAdmqk/B6ooG0EIWoxnf5jngzO4v15H/4XOXMHf5kBdesHq2ojvvXowTQOwGQ5U=
x-served-from: l1
x-vhostid: 138, 21723
content-encoding: br
X-Firefox-Spdy: h2

www.google.com/s2/favicons?domain=hdpornfree.tv

142.250.74.132

301 Moved Permanently

333 B

URL HTTP/1.1
www.google.com/s2/favicons?domain=hdpornfree.tv
IP
142.250.74.132:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Size
333 B (333 bytes)
Hash
e1733fb1beacc2583122988f5c869399
c65b7784398a06e836939591c106b0a06685562f
3dc11492779d428c5a27bb09b732dee76813c9376587eabb17d5f5baf3785e26

HTTP Headers

GET /s2/favicons?domain=hdpornfree.tv HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kittyland.ws/

HTTP/1.1 301 Moved Permanently
Location: https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://hdpornfree.tv&size=16
X-Content-Type-Options: nosniff
Server: sffe
Content-Length: 333
X-XSS-Protection: 0
Date: Sat, 03 Dec 2022 07:15:19 GMT
Expires: Sat, 03 Dec 2022 07:45:19 GMT
Cache-Control: public, max-age=1800
Content-Type: text/html; charset=UTF-8
Age: 1553

www.sizokiwhe.pro/dca454/896c4467b56b.js

67.216.91.5

200 OK

26 kB

URL HTTP/2
www.sizokiwhe.pro/dca454/896c4467b56b.js
IP
67.216.91.5:0
ASN
#35415 Webzilla B.V.

File type
ASCII text, with very long lines (65536), with no line terminators
Size
26 kB (26095 bytes)
Hash
1470da11169a36bc5112aed3ff5a2c5a
6c0123256bdef19458c8b5dfff4f1650d517a60e
76d03c0d2eaa1608a51162a083f1a7d6bf3af3261325ad417de790e93417b367

HTTP Headers

GET /dca454/896c4467b56b.js HTTP/1.1
Host: www.sizokiwhe.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: text/plain
Origin: http://kittyland.ws
Connection: keep-alive
Referer: http://kittyland.ws/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: ucdn/1.22.1
date: Sat, 03 Dec 2022 07:41:12 GMT
content-type: application/javascript
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: Content-Type
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315357528, public
x-ureq-id: XDrrrzssYKy7XniAYHDaCxO/1BtQYlPAo1HVcwFLMsqzmAdmqk/B6ooG0EIWoxnf5jngzO4v15H/4XOXMHf5kBdesHq2ojvvXowTQOwGQ5U=
x-served-from: l1
x-vhostid: 138, 21661
content-encoding: br
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Lobster

142.250.74.106

200 OK

803 B

URL HTTP/2
fonts.googleapis.com/css?family=Lobster
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type
data
Size
803 B (803 bytes)
Hash
34034cc8525196af15e733c43edcbae5
c207b2f9f83ca3ef7afacbb7345f80cf59a75930
b766a57d7e6c948a8e77f47bea74b7529d266bba0bd168803e30033699624018

HTTP Headers

GET /css?family=Lobster HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kittyland.ws/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 03 Dec 2022 07:41:11 GMT
date: Sat, 03 Dec 2022 07:41:11 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google.com/s2/favicons?domain=hdsextube.tv

142.250.74.132

301 Moved Permanently

332 B

URL HTTP/1.1
www.google.com/s2/favicons?domain=hdsextube.tv
IP
142.250.74.132:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Size
332 B (332 bytes)
Hash
b6e59ebcfa87ea6eeea1298b512888d5
a4d4eb71e095a0f72cb43d479cdd31f3b8102661
9da2fe5098ea567388dfc8651a389543cf3953674351f9cec6834f0409026e0b

HTTP Headers

GET /s2/favicons?domain=hdsextube.tv HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kittyland.ws/

HTTP/1.1 301 Moved Permanently
Location: https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://hdsextube.tv&size=16
X-Content-Type-Options: nosniff
Server: sffe
Content-Length: 332
X-XSS-Protection: 0
Date: Sat, 03 Dec 2022 07:15:19 GMT
Expires: Sat, 03 Dec 2022 07:45:19 GMT
Cache-Control: public, max-age=1800
Content-Type: text/html; charset=UTF-8
Age: 1553

www.google-analytics.com/analytics.js

142.250.74.46

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.46:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1325)
Size
20 kB (20039 bytes)
Hash
47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kittyland.ws/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Sat, 03 Dec 2022 06:46:55 GMT
expires: Sat, 03 Dec 2022 08:46:55 GMT
cache-control: public, max-age=7200
age: 3257
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google.com/s2/favicons?domain=anyxxx.me

142.250.74.132

301 Moved Permanently

329 B

URL HTTP/1.1
www.google.com/s2/favicons?domain=anyxxx.me
IP
142.250.74.132:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Size
329 B (329 bytes)
Hash
bad540107e78e90b1ab42c810a6f64ca
524783c2531f2c2085f55d1ad332728ad22ef95d
55b4dd6cf63fc96d5af7efc90844c2a8f836406d9971c43145affc5957ca84e4

HTTP Headers

GET /s2/favicons?domain=anyxxx.me HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kittyland.ws/

HTTP/1.1 301 Moved Permanently
Location: https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://anyxxx.me&size=16
X-Content-Type-Options: nosniff
Server: sffe
Content-Length: 329
X-XSS-Protection: 0
Date: Sat, 03 Dec 2022 07:15:19 GMT
Expires: Sat, 03 Dec 2022 07:45:19 GMT
Cache-Control: public, max-age=1800
Content-Type: text/html; charset=UTF-8
Age: 1553

www.google.com/s2/favicons?domain=hdpornmax.net

142.250.74.132

301 Moved Permanently

333 B

URL HTTP/1.1
www.google.com/s2/favicons?domain=hdpornmax.net
IP
142.250.74.132:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Size
333 B (333 bytes)
Hash
a20c91a7c716e28bd3090aacae5fe28a
cf56821b102edcfeb9de038370153b3c5f2343cc
99cf74f810465c81760d74876f61b41d250c365fed9a2429db5d9d1a94a2fbc1

HTTP Headers

GET /s2/favicons?domain=hdpornmax.net HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kittyland.ws/

HTTP/1.1 301 Moved Permanently
Location: https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://hdpornmax.net&size=16
X-Content-Type-Options: nosniff
Server: sffe
Content-Length: 333
X-XSS-Protection: 0
Date: Sat, 03 Dec 2022 07:15:19 GMT
Expires: Sat, 03 Dec 2022 07:45:19 GMT
Cache-Control: public, max-age=1800
Content-Type: text/html; charset=UTF-8
Age: 1553

www.google.com/s2/favicons?domain=jbslist.top

142.250.74.132

301 Moved Permanently

331 B

URL HTTP/1.1
www.google.com/s2/favicons?domain=jbslist.top
IP
142.250.74.132:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Size
331 B (331 bytes)
Hash
43ff4e1eac235bc6f40e8c2414aac681
792bdc2be97b5534cd0958306a701876ac67b5f9
74f125c07a9bf46abbae5f182dfaf47bdf112468fee50c233983f3dfc55feccf

HTTP Headers

GET /s2/favicons?domain=jbslist.top HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kittyland.ws/

HTTP/1.1 301 Moved Permanently
Location: https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://jbslist.top&size=16
Content-Type: text/html; charset=UTF-8
X-Content-Type-Options: nosniff
Date: Sat, 03 Dec 2022 07:41:12 GMT
Expires: Sat, 03 Dec 2022 08:11:12 GMT
Cache-Control: public, max-age=1800
Server: sffe
Content-Length: 331
X-XSS-Protection: 0

www.google.com/s2/favicons?domain=anyxxx.tv

142.250.74.132

301 Moved Permanently

329 B

URL HTTP/1.1
www.google.com/s2/favicons?domain=anyxxx.tv
IP
142.250.74.132:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Size
329 B (329 bytes)
Hash
ed93b876ca9356565c586b780210b243
8531babc04a6bf94677bdbf3c19355701d3103dc
72ea9f5c11e4a2b48d59e3429aa6ebafd5ebd0b077ffb75febc5da2e139f4c45

HTTP Headers

GET /s2/favicons?domain=anyxxx.tv HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kittyland.ws/

HTTP/1.1 301 Moved Permanently
Location: https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://anyxxx.tv&size=16
X-Content-Type-Options: nosniff
Server: sffe
Content-Length: 329
X-XSS-Protection: 0
Date: Sat, 03 Dec 2022 07:15:19 GMT
Expires: Sat, 03 Dec 2022 07:45:19 GMT
Cache-Control: public, max-age=1800
Content-Type: text/html; charset=UTF-8
Age: 1553

www.google-analytics.com/j/collect?v=1&_v=j98&a=1164273757&t=pageview&_s=1&dl=http%3A%2F%2Fkittyland.ws%2F&ul=en-us&de=UTF-8&dt=Kittyland.ws%20%7C%20Teen%20Porn%20Forum&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAUABAAAAACAAI~&jid=146630459&gjid=353042154&cid=2012465956.1670053271&tid=UA-135448172-1&_gid=1665275430.1670053271&_r=1&gtm=2oubu0&z=332054512

142.250.74.46

200 OK

1 B

URL HTTP/2
www.google-analytics.com/j/collect?v=1&_v=j98&a=1164273757&t=pageview&_s=1&dl=http%3A%2F%2Fkittyland.ws%2F&ul=en-us&de=UTF-8&dt=Kittyland.ws%20%7C%20Teen%20Porn%20Forum&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAUABAAAAACAAI~&jid=146630459&gjid=353042154&cid=2012465956.1670053271&tid=UA-135448172-1&_gid=1665275430.1670053271&_r=1&gtm=2oubu0&z=332054512
IP
142.250.74.46:0
ASN
#15169 GOOGLE

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

HTTP Headers

POST /j/collect?v=1&_v=j98&a=1164273757&t=pageview&_s=1&dl=http%3A%2F%2Fkittyland.ws%2F&ul=en-us&de=UTF-8&dt=Kittyland.ws%20%7C%20Teen%20Porn%20Forum&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAUABAAAAACAAI~&jid=146630459&gjid=353042154&cid=2012465956.1670053271&tid=UA-135448172-1&_gid=1665275430.1670053271&_r=1&gtm=2oubu0&z=332054512 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: http://kittyland.ws
Connection: keep-alive
Referer: http://kittyland.ws/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: http://kittyland.ws
date: Sat, 03 Dec 2022 07:41:13 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://24porn.tv&size=16

142.250.74.100

200 OK

283 B

URL HTTP/2
t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://24porn.tv&size=16
IP
142.250.74.100:0
ASN
#15169 GOOGLE

File type
PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Size
283 B (283 bytes)
Hash
c5b1698c4d26c2d63bbfc124b0681b71
844d2dee7415a3cae8350499ec0b12add789e156
d38e45cf8affd70e0de47b9b36c37fc23a510ea14faf40b614c16bd0c37cdf1a

HTTP Headers

GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://24porn.tv&size=16 HTTP/1.1
Host: t3.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://kittyland.ws/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-location: https://24porn.tv/i/favicon/apple-icon-57x57.png
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 283
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 02 Dec 2022 05:38:18 GMT
expires: Fri, 09 Dec 2022 05:38:18 GMT
cache-control: public, max-age=604800
age: 93775
last-modified: Sat, 25 Jul 2020 09:55:50 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://jviral.buzz&size=16

142.250.74.100

404 Not Found

726 B

URL HTTP/2
t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://jviral.buzz&size=16
IP
142.250.74.100:0
ASN
#15169 GOOGLE

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Size
726 B (726 bytes)
Hash
b8a0bf372c762e966cc99ede8682bc71
2d7c9b60d1e2b4f4726141de2e4ab738110b9287
59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64

HTTP Headers

GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://jviral.buzz&size=16 HTTP/1.1
Host: t3.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://kittyland.ws/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 404 Not Found
cross-origin-resource-policy: cross-origin
content-type: image/png
x-content-type-options: nosniff
date: Sat, 03 Dec 2022 07:41:13 GMT
server: sffe
content-length: 726
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://anyxxx.tv&size=16

142.250.74.100

200 OK

239 B

URL HTTP/2
t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://anyxxx.tv&size=16
IP
142.250.74.100:0
ASN
#15169 GOOGLE

File type
PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Size
239 B (239 bytes)
Hash
cde8fdf8fde40716549d2933804709a8
ad4183499e9608046dc9e01808e6f815f9125df8
a48d941fdd18a8a0fbd797121e1edb17e5dd110d54b3cc26ad9afd45c813ab11

HTTP Headers

GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://anyxxx.tv&size=16 HTTP/1.1
Host: t3.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://kittyland.ws/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-location: https://anyxxx.tv/i/favicon/apple-icon-57x57.png
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 239
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 16:53:11 GMT
expires: Tue, 06 Dec 2022 16:53:11 GMT
cache-control: public, max-age=604800
last-modified: Sun, 17 Nov 2019 05:28:33 GMT
content-type: image/png
age: 312482
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://anyxxx.me&size=16

142.250.74.100

200 OK

279 B

URL HTTP/2
t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://anyxxx.me&size=16
IP
142.250.74.100:0
ASN
#15169 GOOGLE

File type
PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Size
279 B (279 bytes)
Hash
867b7763cb66e3b52e1cab9f44e457ed
1286d804ffe272238c8c7ed575c64e9c67f0814b
f973e57a107e1664720b3a88ce9a55afea5338e2caca4a1bd5c4e3edac091437

HTTP Headers

GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://anyxxx.me&size=16 HTTP/1.1
Host: t3.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://kittyland.ws/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-location: https://anyxxx.me/i/favicon/apple-icon-60x60.png
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 279
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 02 Dec 2022 21:40:33 GMT
expires: Fri, 09 Dec 2022 21:40:33 GMT
cache-control: public, max-age=604800
last-modified: Sun, 26 Jul 2020 15:31:28 GMT
content-type: image/png
age: 36040
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://jbslist.top&size=16

142.250.74.100

200 OK

690 B

URL HTTP/2
t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://jbslist.top&size=16
IP
142.250.74.100:0
ASN
#15169 GOOGLE

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Size
690 B (690 bytes)
Hash
60071760c88670cbaeebbd793fec5a88
2cf1582f9da6c2e0aac3debe5768be31c63df3f6
4d8b81e2b4a3309a4867ceebb9aa434d35bc323976d190a6a2146beda40e5bf1

HTTP Headers

GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://jbslist.top&size=16 HTTP/1.1
Host: t3.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://kittyland.ws/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-location: http://jbslist.top/images/focus/favicon.ico
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 690
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 16:49:34 GMT
expires: Wed, 07 Dec 2022 16:49:34 GMT
cache-control: public, max-age=604800
age: 226299
last-modified: Sat, 20 Apr 2019 09:44:17 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://niceporn.tv&size=16

142.250.74.100

200 OK

205 B

URL HTTP/2
t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://niceporn.tv&size=16
IP
142.250.74.100:0
ASN
#15169 GOOGLE

File type
PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Size
205 B (205 bytes)
Hash
1225e3807d6f671d1c728aa090b8afca
bc6b16cbdcc786788df549928c503e944737072b
48a22e814a57399c87d77d1f0b2de40e4426425a37ba63338ad610644d1364eb

HTTP Headers

GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://niceporn.tv&size=16 HTTP/1.1
Host: t3.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://kittyland.ws/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-location: https://niceporn.tv/i/favicon/apple-icon-57x57.png
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 205
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 00:14:53 GMT
expires: Tue, 06 Dec 2022 00:14:53 GMT
cache-control: public, max-age=604800
age: 372380
last-modified: Sat, 16 Nov 2019 04:54:39 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://lilibox.top&size=16

142.250.74.100

200 OK

565 B

URL HTTP/2
t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://lilibox.top&size=16
IP
142.250.74.100:0
ASN
#15169 GOOGLE

File type
PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Size
565 B (565 bytes)
Hash
63f22f1ceefc11f583c1ef226bc113bc
03c1ad8c4ef751dab23658a66e1f70fe5a364558
3247333430d523ab8e1e023b9f2e1f5a7e592e705fb911940cfd2262cce78719

HTTP Headers

GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://lilibox.top&size=16 HTTP/1.1
Host: t2.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://kittyland.ws/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-location: https://lilibox.top/favicon.ico
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 565
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Dec 2022 06:46:33 GMT
expires: Thu, 08 Dec 2022 06:46:33 GMT
cache-control: public, max-age=604800
age: 176080
last-modified: Sun, 05 Jul 2020 03:07:18 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://hdsextube.tv&size=16

142.250.74.100

200 OK

225 B

URL HTTP/2
t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://hdsextube.tv&size=16
IP
142.250.74.100:0
ASN
#15169 GOOGLE

File type
PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Size
225 B (225 bytes)
Hash
698f5b42114422890362881124e590c7
95c0a0d9e12d8ef4581734799ae72befb7134354
a59cc0779b9c9c887e8f3ac12eeacefcc4d2945d5f4a8ff21ac52b787ce67a6e

HTTP Headers

GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://hdsextube.tv&size=16 HTTP/1.1
Host: t2.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://kittyland.ws/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-location: https://hdsextube.tv/i/favicon/apple-icon-57x57.png
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 225
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 26 Nov 2022 08:14:06 GMT
expires: Sat, 03 Dec 2022 08:14:06 GMT
cache-control: public, max-age=604800
age: 602827
last-modified: Thu, 15 Jul 2021 14:22:52 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://sexyhouse.top&size=16

142.250.74.100

200 OK

565 B

URL HTTP/2
t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://sexyhouse.top&size=16
IP
142.250.74.100:0
ASN
#15169 GOOGLE

File type
PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Size
565 B (565 bytes)
Hash
63f22f1ceefc11f583c1ef226bc113bc
03c1ad8c4ef751dab23658a66e1f70fe5a364558
3247333430d523ab8e1e023b9f2e1f5a7e592e705fb911940cfd2262cce78719

HTTP Headers

GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://sexyhouse.top&size=16 HTTP/1.1
Host: t2.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://kittyland.ws/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-location: https://sexyhouse.top/favicon.ico
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 565
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 27 Nov 2022 10:49:14 GMT
expires: Sun, 04 Dec 2022 10:49:14 GMT
cache-control: public, max-age=604800
age: 507119
last-modified: Sun, 05 Jul 2020 03:07:18 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://jlove.pw&size=16

142.250.74.100

404 Not Found

726 B

URL HTTP/2
t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://jlove.pw&size=16
IP
142.250.74.100:0
ASN
#15169 GOOGLE

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Size
726 B (726 bytes)
Hash
b8a0bf372c762e966cc99ede8682bc71
2d7c9b60d1e2b4f4726141de2e4ab738110b9287
59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64

HTTP Headers

GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://jlove.pw&size=16 HTTP/1.1
Host: t3.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://kittyland.ws/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 404 Not Found
cross-origin-resource-policy: cross-origin
content-type: image/png
x-content-type-options: nosniff
date: Sat, 03 Dec 2022 07:41:13 GMT
server: sffe
content-length: 726
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://24porn.pro&size=16

142.250.74.68

200 OK

276 B

URL HTTP/2
t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://24porn.pro&size=16
IP
142.250.74.68:0
ASN
#15169 GOOGLE

File type
PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Size
276 B (276 bytes)
Hash
c53cd36e5c2e30ee797e90c6a9795bb3
b21981ff3828dc30b8a8db43679dbdcae73e12ce
3668974c9c95935a9ef62cbb92e8e4c50a2d149fb13029b89be20c70e140f0a4

HTTP Headers

GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://24porn.pro&size=16 HTTP/1.1
Host: t1.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://kittyland.ws/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
content-location: https://24porn.pro/i/favicon/apple-icon-57x57.png
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 276
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 02 Dec 2022 17:43:31 GMT
expires: Fri, 09 Dec 2022 17:43:31 GMT
cache-control: public, max-age=604800
age: 50262
last-modified: Fri, 27 Aug 2021 19:26:29 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://hdpornfree.tv&size=16

142.250.74.132

200 OK

413 B

URL HTTP/2
t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://hdpornfree.tv&size=16
IP
142.250.74.132:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 16x16, components 3\012- data
Size
413 B (413 bytes)
Hash
9d84b798ec786a0f39557740f90dbed5
3c598cebc1eb1947499741e023dc4716f04f6e8f
6b87bc8e850b520a9ce6c99b9e6f9782296a320de1460b52ff7fc574ab6bf3df

HTTP Headers

GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://hdpornfree.tv&size=16 HTTP/1.1
Host: t0.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://kittyland.ws/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-location: https://hdpornfree.tv/i/favicon/apple-icon-57x57.png
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 413
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 21:15:38 GMT
expires: Tue, 06 Dec 2022 21:15:38 GMT
cache-control: public, max-age=604800
age: 296735
last-modified: Mon, 17 Aug 2020 04:03:03 GMT
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://fap18.tv&size=16

142.250.74.68

200 OK

248 B

URL HTTP/2
t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://fap18.tv&size=16
IP
142.250.74.68:0
ASN
#15169 GOOGLE

File type
PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Size
248 B (248 bytes)
Hash
8e6ba5af4906e0f7e0278ffeb02bdedc
907b0b3dd605218b7f84c0eb8cc16edceb0ebe20
000bb8316fbe3758f43c20aa99c67cb869cfe42de916afdcdcb71d4f72449c6c

HTTP Headers

GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://fap18.tv&size=16 HTTP/1.1
Host: t1.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://kittyland.ws/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-location: https://fap18.tv/i/favicon/apple-icon-57x57.png
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 248
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Dec 2022 10:11:58 GMT
expires: Thu, 08 Dec 2022 10:11:58 GMT
cache-control: public, max-age=604800
age: 163755
last-modified: Tue, 07 Dec 2021 12:56:04 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://blackdaddy.top&size=16

142.250.74.132

404 Not Found

726 B

URL HTTP/2
t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://blackdaddy.top&size=16
IP
142.250.74.132:0
ASN
#15169 GOOGLE

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Size
726 B (726 bytes)
Hash
b8a0bf372c762e966cc99ede8682bc71
2d7c9b60d1e2b4f4726141de2e4ab738110b9287
59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64

HTTP Headers

GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://blackdaddy.top&size=16 HTTP/1.1
Host: t0.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://kittyland.ws/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 404 Not Found
cross-origin-resource-policy: cross-origin
content-type: image/png
x-content-type-options: nosniff
date: Sat, 03 Dec 2022 07:41:13 GMT
server: sffe
content-length: 726
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://sybilleporn.com&size=16

142.250.74.100

404 Not Found

726 B

URL HTTP/2
t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://sybilleporn.com&size=16
IP
142.250.74.100:0
ASN
#15169 GOOGLE

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Size
726 B (726 bytes)
Hash
b8a0bf372c762e966cc99ede8682bc71
2d7c9b60d1e2b4f4726141de2e4ab738110b9287
59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64

HTTP Headers

GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://sybilleporn.com&size=16 HTTP/1.1
Host: t2.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://kittyland.ws/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 404 Not Found
cross-origin-resource-policy: cross-origin
content-type: image/png
x-content-type-options: nosniff
date: Sat, 03 Dec 2022 07:41:13 GMT
server: sffe
content-length: 726
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://hdpornmax.net&size=16

142.250.74.68

200 OK

218 B

URL HTTP/2
t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://hdpornmax.net&size=16
IP
142.250.74.68:0
ASN
#15169 GOOGLE

File type
PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Size
218 B (218 bytes)
Hash
23e7c74eb1c0d8c317fd1e522496a999
8b5f32b58d0e610aff161adb60c201066a4760b5
02c4e5409423f4284363cb06f5108d7234cdd15d15ab9377d16067fe981423fe

HTTP Headers

GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://hdpornmax.net&size=16 HTTP/1.1
Host: t1.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://kittyland.ws/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-location: https://hdpornmax.net/i/favicon/apple-icon-57x57.png
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 218
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 18:55:01 GMT
expires: Tue, 06 Dec 2022 18:55:01 GMT
cache-control: public, max-age=604800
age: 305172
last-modified: Sun, 16 Aug 2020 18:06:23 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://jrice.buzz&size=16

142.250.74.68

404 Not Found

726 B

URL HTTP/2
t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://jrice.buzz&size=16
IP
142.250.74.68:0
ASN
#15169 GOOGLE

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Size
726 B (726 bytes)
Hash
b8a0bf372c762e966cc99ede8682bc71
2d7c9b60d1e2b4f4726141de2e4ab738110b9287
59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64

HTTP Headers

GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://jrice.buzz&size=16 HTTP/1.1
Host: t1.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://kittyland.ws/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 404 Not Found
cross-origin-resource-policy: cross-origin
content-type: image/png
x-content-type-options: nosniff
date: Sat, 03 Dec 2022 07:41:13 GMT
server: sffe
content-length: 726
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://tubepornstars.tv&size=16

142.250.74.100

200 OK

311 B

URL HTTP/2
t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://tubepornstars.tv&size=16
IP
142.250.74.100:0
ASN
#15169 GOOGLE

File type
PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Size
311 B (311 bytes)
Hash
c2909676a97b1fdabd860e42061291f7
a0a396b2972582da6a8755bf83ecaf786d7595cb
5663a817552e2624296bf8f86aea6c8f444b80f314376d675154247ac9dd8e6e

HTTP Headers

GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://tubepornstars.tv&size=16 HTTP/1.1
Host: t2.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://kittyland.ws/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
content-location: https://tubepornstars.tv/i/favicon/apple-icon-57x57.png
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 311
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 07:38:35 GMT
expires: Tue, 06 Dec 2022 07:38:35 GMT
cache-control: public, max-age=604800
age: 345758
last-modified: Mon, 09 Nov 2020 21:21:25 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://bodyxxx.top&size=16

142.250.74.132

404 Not Found

726 B

URL HTTP/2
t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://bodyxxx.top&size=16
IP
142.250.74.132:0
ASN
#15169 GOOGLE

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Size
726 B (726 bytes)
Hash
b8a0bf372c762e966cc99ede8682bc71
2d7c9b60d1e2b4f4726141de2e4ab738110b9287
59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64

HTTP Headers

GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://bodyxxx.top&size=16 HTTP/1.1
Host: t0.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://kittyland.ws/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 404 Not Found
cross-origin-resource-policy: cross-origin
content-type: image/png
x-content-type-options: nosniff
date: Sat, 03 Dec 2022 07:41:13 GMT
server: sffe
content-length: 726
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://candyhub.ga&size=16

142.250.74.100

404 Not Found

726 B

URL HTTP/2
t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://candyhub.ga&size=16
IP
142.250.74.100:0
ASN
#15169 GOOGLE

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Size
726 B (726 bytes)
Hash
b8a0bf372c762e966cc99ede8682bc71
2d7c9b60d1e2b4f4726141de2e4ab738110b9287
59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64

HTTP Headers

GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://candyhub.ga&size=16 HTTP/1.1
Host: t2.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://kittyland.ws/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 404 Not Found
cross-origin-resource-policy: cross-origin
content-type: image/png
x-content-type-options: nosniff
date: Sat, 03 Dec 2022 07:41:13 GMT
server: sffe
content-length: 726
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

d24ak3f2b.top/advertisers.js

142.0.204.220

301 Moved Permanently

169 B

URL HTTP/1.1
d24ak3f2b.top/advertisers.js
IP
142.0.204.220:0
ASN
#7979 SERVERS-COM

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
169 B (169 bytes)
Hash
b67ff43c74c409b92738a1ffb1f475d1
a2412a605ea6acb486140efeaa8724437f1ca2d4
ed0e3abc38200f1ac27c81af2b64db537ceb7379bf2554b7cb6d697aa7daf014

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET /advertisers.js HTTP/1.1
Host: d24ak3f2b.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kittyland.ws/

HTTP/1.1 301 Moved Permanently
Server: nginx/1.17.6
Date: Sat, 03 Dec 2022 07:41:13 GMT
Content-Type: text/html
Content-Length: 169
Connection: keep-alive
Location: https://d24ak3f2b.top/advertisers.js

kittyland.ws/favicon.ico

103.109.100.248

200 OK

801 B

URL HTTP/1.1
kittyland.ws/favicon.ico
IP
103.109.100.248:0
ASN
#206264 Amarutu Technology Ltd

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Size
801 B (801 bytes)
Hash
b7f2dffaa88cad48dde72cd70b61b82b
04a8b696763c6d0186aca72fd7c48cd51b4d9e97
62151b674703a300dd668ccad9550335d2b687b12a9cda00a53581c3c83c2868

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: kittyland.ws
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kittyland.ws/
Cookie: mybb[lastvisit]=1670053270; mybb[lastactive]=1670053270; sid=ce7271ba07925e8998e6468f9e3434ec; 149b4=bm9yZWZ8fHwxfDB8MHxub25lfDA6; 149b4b=1670053271; ppu_main_a289cea0efc01ecc6d483b54b6e14570=1; dom3ic8zudi28v8lr6fgphwffqoz0j6c=10b83ff3-c7d4-4432-9730-25fbbce3a4af%3A3%3A1

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 03 Dec 2022 07:41:12 GMT
Content-Type: image/vnd.microsoft.icon
Content-Length: 801
Connection: keep-alive
X-Accel-Version: 0.01
Last-Modified: Fri, 13 Sep 2019 05:33:54 GMT
ETag: "321-59268998d9480"
Accept-Ranges: bytes
X-Powered-By: PleskLin

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5896
Expires: Sat, 03 Dec 2022 09:19:29 GMT
Date: Sat, 03 Dec 2022 07:41:13 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5896
Expires: Sat, 03 Dec 2022 09:19:29 GMT
Date: Sat, 03 Dec 2022 07:41:13 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5896
Expires: Sat, 03 Dec 2022 09:19:29 GMT
Date: Sat, 03 Dec 2022 07:41:13 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5898
Expires: Sat, 03 Dec 2022 09:19:31 GMT
Date: Sat, 03 Dec 2022 07:41:13 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5896
Expires: Sat, 03 Dec 2022 09:19:29 GMT
Date: Sat, 03 Dec 2022 07:41:13 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59297fb7-bcb3-48eb-83b5-7d264b21c3db.jpeg

34.120.237.76

200 OK

8.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59297fb7-bcb3-48eb-83b5-7d264b21c3db.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.0 kB (8016 bytes)
Hash
436b46a2eea584bd8ec1dba5603c8659
fed437d1919af63f9d58396f318568aadae3d868
fff21dd129f35807bfc29c6582661a79e764238076e540968b57fcad18811566

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59297fb7-bcb3-48eb-83b5-7d264b21c3db.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8016
x-amzn-requestid: bfb5f288-4467-467a-9b30-1055a4e6bc54
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ciZPeE4nIAMFvnQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638a6f2f-53a5a66704157f4e003ecfa4;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 21:33:35 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: lUqXgbpEaZh9DO_rv0K5pzHUAF1DsASkKYNTU6t5AUWZjHNV9LRojA==
via: 1.1 aabd01c4a20dae837d162bd972422efc.cloudfront.net (CloudFront), 1.1 36810aa1793ee589dc8c194860296078.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 22:01:05 GMT
age: 34808
etag: "fed437d1919af63f9d58396f318568aadae3d868"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5e765102-d7b9-4765-a166-db04ae6113bc.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11233 bytes)
Hash
dcdb77a21f91a4a280ac9a8efbc48bbd
74c974eaf1cbdf6c5ae11793e42caf4c4e4cb25d
5ee7c45f21b38c653d03a24b10a190a9e9266226d221b006e787cd3719088d7f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5e765102-d7b9-4765-a166-db04ae6113bc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11233
x-amzn-requestid: 89afb72e-6967-47d0-a0ad-48cad8cd08e3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cIpgOEi0oAMFstg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638022ce-1e8087e734e71d611df75830;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 02:05:02 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: d9wLy3xAxK6RiYf25v_GFT1gdezT8IzMxaFyGRuGm2nxOBh6uEOg3w==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 22:01:29 GMT
age: 34784
etag: "74c974eaf1cbdf6c5ae11793e42caf4c4e4cb25d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

2.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
2.9 kB (2942 bytes)
Hash
b47431190f34eccf0a6efb98e2a32b7d
9fc7ab3a4eb2d36fd6df7e0267a26a47627d1704
08d3b6be354cafb70c20e6865788cb375adbf88d47711651fe1a3b855094daf2

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 2942
x-amzn-requestid: ed26679f-cd56-477f-9914-f9afbcaaeea6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGeoGFYoAMFWgA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891df7-4ec6bebe21656d5026456994;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:47 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XvG2dAUeB914GQ1qJwQRHovAtra8OSjG-CsXeR8UOBq5r8qVjEbPBQ==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 05:02:08 GMT
age: 9545
etag: "9fc7ab3a4eb2d36fd6df7e0267a26a47627d1704"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F73b53015-e415-4fff-9252-8a16bbe000f5.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.7 kB (9715 bytes)
Hash
45182367fd4f8b6dd234eef1022acdb1
d4b3052021ff3ad1dc4134fa25eb12a98e7c17da
a57fadaf74db2fb457cfe761314d56f021d22146f5bdb6a8bf11b6519e8a558d

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F73b53015-e415-4fff-9252-8a16bbe000f5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9715
x-amzn-requestid: c8102cfa-78dc-4d81-ad6a-e16b9132e238
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ciZO2HQKIAMF8IA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638a6f2b-350c586b568e6565763376bd;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 21:33:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 0QkVKyYm9UwlF5FEeli9UsRAQwEi3-c3bMR-QSJxIKRQe7WWT76dGQ==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 21:51:06 GMT
age: 35407
etag: "d4b3052021ff3ad1dc4134fa25eb12a98e7c17da"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e545217-31b4-442a-abef-bcaaffcd0407.png
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.4 kB (9449 bytes)
Hash
249aec334460c66dc88b9e8def4e48df
f86d1d278ba5b24587b10519b1b30d75044efd97
b083151804ced0533a5b33302ef110b50ddc4bf653de0fb8f6c7711f4bc29fe2

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e545217-31b4-442a-abef-bcaaffcd0407.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9449
x-amzn-requestid: c21c52f9-d971-46d9-b632-0439a0e23da4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ciZkxHKbIAMFxkQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638a6fb7-2b8cc0982af568626f4a4bbf;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 21:35:51 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XFIpOllaPcRJOsgZI2EVDyFv-Doz62OcY6gxFlejoXxdeVGya-PNFg==
via: 1.1 b838ef1ff22a4a994af82d5178c30e1c.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 21:53:26 GMT
age: 35267
etag: "f86d1d278ba5b24587b10519b1b30d75044efd97"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

3.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8498f68-55a6-46be-9eb1-671b7a90a148.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
3.3 kB (3321 bytes)
Hash
ce5811e1c83156e6a6d4557c33faafe5
ba23b3c6adc42832ccd60941123d78dab3e435d5
a9394a4f8f80733a19fb03bc3ad216f4e15c9ba7110e2e181272304ea2f3f2df

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8498f68-55a6-46be-9eb1-671b7a90a148.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 3321
x-amzn-requestid: b418b18c-969e-4525-8263-0c910593f7fa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ciZN2HJaoAMFQ2Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638a6f25-5196fa3028f5fb80160617af;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 21:33:25 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: zjXwnCMm7SoCWDGhO71JV6Itob3-rdlXetrU2UmDw6p-eeFt0T6sfA==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 21:49:27 GMT
etag: "ba23b3c6adc42832ccd60941123d78dab3e435d5"
content-type: image/jpeg
age: 35506
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c3ffcfe4805f6021008d31295afd1cc9
9e948781f867b213b5c8d57e860db7fb90893764
c0e18d4fbffbd76492c76fabc6bbfc3e96d023cc1c0cff6db1da24365226c44e

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C0E18D4FBFFBD76492C76FABC6BBFC3E96D023CC1C0CFF6DB1DA24365226C44E"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14775
Expires: Sat, 03 Dec 2022 11:47:28 GMT
Date: Sat, 03 Dec 2022 07:41:13 GMT
Connection: keep-alive

d24ak3f2b.top/advertisers.js

142.0.204.220

200 OK

0 B

URL HTTP/1.1
d24ak3f2b.top/advertisers.js
IP
142.0.204.220:0
ASN
#7979 SERVERS-COM

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET /advertisers.js HTTP/1.1
Host: d24ak3f2b.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://kittyland.ws/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sat, 03 Dec 2022 07:41:13 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive

unseenreport.com/pxf.gif?uuid=10b83ff3-c7d4-4432-9730-25fbbce3a4af&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1053&b_frame=0&pk=a289cea0efc01ecc6d483b54b6e14570&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=7

192.243.59.12

200 OK

1 B

URL HTTP/1.1
unseenreport.com/pxf.gif?uuid=10b83ff3-c7d4-4432-9730-25fbbce3a4af&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1053&b_frame=0&pk=a289cea0efc01ecc6d483b54b6e14570&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=7
IP
192.243.59.12:0
ASN
#39572 DataWeb Global Group B.V.

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=10b83ff3-c7d4-4432-9730-25fbbce3a4af&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1053&b_frame=0&pk=a289cea0efc01ecc6d483b54b6e14570&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=7 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kittyland.ws/

HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sat, 03 Dec 2022 07:41:14 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 2dd257c93adca5a220474ab80f2ea3c3
Strict-Transport-Security: max-age=0; includeSubdomains

unseenreport.com/pxf.gif?uuid=10b83ff3-c7d4-4432-9730-25fbbce3a4af&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1053&b_frame=0&pk=4375f70441eacfde85e17f2cc1e0a66f&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=7

192.243.59.12

200 OK

1 B

URL HTTP/1.1
unseenreport.com/pxf.gif?uuid=10b83ff3-c7d4-4432-9730-25fbbce3a4af&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1053&b_frame=0&pk=4375f70441eacfde85e17f2cc1e0a66f&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=7
IP
192.243.59.12:0
ASN
#39572 DataWeb Global Group B.V.

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=10b83ff3-c7d4-4432-9730-25fbbce3a4af&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1053&b_frame=0&pk=4375f70441eacfde85e17f2cc1e0a66f&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=7 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kittyland.ws/

HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sat, 03 Dec 2022 07:41:14 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 16efe7b146d29a706e9b3042ef2f7efe
Strict-Transport-Security: max-age=0; includeSubdomains

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
2aecb4f85e02ebc697bb91bb67456d82
2ef35add95a18ac5846ee32df0dd0a63700a2133
4bc2f398453e4555768605e037634156176592626df384f881d782e85b316ca9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4BC2F398453E4555768605E037634156176592626DF384F881D782E85B316CA9"
Last-Modified: Fri, 02 Dec 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9261
Expires: Sat, 03 Dec 2022 10:15:39 GMT
Date: Sat, 03 Dec 2022 07:41:18 GMT
Connection: keep-alive

organexpectationsmaintain.com/sbar.json?key=4375f70441eacfde85e17f2cc1e0a66f&uuid=10b83ff3-c7d4-4432-9730-25fbbce3a4af%3A3%3A1

192.243.59.12

403 Forbidden

0 B

URL HTTP/1.1
organexpectationsmaintain.com/sbar.json?key=4375f70441eacfde85e17f2cc1e0a66f&uuid=10b83ff3-c7d4-4432-9730-25fbbce3a4af%3A3%3A1
IP
192.243.59.12:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /sbar.json?key=4375f70441eacfde85e17f2cc1e0a66f&uuid=10b83ff3-c7d4-4432-9730-25fbbce3a4af%3A3%3A1 HTTP/1.1
Host: organexpectationsmaintain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://kittyland.ws
Connection: keep-alive
Referer: http://kittyland.ws/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 403 Forbidden
Server: nginx/1.17.6
Date: Sat, 03 Dec 2022 07:41:18 GMT
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA

organexpectationsmaintain.com/pixel/sbe?t=1&error=timeout

192.243.59.12

200 OK

0 B

URL HTTP/1.1
organexpectationsmaintain.com/pixel/sbe?t=1&error=timeout
IP
192.243.59.12:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /pixel/sbe?t=1&error=timeout HTTP/1.1
Host: organexpectationsmaintain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kittyland.ws/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sat, 03 Dec 2022 07:41:18 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

use.fontawesome.com/releases/v5.5.0/css/all.css

172.64.133.15

200 OK

0 B

URL HTTP/2
use.fontawesome.com/releases/v5.5.0/css/all.css
IP
172.64.133.15:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /releases/v5.5.0/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://kittyland.ws
Connection: keep-alive
Referer: http://kittyland.ws/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 03 Dec 2022 07:41:11 GMT
content-type: text/css
x-amz-id-2: wZ9BtsRgr5gZ2v6YayPSG+L4OUC88JpTz+G8bQtF+0KHbphgqr/wfFTOUBA/WkSbskwBhBVjqz4=
x-amz-request-id: 3JAS5C4QMC17M595
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:43:32 GMT
etag: W/"1cc6c92172d124fbd305ba3d8e263333"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 555827
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cD3lrpT2ZWG0ghN5CvF8tUBTcB5XHc6lj8JULn1SKAyR0zE593ieah42dudWs%2F8oLyxsKL%2FwLlyJBuC2nkUJ3HXYknLCQwt%2FCo%2FhUjqocDU0fgDprfthp2OC12KM07W5OXyYJ8zO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 773aa8923c10773b-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (18)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP