bitcoinera.app/
301 Moved Permanently 231 B IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 5df9953d178aaaaac8ed71acc920327a
c4a30cd3173591a51fd3942e2407f7c069f9839f
b2cbff62d9d42d7d1830b87ad28e3bf4037603575f575329bb4ea0c9c73b9e4c
Analyzer Verdict Alert quad9 Sinkholed
GET / HTTP/1.1
Host: bitcoinera.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Wed, 07 Dec 2022 10:13:31 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://bitcoinera.app/
Host-Header: 6b7412fb82ca5edfd0917e3957f05d89
X-Proxy-Cache: MISS
X-Proxy-Cache-Info: 0301 NC:000000 UP:
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rMm6ehKmRM5Bti7fjIuxJKIgs8UhMWyQ4eMEX82Y7KhVUOBpxvxvcJCdfS%2Fj4hK4XOjCK6L%2FjZ53vRvSp%2FQHAXXSee%2FCV%2FA2WyYs8%2FwCEd%2F1uDD0CVH6MbfumqJbEiNiCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 775c7d380cc7b4f4-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 5ceaca9fd4ad000cb435820812fc69c8
8168397aaf7b572c89a9c83f46c0b65e4ac509f2
9c4e52e7e17158307d752db0bc3d1fbedae4f305cc301fd73b260f73ab796492
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9C4E52E7E17158307D752DB0BC3D1FBEDAE4F305CC301FD73B260F73AB796492"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10565
Expires: Wed, 07 Dec 2022 13:09:36 GMT
Date: Wed, 07 Dec 2022 10:13:31 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash a0abf10fb7e96c1c98dacf2f013a68b4
acdd839bce85eadc78a8e821e32e00a958d5c0c8
b85d98f8df05431777d96c767ce4c152302ec3f653cdf6e61c8c3fa9574f3255
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B85D98F8DF05431777D96C767CE4C152302EC3F653CDF6E61C8C3FA9574F3255"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10490
Expires: Wed, 07 Dec 2022 13:08:21 GMT
Date: Wed, 07 Dec 2022 10:13:31 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 471 B IP
Hash f83c5e33ba42e312ee398848bbb711f5
caa1fd23b1fbbe883292ded04404c1cfd861eb09
106d08fba45f1e13f85b4b5abc456594878494238933e54b6a06e21ed8a52bc9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5492
Cache-Control: max-age=92959
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 10:13:31 GMT
Etag: "638f19f6-1d7"
Expires: Thu, 08 Dec 2022 12:02:50 GMT
Last-Modified: Tue, 06 Dec 2022 10:31:18 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: DzcG4HpIgPPR9Xz2+quVwPHmspZ0R1Jupyk+A84eETj8BkGM2KSxKJPGDcWriXyxEzfn7O6smhE=
x-amz-request-id: HXDFFJZNW18BCZ0N
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 07 Dec 2022 09:49:19 GMT
age: 1452
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 07 Dec 2022 09:18:46 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 3285
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/XVFPnaTvoko
200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/XVFPnaTvoko
IP
Hash 10027981a3964ed9082e264a824f00ba
4d8c108d50a7802648ef36fdc3f4b4d1f4e3f9fc
bd4046a8021ff08ea8335defa211635c68096fccb0bca466263d9602a51c665b
POST /s/gts1p5/XVFPnaTvoko HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 10:13:31 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 10:13:31 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/XVFPnaTvoko
200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/XVFPnaTvoko
IP
Hash 10027981a3964ed9082e264a824f00ba
4d8c108d50a7802648ef36fdc3f4b4d1f4e3f9fc
bd4046a8021ff08ea8335defa211635c68096fccb0bca466263d9602a51c665b
POST /s/gts1p5/XVFPnaTvoko HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 10:13:31 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 3074a66f6d9b2e2af9b41ec0e2f4e2db
942e2c49b3848f11da966937f5914c62aed24bce
7c3b21b91aab06aff58cc56ce4b7273a7d320df8b0b4ad685c660e03ba0b72aa
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 10:13:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
200 OK 31 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
IP
File type ASCII text, with very long lines (65451)
Hash 903bc7a7e510f87aa5d0201eb59a0832
ac9aa4dd94cde1bcba9037e94087138b127e41fc
41a7ac8150cc9f38421451d5143c1ffec7a1f1fafbf7a7fc0f51b98ad699cf8f
GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bitcoinera.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31021
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Dec 2022 20:41:38 GMT
expires: Wed, 06 Dec 2023 20:41:38 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Fri, 08 May 2020 07:05:03 GMT
content-type: text/javascript; charset=UTF-8
age: 48714
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 07 Dec 2022 10:08:58 GMT
cache-control: public,max-age=3600
age: 274
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 5.9 kB IP
Hash d5dde63be86fedb54b82ad1adcdae15c
1dc2e758027890dfc188ca067b4f62108d1192ff
a9f7189745f08335aa32adcf7275aa74fe86dce7c47e5e0ef860085023d4e067
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 10:13:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
200 OK 471 B IP
Hash 0f7dcaa590e32cfd1c075255188d5f06
d4bb4954fefdb3b59560b54adf500e806e252e39
195795c2511b31519134f5eb4442d8708918ecaff72f8e821a5473ad7c97c448
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5495
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 10:13:32 GMT
Last-Modified: Wed, 07 Dec 2022 08:41:57 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
200 OK 970 B IP
Hash b0fec790571f995bce4d004e4160da18
1e2e476d9b0bfc4eb0c6e8e860eb68e3728d5a40
1a7d48b908f842556469adcc68b87109066c801fae9787109cd4cdc027bff043
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 10:13:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash ec6ece82a7cb8faa3ba171efae3a9eda
7ee75fba9a9d1078960f7834d71961c38f514b82
301d0c4d73b444369e488ee4f78b3a994a9168ec6c6d46cd7f3448722a841a2e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 10:13:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: m3Zkak2dFhM7wdMHhcQl3Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 0cNM31a2SjFheuo/rZzQ6eXMTYY=
fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1x4gaVc.ttf
200 OK 22 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1x4gaVc.ttf
IP
Hash a9a4a728f0e01dead6cd16a566582879
a6fa0dce5535c491ada4b10002ce74d0e301fcd8
260232e6c349c1bcc56a1bc30486da574484aef62d18c34d7dde530a7e98abc0
GET /s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1x4gaVc.ttf HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bitcoinera.app
Connection: keep-alive
Referer: https://bitcoinera.app/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 20549
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Dec 2022 17:11:26 GMT
expires: Wed, 06 Dec 2023 17:11:26 GMT
cache-control: public, max-age=31536000
age: 61326
last-modified: Mon, 15 Aug 2022 18:14:45 GMT
content-type: font/ttf
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVc.ttf
200 OK 21 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVc.ttf
IP
File type TrueType Font data, 18 tables, 1st "GDEF", 14 names, Microsoft, language 0x409, Copyright 2020 The Open Sans Project Authors (https://github.com/googlefonts/opensans)Open SansR\012- data
Hash 63f124cc58fb3f1e5e04b2961edc0f7b
a7e225ab157af0246fbc151ffe513c0b555032c5
484be1fa4b0ddf5a535046b293963ce7cfe6f2659f50309d7bdb6399a732637d
GET /s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVc.ttf HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://bitcoinera.app
Connection: keep-alive
Referer: https://bitcoinera.app/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 21006
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Dec 2022 09:56:45 GMT
expires: Wed, 06 Dec 2023 09:56:45 GMT
cache-control: public, max-age=31536000
age: 87407
last-modified: Mon, 15 Aug 2022 18:14:44 GMT
content-type: font/ttf
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 1.6 kB IP
Hash 87e8bfcade939e81254b102a7326d3a0
62c97c78e344a9d0bb6e51035ebdb3d939dc42bd
2347eca424504365b52c8ddd6723e72df6088961d77dcaa6a40256f334bc5ef5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=123419
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 10:13:32 GMT
Etag: "638fa667-117"
Expires: Thu, 08 Dec 2022 20:30:31 GMT
Last-Modified: Tue, 06 Dec 2022 20:30:31 GMT
Server: nginx
Content-Length: 279
ocsp.digicert.com/
200 OK 279 B IP
Hash fdeb560402df41da8e7198df4028502b
fecbe1e3d60929612aa912b65f12e80dc055c643
12b99919191de39bfda164da380721af5fb6b30e3bdbaf98dd77fcd407eaa4bb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=123419
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 10:13:32 GMT
Etag: "638fa667-117"
Expires: Thu, 08 Dec 2022 20:30:31 GMT
Last-Modified: Tue, 06 Dec 2022 20:30:31 GMT
Server: nginx
Content-Length: 279
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash ec6ece82a7cb8faa3ba171efae3a9eda
7ee75fba9a9d1078960f7834d71961c38f514b82
301d0c4d73b444369e488ee4f78b3a994a9168ec6c6d46cd7f3448722a841a2e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 10:13:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 33 kB IP
Hash 89b6c9c34efa69e4d8458675ea3588f9
20a4b8e85a344cee5d5a34ac7e6c37d055a4cdc0
ad98cc44f6d16ea2ced762114bf04b2a3fc416f77dda569ab1fa459e74f9a9f9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 10:13:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/analytics.js
200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bitcoinera.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Wed, 07 Dec 2022 08:46:55 GMT
expires: Wed, 07 Dec 2022 10:46:55 GMT
cache-control: public, max-age=7200
age: 5197
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 8aa9320315b7fc787bfd0fd1baea8721
45328506883b22acc927b8038b73e5247b0a1679
c5827834b5ce1e49980b439410b06fca062d877abd8ca89719b589a2fe28b4b9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 10:13:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
200 OK 279 B IP
Hash fdeb560402df41da8e7198df4028502b
fecbe1e3d60929612aa912b65f12e80dc055c643
12b99919191de39bfda164da380721af5fb6b30e3bdbaf98dd77fcd407eaa4bb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1
Cache-Control: max-age=123419
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 10:13:33 GMT
Etag: "638fa667-117"
Expires: Thu, 08 Dec 2022 20:30:32 GMT
Last-Modified: Tue, 06 Dec 2022 20:30:31 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
200 OK 278 B IP
Hash a35065db4ffb7b001870f01e7cac250e
d2c6d3230e64c1341f7ebdbb46cf98016ab648c6
1f071c4ef1c80cb1ca40b0daf2832c9d9b303754e4e504153d83d71784bb165d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=127045
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 10:13:33 GMT
Etag: "638fb492-116"
Expires: Thu, 08 Dec 2022 21:30:58 GMT
Last-Modified: Tue, 06 Dec 2022 21:30:58 GMT
Server: nginx
Content-Length: 278
ocsp.digicert.com/
200 OK 278 B IP
Hash a35065db4ffb7b001870f01e7cac250e
d2c6d3230e64c1341f7ebdbb46cf98016ab648c6
1f071c4ef1c80cb1ca40b0daf2832c9d9b303754e4e504153d83d71784bb165d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: max-age=127045
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 10:13:33 GMT
Etag: "638fb492-116"
Expires: Thu, 08 Dec 2022 21:30:58 GMT
Last-Modified: Tue, 06 Dec 2022 21:30:58 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 278
mars-e.pumpkinospopeye.tech/click/frm_seoemd_v3/assets/shield.png
200 OK 3.7 kB URL HTTP/2 mars-e.pumpkinospopeye.tech/click/frm_seoemd_v3/assets/shield.png
IP
File type PNG image data, 125 x 139, 8-bit/color RGBA, non-interlaced\012- data
Hash b8e0ba7a14a5f22a516513c88e7381ba
212b694a345fada6d2e47213f7d1d1db029056e8
6929df09ec97595c9f55a81ab25f1c7288741181b404dafd32fce012c12ed1f9
GET /click/frm_seoemd_v3/assets/shield.png HTTP/1.1
Host: mars-e.pumpkinospopeye.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mars-e.pumpkinospopeye.tech/l/eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpYXQiOjE2NzA0MDgwMTMsIm5iZiI6MTY3MDQwODAxMywiZXhwIjoxNjcwNDE4ODEzLCJkYXRhIjp7ImxhbmRlck5hbWUiOiJmcm1fc2VvZW1kX3YzIiwiaXBBZGRyZXNzIjoiOTEuOTAuNDIuMTU0IiwiYm94IjoiMTViZjU1NDI0NGE5MzA0MjA5ZDk0MmQzYzhlZWRiZDMifX0.Jc_9q_TohlnLkSvzjsZsDbc5UvJWsi-j08w5CcX-TxY
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 10:13:33 GMT
content-type: image/png
content-length: 3670
last-modified: Mon, 02 Aug 2021 08:56:38 GMT
etag: "6107b346-e56"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
referrer-policy: unsafe-url
content-security-policy: default-src * https: data: blob: wss: 'unsafe-inline'
cf-cache-status: HIT
age: 178017
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EIUZqJq9miXrB5RfogQHpP69w6hyj2ij14gMkdQb7LPZfl4ZqOmZ9FNrPZ0p8RlSAwm2URJTPnjGpa1gjxv2vC0gNTzQ15K62h6jJCXv5M%2B%2B6TqCEIc4idkYNFlE095y5n0skmPu%2FPc29Ml7xhA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 775c7d475f7cb529-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
mars-e.pumpkinospopeye.tech/click/frm_seoemd_v3/assets/payout.png
200 OK 4.2 kB URL HTTP/2 mars-e.pumpkinospopeye.tech/click/frm_seoemd_v3/assets/payout.png
IP
File type PNG image data, 125 x 139, 8-bit/color RGBA, non-interlaced\012- data
Hash 84c4c0865556076730a9582e5bd563fd
b56ac6310a0f3781fe2106f14f19460b29e2a472
b81ae15cbb71d15c3dd67c8ca248b5fd01ab1b7e808951e7748fd802c56877e1
GET /click/frm_seoemd_v3/assets/payout.png HTTP/1.1
Host: mars-e.pumpkinospopeye.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mars-e.pumpkinospopeye.tech/l/eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpYXQiOjE2NzA0MDgwMTMsIm5iZiI6MTY3MDQwODAxMywiZXhwIjoxNjcwNDE4ODEzLCJkYXRhIjp7ImxhbmRlck5hbWUiOiJmcm1fc2VvZW1kX3YzIiwiaXBBZGRyZXNzIjoiOTEuOTAuNDIuMTU0IiwiYm94IjoiMTViZjU1NDI0NGE5MzA0MjA5ZDk0MmQzYzhlZWRiZDMifX0.Jc_9q_TohlnLkSvzjsZsDbc5UvJWsi-j08w5CcX-TxY
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 10:13:33 GMT
content-type: image/png
content-length: 4228
last-modified: Mon, 02 Aug 2021 08:56:36 GMT
etag: "6107b344-1084"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
referrer-policy: unsafe-url
content-security-policy: default-src * https: data: blob: wss: 'unsafe-inline'
cf-cache-status: HIT
age: 178017
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kVRKGfVEBO0Vf3bs%2B9GM2W%2BGt%2B9mwCFvFibNs77acvxm1UA1UAxQZlWshUEaZWU45MP%2FEa5sWn9DfxJ02BhDSD%2FIPddWIu%2F3e83gZx5ll9cByDC0qWfE6iCv2BAxCsUHrSVTxNLbdpAYaxpwf3g%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 775c7d475f80b529-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
mars-e.pumpkinospopeye.tech/click/frm_seoemd_v3/assets/bonus.png
200 OK 5.1 kB URL HTTP/2 mars-e.pumpkinospopeye.tech/click/frm_seoemd_v3/assets/bonus.png
IP
File type PNG image data, 125 x 139, 8-bit/color RGBA, non-interlaced\012- data
Hash 8cb980486fc2dccb6c2ce28b70db75a9
347e01ca79ade0f406074bad8bf01318bea49b40
be04261964fe6c0fb096672714ea02f330b345db899882b0a400ad8ad3b861a6
GET /click/frm_seoemd_v3/assets/bonus.png HTTP/1.1
Host: mars-e.pumpkinospopeye.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mars-e.pumpkinospopeye.tech/l/eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpYXQiOjE2NzA0MDgwMTMsIm5iZiI6MTY3MDQwODAxMywiZXhwIjoxNjcwNDE4ODEzLCJkYXRhIjp7ImxhbmRlck5hbWUiOiJmcm1fc2VvZW1kX3YzIiwiaXBBZGRyZXNzIjoiOTEuOTAuNDIuMTU0IiwiYm94IjoiMTViZjU1NDI0NGE5MzA0MjA5ZDk0MmQzYzhlZWRiZDMifX0.Jc_9q_TohlnLkSvzjsZsDbc5UvJWsi-j08w5CcX-TxY
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 10:13:33 GMT
content-type: image/png
content-length: 5144
last-modified: Mon, 02 Aug 2021 08:56:36 GMT
etag: "6107b344-1418"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
referrer-policy: unsafe-url
content-security-policy: default-src * https: data: blob: wss: 'unsafe-inline'
cf-cache-status: HIT
age: 178017
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6NhqPjTEcx6uP7vbxSQV0XXzyZ64iEM6fE3B4VQySJfkMGEQMYgLe6StNARprUj4nefM3Bt6%2BsfZcjaGuABJljcCLSMo%2F%2BEn2vUtLQx5cfSG4Kx0BqjU6WLFzUpa9P%2BXR0M2%2FlzZydterIF3gQs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 775c7d475f7eb529-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
mars-e.pumpkinospopeye.tech/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
200 OK 934 B URL HTTP/2 mars-e.pumpkinospopeye.tech/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
IP
Hash 86616449b065efaded5797f91f06cf0d
a44dc154af406a3784897a93574a34d5a8cdd72b
f4ae292ffef90a29d1604501c2217b203105ac96b48e8f47d95b4a36c0846982
GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1
Host: mars-e.pumpkinospopeye.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mars-e.pumpkinospopeye.tech/l/eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpYXQiOjE2NzA0MDgwMTMsIm5iZiI6MTY3MDQwODAxMywiZXhwIjoxNjcwNDE4ODEzLCJkYXRhIjp7ImxhbmRlck5hbWUiOiJmcm1fc2VvZW1kX3YzIiwiaXBBZGRyZXNzIjoiOTEuOTAuNDIuMTU0IiwiYm94IjoiMTViZjU1NDI0NGE5MzA0MjA5ZDk0MmQzYzhlZWRiZDMifX0.Jc_9q_TohlnLkSvzjsZsDbc5UvJWsi-j08w5CcX-TxY
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 10:13:33 GMT
content-type: application/javascript
last-modified: Fri, 02 Dec 2022 17:55:37 GMT
etag: W/"638a3c19-4d7"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dbFAOn6AqfXAWSh3NXwhbtX%2B%2FHl4MrLO5mbmAjiTahfYbQ4GKndTayhCXiQBWkt8u%2FFiAkR2eiDebLt5WnSTp%2F5xsusfLMto%2FctjG%2BfRORYnHffTxeN0eautquITKTl1EBpTn4%2B9923dDSs%2BmLE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 775c7d475f81b529-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Fri, 09 Dec 2022 10:13:33 GMT
cache-control: max-age=172800, public
content-encoding: gzip
X-Firefox-Spdy: h2
mars-e.pumpkinospopeye.tech/l/eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpYXQiOjE2NzA0MDgwMTMsIm5iZiI6MTY3MDQwODAxMywiZXhwIjoxNjcwNDE4ODEzLCJkYXRhIjp7ImxhbmRlck5hbWUiOiJmcm1fc2VvZW1kX3YzIiwiaXBBZGRyZXNzIjoiOTEuOTAuNDIuMTU0IiwiYm94IjoiMTViZjU1NDI0NGE5MzA0MjA5ZDk0MmQzYzhlZWRiZDMifX0.Jc_9q_TohlnLkSvzjsZsDbc5UvJWsi-j08w5CcX-TxY
200 OK 37 kB URL HTTP/2 mars-e.pumpkinospopeye.tech/l/eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpYXQiOjE2NzA0MDgwMTMsIm5iZiI6MTY3MDQwODAxMywiZXhwIjoxNjcwNDE4ODEzLCJkYXRhIjp7ImxhbmRlck5hbWUiOiJmcm1fc2VvZW1kX3YzIiwiaXBBZGRyZXNzIjoiOTEuOTAuNDIuMTU0IiwiYm94IjoiMTViZjU1NDI0NGE5MzA0MjA5ZDk0MmQzYzhlZWRiZDMifX0.Jc_9q_TohlnLkSvzjsZsDbc5UvJWsi-j08w5CcX-TxY
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (13899)
Hash e606e6911206c2347cccd06daf98c18c
51fe48ed1462f05b74074bf71d00a17fbfa63670
b7b7bcee2b02e02157d7eefd54d64a3ee3093ab0db503f4ac4aa3d87d26b51ea
GET /l/eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpYXQiOjE2NzA0MDgwMTMsIm5iZiI6MTY3MDQwODAxMywiZXhwIjoxNjcwNDE4ODEzLCJkYXRhIjp7ImxhbmRlck5hbWUiOiJmcm1fc2VvZW1kX3YzIiwiaXBBZGRyZXNzIjoiOTEuOTAuNDIuMTU0IiwiYm94IjoiMTViZjU1NDI0NGE5MzA0MjA5ZDk0MmQzYzhlZWRiZDMifX0.Jc_9q_TohlnLkSvzjsZsDbc5UvJWsi-j08w5CcX-TxY HTTP/1.1
Host: mars-e.pumpkinospopeye.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bitcoinera.app/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 10:13:33 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-headers: X-Requested-With, Content-Type, Accept, Origin, Authorization
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
referrer-policy: unsafe-url
content-security-policy: default-src * https: data: blob: wss: 'unsafe-inline'
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PjxHEQYKSYkMyOQnPyEWFczne9GK7cidPtoA2YZc8UjB92LilpTKylGTjW6SD5HPOfRg83rL0%2Bpxs6J07X5ogxxzdHf%2Fzdb36g1TEZ0WGEPnFBMbzwSGDTn9R9J9VrIvI7XtSVUqva6AEr1lbBw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 775c7d44ec7fb529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 30aec170d58f580f2ed4da4b92d72cc7
3b11a98ba9563f7f266e7a935e3b78bd0c0712aa
7b25e66e4383cdb29228d0451a4810eeab7d194ca81045e066c00c9467f29312
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 10:13:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.jsdelivr.net/npm/popper.js@1.16.0/dist/umd/popper.min.js
200 OK 7.5 kB URL HTTP/2 cdn.jsdelivr.net/npm/popper.js@1.16.0/dist/umd/popper.min.js
IP
File type ASCII text, with very long lines (21084)
Hash bb7a06241598a470719b1bb6d83d9fc2
ff9d85785541653a725040df1c4cc3690ad1a40d
db4ddbbcd56239c7a25af1f1c6dd086cd8143446187ff6cb2ebfb7192270ccda
GET /npm/popper.js@1.16.0/dist/umd/popper.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mars-e.pumpkinospopeye.tech
Connection: keep-alive
Referer: https://mars-e.pumpkinospopeye.tech/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 1.16.0
x-jsd-version-type: version
etag: W/"5309-YvI45zNIx3656GVCan0bfeI8uy0"
content-encoding: gzip
accept-ranges: bytes
date: Wed, 07 Dec 2022 10:13:34 GMT
age: 4261953
x-served-by: cache-fra19144-FRA, cache-bma1671-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7510
X-Firefox-Spdy: h2
rancordrive53.co/box_15bf554244a9304209d942d3c8eedbd3
301 Moved Permanently 2.2 kB URL HTTP/2 rancordrive53.co/box_15bf554244a9304209d942d3c8eedbd3
IP
File type gzip compressed data, from Unix\012- data
Hash bd3ea59ca12635e32402ec20cb196249
b1bfdaba4a00c2932245ff9eabea38016f9c9069
b99f8f79de257275fdbf6a8e0eb4652b0d69429552234b1f444c08ae85000341
GET /box_15bf554244a9304209d942d3c8eedbd3 HTTP/1.1
Host: rancordrive53.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bitcoinera.app/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Wed, 07 Dec 2022 10:13:33 GMT
content-type: text/html; charset=UTF-8
location: https://mars-e.pumpkinospopeye.tech/l/eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpYXQiOjE2NzA0MDgwMTMsIm5iZiI6MTY3MDQwODAxMywiZXhwIjoxNjcwNDE4ODEzLCJkYXRhIjp7ImxhbmRlck5hbWUiOiJmcm1fc2VvZW1kX3YzIiwiaXBBZGRyZXNzIjoiOTEuOTAuNDIuMTU0IiwiYm94IjoiMTViZjU1NDI0NGE5MzA0MjA5ZDk0MmQzYzhlZWRiZDMifX0.Jc_9q_TohlnLkSvzjsZsDbc5UvJWsi-j08w5CcX-TxY
set-cookie: dfx=dd12578ea11c2bac3edaa3e2e893eb3971cb7195; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-headers: X-Requested-With, Content-Type, Accept, Origin, Authorization
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
referrer-policy: unsafe-url
content-security-policy: default-src * https: data: blob: wss: 'unsafe-inline'
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FtS4VulxXbH6pj6yXA7ZHmnWwXHuEb90dnCtyI5riaqn%2BHe7ZLJVCZns8viA5acpUMr6bf%2FDXEV1FHTPtiqnUR1ZdSgA8wtH7twirMVLCJgH%2BU3vgBu%2FtcRim0YDXqbPDuJH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 775c7d401b15b521-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash 3025b4c51fa49b1cfb04323171de5be1
2e90e313500f8c8614913c7adb2451f11a2e097e
4bc8b08368c851da85093a4e4c054555aa6091ad97f042e971ab106f511f033e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5229
Cache-Control: max-age=166503
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 10:13:34 GMT
Etag: "63903a48-117"
Expires: Fri, 09 Dec 2022 08:28:37 GMT
Last-Modified: Wed, 07 Dec 2022 07:01:28 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 279
cdn.jsdelivr.net/npm/select2@4.1.0-rc.0/dist/js/select2.min.js
200 OK 20 kB URL HTTP/2 cdn.jsdelivr.net/npm/select2@4.1.0-rc.0/dist/js/select2.min.js
IP
File type Unicode text, UTF-8 text, with very long lines (64127)
Hash 2ff9038e0ea149f83bacea6b898eef55
3930c67bc04d95145979becfea88e72fe99a25f0
49e5cc9c21a15e435371877c9b98450667b8e236d84df33d4b8ec182b7d5dd13
GET /npm/select2@4.1.0-rc.0/dist/js/select2.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mars-e.pumpkinospopeye.tech
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 4.1.0-rc.0
x-jsd-version-type: version
etag: W/"11dcb-beEOdKmS/KFegD2RDRMPgmYxy4Y"
content-encoding: gzip
accept-ranges: bytes
date: Wed, 07 Dec 2022 10:13:34 GMT
age: 15261349
x-served-by: cache-fra19130-FRA, cache-bma1671-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 20012
X-Firefox-Spdy: h2
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP
Hash 034d4024dfa2171afc78a192a9cc3e54
e2639b3c6fc67a7a93be9c32766dc51d68bc8835
a7eb3ecc7ee2e0401cd23188389fde27199bcf5f7a4ca3cf175719365e9a627d
POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 10:13:34 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "AAD1AFC0B39630F95DDD48FDA2DCF599224EF635"
Expires: Wed, 07 Dec 2022 21:00:00 GMT
Last-Modified: Wed, 07 Dec 2022 09:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 697
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 775c7d480afab4f4-OSL
www.googletagmanager.com/gtag/js?id=G-XCNCMHSGXF
200 OK 76 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-XCNCMHSGXF
IP
File type ASCII text, with very long lines (20080)
Hash 8e1f10e9471bb8e4cd55db1e854e0a2d
25ec6722744b13d4d9d8807bf03b4fe0777b2c63
a11f176b84804862f4393a4b68fdc8b6d8c467e93c5730ce852a7e33df48b162
GET /gtag/js?id=G-XCNCMHSGXF HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mars-e.pumpkinospopeye.tech/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 07 Dec 2022 10:13:34 GMT
expires: Wed, 07 Dec 2022 10:13:34 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 76334
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15120
Expires: Wed, 07 Dec 2022 14:25:34 GMT
Date: Wed, 07 Dec 2022 10:13:34 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15120
Expires: Wed, 07 Dec 2022 14:25:34 GMT
Date: Wed, 07 Dec 2022 10:13:34 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 30aec170d58f580f2ed4da4b92d72cc7
3b11a98ba9563f7f266e7a935e3b78bd0c0712aa
7b25e66e4383cdb29228d0451a4810eeab7d194ca81045e066c00c9467f29312
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 10:13:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc696fe00-4af0-41c0-a10e-ba5dcc55c22b.jpeg
200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc696fe00-4af0-41c0-a10e-ba5dcc55c22b.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f4193f05dfd1de8bf795f433d4387243
b76ea6ae9df756f131ec16b01cdc7ab19b2d01be
b56231f3c788519751528b849a442d5c7ed828ea4ce3321fd629ca27440ea6e3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc696fe00-4af0-41c0-a10e-ba5dcc55c22b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6920
x-amzn-requestid: e8fd4184-16b2-4174-9b14-074386b04dcb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cuXZpEXMoAMF1MQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638f390a-58acf5140350736c18f94ff5;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 12:43:54 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: DsznPl3Xshc76_XzIE3AJTK5ZZXVowWj5PaL3UoDKae5MnBNVjPsuw==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 22:06:00 GMT
age: 43654
etag: "b76ea6ae9df756f131ec16b01cdc7ab19b2d01be"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b15136d60fd0a5e0f657a4f5c75d540f
36082b7329d473829178f280cb71a83b1531e486
79478269b1f5dcfd1e45ccd4264fa44805b37c5c8fec820bcbd2fa1689dfbbd8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11224
x-amzn-requestid: 938de0b8-1055-4416-9ad7-162ab5f4db9f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csUINEwdoAMFuOw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e6701-38b079ef341bb17e567de773;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:47:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ViuPsZBEVJ-aGOcsfrl3nXu244mzMUMQVhpPeNlO7W3sBrrfuUfXpA==
via: 1.1 f0ac467993db44dbfc36b778dfcaf73c.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 22:32:04 GMT
age: 42090
etag: "36082b7329d473829178f280cb71a83b1531e486"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2e5de346-6863-4521-9b1c-e74cf4df1d53.jpeg
200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2e5de346-6863-4521-9b1c-e74cf4df1d53.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2409529ecac5140de749d864da85af0d
99f431b4ca446996dbacb969440e2ecfb11fd9e0
81b379b16874d6644b0cf63e02c5174e44a40ab7cb4f4727bb96ad44bfcaa72f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2e5de346-6863-4521-9b1c-e74cf4df1d53.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6422
x-amzn-requestid: 6d0cc220-31bc-4815-ade5-7e3e5403f39f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cniYTGgRoAMF5lA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638c7dce-64fbea8330a62e4f741c0c4e;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 11:00:30 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Ww1ouNhiKEmc1TDn6Gwr7crmeiy6pztTeSbEd4Iw6PB_nS4hsDFgbw==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 07:52:33 GMT
age: 8461
etag: "99f431b4ca446996dbacb969440e2ecfb11fd9e0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffe93cbd-4506-4ab1-b0ea-94eabecae7b9.jpeg
200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffe93cbd-4506-4ab1-b0ea-94eabecae7b9.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 210b27f5f6310d8fad640acce3d9ae0e
08d241e56622cb900754d95bc5d58ed8826d9f32
64410e13759cdfa24976dcba0c64aca27edc3ee56358f344e55f60793422e3ea
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffe93cbd-4506-4ab1-b0ea-94eabecae7b9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6557
x-amzn-requestid: 0232ddcd-8274-431e-a55e-8298fbfd6dfc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cmcuMG6bIAMFUng=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638c0e5a-3cc17121425f87321ce7ae7e;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 03:04:58 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: va_vly0iX6rzm_aTWrryPRjoTWlI-_0m6rpS6VrTx-nsd71dk1cSZw==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 06:11:41 GMT
age: 14513
etag: "08d241e56622cb900754d95bc5d58ed8826d9f32"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F01b6b798-4c76-47d4-ae22-c8967b0f2c5c.jpeg
200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F01b6b798-4c76-47d4-ae22-c8967b0f2c5c.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9fda84db003d0cfc70d73dcb6a3763dd
5c54b4ca3db1c975b3ad7f780f0ebdc867fc2ef4
f00aa6b88dd85164d8f6ee685937a3ca8039b98b442a2e6aede1c4c421b4fc4c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F01b6b798-4c76-47d4-ae22-c8967b0f2c5c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8997
x-amzn-requestid: 54d7ed8c-119c-4583-929c-fd053524814c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csT_8F78IAMFY6Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e66cc-3d9816725e7e0b1b3404bc4a;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:46:52 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: FjScmvs74slr4Mr8vhQLRNh-88KqMx4L1FwNKdBwbUUPDuu1ivOuoQ==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 21:47:19 GMT
age: 44775
etag: "5c54b4ca3db1c975b3ad7f780f0ebdc867fc2ef4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
bat.bing.com/bat.js
200 OK 12 kB IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (39124), with no line terminators
Hash d925a898de26295fdebfc90203ef46fa
77dd3f5893b76530e08058d50e8f9aef017e80c7
8f4a413fec7e48f5ac290f4596fef33b6396e7fb31080ec0203a5ec817d140c8
GET /bat.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mars-e.pumpkinospopeye.tech/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: private,max-age=1800
content-length: 11460
content-type: application/javascript
content-encoding: gzip
last-modified: Mon, 05 Dec 2022 17:15:50 GMT
accept-ranges: bytes
etag: "027e538cd8d91:0"
vary: Accept-Encoding
set-cookie: MUID=1B2249FD657E608C04EB5B8E648B613A; domain=.bing.com; expires=Mon, 01-Jan-2024 10:13:34 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 2BF0BD8A09C746FCAB51361F81EB549A Ref B: OSL30EDGE0517 Ref C: 2022-12-07T10:13:34Z
date: Wed, 07 Dec 2022 10:13:33 GMT
X-Firefox-Spdy: h2
bat.bing.com/action/0?ti={{btag}}&Ver=2&mid=5e311fd8-00f0-4ce1-90c5-2424eada824e&sid=ce876680761711ed83be63e1aafe8195&vid=ce878aa0761711ed94608f5daf2cafed&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=NO%20-%20Bitcoin%20Up&p=https%3A%2F%2Fbitcoinera.app%2F&r=<=1599&evt=pageLoad&ifm=1&sv=1&rn=190938
204 No Content 0 B URL HTTP/2 bat.bing.com/action/0?ti={{btag}}&Ver=2&mid=5e311fd8-00f0-4ce1-90c5-2424eada824e&sid=ce876680761711ed83be63e1aafe8195&vid=ce878aa0761711ed94608f5daf2cafed&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=NO%20-%20Bitcoin%20Up&p=https%3A%2F%2Fbitcoinera.app%2F&r=<=1599&evt=pageLoad&ifm=1&sv=1&rn=190938
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /action/0?ti={{btag}}&Ver=2&mid=5e311fd8-00f0-4ce1-90c5-2424eada824e&sid=ce876680761711ed83be63e1aafe8195&vid=ce878aa0761711ed94608f5daf2cafed&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=NO%20-%20Bitcoin%20Up&p=https%3A%2F%2Fbitcoinera.app%2F&r=<=1599&evt=pageLoad&ifm=1&sv=1&rn=190938 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mars-e.pumpkinospopeye.tech/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=3CE663E3AA7C642231F87190AB896599; domain=.bing.com; expires=Mon, 01-Jan-2024 10:13:34 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 4E264AC4634E40D69D13BDDF8D45C0FC Ref B: OSL30EDGE0517 Ref C: 2022-12-07T10:13:34Z
date: Wed, 07 Dec 2022 10:13:33 GMT
X-Firefox-Spdy: h2
bat.bing.com/p/action/%7B%7Bbtag%7D%7D.js
204 No Content 0 B URL HTTP/2 bat.bing.com/p/action/%7B%7Bbtag%7D%7D.js
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p/action/%7B%7Bbtag%7D%7D.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mars-e.pumpkinospopeye.tech/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: private,max-age=1800
set-cookie: MUID=35AF6050BB236005201A7223BAD66118; domain=.bing.com; expires=Mon, 01-Jan-2024 10:13:34 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-powered-by: ARR/3.0
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 6C7CFB1BD4DF41B8977907DD05AE9C45 Ref B: OSL30EDGE0517 Ref C: 2022-12-07T10:13:34Z
date: Wed, 07 Dec 2022 10:13:33 GMT
X-Firefox-Spdy: h2
bat.bing.com/action/0?ti={{btag}}&Ver=2&mid=2f0806c8-07f2-4811-8c21-0e4da43893e1&sid=ce876680761711ed83be63e1aafe8195&vid=ce878aa0761711ed94608f5daf2cafed&vids=0&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=NO%20-%20Bitcoin%20Up&p=https%3A%2F%2Fbitcoinera.app%2F&r=<=1814&evt=pageLoad&ifm=1&sv=1&rn=405765
204 No Content 0 B URL HTTP/2 bat.bing.com/action/0?ti={{btag}}&Ver=2&mid=2f0806c8-07f2-4811-8c21-0e4da43893e1&sid=ce876680761711ed83be63e1aafe8195&vid=ce878aa0761711ed94608f5daf2cafed&vids=0&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=NO%20-%20Bitcoin%20Up&p=https%3A%2F%2Fbitcoinera.app%2F&r=<=1814&evt=pageLoad&ifm=1&sv=1&rn=405765
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /action/0?ti={{btag}}&Ver=2&mid=2f0806c8-07f2-4811-8c21-0e4da43893e1&sid=ce876680761711ed83be63e1aafe8195&vid=ce878aa0761711ed94608f5daf2cafed&vids=0&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=NO%20-%20Bitcoin%20Up&p=https%3A%2F%2Fbitcoinera.app%2F&r=<=1814&evt=pageLoad&ifm=1&sv=1&rn=405765 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mars-e.pumpkinospopeye.tech/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=2D1606B3CD476DDB080514C0CCB26CD7; domain=.bing.com; expires=Mon, 01-Jan-2024 10:13:34 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: C4460B09E64A427D8F23AD19A4596D12 Ref B: OSL30EDGE0517 Ref C: 2022-12-07T10:13:34Z
date: Wed, 07 Dec 2022 10:13:34 GMT
X-Firefox-Spdy: h2
rancordrive53.co/box_15bf554244a9304209d942d3c8eedbd3
301 Moved Permanently 0 B URL HTTP/2 rancordrive53.co/box_15bf554244a9304209d942d3c8eedbd3
IP
GET /box_15bf554244a9304209d942d3c8eedbd3 HTTP/1.1
Host: rancordrive53.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bitcoinera.app/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
date: Wed, 07 Dec 2022 10:13:33 GMT
content-type: text/html; charset=UTF-8
location: https://mars-e.pumpkinospopeye.tech/l/eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpYXQiOjE2NzA0MDgwMTMsIm5iZiI6MTY3MDQwODAxMywiZXhwIjoxNjcwNDE4ODEzLCJkYXRhIjp7ImxhbmRlck5hbWUiOiJmcm1fc2VvZW1kX3YzIiwiaXBBZGRyZXNzIjoiOTEuOTAuNDIuMTU0IiwiYm94IjoiMTViZjU1NDI0NGE5MzA0MjA5ZDk0MmQzYzhlZWRiZDMifX0.Jc_9q_TohlnLkSvzjsZsDbc5UvJWsi-j08w5CcX-TxY
set-cookie: dfx=dd12578ea11c2bac3edaa3e2e893eb3971cb7195; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-headers: X-Requested-With, Content-Type, Accept, Origin, Authorization
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
referrer-policy: unsafe-url
content-security-policy: default-src * https: data: blob: wss: 'unsafe-inline'
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LHK6WDdr%2BcnHE1y323gJVAP%2FAQIa2xWyOfhCUkuW9QuwT7lPmAmubTuHgiOhodlVdw1rmfeN4T3HVRqO2VS5Y9UQ6UU8Ope%2Bu5ABuQ69jjoT7nZVO0HZ0dcG5WSIrQMuSHaP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 775c7d441876b521-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
stackpath.bootstrapcdn.com/bootstrap/4.4.1/js/bootstrap.min.js
200 OK 0 B URL HTTP/2 stackpath.bootstrapcdn.com/bootstrap/4.4.1/js/bootstrap.min.js
IP
GET /bootstrap/4.4.1/js/bootstrap.min.js HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mars-e.pumpkinospopeye.tech
Connection: keep-alive
Referer: https://mars-e.pumpkinospopeye.tech/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 07 Dec 2022 10:13:34 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"61f338f870fcd0ff46362ef109d28533"
last-modified: Mon, 25 Jan 2021 22:04:09 GMT
cdn-cachedat: 08/18/2022 19:50:46
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 752
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: f6e7a0512a4ef8cf9eae1dfea4dc364c
cdn-cache: HIT
cf-cache-status: HIT
age: 29950
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 775c7d478b3db524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
mars-e.pumpkinospopeye.tech/click/frm_seoemd_v3/assets/bitcoin_trder_styles.css
200 OK 0 B URL HTTP/2 mars-e.pumpkinospopeye.tech/click/frm_seoemd_v3/assets/bitcoin_trder_styles.css
IP
GET /click/frm_seoemd_v3/assets/bitcoin_trder_styles.css HTTP/1.1
Host: mars-e.pumpkinospopeye.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://mars-e.pumpkinospopeye.tech/l/eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpYXQiOjE2NzA0MDgwMTMsIm5iZiI6MTY3MDQwODAxMywiZXhwIjoxNjcwNDE4ODEzLCJkYXRhIjp7ImxhbmRlck5hbWUiOiJmcm1fc2VvZW1kX3YzIiwiaXBBZGRyZXNzIjoiOTEuOTAuNDIuMTU0IiwiYm94IjoiMTViZjU1NDI0NGE5MzA0MjA5ZDk0MmQzYzhlZWRiZDMifX0.Jc_9q_TohlnLkSvzjsZsDbc5UvJWsi-j08w5CcX-TxY
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 07 Dec 2022 10:13:33 GMT
content-type: text/css
last-modified: Thu, 24 Mar 2022 12:00:38 GMT
vary: Accept-Encoding
etag: W/"623c5d66-1449"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
referrer-policy: unsafe-url
content-security-policy: default-src * https: data: blob: wss: 'unsafe-inline'
cf-cache-status: HIT
age: 178017
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B%2Bja5Md1pjLmK9Y5dwgzjh2p%2F2ufhUETT5tpJ3jaCSHRHVhCSkcF9dJeebtavSukkQOZRqlTU2mVk%2Bbo6yscULUhWReutBXAStXw8%2BGbYKTgVxacd1mgB4YAwOZfFYPWLiqklJqjE5grRKKLAGQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 775c7d474f65b529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
bitcoinera.app/
200 OK 0 B IP
Analyzer Verdict Alert quad9 Sinkholed
GET / HTTP/1.1
Host: bitcoinera.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Wed, 07 Dec 2022 10:13:31 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-cache-enabled: True
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
link: <https://bitcoinera.app/wp-json/>; rel="https://api.w.org/", <https://bitcoinera.app/wp-json/wp/v2/pages/322>; rel="alternate"; type="application/json", <https://bitcoinera.app/>; rel=shortlink
x-httpd-modphp: 1
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache: HIT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b%2Bm%2F4J3Ng%2B%2FT18S91ewak6DK5IXvaRrOYbEWXh0JivNcvyaxrGlkqD5UTdlA4UJqcsoC%2BIakmbltAM%2FkPI%2FI%2BGjSRCL9%2BtnRF51Hw%2Fn%2BiNGp8fD3R3d8uIiXRigd8ss6Sw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 775c7d39881f0b02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Lato:100,300,400,700,900&display=swap
200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Lato:100,300,400,700,900&display=swap
IP
GET /css?family=Lato:100,300,400,700,900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bitcoinera.app/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 07 Dec 2022 10:13:32 GMT
date: Wed, 07 Dec 2022 10:13:32 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
104.21.96.59
142.250.74.131
104.18.21.226
95.101.11.115
93.184.220.29