firefox.settings.services.mozilla.com/v1/
13.224.245.35200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 13.224.245.35:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sat, 24 Sep 2022 14:05:41 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 6301016ccf61750ec7dd668279788376.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR62-C3
X-Amz-Cf-Id: M5nGMoYvTsn3EJaizakU_ZmIkSs6SdnYtcZ_DBBYpowV-GRYX0INHw==
Age: 86
ujyaalochitwan.blogspot.com/2016/08/blog-post_511.html?m=1
142.250.74.161301 Moved Permanently 205 B URL HTTP/1.1 ujyaalochitwan.blogspot.com/2016/08/blog-post_511.html?m=1
IP 142.250.74.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash d682ae2ac4d05ec78bf83d1c97fb0b60
4551f243e85b60e91d9109a938ac3b6bf336da93
7d92f7f3bc533e98d14fa7e7552fc7cc7305a37abed0be3158b2a552fb6a9d78
Analyzer Verdict Alert fortinet Malware
GET /2016/08/blog-post_511.html?m=1 HTTP/1.1
Host: ujyaalochitwan.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Location: https://ujyaalochitwan.blogspot.com/2016/08/blog-post_511.html?m=1
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Sat, 24 Sep 2022 14:07:07 GMT
Expires: Sat, 24 Sep 2022 14:07:07 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 205
Server: GSE
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 09a973de929ab7452edc342c780d3668
3f14f6e0a36f76863c0aea6fb561c266404a7ea3
e82ca5f310e37267fbf792427747e65c2bb35e684d3f629c0aa302f688bc4f80
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E82CA5F310E37267FBF792427747E65C2BB35E684D3F629C0AA302F688BC4F80"
Last-Modified: Fri, 23 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8754
Expires: Sat, 24 Sep 2022 16:33:01 GMT
Date: Sat, 24 Sep 2022 14:07:07 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
13.224.245.66200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 13.224.245.66:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sat, 24 Sep 2022 04:13:03 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 c4ff0051ca0c026ecfda9d67a3f79e8a.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR62-C3
x-amz-cf-id: O2FkYFrTSwcXIwrnGsRTZIj-1AQ9DwFzn18mxzkDy3dI9W-8Dws-Tg==
age: 35644
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 87f943bbdb905bb7d98cd09ed471f1cb
8aa4bc6edf772758a59d9c4be16583a8fd8c96a3
a22b7ec1475d498aeb0e8eb80aef4f424c5d2651ee231650b116c739273dc4e5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 14:07:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 14:07:07 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ujyaalochitwan.blogspot.com/2016/08/blog-post_511.html?m=1
142.250.74.161200 OK 11 kB URL HTTP/2 ujyaalochitwan.blogspot.com/2016/08/blog-post_511.html?m=1
IP 142.250.74.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (6214)
Hash 464b86665af3078bca89d1c65291c6de
c0b6b2bec2ec5ccf5f83d026de3822db9626cd09
ab8fe1784dea60d117f7860ab5a08960581d18d1f779a3b3f49232fcd54fc6b3
Analyzer Verdict Alert fortinet Malware
GET /2016/08/blog-post_511.html?m=1 HTTP/1.1
Host: ujyaalochitwan.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
expires: Sat, 24 Sep 2022 14:07:08 GMT
date: Sat, 24 Sep 2022 14:07:08 GMT
cache-control: private, max-age=0
last-modified: Tue, 05 Apr 2022 16:42:15 GMT
etag: W/"23a6be29867f2bc41a1ce324dd702a9cd724015f85db34dd6cf81c8db721abe0"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 10623
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
13.224.245.35200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 13.224.245.35:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Expires, Backoff, ETag, Last-Modified, Pragma, Cache-Control, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Sat, 24 Sep 2022 13:20:46 GMT
Expires: Sat, 24 Sep 2022 13:51:24 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 87641e1239bec79625df251e657d6b44.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR62-C3
X-Amz-Cf-Id: FQnXunjyM4nFsO2Ypnl0fiV9o3lA5wbOUn9P72KnjCzcXundg-KkyQ==
Age: 2782
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 87f943bbdb905bb7d98cd09ed471f1cb
8aa4bc6edf772758a59d9c4be16583a8fd8c96a3
a22b7ec1475d498aeb0e8eb80aef4f424c5d2651ee231650b116c739273dc4e5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 14:07:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a7809de115ea73f8b61f3d20a9978493
01fc65a2b694d7aadd5204d21801e87b2b55b73e
72692486033feeb149424c59576c6c75b17228dfc89b4c369d2e17cc4bff3d52
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3997
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 14:07:08 GMT
Last-Modified: Sat, 24 Sep 2022 13:00:31 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 04e873763c0e6e10784b42fa55f10039
02d40b9831cb977e35f3d003515f24d4570efac3
a3f90bd7f0e9d96a3405a9bc52650f338c4e8befbfbe09cc5da2b7778e409713
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 14:07:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 04e873763c0e6e10784b42fa55f10039
02d40b9831cb977e35f3d003515f24d4570efac3
a3f90bd7f0e9d96a3405a9bc52650f338c4e8befbfbe09cc5da2b7778e409713
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 14:07:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blogger.com/static/v1/widgets/1539816172-widget_css_mobile_2_bundle.css
216.58.207.201200 OK 4.9 kB URL HTTP/2 www.blogger.com/static/v1/widgets/1539816172-widget_css_mobile_2_bundle.css
IP 216.58.207.201:0
File type ASCII text, with very long lines (20429)
Hash 42a315e6d7137beb467b74d8369c93d1
7f98dea4976b140ad5b5f66e83ba5ed3ed7b348d
5eb4152d80d1cce54e75c59fbe6ee213f80e5cbe09d3a52c9764db39cab71945
GET /static/v1/widgets/1539816172-widget_css_mobile_2_bundle.css HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ujyaalochitwan.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 4934
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 21:07:29 GMT
expires: Thu, 21 Sep 2023 21:07:29 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 20 Sep 2022 23:54:43 GMT
content-type: text/css
age: 233979
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 74699b8a18081d931bc11ce2d1d0764d
92133bf4512718a118b4bab6957092a1e8856abf
5b19e1304b7bec5dc60c9c1877e812cb27fd9b9aa66f94f92afbeb3702ed030d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 14:07:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blogger.com/static/v1/widgets/1416043673-widgets.js
216.58.207.201200 OK 57 kB URL HTTP/2 www.blogger.com/static/v1/widgets/1416043673-widgets.js
IP 216.58.207.201:0
File type ASCII text, with very long lines (2221)
Hash c6aef9cbd2abf926a23970b70f8a24c2
78972b4f41a7d2580c383da41e3a472c4cfc647a
111111066b8f3fddcd24cedce8c4e8b93a1d9e9b8e3f5f2959172da5adda14b6
GET /static/v1/widgets/1416043673-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ujyaalochitwan.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 56913
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 02:21:33 GMT
expires: Thu, 21 Sep 2023 02:21:33 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 21 Sep 2022 00:51:51 GMT
content-type: text/javascript
age: 301535
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pagead2.googlesyndication.com/pagead/js/google_top_exp.js
142.250.74.98200 OK 67 B URL HTTP/2 pagead2.googlesyndication.com/pagead/js/google_top_exp.js
IP 142.250.74.98:0
Hash 9bbc3ca32ec951a484589ce0e6b4db73
753d6f6183b33b2dee5dde2208fca91c17f5bb13
b8f16a16d2a7ea39a9cc079fdbe3af7d31393d62a853668bdd549e0a0311cb3c
GET /pagead/js/google_top_exp.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ujyaalochitwan.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 67
x-xss-protection: 0
date: Fri, 23 Sep 2022 22:16:52 GMT
expires: Fri, 07 Oct 2022 22:16:52 GMT
cache-control: public, max-age=1209600
age: 57016
etag: 13036835877489095579
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 04e873763c0e6e10784b42fa55f10039
02d40b9831cb977e35f3d003515f24d4570efac3
a3f90bd7f0e9d96a3405a9bc52650f338c4e8befbfbe09cc5da2b7778e409713
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 14:07:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 74699b8a18081d931bc11ce2d1d0764d
92133bf4512718a118b4bab6957092a1e8856abf
5b19e1304b7bec5dc60c9c1877e812cb27fd9b9aa66f94f92afbeb3702ed030d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 14:07:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
54.200.107.47101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.200.107.47:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 1eU0ot9Sst/5nZJnHNSj9A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 8wbwIgWl3eB+73HqCH+fpWn8SIM=
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4936176c8ef1d418955a321c1889fa19
56cf7d3f8df8a9e1ab867163f910558dc5c57c0e
5c9dbbfedb405b441ad70dfc343140e13f5b66ec2d38da9933ccd40df5cd7e34
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5C9DBBFEDB405B441AD70DFC343140E13F5B66EC2D38DA9933CCD40DF5CD7E34"
Last-Modified: Thu, 22 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18507
Expires: Sat, 24 Sep 2022 19:15:35 GMT
Date: Sat, 24 Sep 2022 14:07:08 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 55cfc8d8c7cf5d3c9035c880138cd435
301e14e20f91a147cb2d4b71ef5388d0921fbf7f
ccd8a583eb40b496fa58c0ff120c4205eb23a842e18c03a88d25f29b5ba8e052
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CCD8A583EB40B496FA58C0FF120C4205EB23A842E18C03A88D25F29B5BA8E052"
Last-Modified: Thu, 22 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21598
Expires: Sat, 24 Sep 2022 20:07:06 GMT
Date: Sat, 24 Sep 2022 14:07:08 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 55cfc8d8c7cf5d3c9035c880138cd435
301e14e20f91a147cb2d4b71ef5388d0921fbf7f
ccd8a583eb40b496fa58c0ff120c4205eb23a842e18c03a88d25f29b5ba8e052
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CCD8A583EB40B496FA58C0FF120C4205EB23A842E18C03A88D25F29B5BA8E052"
Last-Modified: Thu, 22 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21527
Expires: Sat, 24 Sep 2022 20:05:55 GMT
Date: Sat, 24 Sep 2022 14:07:08 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 55cfc8d8c7cf5d3c9035c880138cd435
301e14e20f91a147cb2d4b71ef5388d0921fbf7f
ccd8a583eb40b496fa58c0ff120c4205eb23a842e18c03a88d25f29b5ba8e052
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CCD8A583EB40B496FA58C0FF120C4205EB23A842E18C03A88D25F29B5BA8E052"
Last-Modified: Thu, 22 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21544
Expires: Sat, 24 Sep 2022 20:06:12 GMT
Date: Sat, 24 Sep 2022 14:07:08 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 55cfc8d8c7cf5d3c9035c880138cd435
301e14e20f91a147cb2d4b71ef5388d0921fbf7f
ccd8a583eb40b496fa58c0ff120c4205eb23a842e18c03a88d25f29b5ba8e052
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CCD8A583EB40B496FA58C0FF120C4205EB23A842E18C03A88D25F29B5BA8E052"
Last-Modified: Thu, 22 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Sat, 24 Sep 2022 20:07:08 GMT
Date: Sat, 24 Sep 2022 14:07:08 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a02d14380b3cf66e7e85e88faf889282
1d73662c4a6b90abc7956d810c117db06fb4bb75
6dce8951415c36f9bc080d615f189540fc8c1da47fe7e880419854d59fc85f46
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6DCE8951415C36F9BC080D615F189540FC8C1DA47FE7E880419854D59FC85F46"
Last-Modified: Fri, 23 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Sat, 24 Sep 2022 20:07:08 GMT
Date: Sat, 24 Sep 2022 14:07:08 GMT
Connection: keep-alive
ylx-3.com/trk/?dc03db4332e9176621f11c2b275df737
185.66.200.221200 OK 43 B URL HTTP/2 ylx-3.com/trk/?dc03db4332e9176621f11c2b275df737
IP 185.66.200.221:0
ASN #201702 skHosting.eu s.r.o.
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /trk/?dc03db4332e9176621f11c2b275df737 HTTP/1.1
Host: ylx-3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ylx-3.com/show.php?u8151664028428=true&ad=673873&f=728x90&a=625611&cri=0&s=MjBlYTE4NjA1YTJiNWFmZjU4MmZmZDBiMjViODFmYTM=&u=777952&si=851458728&di=39551905&ci=16&h=dc03db4332e9176621f11c2b275df737&cc=NO&https=1&useAf=loaded_string_511535b0bce9d250429df012c0426f88d0bd_2633299_1664028428.9668_95945&capSettings=eWx4LTMuY29tfDUwMDAwMHwyNHw1MTg1Ng==&ar=aHR0cHM6Ly91anlhYWxvY2hpdHdhbi5ibG9nc3BvdC5jb20v
Cookie: used_ad2633299=1; total_impressions=1; cpa_673873=728x90_851458728_0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 14:07:09 GMT
content-type: image/gif
content-length: 43
last-modified: Sat, 24 Sep 2022 14:07:09 GMT
x-robots-tag: noindex, nofollow, noarchive, nosnippet
pragma-directive: no-cache
cache-directive: no-cache
cache-control: public, no-cache
pragma: no-cache
expires: 0
X-Firefox-Spdy: h2
www.blogger.com/dyn-css/authorization.css?targetBlogID=1218425079316799059&zx=3df00610-9d37-4c5b-96af-ca0fad041401
216.58.207.201200 OK 21 B URL HTTP/2 www.blogger.com/dyn-css/authorization.css?targetBlogID=1218425079316799059&zx=3df00610-9d37-4c5b-96af-ca0fad041401
IP 216.58.207.201:0
File type very short file (no magic)
Hash a62e4d501434033d5d177e67d3aafdd0
34f7300c9ed47334cf10826d57af785321e3138b
b0cabcbfed4b1830ab1956efbd2eec32289a968323cb854a47ef98360ed0f522
GET /dyn-css/authorization.css?targetBlogID=1218425079316799059&zx=3df00610-9d37-4c5b-96af-ca0fad041401 HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ujyaalochitwan.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 24 Sep 2022 14:07:09 GMT
last-modified: Sat, 24 Sep 2022 14:07:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-length: 21
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ylx-3.com/show.php?u26721664028429=true&ad=673873&f=728x90&a=625611&cri=0&s=MjBlYTE4NjA1YTJiNWFmZjU4MmZmZDBiMjViODFmYTM=&u=777952&si=851458728&di=39551905&ci=16&h=b32195be0a65243667cd617b4d7ec84e&cc=NO&https=1&useAf=loaded_string_595035b0bce9d250429df012c0426f88d0bd_2633299_1664028429.0534_57671&capSettings=eWx4LTMuY29tfDUwMDAwMHwyNHw1MTg1Ng==&ar=aHR0cHM6Ly91anlhYWxvY2hpdHdhbi5ibG9nc3BvdC5jb20v
185.66.200.221200 OK 1.8 kB URL HTTP/2 ylx-3.com/show.php?u26721664028429=true&ad=673873&f=728x90&a=625611&cri=0&s=MjBlYTE4NjA1YTJiNWFmZjU4MmZmZDBiMjViODFmYTM=&u=777952&si=851458728&di=39551905&ci=16&h=b32195be0a65243667cd617b4d7ec84e&cc=NO&https=1&useAf=loaded_string_595035b0bce9d250429df012c0426f88d0bd_2633299_1664028429.0534_57671&capSettings=eWx4LTMuY29tfDUwMDAwMHwyNHw1MTg1Ng==&ar=aHR0cHM6Ly91anlhYWxvY2hpdHdhbi5ibG9nc3BvdC5jb20v
IP 185.66.200.221:0
ASN #201702 skHosting.eu s.r.o.
Hash b60db714d069f5a72ce46c04d4a71b11
f89423b53617fb8d07bc77f369536ff98443f3e4
72e3c74288ba8f189f8c9e41ee6faa3f8b7664d0fbf585804f8fc472445fdeff
GET /show.php?u26721664028429=true&ad=673873&f=728x90&a=625611&cri=0&s=MjBlYTE4NjA1YTJiNWFmZjU4MmZmZDBiMjViODFmYTM=&u=777952&si=851458728&di=39551905&ci=16&h=b32195be0a65243667cd617b4d7ec84e&cc=NO&https=1&useAf=loaded_string_595035b0bce9d250429df012c0426f88d0bd_2633299_1664028429.0534_57671&capSettings=eWx4LTMuY29tfDUwMDAwMHwyNHw1MTg1Ng==&ar=aHR0cHM6Ly91anlhYWxvY2hpdHdhbi5ibG9nc3BvdC5jb20v HTTP/1.1
Host: ylx-3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ylx-3.com/banner_show.php?section=General&pub=777952&format=728x90&ga=g&https=1
Cookie: used_ad2633299=1; total_impressions=1; cpa_673873=728x90_851458728_0; used_ad2558647=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 14:07:09 GMT
content-type: text/html; charset=UTF-8
expires: Sat, 24 Sep 2022 14:07:09 GMT
last-modified: Sat, 24 Sep 2022 14:07:09 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-robots-tag: noindex, nofollow, noarchive, nosnippet
X-Firefox-Spdy: h2
ylx-3.com/trk/?b32195be0a65243667cd617b4d7ec84e
185.66.200.221200 OK 43 B URL HTTP/2 ylx-3.com/trk/?b32195be0a65243667cd617b4d7ec84e
IP 185.66.200.221:0
ASN #201702 skHosting.eu s.r.o.
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /trk/?b32195be0a65243667cd617b4d7ec84e HTTP/1.1
Host: ylx-3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ylx-3.com/show.php?u26721664028429=true&ad=673873&f=728x90&a=625611&cri=0&s=MjBlYTE4NjA1YTJiNWFmZjU4MmZmZDBiMjViODFmYTM=&u=777952&si=851458728&di=39551905&ci=16&h=b32195be0a65243667cd617b4d7ec84e&cc=NO&https=1&useAf=loaded_string_595035b0bce9d250429df012c0426f88d0bd_2633299_1664028429.0534_57671&capSettings=eWx4LTMuY29tfDUwMDAwMHwyNHw1MTg1Ng==&ar=aHR0cHM6Ly91anlhYWxvY2hpdHdhbi5ibG9nc3BvdC5jb20v
Cookie: used_ad2633299=1; total_impressions=1; cpa_673873=728x90_851458728_0; used_ad2558647=1; used_ad2633386=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 14:07:09 GMT
content-type: image/gif
content-length: 43
last-modified: Sat, 24 Sep 2022 14:07:09 GMT
x-robots-tag: noindex, nofollow, noarchive, nosnippet
pragma-directive: no-cache
cache-directive: no-cache
cache-control: public, no-cache
pragma: no-cache
expires: 0
X-Firefox-Spdy: h2
ylx-3.com/show.php?u22651664028429=true&ad=673873&f=728x90&a=625611&cri=0&s=MjBlYTE4NjA1YTJiNWFmZjU4MmZmZDBiMjViODFmYTM=&u=777952&si=851458728&di=39551905&ci=16&h=501b980e19db04a16c2a8d6d921e6159&cc=NO&https=1&useAf=loaded_string_4511835b0bce9d250429df012c0426f88d0bd_2633299_1664028429.0531_87636&capSettings=eWx4LTMuY29tfDUwMDAwMHwyNHw1MTg1Ng==&ar=aHR0cHM6Ly91anlhYWxvY2hpdHdhbi5ibG9nc3BvdC5jb20v
185.66.200.221200 OK 1.8 kB URL HTTP/2 ylx-3.com/show.php?u22651664028429=true&ad=673873&f=728x90&a=625611&cri=0&s=MjBlYTE4NjA1YTJiNWFmZjU4MmZmZDBiMjViODFmYTM=&u=777952&si=851458728&di=39551905&ci=16&h=501b980e19db04a16c2a8d6d921e6159&cc=NO&https=1&useAf=loaded_string_4511835b0bce9d250429df012c0426f88d0bd_2633299_1664028429.0531_87636&capSettings=eWx4LTMuY29tfDUwMDAwMHwyNHw1MTg1Ng==&ar=aHR0cHM6Ly91anlhYWxvY2hpdHdhbi5ibG9nc3BvdC5jb20v
IP 185.66.200.221:0
ASN #201702 skHosting.eu s.r.o.
Hash 72354cc3f3dee3132c4222ad213429f9
f84868121e11007a3ef2fc09cf92bc6686ad75de
31027eb7ad2f3389517a05190e2aeedb20ae8b6765d0ba966f9abb87253ac9e7
GET /show.php?u22651664028429=true&ad=673873&f=728x90&a=625611&cri=0&s=MjBlYTE4NjA1YTJiNWFmZjU4MmZmZDBiMjViODFmYTM=&u=777952&si=851458728&di=39551905&ci=16&h=501b980e19db04a16c2a8d6d921e6159&cc=NO&https=1&useAf=loaded_string_4511835b0bce9d250429df012c0426f88d0bd_2633299_1664028429.0531_87636&capSettings=eWx4LTMuY29tfDUwMDAwMHwyNHw1MTg1Ng==&ar=aHR0cHM6Ly91anlhYWxvY2hpdHdhbi5ibG9nc3BvdC5jb20v HTTP/1.1
Host: ylx-3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ylx-3.com/banner_show.php?section=General&pub=777952&format=728x90&ga=g&https=1
Cookie: used_ad2633299=1; total_impressions=1; cpa_673873=728x90_851458728_0; used_ad2558647=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 14:07:09 GMT
content-type: text/html; charset=UTF-8
expires: Sat, 24 Sep 2022 14:07:09 GMT
last-modified: Sat, 24 Sep 2022 14:07:09 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-robots-tag: noindex, nofollow, noarchive, nosnippet
X-Firefox-Spdy: h2
ylx-3.com/show.php?u24101664028429=true&ad=673873&f=728x90&a=625611&cri=0&s=MjBlYTE4NjA1YTJiNWFmZjU4MmZmZDBiMjViODFmYTM=&u=777952&si=851458728&di=39551905&ci=16&h=f6e4301cd3c750221e57e74863a26bdd&cc=NO&https=1&useAf=loaded_string_6979135b0bce9d250429df012c0426f88d0bd_2558647_1664028429.0539_96484&ar=aHR0cHM6Ly91anlhYWxvY2hpdHdhbi5ibG9nc3BvdC5jb20v
185.66.200.221200 OK 1.6 kB URL HTTP/2 ylx-3.com/show.php?u24101664028429=true&ad=673873&f=728x90&a=625611&cri=0&s=MjBlYTE4NjA1YTJiNWFmZjU4MmZmZDBiMjViODFmYTM=&u=777952&si=851458728&di=39551905&ci=16&h=f6e4301cd3c750221e57e74863a26bdd&cc=NO&https=1&useAf=loaded_string_6979135b0bce9d250429df012c0426f88d0bd_2558647_1664028429.0539_96484&ar=aHR0cHM6Ly91anlhYWxvY2hpdHdhbi5ibG9nc3BvdC5jb20v
IP 185.66.200.221:0
ASN #201702 skHosting.eu s.r.o.
Hash c7b4664a5e38ecdc152994964c827aee
f5216e2c9328b9aa966097742256b703e829d049
540bd59c6f99e18fbf327433dda880d97b98a6b1caa83429a9d91e1f4563a6de
GET /show.php?u24101664028429=true&ad=673873&f=728x90&a=625611&cri=0&s=MjBlYTE4NjA1YTJiNWFmZjU4MmZmZDBiMjViODFmYTM=&u=777952&si=851458728&di=39551905&ci=16&h=f6e4301cd3c750221e57e74863a26bdd&cc=NO&https=1&useAf=loaded_string_6979135b0bce9d250429df012c0426f88d0bd_2558647_1664028429.0539_96484&ar=aHR0cHM6Ly91anlhYWxvY2hpdHdhbi5ibG9nc3BvdC5jb20v HTTP/1.1
Host: ylx-3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ylx-3.com/banner_show.php?section=General&pub=777952&format=728x90&ga=g&https=1
Cookie: used_ad2633299=1; total_impressions=1; cpa_673873=728x90_851458728_0; used_ad2558647=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 14:07:09 GMT
content-type: text/html; charset=UTF-8
expires: Sat, 24 Sep 2022 14:07:09 GMT
last-modified: Sat, 24 Sep 2022 14:07:09 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-robots-tag: noindex, nofollow, noarchive, nosnippet
X-Firefox-Spdy: h2
ylx-3.com/trk/?f84e69a25ca9bfef04d636637ac0cb09
185.66.200.221200 OK 43 B URL HTTP/2 ylx-3.com/trk/?f84e69a25ca9bfef04d636637ac0cb09
IP 185.66.200.221:0
ASN #201702 skHosting.eu s.r.o.
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /trk/?f84e69a25ca9bfef04d636637ac0cb09 HTTP/1.1
Host: ylx-3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ylx-3.com/show.php?u60971664028429=true&ad=673873&f=728x90&a=625611&cri=0&s=MjBlYTE4NjA1YTJiNWFmZjU4MmZmZDBiMjViODFmYTM=&u=777952&si=851458728&di=39551905&ci=16&h=f84e69a25ca9bfef04d636637ac0cb09&cc=NO&https=1&useAf=loaded_string_7606235b0bce9d250429df012c0426f88d0bd_2633299_1664028429.056_6917&capSettings=eWx4LTMuY29tfDUwMDAwMHwyNHw1MTg1Ng==&ar=aHR0cHM6Ly91anlhYWxvY2hpdHdhbi5ibG9nc3BvdC5jb20v
Cookie: used_ad2633299=1; total_impressions=1; cpa_673873=728x90_851458728_0; used_ad2558647=1; used_ad2633386=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 14:07:09 GMT
content-type: image/gif
content-length: 43
last-modified: Sat, 24 Sep 2022 14:07:09 GMT
x-robots-tag: noindex, nofollow, noarchive, nosnippet
pragma-directive: no-cache
cache-directive: no-cache
cache-control: public, no-cache
pragma: no-cache
expires: 0
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5c9838ddd8ec4067046dbfadd9c2d1ea
036caf1302699dd90210a83f7dfad5f18102b883
2205bd02cfab7a98a256058a58a4b5be7cda731fdf7f8f363ebd6722dcb2f20d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2205BD02CFAB7A98A256058A58A4B5BE7CDA731FDF7F8F363EBD6722DCB2F20D"
Last-Modified: Fri, 23 Sep 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14449
Expires: Sat, 24 Sep 2022 18:07:58 GMT
Date: Sat, 24 Sep 2022 14:07:09 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5c9838ddd8ec4067046dbfadd9c2d1ea
036caf1302699dd90210a83f7dfad5f18102b883
2205bd02cfab7a98a256058a58a4b5be7cda731fdf7f8f363ebd6722dcb2f20d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2205BD02CFAB7A98A256058A58A4B5BE7CDA731FDF7F8F363EBD6722DCB2F20D"
Last-Modified: Fri, 23 Sep 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14405
Expires: Sat, 24 Sep 2022 18:07:14 GMT
Date: Sat, 24 Sep 2022 14:07:09 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b2e2b9b8ba525b3ebc57c222cd1bc4d6
455c1d49baec65240d26d903ea5f2e31e71bdcc9
9042923dab1dd8668308db4bf2e564013b5b8872bedfc4e65c859c0cc2192c28
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9042923DAB1DD8668308DB4BF2E564013B5B8872BEDFC4E65C859C0CC2192C28"
Last-Modified: Fri, 23 Sep 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16708
Expires: Sat, 24 Sep 2022 18:45:37 GMT
Date: Sat, 24 Sep 2022 14:07:09 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash cbbcc16bcf60d7c3937ec10a47316481
41f03c43cc2e770e3509722f5475ec85625cea56
ef46144f42f77070d8611ed3d3e8d2c585407319ec78711e7a9527b664b7d19a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF46144F42F77070D8611ED3D3E8D2C585407319EC78711E7A9527B664B7D19A"
Last-Modified: Sat, 24 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11116
Expires: Sat, 24 Sep 2022 17:12:25 GMT
Date: Sat, 24 Sep 2022 14:07:09 GMT
Connection: keep-alive
ylx-3.com/show.php?u8151664028428=true&ad=673873&f=728x90&a=625611&cri=0&s=MjBlYTE4NjA1YTJiNWFmZjU4MmZmZDBiMjViODFmYTM=&u=777952&si=851458728&di=39551905&ci=16&h=dc03db4332e9176621f11c2b275df737&cc=NO&https=1&useAf=loaded_string_511535b0bce9d250429df012c0426f88d0bd_2633299_1664028428.9668_95945&capSettings=eWx4LTMuY29tfDUwMDAwMHwyNHw1MTg1Ng==&ar=aHR0cHM6Ly91anlhYWxvY2hpdHdhbi5ibG9nc3BvdC5jb20v
185.66.200.221200 OK 2.2 kB URL HTTP/2 ylx-3.com/show.php?u8151664028428=true&ad=673873&f=728x90&a=625611&cri=0&s=MjBlYTE4NjA1YTJiNWFmZjU4MmZmZDBiMjViODFmYTM=&u=777952&si=851458728&di=39551905&ci=16&h=dc03db4332e9176621f11c2b275df737&cc=NO&https=1&useAf=loaded_string_511535b0bce9d250429df012c0426f88d0bd_2633299_1664028428.9668_95945&capSettings=eWx4LTMuY29tfDUwMDAwMHwyNHw1MTg1Ng==&ar=aHR0cHM6Ly91anlhYWxvY2hpdHdhbi5ibG9nc3BvdC5jb20v
IP 185.66.200.221:0
ASN #201702 skHosting.eu s.r.o.
Hash 9f3bc3181d44264857d1c5d0e68c2b3c
1cfd750cd15a5352cb52fb2253a221c7b5108b25
aab1a5cabcd4951495b880f700d8d8fb7d12e72c0cdc67f1f9f6124a7bfc4a9c
GET /show.php?u8151664028428=true&ad=673873&f=728x90&a=625611&cri=0&s=MjBlYTE4NjA1YTJiNWFmZjU4MmZmZDBiMjViODFmYTM=&u=777952&si=851458728&di=39551905&ci=16&h=dc03db4332e9176621f11c2b275df737&cc=NO&https=1&useAf=loaded_string_511535b0bce9d250429df012c0426f88d0bd_2633299_1664028428.9668_95945&capSettings=eWx4LTMuY29tfDUwMDAwMHwyNHw1MTg1Ng==&ar=aHR0cHM6Ly91anlhYWxvY2hpdHdhbi5ibG9nc3BvdC5jb20v HTTP/1.1
Host: ylx-3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ylx-3.com/banner_show.php?section=General&pub=777952&format=728x90&ga=g&https=1
Cookie: used_ad2633299=1; total_impressions=1; cpa_673873=728x90_851458728_0
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 14:07:09 GMT
content-type: text/html; charset=UTF-8
expires: Sat, 24 Sep 2022 14:07:09 GMT
last-modified: Sat, 24 Sep 2022 14:07:09 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-robots-tag: noindex, nofollow, noarchive, nosnippet
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash cbbcc16bcf60d7c3937ec10a47316481
41f03c43cc2e770e3509722f5475ec85625cea56
ef46144f42f77070d8611ed3d3e8d2c585407319ec78711e7a9527b664b7d19a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF46144F42F77070D8611ED3D3E8D2C585407319EC78711E7A9527B664B7D19A"
Last-Modified: Sat, 24 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11116
Expires: Sat, 24 Sep 2022 17:12:25 GMT
Date: Sat, 24 Sep 2022 14:07:09 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 293548f3311deaed3d0c4384dab1e4eb
a526822caa64bb35b7c71b998ef98e60603894ba
0b7d18066733ba6b3410353810c3872e197a08da2e7ded9f053ffafba51daf58
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0B7D18066733BA6B3410353810C3872E197A08DA2E7DED9F053FFAFBA51DAF58"
Last-Modified: Fri, 23 Sep 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7430
Expires: Sat, 24 Sep 2022 16:10:59 GMT
Date: Sat, 24 Sep 2022 14:07:09 GMT
Connection: keep-alive
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
142.250.74.98200 OK 58 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
IP 142.250.74.98:0
File type ASCII text, with very long lines (2910)
Hash 692f266b9c7ce9cda5af545175bafec7
c728f19be7788579aab292d948ed2031075eaa83
f057cd63fbc9cd75d6e04427c8cb458254daae44e819697f18fd1085dde58a42
GET /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ujyaalochitwan.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding, Origin
date: Sat, 24 Sep 2022 14:07:09 GMT
expires: Sat, 24 Sep 2022 14:07:09 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 8709669812068787244
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 58045
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/html/r20220921/r20190131/zrt_lookup.html
216.58.207.226200 OK 4.4 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/html/r20220921/r20190131/zrt_lookup.html
IP 216.58.207.226:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1731)
Hash 682bf699cccbc0ff817e1fcb7b95262a
11ad3edf0008f52b733c2d6d7199e1f052318d58
bd42f773d589f85cf6884d7893746d5d4e0c082f78e1c80511cf3aefa1c69a0f
GET /pagead/html/r20220921/r20190131/zrt_lookup.html HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ujyaalochitwan.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4420
x-xss-protection: 0
date: Sat, 24 Sep 2022 03:27:23 GMT
expires: Sat, 08 Oct 2022 03:27:23 GMT
cache-control: public, max-age=1209600
age: 38386
etag: 9671129459699598864
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ebaaa.xyz/08c73116f6/82b174e040/?placementName=ROTATOR&type=n&cv=XrdpCjArpAjGZjCdZAdrrCxCkrNkxNpZNrApCrCjdCCrkjCkdCrCrGCxCrdZZdjGjxCCr_54686&adApiR=loaded_string_511535b0bce9d250429df012c0426f88d0bd_2633299_1664028428.9668_95945&capSettings=eWx4LTMuY29tfDUwMDAwMHwyNHw1MTg1Ng==&adApiR=loaded_string_511535b0bce9d250429df012c0426f88d0bd_2633299_1664028428.9668_95945&refferer=1950524806_aHR0cHM6Ly91anlhYWxvY2hpdHdhbi5ibG9nc3BvdC5jb20v&width=728&height=90&yxDom=eWx4LTMuY29t_7e4ee6a50de539a82f7cbd9a066dfd5e&randomA=684776901102&realRef=M1JjbEovZWMydCthVlFXa08rb1M1dnliMUoyY2lPY2N0OURUMTNwTlM2MD0=
185.66.201.8200 OK 137 kB URL HTTP/2 ebaaa.xyz/08c73116f6/82b174e040/?placementName=ROTATOR&type=n&cv=XrdpCjArpAjGZjCdZAdrrCxCkrNkxNpZNrApCrCjdCCrkjCkdCrCrGCxCrdZZdjGjxCCr_54686&adApiR=loaded_string_511535b0bce9d250429df012c0426f88d0bd_2633299_1664028428.9668_95945&capSettings=eWx4LTMuY29tfDUwMDAwMHwyNHw1MTg1Ng==&adApiR=loaded_string_511535b0bce9d250429df012c0426f88d0bd_2633299_1664028428.9668_95945&refferer=1950524806_aHR0cHM6Ly91anlhYWxvY2hpdHdhbi5ibG9nc3BvdC5jb20v&width=728&height=90&yxDom=eWx4LTMuY29t_7e4ee6a50de539a82f7cbd9a066dfd5e&randomA=684776901102&realRef=M1JjbEovZWMydCthVlFXa08rb1M1dnliMUoyY2lPY2N0OURUMTNwTlM2MD0=
IP 185.66.201.8:0
ASN #201702 skHosting.eu s.r.o.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (19022), with no line terminators
Size 137 kB (137306 bytes)
Hash d7a6f911d483fb8d18e6c86962a4fed7
2fb4b28b6972d7fc32fff55f9c1b4836b715f5c0
ec547ffaf8447a42d2dd47a402967ff6e1d77093e87f9577aae8f690ec937255
GET /08c73116f6/82b174e040/?placementName=ROTATOR&type=n&cv=XrdpCjArpAjGZjCdZAdrrCxCkrNkxNpZNrApCrCjdCCrkjCkdCrCrGCxCrdZZdjGjxCCr_54686&adApiR=loaded_string_511535b0bce9d250429df012c0426f88d0bd_2633299_1664028428.9668_95945&capSettings=eWx4LTMuY29tfDUwMDAwMHwyNHw1MTg1Ng==&adApiR=loaded_string_511535b0bce9d250429df012c0426f88d0bd_2633299_1664028428.9668_95945&refferer=1950524806_aHR0cHM6Ly91anlhYWxvY2hpdHdhbi5ibG9nc3BvdC5jb20v&width=728&height=90&yxDom=eWx4LTMuY29t_7e4ee6a50de539a82f7cbd9a066dfd5e&randomA=684776901102&realRef=M1JjbEovZWMydCthVlFXa08rb1M1dnliMUoyY2lPY2N0OURUMTNwTlM2MD0= HTTP/1.1
Host: ebaaa.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ylx-3.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 14:07:09 GMT
content-type: text/html; charset=UTF-8
set-cookie: total_impressions=1; expires=Sun, 25-Sep-2022 03:59:59 GMT; Max-Age=49970; secure; SameSite=None
used_ad2633299=1; expires=Sun, 25-Sep-2022 03:59:59 GMT; Max-Age=49970; path=/; secure; SameSite=None
used_c_51856=1; expires=Sun, 25-Sep-2022 14:07:09 GMT; Max-Age=86400; path=/; secure; SameSite=None
expires: Sun, 01 Jan 2014 00:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-robots-tag: noindex,nofollow
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 443b0617be50ed9c9a81efccc9e01157
d1298731f176c8e13a878be5d37c40bf45da7ec2
a63e8b9e4e05dd3bfefb01b74196c89c6ac9c8d1809f66d750b533ca81991e24
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 14:07:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 423331d8bae78ba045bea86f1e4c6e7f
8ed72a508ba25a95e6899569180a02728d5edb5c
fb27ab0f1591889639eff81fa012d5c185ecb1b04be5060af2e89e378fc264a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 14:07:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ylx-3.com/show.php?u60971664028429=true&ad=673873&f=728x90&a=625611&cri=0&s=MjBlYTE4NjA1YTJiNWFmZjU4MmZmZDBiMjViODFmYTM=&u=777952&si=851458728&di=39551905&ci=16&h=f84e69a25ca9bfef04d636637ac0cb09&cc=NO&https=1&useAf=loaded_string_7606235b0bce9d250429df012c0426f88d0bd_2633299_1664028429.056_6917&capSettings=eWx4LTMuY29tfDUwMDAwMHwyNHw1MTg1Ng==&ar=aHR0cHM6Ly91anlhYWxvY2hpdHdhbi5ibG9nc3BvdC5jb20v
185.66.200.221200 OK 76 kB URL HTTP/2 ylx-3.com/show.php?u60971664028429=true&ad=673873&f=728x90&a=625611&cri=0&s=MjBlYTE4NjA1YTJiNWFmZjU4MmZmZDBiMjViODFmYTM=&u=777952&si=851458728&di=39551905&ci=16&h=f84e69a25ca9bfef04d636637ac0cb09&cc=NO&https=1&useAf=loaded_string_7606235b0bce9d250429df012c0426f88d0bd_2633299_1664028429.056_6917&capSettings=eWx4LTMuY29tfDUwMDAwMHwyNHw1MTg1Ng==&ar=aHR0cHM6Ly91anlhYWxvY2hpdHdhbi5ibG9nc3BvdC5jb20v
IP 185.66.200.221:0
ASN #201702 skHosting.eu s.r.o.
Hash 8d4c194c7152d9b568aba0cbaf401044
d1d8ac7c36d88130bb006f0910ccb36a70fb4689
423b14c78ab207aa6a625b52af4c7ed72402ef5a609a07487a557aa28d62ae61
GET /show.php?u60971664028429=true&ad=673873&f=728x90&a=625611&cri=0&s=MjBlYTE4NjA1YTJiNWFmZjU4MmZmZDBiMjViODFmYTM=&u=777952&si=851458728&di=39551905&ci=16&h=f84e69a25ca9bfef04d636637ac0cb09&cc=NO&https=1&useAf=loaded_string_7606235b0bce9d250429df012c0426f88d0bd_2633299_1664028429.056_6917&capSettings=eWx4LTMuY29tfDUwMDAwMHwyNHw1MTg1Ng==&ar=aHR0cHM6Ly91anlhYWxvY2hpdHdhbi5ibG9nc3BvdC5jb20v HTTP/1.1
Host: ylx-3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ylx-3.com/banner_show.php?section=General&pub=777952&format=728x90&ga=g&https=1
Cookie: used_ad2633299=1; total_impressions=1; cpa_673873=728x90_851458728_0; used_ad2558647=1; used_ad2633386=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 14:07:09 GMT
content-type: text/html; charset=UTF-8
expires: Sat, 24 Sep 2022 14:07:09 GMT
last-modified: Sat, 24 Sep 2022 14:07:09 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-robots-tag: noindex, nofollow, noarchive, nosnippet
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11983
Expires: Sat, 24 Sep 2022 17:26:53 GMT
Date: Sat, 24 Sep 2022 14:07:10 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11983
Expires: Sat, 24 Sep 2022 17:26:53 GMT
Date: Sat, 24 Sep 2022 14:07:10 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11983
Expires: Sat, 24 Sep 2022 17:26:53 GMT
Date: Sat, 24 Sep 2022 14:07:10 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash ece8260ceafbd3b9a0a2d558556000f2
6c603250bcbb9a1ddc8652196d79d2a5aa8ad2b1
7b105d30166ff14be5941101e00b2782676557d430c87200a3bb36956b632820
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 14:07:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.no/adsid/integrator.js?domain=ujyaalochitwan.blogspot.com
216.58.207.194200 OK 100 B URL HTTP/2 adservice.google.no/adsid/integrator.js?domain=ujyaalochitwan.blogspot.com
IP 216.58.207.194:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=ujyaalochitwan.blogspot.com HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ujyaalochitwan.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sat, 24 Sep 2022 14:07:10 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
adservice.google.com/adsid/integrator.js?domain=ujyaalochitwan.blogspot.com
142.250.74.66200 OK 100 B URL HTTP/2 adservice.google.com/adsid/integrator.js?domain=ujyaalochitwan.blogspot.com
IP 142.250.74.66:0
File type ASCII text, with no line terminators
Hash 917951a58be8c6c6f3680159550ba3c2
21cd25c2a4eb9ec7e0f37021ce7b69e852dab4b4
cd8c45d9a0d98ca2e23d967483ec538bcafa246afdcf434bf60c8257acfacfac
GET /adsid/integrator.js?domain=ujyaalochitwan.blogspot.com HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ujyaalochitwan.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: private, no-cache, no-store
content-type: application/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sat, 24 Sep 2022 14:07:10 GMT
server: cafe
content-length: 100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F76fa20bb-9883-4867-b55e-fc56c8f8fc57.jpeg
34.120.237.76200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F76fa20bb-9883-4867-b55e-fc56c8f8fc57.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d8d9af95acfc8b9b431eb1e020157f6d
f6f926be6e265a597aaede424f05fcd7c76fcc20
0b61d6cb0e0908cb8d303b9e951e2854166bd232e0291b5d698a6b757c064e88
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F76fa20bb-9883-4867-b55e-fc56c8f8fc57.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6386
x-amzn-requestid: 4380489e-d0ba-4f67-ac4f-67619ba34422
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y7shGHryIAMF6zg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632e27a0-005f9c783c7722f16c178026;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 21:39:44 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: RuUOjTDRTkcaGFf_hTWrHZ89edOajgGUdl5PjbaUV7CUppat6IYsRg==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 21:48:27 GMT
age: 58723
etag: "f6f926be6e265a597aaede424f05fcd7c76fcc20"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F85d1d130-04e1-43f4-81d7-b15e9286f813.jpeg
34.120.237.76200 OK 8.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F85d1d130-04e1-43f4-81d7-b15e9286f813.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e1087dcce202bbbc8c84196bd2050662
670d89082f8da643e1196b11fb64bf71707f0e8d
f6a7b6e07177431d7845e2f2b7b1b3b76088671db32aeef580a72e9bd3ddae00
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F85d1d130-04e1-43f4-81d7-b15e9286f813.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8354
x-amzn-requestid: 3ec3470c-2268-4102-af88-27dcfed76bfc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y7sPCGOcoAMF2xQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632e272c-481aa98b413690636fc3a2f0;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 21:37:48 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: pVtBCTCGh0DCF_1Vf9qMWttoDUQO_xSCkpdis9Gu3o4_cVEqaHngVg==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 21:48:30 GMT
age: 58720
etag: "670d89082f8da643e1196b11fb64bf71707f0e8d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F96ebb238-493f-4ccc-a8d9-7a7c6f8ab469.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F96ebb238-493f-4ccc-a8d9-7a7c6f8ab469.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5a4b36e1bf29c9c82f069cdd3c50874c
d2180d40ceb16924a87a41aad90dedb0bb912085
aab96d28ea8e21e6d37449eba400cac45acced1825ebdb27853d17ae4f993b00
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F96ebb238-493f-4ccc-a8d9-7a7c6f8ab469.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7963
x-amzn-requestid: cadfa4ff-473d-4927-bdf6-3aad64cddf18
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y7sQbHTCIAMFfZg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632e2735-41d711e5210099aa6273dd86;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 21:37:57 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: g0NS7XamCzSMKmm1-mLnWLwUuBoJczvwSmTb0c_7klsY78wbrg4bRw==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 21:57:25 GMT
age: 58185
etag: "d2180d40ceb16924a87a41aad90dedb0bb912085"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd719f7db-20e1-4834-9525-3117f1824f36.webp
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd719f7db-20e1-4834-9525-3117f1824f36.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash aa150280eb113504d61a25935c0f0127
ed04f74fbb4c77b21e2babc51a82857f5e23d169
07df17fffb391aa82efb09e30d97e88fa4dbe6df00e37bb90304f69179f4848e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd719f7db-20e1-4834-9525-3117f1824f36.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10032
x-amzn-requestid: 521c4012-9834-4100-a7ed-30093502f1a9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y7sPBHGYoAMFh-Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632e272c-77b03c321240d76a572d603a;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 21:37:48 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: N7TwxCLUL8qnvm3YuZ6CGyJquVerc266VvZ1g8j5RxGpQXoUJwhULg==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 21:51:16 GMT
age: 58554
etag: "ed04f74fbb4c77b21e2babc51a82857f5e23d169"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5039669-74cb-4d54-9208-94257c765b35.jpeg
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5039669-74cb-4d54-9208-94257c765b35.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 55d224ac83a417772c98bc5080fb6689
a30f9044330824e70dde0dcc785890d981e6fdf5
b2ea4dea200109019a65834b98e31e8fac718a199513810a2819858be2b4470a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5039669-74cb-4d54-9208-94257c765b35.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9935
x-amzn-requestid: 9eb8463d-172a-40a2-8eed-3c97b1260afe
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y7sQ5FARoAMFXQQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632e2738-3709a2f22ecc033532223b26;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 21:38:00 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: e5eETCL5yFnoG4HPx0Qv8hjGnlXx5vOL4syMx9uato8nuIHkSvMezg==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 21:58:23 GMT
age: 58127
etag: "a30f9044330824e70dde0dcc785890d981e6fdf5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb77ad616-c829-40b4-8b70-2be46252d64c.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb77ad616-c829-40b4-8b70-2be46252d64c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8ea5f06ad31f0cedd2cb5c6df82f35f4
60a83a1618ffae06e49ca3002bac1db9980dcfe8
5f6a4cb92c016ef0f229b11d727e9680a15b10782b5bfe9e66ad9d100b458d8d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb77ad616-c829-40b4-8b70-2be46252d64c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10279
x-amzn-requestid: 0f361c26-1f12-421a-9752-7d4fcdf839ac
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4V65GTXIAMF9-Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd045-25677a637307879044de8242;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:14:45 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: HfslSWhSAKRjZr-qqajVm6bKf9jGt2pXq8N8GlXgyTwRxWqw0y-CgA==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 05:14:28 GMT
age: 31962
etag: "60a83a1618ffae06e49ca3002bac1db9980dcfe8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
partner.googleadservices.com/gampad/cookie.js?domain=ujyaalochitwan.blogspot.com&callback=_gfp_s_&client=ca-pub-5638478346758995
172.217.21.162200 OK 201 B URL HTTP/2 partner.googleadservices.com/gampad/cookie.js?domain=ujyaalochitwan.blogspot.com&callback=_gfp_s_&client=ca-pub-5638478346758995
IP 172.217.21.162:0
File type ASCII text, with no line terminators
Hash 4041c76aa43f0a8b13b76d8a4d48b68b
dd0f13540f87f2c50dc10630a645d99c5bfcddeb
1b042fb1ed0da50b11ad04a62f0cae2afc455ae30f32d7e05434ac8c30f9534a
GET /gampad/cookie.js?domain=ujyaalochitwan.blogspot.com&callback=_gfp_s_&client=ca-pub-5638478346758995 HTTP/1.1
Host: partner.googleadservices.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ujyaalochitwan.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Sat, 24 Sep 2022 14:07:10 GMT
server: cafe
cache-control: private
content-length: 201
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 443b0617be50ed9c9a81efccc9e01157
d1298731f176c8e13a878be5d37c40bf45da7ec2
a63e8b9e4e05dd3bfefb01b74196c89c6ac9c8d1809f66d750b533ca81991e24
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 14:07:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 423331d8bae78ba045bea86f1e4c6e7f
8ed72a508ba25a95e6899569180a02728d5edb5c
fb27ab0f1591889639eff81fa012d5c185ecb1b04be5060af2e89e378fc264a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 14:07:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash ece8260ceafbd3b9a0a2d558556000f2
6c603250bcbb9a1ddc8652196d79d2a5aa8ad2b1
7b105d30166ff14be5941101e00b2782676557d430c87200a3bb36956b632820
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 14:07:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash eca161302377725388354dea1513144f
41cfa39fd07e41fb543fdf3e0697e6727ba19bfc
7c68027f691a9f10766356b9052a113a4f0dde19fdb0933f4efdc3ca5a6e7f70
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 14:07:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tpc.googlesyndication.com/sodar/sodar2.js
142.250.74.33200 OK 6.4 kB URL HTTP/2 tpc.googlesyndication.com/sodar/sodar2.js
IP 142.250.74.33:0
File type ASCII text, with very long lines (1321)
Hash ac906814ed812c4ecdbb624a3bd2f6c3
8e4547eaffaa66a1ee61b36028dbcd7091d0e7de
8ab8cef6156022c4547455defd8252b48b6bcb8b734072849345bb99758705fe
GET /sodar/sodar2.js HTTP/1.1
Host: tpc.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ujyaalochitwan.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 6386
date: Sat, 24 Sep 2022 14:07:10 GMT
expires: Sat, 24 Sep 2022 14:07:10 GMT
cache-control: private, max-age=3000
etag: "1637097310169751"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ebaaa.xyz/08c73116f6/82b174e040/?placementName=ROTATOR&type=n&cv=XrdpCjArpAjGZjCdZAdrrCxCkrNkxNpZNrApCrCjdCCrkjCkdCrCrGCxCrdZZdjGjxCCr_92360&adApiR=loaded_string_595035b0bce9d250429df012c0426f88d0bd_2633299_1664028429.0534_57671&capSettings=eWx4LTMuY29tfDUwMDAwMHwyNHw1MTg1Ng==&adApiR=loaded_string_595035b0bce9d250429df012c0426f88d0bd_2633299_1664028429.0534_57671&refferer=1950524806_aHR0cHM6Ly91anlhYWxvY2hpdHdhbi5ibG9nc3BvdC5jb20v&width=728&height=90&yxDom=eWx4LTMuY29t_7e4ee6a50de539a82f7cbd9a066dfd5e
185.66.201.8200 OK 17 kB URL HTTP/2 ebaaa.xyz/08c73116f6/82b174e040/?placementName=ROTATOR&type=n&cv=XrdpCjArpAjGZjCdZAdrrCxCkrNkxNpZNrApCrCjdCCrkjCkdCrCrGCxCrdZZdjGjxCCr_92360&adApiR=loaded_string_595035b0bce9d250429df012c0426f88d0bd_2633299_1664028429.0534_57671&capSettings=eWx4LTMuY29tfDUwMDAwMHwyNHw1MTg1Ng==&adApiR=loaded_string_595035b0bce9d250429df012c0426f88d0bd_2633299_1664028429.0534_57671&refferer=1950524806_aHR0cHM6Ly91anlhYWxvY2hpdHdhbi5ibG9nc3BvdC5jb20v&width=728&height=90&yxDom=eWx4LTMuY29t_7e4ee6a50de539a82f7cbd9a066dfd5e
IP 185.66.201.8:0
ASN #201702 skHosting.eu s.r.o.
File type ASCII text, with very long lines (627)
Hash 8bbf245bd4461111a13b692c4d4026ef
2e0517d7551a12009e9402029369de5e2d9e27c3
c115ae2fef5b5e238f65e25812d650905bb01b84f526c1628f8f4bdc04422807
GET /08c73116f6/82b174e040/?placementName=ROTATOR&type=n&cv=XrdpCjArpAjGZjCdZAdrrCxCkrNkxNpZNrApCrCjdCCrkjCkdCrCrGCxCrdZZdjGjxCCr_92360&adApiR=loaded_string_595035b0bce9d250429df012c0426f88d0bd_2633299_1664028429.0534_57671&capSettings=eWx4LTMuY29tfDUwMDAwMHwyNHw1MTg1Ng==&adApiR=loaded_string_595035b0bce9d250429df012c0426f88d0bd_2633299_1664028429.0534_57671&refferer=1950524806_aHR0cHM6Ly91anlhYWxvY2hpdHdhbi5ibG9nc3BvdC5jb20v&width=728&height=90&yxDom=eWx4LTMuY29t_7e4ee6a50de539a82f7cbd9a066dfd5e HTTP/1.1
Host: ebaaa.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ylx-3.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 14:07:09 GMT
content-type: application/javascript
expires: Sun, 01 Jan 2014 00:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-robots-tag: noindex,nofollow
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4de431d1f0b2fb15b71b607b17be7d3d
60f7beb2f1cf28d72cb159ca92a20cfb9105b493
a19c5c057f664ba912b3b7d03f9491cc81336b9e836158b795fd18a1ff1a654f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 24 Sep 2022 14:07:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api2/aframe
142.250.74.164200 OK 513 B URL HTTP/2 www.google.com/recaptcha/api2/aframe
IP 142.250.74.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (783), with no line terminators
Hash 2409727b09b7e7b091c3533c09c7a966
d0939a299a98fda680900c1001ad0e39a8bfe3a3
33d3f3f0c2a8f467f883fd8b3b0ab70fbe0fa7999155737dfbf12e5a952f8897
GET /recaptcha/api2/aframe HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ujyaalochitwan.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sat, 24 Sep 2022 14:07:10 GMT
date: Sat, 24 Sep 2022 14:07:10 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'nonce-ujSW-GIMTZWFhAPz8ttf_w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ylx-3.com/banner_show.php?section=General&pub=777952&format=728x90&ga=g&https=1
185.66.200.221200 OK 0 B URL HTTP/2 ylx-3.com/banner_show.php?section=General&pub=777952&format=728x90&ga=g&https=1
IP 185.66.200.221:0
ASN #201702 skHosting.eu s.r.o.
GET /banner_show.php?section=General&pub=777952&format=728x90&ga=g&https=1 HTTP/1.1
Host: ylx-3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ujyaalochitwan.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 14:07:08 GMT
content-type: text/html; charset=UTF-8
expires: Sat, 24 Sep 2022 14:07:08 GMT
last-modified: Sat, 24 Sep 2022 14:07:08 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-robots-tag: noindex, nofollow, noarchive, nosnippet
set-cookie: used_ad2633299=1; expires=Sun, 25-Sep-2022 04:00:00 GMT; Max-Age=49972; path=/; domain=ylx-3.com; secure; HttpOnly; SameSite=None
total_impressions=1; expires=Sun, 25-Sep-2022 04:00:00 GMT; Max-Age=49972; path=/; domain=ylx-3.com; secure; HttpOnly; SameSite=None
cpa_673873=728x90_851458728_0; expires=Mon, 24-Oct-2022 14:07:08 GMT; Max-Age=2592000; path=/; domain=ylx-3.com; secure; SameSite=None
X-Firefox-Spdy: h2
ylx-3.com/show.php?u34561664028429=true&ad=673873&f=728x90&a=625611&cri=0&s=MjBlYTE4NjA1YTJiNWFmZjU4MmZmZDBiMjViODFmYTM=&u=777952&si=851458728&di=39551905&ci=16&h=012e35aae270e508dda3ac07805dc1aa&cc=NO&https=1&useAf=loaded_string_481335b0bce9d250429df012c0426f88d0bd_2633386_1664028429.0556_89199&capSettings=eWx4LTMuY29tfDUwMDAwMHwyNHw1MTg1OQ==&ar=aHR0cHM6Ly91anlhYWxvY2hpdHdhbi5ibG9nc3BvdC5jb20v
185.66.200.221200 OK 0 B URL HTTP/2 ylx-3.com/show.php?u34561664028429=true&ad=673873&f=728x90&a=625611&cri=0&s=MjBlYTE4NjA1YTJiNWFmZjU4MmZmZDBiMjViODFmYTM=&u=777952&si=851458728&di=39551905&ci=16&h=012e35aae270e508dda3ac07805dc1aa&cc=NO&https=1&useAf=loaded_string_481335b0bce9d250429df012c0426f88d0bd_2633386_1664028429.0556_89199&capSettings=eWx4LTMuY29tfDUwMDAwMHwyNHw1MTg1OQ==&ar=aHR0cHM6Ly91anlhYWxvY2hpdHdhbi5ibG9nc3BvdC5jb20v
IP 185.66.200.221:0
ASN #201702 skHosting.eu s.r.o.
GET /show.php?u34561664028429=true&ad=673873&f=728x90&a=625611&cri=0&s=MjBlYTE4NjA1YTJiNWFmZjU4MmZmZDBiMjViODFmYTM=&u=777952&si=851458728&di=39551905&ci=16&h=012e35aae270e508dda3ac07805dc1aa&cc=NO&https=1&useAf=loaded_string_481335b0bce9d250429df012c0426f88d0bd_2633386_1664028429.0556_89199&capSettings=eWx4LTMuY29tfDUwMDAwMHwyNHw1MTg1OQ==&ar=aHR0cHM6Ly91anlhYWxvY2hpdHdhbi5ibG9nc3BvdC5jb20v HTTP/1.1
Host: ylx-3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ylx-3.com/banner_show.php?section=General&pub=777952&format=728x90&ga=g&https=1
Cookie: used_ad2633299=1; total_impressions=1; cpa_673873=728x90_851458728_0; used_ad2558647=1; used_ad2633386=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 14:07:09 GMT
content-type: text/html; charset=UTF-8
expires: Sat, 24 Sep 2022 14:07:09 GMT
last-modified: Sat, 24 Sep 2022 14:07:09 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-robots-tag: noindex, nofollow, noarchive, nosnippet
X-Firefox-Spdy: h2
ebaaa.xyz/08c73116f6/82b174e040/?placementName=ROTATOR&type=n&cv=XrdpCjArpAjGZjCdZAdrrCxCkrNkxNpZNrApCrCjdCCrkjCkdCrCrGCxCrdZZdjGjxCCr_48108&adApiR=loaded_string_4511835b0bce9d250429df012c0426f88d0bd_2633299_1664028429.0531_87636&capSettings=eWx4LTMuY29tfDUwMDAwMHwyNHw1MTg1Ng==&adApiR=loaded_string_4511835b0bce9d250429df012c0426f88d0bd_2633299_1664028429.0531_87636&refferer=1950524806_aHR0cHM6Ly91anlhYWxvY2hpdHdhbi5ibG9nc3BvdC5jb20v&width=728&height=90&yxDom=eWx4LTMuY29t_7e4ee6a50de539a82f7cbd9a066dfd5e
185.66.201.8200 OK 0 B URL HTTP/2 ebaaa.xyz/08c73116f6/82b174e040/?placementName=ROTATOR&type=n&cv=XrdpCjArpAjGZjCdZAdrrCxCkrNkxNpZNrApCrCjdCCrkjCkdCrCrGCxCrdZZdjGjxCCr_48108&adApiR=loaded_string_4511835b0bce9d250429df012c0426f88d0bd_2633299_1664028429.0531_87636&capSettings=eWx4LTMuY29tfDUwMDAwMHwyNHw1MTg1Ng==&adApiR=loaded_string_4511835b0bce9d250429df012c0426f88d0bd_2633299_1664028429.0531_87636&refferer=1950524806_aHR0cHM6Ly91anlhYWxvY2hpdHdhbi5ibG9nc3BvdC5jb20v&width=728&height=90&yxDom=eWx4LTMuY29t_7e4ee6a50de539a82f7cbd9a066dfd5e
IP 185.66.201.8:0
ASN #201702 skHosting.eu s.r.o.
GET /08c73116f6/82b174e040/?placementName=ROTATOR&type=n&cv=XrdpCjArpAjGZjCdZAdrrCxCkrNkxNpZNrApCrCjdCCrkjCkdCrCrGCxCrdZZdjGjxCCr_48108&adApiR=loaded_string_4511835b0bce9d250429df012c0426f88d0bd_2633299_1664028429.0531_87636&capSettings=eWx4LTMuY29tfDUwMDAwMHwyNHw1MTg1Ng==&adApiR=loaded_string_4511835b0bce9d250429df012c0426f88d0bd_2633299_1664028429.0531_87636&refferer=1950524806_aHR0cHM6Ly91anlhYWxvY2hpdHdhbi5ibG9nc3BvdC5jb20v&width=728&height=90&yxDom=eWx4LTMuY29t_7e4ee6a50de539a82f7cbd9a066dfd5e HTTP/1.1
Host: ebaaa.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ylx-3.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 14:07:09 GMT
content-type: application/javascript
expires: Sun, 01 Jan 2014 00:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-robots-tag: noindex,nofollow
content-encoding: br
X-Firefox-Spdy: h2
ylx-3.com/banner_show.php?section=General&pub=777952&format=728x90&ga=g&https=1
185.66.200.221200 OK 0 B URL HTTP/2 ylx-3.com/banner_show.php?section=General&pub=777952&format=728x90&ga=g&https=1
IP 185.66.200.221:0
ASN #201702 skHosting.eu s.r.o.
GET /banner_show.php?section=General&pub=777952&format=728x90&ga=g&https=1 HTTP/1.1
Host: ylx-3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ujyaalochitwan.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 14:07:09 GMT
content-type: text/html; charset=UTF-8
expires: Sat, 24 Sep 2022 14:07:09 GMT
last-modified: Sat, 24 Sep 2022 14:07:09 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-robots-tag: noindex, nofollow, noarchive, nosnippet
set-cookie: used_ad2558647=1; expires=Sun, 25-Sep-2022 04:00:00 GMT; Max-Age=49971; path=/; domain=ylx-3.com; secure; HttpOnly; SameSite=None
total_impressions=1; expires=Sun, 25-Sep-2022 04:00:00 GMT; Max-Age=49971; path=/; domain=ylx-3.com; secure; HttpOnly; SameSite=None
cpa_673873=728x90_851458728_0; expires=Mon, 24-Oct-2022 14:07:09 GMT; Max-Age=2592000; path=/; domain=ylx-3.com; secure; SameSite=None
X-Firefox-Spdy: h2
ebaaa.xyz/08c73116f6/82b174e040/?placementName=ROTATOR&type=n&cv=XrdpCjArpAjGZjCdZAdrrCxCkrNkxNpZNrApCrCjdCCrkjCkdCrCrGCxCrdZZdjGjxCCr_28289&adApiR=loaded_string_6979135b0bce9d250429df012c0426f88d0bd_2558647_1664028429.0539_96484&refferer=1950524806_aHR0cHM6Ly91anlhYWxvY2hpdHdhbi5ibG9nc3BvdC5jb20v&width=728&height=90&yxDom=eWx4LTMuY29t_7e4ee6a50de539a82f7cbd9a066dfd5e
185.66.201.8200 OK 0 B URL HTTP/2 ebaaa.xyz/08c73116f6/82b174e040/?placementName=ROTATOR&type=n&cv=XrdpCjArpAjGZjCdZAdrrCxCkrNkxNpZNrApCrCjdCCrkjCkdCrCrGCxCrdZZdjGjxCCr_28289&adApiR=loaded_string_6979135b0bce9d250429df012c0426f88d0bd_2558647_1664028429.0539_96484&refferer=1950524806_aHR0cHM6Ly91anlhYWxvY2hpdHdhbi5ibG9nc3BvdC5jb20v&width=728&height=90&yxDom=eWx4LTMuY29t_7e4ee6a50de539a82f7cbd9a066dfd5e
IP 185.66.201.8:0
ASN #201702 skHosting.eu s.r.o.
GET /08c73116f6/82b174e040/?placementName=ROTATOR&type=n&cv=XrdpCjArpAjGZjCdZAdrrCxCkrNkxNpZNrApCrCjdCCrkjCkdCrCrGCxCrdZZdjGjxCCr_28289&adApiR=loaded_string_6979135b0bce9d250429df012c0426f88d0bd_2558647_1664028429.0539_96484&refferer=1950524806_aHR0cHM6Ly91anlhYWxvY2hpdHdhbi5ibG9nc3BvdC5jb20v&width=728&height=90&yxDom=eWx4LTMuY29t_7e4ee6a50de539a82f7cbd9a066dfd5e HTTP/1.1
Host: ebaaa.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ylx-3.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 14:07:09 GMT
content-type: application/javascript
expires: Sun, 01 Jan 2014 00:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-robots-tag: noindex,nofollow
content-encoding: br
X-Firefox-Spdy: h2
ebaaa.xyz/08c73116f6/82b174e040/?placementName=ROTATOR&type=n&cv=XrdpCjArpAjGZjCdZAdrrCxCkrNkxNpZNrApCrCjdCCrkjCkdCrCrGCxCrdZZdjGjxCCr_92360&adApiR=loaded_string_595035b0bce9d250429df012c0426f88d0bd_2633299_1664028429.0534_57671&capSettings=eWx4LTMuY29tfDUwMDAwMHwyNHw1MTg1Ng==&adApiR=loaded_string_595035b0bce9d250429df012c0426f88d0bd_2633299_1664028429.0534_57671&refferer=1950524806_aHR0cHM6Ly91anlhYWxvY2hpdHdhbi5ibG9nc3BvdC5jb20v&width=728&height=90&yxDom=eWx4LTMuY29t_7e4ee6a50de539a82f7cbd9a066dfd5e&randomA=842632030663&realRef=M1JjbEovZWMydCthVlFXa08rb1M1dnliMUoyY2lPY2N0OURUMTNwTlM2MD0=
185.66.201.8200 OK 0 B URL HTTP/2 ebaaa.xyz/08c73116f6/82b174e040/?placementName=ROTATOR&type=n&cv=XrdpCjArpAjGZjCdZAdrrCxCkrNkxNpZNrApCrCjdCCrkjCkdCrCrGCxCrdZZdjGjxCCr_92360&adApiR=loaded_string_595035b0bce9d250429df012c0426f88d0bd_2633299_1664028429.0534_57671&capSettings=eWx4LTMuY29tfDUwMDAwMHwyNHw1MTg1Ng==&adApiR=loaded_string_595035b0bce9d250429df012c0426f88d0bd_2633299_1664028429.0534_57671&refferer=1950524806_aHR0cHM6Ly91anlhYWxvY2hpdHdhbi5ibG9nc3BvdC5jb20v&width=728&height=90&yxDom=eWx4LTMuY29t_7e4ee6a50de539a82f7cbd9a066dfd5e&randomA=842632030663&realRef=M1JjbEovZWMydCthVlFXa08rb1M1dnliMUoyY2lPY2N0OURUMTNwTlM2MD0=
IP 185.66.201.8:0
ASN #201702 skHosting.eu s.r.o.
GET /08c73116f6/82b174e040/?placementName=ROTATOR&type=n&cv=XrdpCjArpAjGZjCdZAdrrCxCkrNkxNpZNrApCrCjdCCrkjCkdCrCrGCxCrdZZdjGjxCCr_92360&adApiR=loaded_string_595035b0bce9d250429df012c0426f88d0bd_2633299_1664028429.0534_57671&capSettings=eWx4LTMuY29tfDUwMDAwMHwyNHw1MTg1Ng==&adApiR=loaded_string_595035b0bce9d250429df012c0426f88d0bd_2633299_1664028429.0534_57671&refferer=1950524806_aHR0cHM6Ly91anlhYWxvY2hpdHdhbi5ibG9nc3BvdC5jb20v&width=728&height=90&yxDom=eWx4LTMuY29t_7e4ee6a50de539a82f7cbd9a066dfd5e&randomA=842632030663&realRef=M1JjbEovZWMydCthVlFXa08rb1M1dnliMUoyY2lPY2N0OURUMTNwTlM2MD0= HTTP/1.1
Host: ebaaa.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ylx-3.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 14:07:09 GMT
content-type: text/html; charset=UTF-8
set-cookie: total_impressions=1; expires=Sun, 25-Sep-2022 03:59:59 GMT; Max-Age=49970; secure; SameSite=None
used_ad2633299=1; expires=Sun, 25-Sep-2022 03:59:59 GMT; Max-Age=49970; path=/; secure; SameSite=None
used_c_51856=1; expires=Sun, 25-Sep-2022 14:07:09 GMT; Max-Age=86400; path=/; secure; SameSite=None
expires: Sun, 01 Jan 2014 00:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-robots-tag: noindex,nofollow
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
ebaaa.xyz/08c73116f6/82b174e040/?placementName=ROTATOR&type=n&cv=XrdpCjArpAjGZjCdZAdrrCxCkrNkxNpZNrApCrCjdCCrkjCkdCrCrGCxCrdZZdjGjxCCr_48108&adApiR=loaded_string_4511835b0bce9d250429df012c0426f88d0bd_2633299_1664028429.0531_87636&capSettings=eWx4LTMuY29tfDUwMDAwMHwyNHw1MTg1Ng==&adApiR=loaded_string_4511835b0bce9d250429df012c0426f88d0bd_2633299_1664028429.0531_87636&refferer=1950524806_aHR0cHM6Ly91anlhYWxvY2hpdHdhbi5ibG9nc3BvdC5jb20v&width=728&height=90&yxDom=eWx4LTMuY29t_7e4ee6a50de539a82f7cbd9a066dfd5e&randomA=156341009224&realRef=M1JjbEovZWMydCthVlFXa08rb1M1dnliMUoyY2lPY2N0OURUMTNwTlM2MD0=
185.66.201.8200 OK 0 B URL HTTP/2 ebaaa.xyz/08c73116f6/82b174e040/?placementName=ROTATOR&type=n&cv=XrdpCjArpAjGZjCdZAdrrCxCkrNkxNpZNrApCrCjdCCrkjCkdCrCrGCxCrdZZdjGjxCCr_48108&adApiR=loaded_string_4511835b0bce9d250429df012c0426f88d0bd_2633299_1664028429.0531_87636&capSettings=eWx4LTMuY29tfDUwMDAwMHwyNHw1MTg1Ng==&adApiR=loaded_string_4511835b0bce9d250429df012c0426f88d0bd_2633299_1664028429.0531_87636&refferer=1950524806_aHR0cHM6Ly91anlhYWxvY2hpdHdhbi5ibG9nc3BvdC5jb20v&width=728&height=90&yxDom=eWx4LTMuY29t_7e4ee6a50de539a82f7cbd9a066dfd5e&randomA=156341009224&realRef=M1JjbEovZWMydCthVlFXa08rb1M1dnliMUoyY2lPY2N0OURUMTNwTlM2MD0=
IP 185.66.201.8:0
ASN #201702 skHosting.eu s.r.o.
GET /08c73116f6/82b174e040/?placementName=ROTATOR&type=n&cv=XrdpCjArpAjGZjCdZAdrrCxCkrNkxNpZNrApCrCjdCCrkjCkdCrCrGCxCrdZZdjGjxCCr_48108&adApiR=loaded_string_4511835b0bce9d250429df012c0426f88d0bd_2633299_1664028429.0531_87636&capSettings=eWx4LTMuY29tfDUwMDAwMHwyNHw1MTg1Ng==&adApiR=loaded_string_4511835b0bce9d250429df012c0426f88d0bd_2633299_1664028429.0531_87636&refferer=1950524806_aHR0cHM6Ly91anlhYWxvY2hpdHdhbi5ibG9nc3BvdC5jb20v&width=728&height=90&yxDom=eWx4LTMuY29t_7e4ee6a50de539a82f7cbd9a066dfd5e&randomA=156341009224&realRef=M1JjbEovZWMydCthVlFXa08rb1M1dnliMUoyY2lPY2N0OURUMTNwTlM2MD0= HTTP/1.1
Host: ebaaa.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ylx-3.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 14:07:09 GMT
content-type: text/html; charset=UTF-8
set-cookie: total_impressions=1; expires=Sun, 25-Sep-2022 03:59:59 GMT; Max-Age=49970; secure; SameSite=None
used_ad2633299=1; expires=Sun, 25-Sep-2022 03:59:59 GMT; Max-Age=49970; path=/; secure; SameSite=None
used_c_51856=1; expires=Sun, 25-Sep-2022 14:07:09 GMT; Max-Age=86400; path=/; secure; SameSite=None
expires: Sun, 01 Jan 2014 00:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-robots-tag: noindex,nofollow
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
ylx-4.com/mobile_redir.php?section=General&pub=777952&ga=g
185.66.200.221200 OK 0 B URL HTTP/2 ylx-4.com/mobile_redir.php?section=General&pub=777952&ga=g
IP 185.66.200.221:0
ASN #201702 skHosting.eu s.r.o.
GET /mobile_redir.php?section=General&pub=777952&ga=g HTTP/1.1
Host: ylx-4.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ujyaalochitwan.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 14:07:08 GMT
content-type: application/javascript
expires: Sat, 24 Sep 2022 14:07:08 GMT
last-modified: Sat, 24 Sep 2022 14:07:08 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-robots-tag: noindex, nofollow, noarchive, nosnippet
X-Firefox-Spdy: h2
ylx-i.advertica-cdn2.com/logo_n_small.png?1480628810
185.66.200.127200 OK 0 B URL HTTP/2 ylx-i.advertica-cdn2.com/logo_n_small.png?1480628810
IP 185.66.200.127:0
ASN #201702 skHosting.eu s.r.o.
GET /logo_n_small.png?1480628810 HTTP/1.1
Host: ylx-i.advertica-cdn2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ylx-3.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 14:07:09 GMT
content-type: image/png
last-modified: Thu, 01 Dec 2016 21:46:50 GMT
etag: W/"58409a4a-631"
expires: Mon, 24 Oct 2022 14:07:09 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
x-cache: HIT
x-server: cdnbts
content-encoding: gzip
X-Firefox-Spdy: h2
ylx-3.com/banner_show.php?section=General&pub=777952&format=728x90&ga=g&https=1
185.66.200.221200 OK 0 B URL HTTP/2 ylx-3.com/banner_show.php?section=General&pub=777952&format=728x90&ga=g&https=1
IP 185.66.200.221:0
ASN #201702 skHosting.eu s.r.o.
GET /banner_show.php?section=General&pub=777952&format=728x90&ga=g&https=1 HTTP/1.1
Host: ylx-3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ujyaalochitwan.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 14:07:09 GMT
content-type: text/html; charset=UTF-8
expires: Sat, 24 Sep 2022 14:07:09 GMT
last-modified: Sat, 24 Sep 2022 14:07:09 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-robots-tag: noindex, nofollow, noarchive, nosnippet
set-cookie: used_ad2633299=1; expires=Sun, 25-Sep-2022 04:00:00 GMT; Max-Age=49971; path=/; domain=ylx-3.com; secure; HttpOnly; SameSite=None
total_impressions=1; expires=Sun, 25-Sep-2022 04:00:00 GMT; Max-Age=49971; path=/; domain=ylx-3.com; secure; HttpOnly; SameSite=None
cpa_673873=728x90_851458728_0; expires=Mon, 24-Oct-2022 14:07:09 GMT; Max-Age=2592000; path=/; domain=ylx-3.com; secure; SameSite=None
X-Firefox-Spdy: h2
ylx-3.com/banner_show.php?section=General&pub=777952&format=728x90&ga=g&https=1
185.66.200.221200 OK 0 B URL HTTP/2 ylx-3.com/banner_show.php?section=General&pub=777952&format=728x90&ga=g&https=1
IP 185.66.200.221:0
ASN #201702 skHosting.eu s.r.o.
GET /banner_show.php?section=General&pub=777952&format=728x90&ga=g&https=1 HTTP/1.1
Host: ylx-3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ujyaalochitwan.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 14:07:09 GMT
content-type: text/html; charset=UTF-8
expires: Sat, 24 Sep 2022 14:07:09 GMT
last-modified: Sat, 24 Sep 2022 14:07:09 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-robots-tag: noindex, nofollow, noarchive, nosnippet
set-cookie: used_ad2633299=1; expires=Sun, 25-Sep-2022 04:00:00 GMT; Max-Age=49971; path=/; domain=ylx-3.com; secure; HttpOnly; SameSite=None
total_impressions=1; expires=Sun, 25-Sep-2022 04:00:00 GMT; Max-Age=49971; path=/; domain=ylx-3.com; secure; HttpOnly; SameSite=None
cpa_673873=728x90_851458728_0; expires=Mon, 24-Oct-2022 14:07:09 GMT; Max-Age=2592000; path=/; domain=ylx-3.com; secure; SameSite=None
X-Firefox-Spdy: h2
ylx-3.com/banner_show.php?section=General&pub=777952&format=728x90&ga=g&https=1
185.66.200.221200 OK 0 B URL HTTP/2 ylx-3.com/banner_show.php?section=General&pub=777952&format=728x90&ga=g&https=1
IP 185.66.200.221:0
ASN #201702 skHosting.eu s.r.o.
GET /banner_show.php?section=General&pub=777952&format=728x90&ga=g&https=1 HTTP/1.1
Host: ylx-3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ujyaalochitwan.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 14:07:09 GMT
content-type: text/html; charset=UTF-8
expires: Sat, 24 Sep 2022 14:07:09 GMT
last-modified: Sat, 24 Sep 2022 14:07:09 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-robots-tag: noindex, nofollow, noarchive, nosnippet
set-cookie: used_ad2633386=1; expires=Sun, 25-Sep-2022 04:00:00 GMT; Max-Age=49971; path=/; domain=ylx-3.com; secure; HttpOnly; SameSite=None
total_impressions=1; expires=Sun, 25-Sep-2022 04:00:00 GMT; Max-Age=49971; path=/; domain=ylx-3.com; secure; HttpOnly; SameSite=None
cpa_673873=728x90_851458728_0; expires=Mon, 24-Oct-2022 14:07:09 GMT; Max-Age=2592000; path=/; domain=ylx-3.com; secure; SameSite=None
X-Firefox-Spdy: h2
ebaaa.xyz/08c73116f6/82b174e040/?placementName=ROTATOR&type=n&cv=XrdpCjArpAjGZjCdZAdrrCxCkrNkxNpZNrApCrCjdCCrkjCkdCrCrGCxCrdZZdjGjxCCr_54686&adApiR=loaded_string_511535b0bce9d250429df012c0426f88d0bd_2633299_1664028428.9668_95945&capSettings=eWx4LTMuY29tfDUwMDAwMHwyNHw1MTg1Ng==&adApiR=loaded_string_511535b0bce9d250429df012c0426f88d0bd_2633299_1664028428.9668_95945&refferer=1950524806_aHR0cHM6Ly91anlhYWxvY2hpdHdhbi5ibG9nc3BvdC5jb20v&width=728&height=90&yxDom=eWx4LTMuY29t_7e4ee6a50de539a82f7cbd9a066dfd5e
185.66.201.8200 OK 0 B URL HTTP/2 ebaaa.xyz/08c73116f6/82b174e040/?placementName=ROTATOR&type=n&cv=XrdpCjArpAjGZjCdZAdrrCxCkrNkxNpZNrApCrCjdCCrkjCkdCrCrGCxCrdZZdjGjxCCr_54686&adApiR=loaded_string_511535b0bce9d250429df012c0426f88d0bd_2633299_1664028428.9668_95945&capSettings=eWx4LTMuY29tfDUwMDAwMHwyNHw1MTg1Ng==&adApiR=loaded_string_511535b0bce9d250429df012c0426f88d0bd_2633299_1664028428.9668_95945&refferer=1950524806_aHR0cHM6Ly91anlhYWxvY2hpdHdhbi5ibG9nc3BvdC5jb20v&width=728&height=90&yxDom=eWx4LTMuY29t_7e4ee6a50de539a82f7cbd9a066dfd5e
IP 185.66.201.8:0
ASN #201702 skHosting.eu s.r.o.
GET /08c73116f6/82b174e040/?placementName=ROTATOR&type=n&cv=XrdpCjArpAjGZjCdZAdrrCxCkrNkxNpZNrApCrCjdCCrkjCkdCrCrGCxCrdZZdjGjxCCr_54686&adApiR=loaded_string_511535b0bce9d250429df012c0426f88d0bd_2633299_1664028428.9668_95945&capSettings=eWx4LTMuY29tfDUwMDAwMHwyNHw1MTg1Ng==&adApiR=loaded_string_511535b0bce9d250429df012c0426f88d0bd_2633299_1664028428.9668_95945&refferer=1950524806_aHR0cHM6Ly91anlhYWxvY2hpdHdhbi5ibG9nc3BvdC5jb20v&width=728&height=90&yxDom=eWx4LTMuY29t_7e4ee6a50de539a82f7cbd9a066dfd5e HTTP/1.1
Host: ebaaa.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ylx-3.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 14:07:09 GMT
content-type: application/javascript
expires: Sun, 01 Jan 2014 00:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-robots-tag: noindex,nofollow
content-encoding: br
X-Firefox-Spdy: h2
ylx-i.advertica-cdn2.com/aff/pub_upk7x1.png?1480419365
185.66.200.127200 OK 0 B URL HTTP/2 ylx-i.advertica-cdn2.com/aff/pub_upk7x1.png?1480419365
IP 185.66.200.127:0
ASN #201702 skHosting.eu s.r.o.
GET /aff/pub_upk7x1.png?1480419365 HTTP/1.1
Host: ylx-i.advertica-cdn2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ylx-3.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 14:07:09 GMT
content-type: image/png
last-modified: Tue, 29 Nov 2016 11:36:05 GMT
etag: W/"583d6825-5642"
expires: Mon, 24 Oct 2022 14:07:09 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
x-cache: HIT
x-server: cdnbts
content-encoding: gzip
X-Firefox-Spdy: h2
ebaaa.xyz/08c73116f6/82b174e040/?placementName=ROTATOR&type=n&cv=XrdpCjArpAjGZjCdZAdrrCxCkrNkxNpZNrApCrCjdCCrkjCkdCrCrGCxCrdZZdjGjxCCr_58308&adApiR=loaded_string_7606235b0bce9d250429df012c0426f88d0bd_2633299_1664028429.056_6917&capSettings=eWx4LTMuY29tfDUwMDAwMHwyNHw1MTg1Ng==&adApiR=loaded_string_7606235b0bce9d250429df012c0426f88d0bd_2633299_1664028429.056_6917&refferer=1950524806_aHR0cHM6Ly91anlhYWxvY2hpdHdhbi5ibG9nc3BvdC5jb20v&width=728&height=90&yxDom=eWx4LTMuY29t_7e4ee6a50de539a82f7cbd9a066dfd5e
185.66.201.8200 OK 0 B URL HTTP/2 ebaaa.xyz/08c73116f6/82b174e040/?placementName=ROTATOR&type=n&cv=XrdpCjArpAjGZjCdZAdrrCxCkrNkxNpZNrApCrCjdCCrkjCkdCrCrGCxCrdZZdjGjxCCr_58308&adApiR=loaded_string_7606235b0bce9d250429df012c0426f88d0bd_2633299_1664028429.056_6917&capSettings=eWx4LTMuY29tfDUwMDAwMHwyNHw1MTg1Ng==&adApiR=loaded_string_7606235b0bce9d250429df012c0426f88d0bd_2633299_1664028429.056_6917&refferer=1950524806_aHR0cHM6Ly91anlhYWxvY2hpdHdhbi5ibG9nc3BvdC5jb20v&width=728&height=90&yxDom=eWx4LTMuY29t_7e4ee6a50de539a82f7cbd9a066dfd5e
IP 185.66.201.8:0
ASN #201702 skHosting.eu s.r.o.
GET /08c73116f6/82b174e040/?placementName=ROTATOR&type=n&cv=XrdpCjArpAjGZjCdZAdrrCxCkrNkxNpZNrApCrCjdCCrkjCkdCrCrGCxCrdZZdjGjxCCr_58308&adApiR=loaded_string_7606235b0bce9d250429df012c0426f88d0bd_2633299_1664028429.056_6917&capSettings=eWx4LTMuY29tfDUwMDAwMHwyNHw1MTg1Ng==&adApiR=loaded_string_7606235b0bce9d250429df012c0426f88d0bd_2633299_1664028429.056_6917&refferer=1950524806_aHR0cHM6Ly91anlhYWxvY2hpdHdhbi5ibG9nc3BvdC5jb20v&width=728&height=90&yxDom=eWx4LTMuY29t_7e4ee6a50de539a82f7cbd9a066dfd5e HTTP/1.1
Host: ebaaa.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ylx-3.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 14:07:09 GMT
content-type: application/javascript
expires: Sun, 01 Jan 2014 00:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-robots-tag: noindex,nofollow
content-encoding: br
X-Firefox-Spdy: h2
ebaaa.xyz/08c73116f6/82b174e040/?placementName=ROTATOR&type=n&cv=XrdpCjArpAjGZjCdZAdrrCxCkrNkxNpZNrApCrCjdCCrkjCkdCrCrGCxCrdZZdjGjxCCr_28289&adApiR=loaded_string_6979135b0bce9d250429df012c0426f88d0bd_2558647_1664028429.0539_96484&refferer=1950524806_aHR0cHM6Ly91anlhYWxvY2hpdHdhbi5ibG9nc3BvdC5jb20v&width=728&height=90&yxDom=eWx4LTMuY29t_7e4ee6a50de539a82f7cbd9a066dfd5e&randomA=186664118613&realRef=M1JjbEovZWMydCthVlFXa08rb1M1dnliMUoyY2lPY2N0OURUMTNwTlM2MD0=
185.66.201.8200 OK 0 B URL HTTP/2 ebaaa.xyz/08c73116f6/82b174e040/?placementName=ROTATOR&type=n&cv=XrdpCjArpAjGZjCdZAdrrCxCkrNkxNpZNrApCrCjdCCrkjCkdCrCrGCxCrdZZdjGjxCCr_28289&adApiR=loaded_string_6979135b0bce9d250429df012c0426f88d0bd_2558647_1664028429.0539_96484&refferer=1950524806_aHR0cHM6Ly91anlhYWxvY2hpdHdhbi5ibG9nc3BvdC5jb20v&width=728&height=90&yxDom=eWx4LTMuY29t_7e4ee6a50de539a82f7cbd9a066dfd5e&randomA=186664118613&realRef=M1JjbEovZWMydCthVlFXa08rb1M1dnliMUoyY2lPY2N0OURUMTNwTlM2MD0=
IP 185.66.201.8:0
ASN #201702 skHosting.eu s.r.o.
GET /08c73116f6/82b174e040/?placementName=ROTATOR&type=n&cv=XrdpCjArpAjGZjCdZAdrrCxCkrNkxNpZNrApCrCjdCCrkjCkdCrCrGCxCrdZZdjGjxCCr_28289&adApiR=loaded_string_6979135b0bce9d250429df012c0426f88d0bd_2558647_1664028429.0539_96484&refferer=1950524806_aHR0cHM6Ly91anlhYWxvY2hpdHdhbi5ibG9nc3BvdC5jb20v&width=728&height=90&yxDom=eWx4LTMuY29t_7e4ee6a50de539a82f7cbd9a066dfd5e&randomA=186664118613&realRef=M1JjbEovZWMydCthVlFXa08rb1M1dnliMUoyY2lPY2N0OURUMTNwTlM2MD0= HTTP/1.1
Host: ebaaa.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ylx-3.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 14:07:09 GMT
content-type: text/html; charset=UTF-8
set-cookie: total_impressions=1; expires=Sun, 25-Sep-2022 03:59:59 GMT; Max-Age=49970; secure; SameSite=None
used_ad2558647=1; expires=Sun, 25-Sep-2022 03:59:59 GMT; Max-Age=49970; path=/; secure; SameSite=None
expires: Sun, 01 Jan 2014 00:00:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-robots-tag: noindex,nofollow
access-control-allow-origin: *
content-encoding: br
X-Firefox-Spdy: h2
ylx-3.com/banner_show.php?section=General&pub=777952&format=728x90&ga=g&https=1
185.66.200.221200 OK 0 B URL HTTP/2 ylx-3.com/banner_show.php?section=General&pub=777952&format=728x90&ga=g&https=1
IP 185.66.200.221:0
ASN #201702 skHosting.eu s.r.o.
GET /banner_show.php?section=General&pub=777952&format=728x90&ga=g&https=1 HTTP/1.1
Host: ylx-3.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ujyaalochitwan.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 24 Sep 2022 14:07:09 GMT
content-type: text/html; charset=UTF-8
expires: Sat, 24 Sep 2022 14:07:09 GMT
last-modified: Sat, 24 Sep 2022 14:07:09 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
x-robots-tag: noindex, nofollow, noarchive, nosnippet
set-cookie: used_ad2633299=1; expires=Sun, 25-Sep-2022 04:00:00 GMT; Max-Age=49971; path=/; domain=ylx-3.com; secure; HttpOnly; SameSite=None
total_impressions=1; expires=Sun, 25-Sep-2022 04:00:00 GMT; Max-Age=49971; path=/; domain=ylx-3.com; secure; HttpOnly; SameSite=None
cpa_673873=728x90_851458728_0; expires=Mon, 24-Oct-2022 14:07:09 GMT; Max-Age=2592000; path=/; domain=ylx-3.com; secure; SameSite=None
X-Firefox-Spdy: h2