firefox.settings.services.mozilla.com/v1/
143.204.55.35200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bdb8b66c705a7b996496d780f50c00b5
403ae92039fcc933870f51f913f78ccaf9652256
c923ed2539f4ce9f4d43743c402fbb2060a52a4cbedbf14c5f5742ab718073d6
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Length, Content-Type, Retry-After, Backoff
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 16 Oct 2022 15:50:36 GMT
Expires: Sun, 16 Oct 2022 16:09:45 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: uvnwnqRUjBpsPjRjUlxje_yZKDcv3EcUvXS5MIOepbkeCW6eq_yAfw==
Age: 3556
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 10ab470535c002d333b4f27d38b51091
ed3b0850c5d75881de410f7e8ca35e012e38bd38
31d6655d048ec8a62e00125766fea65cde04beae0b11f12ce7f722c9a5f7e232
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "31D6655D048EC8A62E00125766FEA65CDE04BEAE0B11F12CE7F722C9A5F7E232"
Last-Modified: Sun, 16 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9007
Expires: Sun, 16 Oct 2022 19:20:00 GMT
Date: Sun, 16 Oct 2022 16:49:53 GMT
Connection: keep-alive
www.selsabil.com/2020/05/resume-science-islamique-3as-pdf.html
216.239.32.21301 Moved Permanently 207 B URL HTTP/1.1 www.selsabil.com/2020/05/resume-science-islamique-3as-pdf.html
IP 216.239.32.21:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 7fe8a4767ee6450d18336f07cf018ee2
e333920c149cad1a8ce05811de9144a5ef262efe
7d26fc544fa528aaf7b49b360a5c8a6a4a2f4f62c837d74c12bc623e9af3fa7d
GET /2020/05/resume-science-islamique-3as-pdf.html HTTP/1.1
Host: www.selsabil.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Location: https://www.selsabil.com/2020/05/resume-science-islamique-3as-pdf.html
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Sun, 16 Oct 2022 16:49:52 GMT
Expires: Sun, 16 Oct 2022 16:49:52 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
Content-Length: 207
Server: GSE
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a57d0f62d9bd29668b94a513fa45d18e
d7cb263502e21f9235b4523a596e2138d22042ec
df7acd4fe34cc9c4945a5d83ef538105a73dfc1a8b485bc7a62488c5406b1294
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DF7ACD4FE34CC9C4945A5D83EF538105A73DFC1A8B485BC7A62488C5406B1294"
Last-Modified: Sat, 15 Oct 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3418
Expires: Sun, 16 Oct 2022 17:46:51 GMT
Date: Sun, 16 Oct 2022 16:49:53 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: UJgwI81BUOfNPP6V2U0ejPRNWZgwdMPUpvg2XujHB+XNlP5l7JKh0987jaoN2RBYboGx9d98bLc=
x-amz-request-id: D1B3WKR5A0G2450F
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 16 Oct 2022 16:03:04 GMT
age: 2809
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/L6oHD0b_BSQ
142.250.74.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/L6oHD0b_BSQ
IP 142.250.74.3:0
Hash 770be02035faa81b94bebd6f3ee8b46c
9b1cd11845f6996210973391863287ac19c1b7f4
12d284639c9a3bec6d08171b878274958808e80691c26b0472e1744f33972884
POST /s/gts1d4/L6oHD0b_BSQ HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 16 Oct 2022 16:49:53 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 16 Oct 2022 16:49:53 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.35200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sun, 16 Oct 2022 16:07:43 GMT
Cache-Control: max-age=3600
Expires: Sun, 16 Oct 2022 16:16:24 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 2UIRMna3yDpdUAOYA8LQITEzrox5yF-Srkaq-fOsuqkrX1FTCTJQVg==
Age: 2530
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash cfc92c8f6ee7599505d969732542ac42
7f4804d49c8ccd76ccffa6b72d41b1df611eb090
406c057a8392b9fa0ab09efa8b3222a58ec5fc17fa73f55a1f093e3d1092b0e4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5429
Cache-Control: max-age=146843
Content-Type: application/ocsp-response
Date: Sun, 16 Oct 2022 16:49:53 GMT
Etag: "634bbb97-1d7"
Expires: Tue, 18 Oct 2022 09:37:16 GMT
Last-Modified: Sun, 16 Oct 2022 08:06:47 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 45e5cf6803523ef992969b03520c5059
d1fcbe9a0e22306d72b7c94420d852505fd96379
4fc6184cc43a4ced2adc30b7d1c0af3890a42fdacf49a9c962a01579117ed20c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 16 Oct 2022 16:49:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 0efa623bed47d42f69be9e523e7725f4
b301c00ee9ab5778b326edea3bc274f8ae46da15
c7d4afc16dd19b5216a9c34cf3048b4e6dff056608666d6d40c9f5eeeae309a5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 16 Oct 2022 16:49:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
2.bp.blogspot.com/-rp39voCEYkg/YHHLllIcvRI/AAAAAAAAa7o/T8wc-RfpKwYBbRAqyDf0gijHOsj_CeDPgCK4BGAYYCw/s1600/%25D8%25B3%25D9%2584%25D8%25B3%25D8%25A8%25D9%258A%25D9%2584%2B%25D9%2584%25D9%2584%25D8%25AA%25D9%2588%25D8%25B8%25D9%258A%25D9%2581%2B%25D9%2588%2B%25D8%25A7%25D9%2584%25D8%25AA%25D8%25B9%25D9%2584%25D9%258A%25D9%2585.webp
142.250.74.161200 OK 14 kB URL HTTP/2 2.bp.blogspot.com/-rp39voCEYkg/YHHLllIcvRI/AAAAAAAAa7o/T8wc-RfpKwYBbRAqyDf0gijHOsj_CeDPgCK4BGAYYCw/s1600/%25D8%25B3%25D9%2584%25D8%25B3%25D8%25A8%25D9%258A%25D9%2584%2B%25D9%2584%25D9%2584%25D8%25AA%25D9%2588%25D8%25B8%25D9%258A%25D9%2581%2B%25D9%2588%2B%25D8%25A7%25D9%2584%25D8%25AA%25D8%25B9%25D9%2584%25D9%258A%25D9%2585.webp
IP 142.250.74.161:0
File type PNG image data, 250 x 70, 8-bit/color RGBA, non-interlaced\012- data
Hash 97d3271730d82a1b138f71b424fdd0e7
7a0592170f672d9265a298417c7c846a70e9187f
03dc2055e1297f50b644acc6953527da99499fe5af4be375473518157545d7d8
GET /-rp39voCEYkg/YHHLllIcvRI/AAAAAAAAa7o/T8wc-RfpKwYBbRAqyDf0gijHOsj_CeDPgCK4BGAYYCw/s1600/%25D8%25B3%25D9%2584%25D8%25B3%25D8%25A8%25D9%258A%25D9%2584%2B%25D9%2584%25D9%2584%25D8%25AA%25D9%2588%25D8%25B8%25D9%258A%25D9%2581%2B%25D9%2588%2B%25D8%25A7%25D9%2584%25D8%25AA%25D8%25B9%25D9%2584%25D9%258A%25D9%2585.webp HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.selsabil.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="______ _______ _ _______.png";filename*=UTF-8''%D8%B3%D9%84%D8%B3%D8%A8%D9%8A%D9%84%20%D9%84%D9%84%D8%AA%D9%88%D8%B8%D9%8A%D9%81%20%D9%88%20%D8%A7%D9%84%D8%AA%D8%B9%D9%84%D9%8A%D9%85.png
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 14233
x-xss-protection: 0
date: Sun, 16 Oct 2022 16:49:53 GMT
expires: Sat, 15 Oct 2022 18:22:18 GMT
cache-control: public, max-age=86400, no-transform
etag: "v6bbb"
content-type: image/png
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
142.250.74.170200 OK 30 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
IP 142.250.74.170:0
File type ASCII text, with very long lines (32058)
Hash fc3fc31e5e7c0933dc18e562c1c071bf
a44c31323f6bd29e583cc585036e6eb39f7014a6
ddad766fb94b23efeb5574cdedc5e8446d496fb91bd0b08cd80be212e001055d
GET /ajax/libs/jquery/3.2.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.selsabil.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30306
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 11 Oct 2022 10:28:11 GMT
expires: Wed, 11 Oct 2023 10:28:11 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 454902
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c4b76dc9c43702eff50d4cc6138b77a3
e7536f49ab40fc596695598796d4a32e8059ccae
3fdc04498badebc1b6967584873afe957782483cb475c17803ebacc800755ea6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 16 Oct 2022 16:49:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.selsabil.com/2020/05/resume-science-islamique-3as-pdf.html
216.239.36.21200 OK 74 kB URL HTTP/2 www.selsabil.com/2020/05/resume-science-islamique-3as-pdf.html
IP 216.239.36.21:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1163)
Hash eefee63f49fae030bbfb8dfccc29c496
9586398620f81cf5e30559bf8ac8ec90814561dc
1162fdbd0162cf437ad5c2cdeeb4781ac36cf76501a049b99d1f97895571c816
GET /2020/05/resume-science-islamique-3as-pdf.html HTTP/1.1
Host: www.selsabil.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
expires: Sun, 16 Oct 2022 16:49:53 GMT
date: Sun, 16 Oct 2022 16:49:53 GMT
cache-control: private, max-age=0
last-modified: Sun, 16 Oct 2022 09:46:11 GMT
etag: W/"2e26b930e54d703a76b0edd1499aabebd028b9cd1575de2a32dc9f2538da04f3"
x-robots-tag: all,noodp
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 73757
server: GSE
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 78b7645f1c755a897caba5a6e41f40be
3aae69c7b4828bbcf4ab3149e2c95445e582c616
ae99de957282172b4585bba3f8d09a3f6e774a1bbf270031b99f31a1b07c219a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 16 Oct 2022 16:49:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
apis.google.com/js/platform.js
142.250.74.174200 OK 20 kB URL HTTP/2 apis.google.com/js/platform.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1277)
Hash b5a31516be83fe4f962609045d824f88
939a49a9858bf23561279f9ca2d1941d3256c66f
edb661aa461800e97e3847608a8b2d81cfe345f69a6f84abaa001d8a60500328
GET /js/platform.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.selsabil.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 20361
date: Sun, 16 Oct 2022 16:49:53 GMT
expires: Sun, 16 Oct 2022 16:49:53 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "40c22a9ccbd70870"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 78b7645f1c755a897caba5a6e41f40be
3aae69c7b4828bbcf4ab3149e2c95445e582c616
ae99de957282172b4585bba3f8d09a3f6e774a1bbf270031b99f31a1b07c219a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 16 Oct 2022 16:49:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/tajawal/v3/Iurf6YBj_oCad4k1l8KiHrFpiQ.woff2
216.58.207.195200 OK 9.9 kB URL HTTP/2 fonts.gstatic.com/s/tajawal/v3/Iurf6YBj_oCad4k1l8KiHrFpiQ.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 9864, version 1.0\012- data
Hash 9751651b345afc0e49ca1a302c19a294
05393c6e747f5e8a3c7fbee5fe15cad4c80837e1
d5aa3e4c58493f8d3693be4962e94e08d14e178ef4f0be2a27369a8813498e54
GET /s/tajawal/v3/Iurf6YBj_oCad4k1l8KiHrFpiQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.selsabil.com
Connection: keep-alive
Referer: https://www.selsabil.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 9864
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 13 Oct 2022 17:10:07 GMT
expires: Fri, 13 Oct 2023 17:10:07 GMT
cache-control: public, max-age=31536000
age: 257986
last-modified: Tue, 16 Jul 2019 03:31:06 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/tajawal/v3/Iurf6YBj_oCad4k1l8KiHrRpiYlJ.woff2
216.58.207.195200 OK 8.5 kB URL HTTP/2 fonts.gstatic.com/s/tajawal/v3/Iurf6YBj_oCad4k1l8KiHrRpiYlJ.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 8488, version 1.0\012- data
Hash b405dddf4639fdf946fed00d4b91139c
5df4eb97753c51715b996fcec1dec7e55877404b
b0d3610919043227b56c8d5130e2ead271a067bb1b930678d5af24bbbae7c16f
GET /s/tajawal/v3/Iurf6YBj_oCad4k1l8KiHrRpiYlJ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.selsabil.com
Connection: keep-alive
Referer: https://www.selsabil.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 8488
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 14 Oct 2022 00:56:41 GMT
expires: Sat, 14 Oct 2023 00:56:41 GMT
cache-control: public, max-age=31536000
age: 229992
last-modified: Tue, 16 Jul 2019 03:31:11 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 45e5cf6803523ef992969b03520c5059
d1fcbe9a0e22306d72b7c94420d852505fd96379
4fc6184cc43a4ced2adc30b7d1c0af3890a42fdacf49a9c962a01579117ed20c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 16 Oct 2022 16:49:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 0efa623bed47d42f69be9e523e7725f4
b301c00ee9ab5778b326edea3bc274f8ae46da15
c7d4afc16dd19b5216a9c34cf3048b4e6dff056608666d6d40c9f5eeeae309a5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 16 Oct 2022 16:49:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b71c1dfe563720287179a76edf29c680
6096cc371998151d37a2f7698b0fe0371bb43269
7472e945b0ae9b967b68ec85dc8a005c74c2f5c63c68a9de142be69983062a90
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 16 Oct 2022 16:49:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/tajawal/v3/Iurf6YBj_oCad4k1l4qkHrFpiQ.woff2
216.58.207.195200 OK 10 kB URL HTTP/2 fonts.gstatic.com/s/tajawal/v3/Iurf6YBj_oCad4k1l4qkHrFpiQ.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 9988, version 1.0\012- data
Hash 1ebcf6603786ff3b7e64cc8b4665fa5d
855f5fd5c0f7cc51b15a1fe82c06731f28b669e7
773d39d817342d38ff8203ede93c2280d9f4e6cbeac425fe09bdb7decddc65aa
GET /s/tajawal/v3/Iurf6YBj_oCad4k1l4qkHrFpiQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.selsabil.com
Connection: keep-alive
Referer: https://www.selsabil.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 9988
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 15 Oct 2022 21:59:55 GMT
expires: Sun, 15 Oct 2023 21:59:55 GMT
cache-control: public, max-age=31536000
age: 67798
last-modified: Tue, 16 Jul 2019 03:34:05 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
inklinkor.com/tag.min.js
172.67.211.29200 OK 33 kB IP 172.67.211.29:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 89217868b38fe0cafa2e4ff8075fe513
5a4812e66b4b0903fe148319b2c50d67ee0f2050
651b4416f8eb74c85300c22769e8ffea6081a4964244d3b0dd1d0498d5e5ed89
GET /tag.min.js HTTP/1.1
Host: inklinkor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.selsabil.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 16 Oct 2022 16:49:53 GMT
content-type: text/javascript; charset=utf-8
x-trace-id: cfd3406ede22885eb867cb3b35958211
cache-control: max-age=86400
last-modified: Mon, 10 Oct 2022 14:13:04 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
expires: Mon, 17 Oct 2022 16:03:01 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 2812
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FsoiXLav%2B36iHWwqCndDpqVfZVtEcvQS07LptUll5UMdLSde9GbM%2Bvsef0ByYC%2BJgG1IdQED2YLlBFirruIRtrNkH2wAS%2BkvdwivaqmOnHqXtck0k%2FUCYMz6crTSfp44"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75b24a572f70b529-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 254c0f79943125eff7adbf9cb30d2b46
e24342391b47646fbbe9fa6a26dd95c0eadda7e5
35052bd13c72ac6c33ec3aa08ae793c5e12d2edeec5c91c9e2b2ac4762c3fc67
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 16 Oct 2022 16:49:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a4963e117027bc6fc2ce6f37bb61377a
f5e8b5a2a897d526f4d2d0b2e002fb55079a99a7
c2b27e3e53b475e65b4c15d2e0f25ed1bb136138e6e28c9221af2ce7a916c729
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C2B27E3E53B475E65B4C15D2E0F25ED1BB136138E6E28C9221AF2CE7A916C729"
Last-Modified: Sat, 15 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17094
Expires: Sun, 16 Oct 2022 21:34:47 GMT
Date: Sun, 16 Oct 2022 16:49:53 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1ef60061b2b460be540f40a6e112dec5
e906543a04842caf57fa7fb1e37ca0bcb6ca5005
f6f6085395720f1ca7488fa21321fcabbbcac51496b8c941b06effe7384187da
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F6F6085395720F1CA7488FA21321FCABBBCAC51496B8C941B06EFFE7384187DA"
Last-Modified: Sat, 15 Oct 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6499
Expires: Sun, 16 Oct 2022 18:38:12 GMT
Date: Sun, 16 Oct 2022 16:49:53 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f36ea8d778555ddc18992852003ff79c
14f1fbc38e63864012c53801371eda5eb4665fe6
24876ae548cec62c90636f5a6f56b4fdacb33e7e5490f4c7f2bc0215e2d797dc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "24876AE548CEC62C90636F5A6F56B4FDACB33E7E5490F4C7F2BC0215E2D797DC"
Last-Modified: Sun, 16 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14122
Expires: Sun, 16 Oct 2022 20:45:15 GMT
Date: Sun, 16 Oct 2022 16:49:53 GMT
Connection: keep-alive
push.services.mozilla.com/
35.81.125.88101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.81.125.88:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: XxzRTW18ONmvpKQmoxFb9g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 9f+ThMkBZrW0RRZYJOs17dszeTg=
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5d82cdd50b24f3274f4947f65c025b1f
20452a5d05b93b8acb798a66f48c47cdb6b5cc0f
d0a3e4b192176403262264fc199bce53429c4a9f2562f3a6222801e211e33a31
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D0A3E4B192176403262264FC199BCE53429C4A9F2562F3A6222801E211E33A31"
Last-Modified: Sat, 15 Oct 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10698
Expires: Sun, 16 Oct 2022 19:48:12 GMT
Date: Sun, 16 Oct 2022 16:49:54 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 20d08a73bb8f52f751143854a98ed127
4ed0ced685fcb37e26a763587066a98c9156c25c
94505122d3b69ad58a4d608a8537fa450ceac2ff5c31635661e585613bdcdd67
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94505122D3B69AD58A4D608A8537FA450CEAC2FF5C31635661E585613BDCDD67"
Last-Modified: Sat, 15 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6339
Expires: Sun, 16 Oct 2022 18:35:33 GMT
Date: Sun, 16 Oct 2022 16:49:54 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3932cc8a5ab42618f827d15415e0808b
8a06fadc253b2834a3a61e64fb30229cc82b5a1c
a98085763566fe00ba899d3cfbb1cba3f3a02f16db770d0c03bf73b33e9efb17
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A98085763566FE00BA899D3CFBB1CBA3F3A02F16DB770D0C03BF73B33E9EFB17"
Last-Modified: Sun, 16 Oct 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18346
Expires: Sun, 16 Oct 2022 21:55:40 GMT
Date: Sun, 16 Oct 2022 16:49:54 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dba296abae8302ed790b5e7109efec20
423e7a752f2ed0ccb6f8bd8e75dd04ed1ab635c8
0ba1b95d39e9bdf99940c733a8b48d994f8942de4db73b2dd98ba81f105abd7b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0BA1B95D39E9BDF99940C733A8B48D994F8942DE4DB73B2DD98BA81F105ABD7B"
Last-Modified: Sat, 15 Oct 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2690
Expires: Sun, 16 Oct 2022 17:34:44 GMT
Date: Sun, 16 Oct 2022 16:49:54 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5cb78a31ead3d3831336112099a91b11
4cc9f76cec251d3be2f0c661b99643bb6ab165cb
d7892b45a2403f949fc32491c1749b5ca1d8992423c1c5fd76ed459744c9ee8b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D7892B45A2403F949FC32491C1749B5CA1D8992423C1C5FD76ED459744C9EE8B"
Last-Modified: Sun, 16 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8436
Expires: Sun, 16 Oct 2022 19:10:30 GMT
Date: Sun, 16 Oct 2022 16:49:54 GMT
Connection: keep-alive
propu.sh/zone?pub=0&zone_id=5390672&is_mobile=false&domain=www.selsabil.com&var=&ymid=&var_3=
139.45.197.250200 OK 664 B URL HTTP/2 propu.sh/zone?pub=0&zone_id=5390672&is_mobile=false&domain=www.selsabil.com&var=&ymid=&var_3=
IP 139.45.197.250:0
File type JSON data\012- , ASCII text, with very long lines (663)
Hash 471552eb4c1076bf70364a46753dbf13
884f1cf838b917024ed444db712cff3fdd179d77
057631e22c991a40156530cb38de90dd1080340b9d1c701b9c3a8f74e2aa1537
GET /zone?pub=0&zone_id=5390672&is_mobile=false&domain=www.selsabil.com&var=&ymid=&var_3= HTTP/1.1
Host: propu.sh
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.selsabil.com/
Origin: https://www.selsabil.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 16 Oct 2022 16:49:54 GMT
content-type: application/json; charset=utf-8
content-length: 664
x-trace-id: e125ae3224b90ce7e7151869ba97948e
access-control-allow-origin: https://www.selsabil.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
nanouwho.com/42/38?z=5390671
139.45.197.242200 OK 0 B URL HTTP/2 nanouwho.com/42/38?z=5390671
IP 139.45.197.242:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /42/38?z=5390671 HTTP/1.1
Host: nanouwho.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.selsabil.com/
Cookie: scm=1; OAID=62f3cd0cba5d40faa76b533432a68037; oaidts=1665938994
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 16 Oct 2022 16:49:54 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: de843ae6422dcee42323ab0ac042382d
access-control-expose-headers: X-Sc
set-cookie: OAID=62f3cd0cba5d40faa76b533432a68037; expires=Mon, 16 Oct 2023 16:49:54 GMT; secure; SameSite=None
oaidts=1665938994; expires=Mon, 16 Oct 2023 16:49:54 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 8ceb6907e82e85fb8def6059388c6a5b
35baf6e386c6760b175fe9e2f1ccf94aa23252b7
29409c4b3a8e023a8c96dd6b87348a1523b2bcee1cd01db6cfd11fd9050d5af5
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 16 Oct 2022 16:49:54 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 13 Oct 2022 18:25:21 GMT
Expires: Thu, 20 Oct 2022 18:25:20 GMT
Etag: "35baf6e386c6760b175fe9e2f1ccf94aa23252b7"
Cache-Control: max-age=350725,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75b24a5a2e251c12-OSL
ordisposableado.com/bacf3de7736532419e53fb5256ba151d/invoke.js
192.243.59.12200 OK 9.8 kB URL HTTP/1.1 ordisposableado.com/bacf3de7736532419e53fb5256ba151d/invoke.js
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (26973), with no line terminators
Hash fadb00e5aa36a46e0b426474cdda98b6
3935662c64da605b5d5e2f58b2bd4d495c5e404c
6269ef5a7ec9515215225a2fc7dac9e6b6d5ede41f517ff989710daaaebf3f91
Analyzer Verdict Alert quad9 Sinkholed
GET /bacf3de7736532419e53fb5256ba151d/invoke.js HTTP/1.1
Host: ordisposableado.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.selsabil.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sun, 16 Oct 2022 16:49:54 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 38722dc82e9e293049ffcf304edd60c9
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
bedrapiona.com/5/5390673/?oo=1&js_build=iclick-v1.436.1
139.45.197.234200 OK 1.5 kB URL HTTP/2 bedrapiona.com/5/5390673/?oo=1&js_build=iclick-v1.436.1
IP 139.45.197.234:0
Hash 452352b8f89375ee1dfbe5d56257a912
18224f3728d9ef53a961404f0687274453bace14
d3c4fe7865cbbbd65f390f7b2a04e29bbd302d4904c9308ee88d6127bbdc9a03
GET /5/5390673/?oo=1&js_build=iclick-v1.436.1 HTTP/1.1
Host: bedrapiona.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.selsabil.com
Connection: keep-alive
Referer: https://www.selsabil.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 16 Oct 2022 16:49:54 GMT
content-type: application/json
x-trace-id: 9e67cf84dca017345f47880977e367a6
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: https://www.selsabil.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=0b12a7a55b8d41db8d3a296d31fb4af2; expires=Mon, 16 Oct 2023 16:49:54 GMT; path=/; secure; SameSite=None
oaidts=1665938994; expires=Mon, 16 Oct 2023 16:49:54 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
betotodilea.com/400/5390670
139.45.197.237200 OK 31 kB URL HTTP/2 betotodilea.com/400/5390670
IP 139.45.197.237:0
Hash ad733fe71aa818a185e0c85af3a12127
4eb1721590744cf7cae69d6ada66dc9dfd5e0ac9
bc2ad4b345c55976cf4dd71b6852ce313665c603c0256808e75e6e9d64e6d7e1
GET /400/5390670 HTTP/1.1
Host: betotodilea.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.selsabil.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 16 Oct 2022 16:49:54 GMT
content-type: application/javascript
x-trace-id: a294ef3703f88ea40daedab042e19976
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=4f99ab92434e4ef1b491f8bbf5f9ff8e; expires=Mon, 16 Oct 2023 16:49:54 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
ordisposableado.com/a8/b7/77/a8b7775c94cdfb1faee492e5bec2c8ca.js
192.243.59.12200 OK 13 kB URL HTTP/1.1 ordisposableado.com/a8/b7/77/a8b7775c94cdfb1faee492e5bec2c8ca.js
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with very long lines (37157), with no line terminators
Hash 512688e8f895de3b34be3874e97af4eb
4838fb4e271d1f43c0c8701635a564ba4bba8c0d
f1eebb85a3a70c6958f19ac9de52210402b9921eef4f43f182849affb8b63d47
Analyzer Verdict Alert quad9 Sinkholed
GET /a8/b7/77/a8b7775c94cdfb1faee492e5bec2c8ca.js HTTP/1.1
Host: ordisposableado.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.selsabil.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sun, 16 Oct 2022 16:49:54 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 268d6f524028ea3b276fe28182deb90d
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
139.45.195.254200 OK 12 B URL HTTP/1.1 fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
IP 139.45.195.254:0
File type JSON data\012- , ASCII text, with no line terminators
Hash adb4650bfc9d2a73d4dd69583b0ceb14
1ce399d6e936232aaf2192cd7903a279c5015f22
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed
Analyzer Verdict Alert quad9 Sinkholed
POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f HTTP/1.1
Host: fleraprt.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.selsabil.com/
Content-Type: text/plain;charset=UTF-8
Origin: https://www.selsabil.com
Content-Length: 1775
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Sun, 16 Oct 2022 16:50:20 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://www.selsabil.com
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 17cb64f6dc22ca42c36153502b52ef32
b5f15abe06564980326d39741174deca96801d83
ba41176c879263336a826471440bf497bb9625285d51fdac05714b85342fea7b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1960
Cache-Control: max-age=96206
Content-Type: application/ocsp-response
Date: Sun, 16 Oct 2022 16:49:54 GMT
Etag: "634b0358-118"
Expires: Mon, 17 Oct 2022 19:33:20 GMT
Last-Modified: Sat, 15 Oct 2022 19:00:40 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 280
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash f0413efff3fc4435819eea0892565002
68f2cbf9d99cbc2f3500c911fe2906ea03a6d72f
f5ebdb13ab4ad27844b4ad00d4bb79c9238bd02937bdab5dc83d0802d956895f
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=159716
Date: Sun, 16 Oct 2022 16:49:54 GMT
Etag: "634bf982-1d7"
Expires: Tue, 18 Oct 2022 13:11:50 GMT
Last-Modified: Sun, 16 Oct 2022 12:30:58 GMT
Server: ECS (nyb/1D07)
X-Cache: Miss from cloudfront
Via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: aprdSVBms_ni_sOMbq3lHNsLwD84m3cssjgDC6cridD6CYDGHWm6yQ==
Age: 2452
propu.sh/pfe/current/universal.min.js?v=3.1.398
139.45.197.250200 OK 33 kB URL HTTP/2 propu.sh/pfe/current/universal.min.js?v=3.1.398
IP 139.45.197.250:0
Hash b2f601a143e83a5cbee4496e2dc6acc5
87631e174ceffa9bb1332f832ea6d93daaecd787
b5f3453ab9205c872ef6bbb2a2421c099556320f355c4862a5042ef0e3a3d6e6
Analyzer Verdict Alert fortinet Phishing
GET /pfe/current/universal.min.js?v=3.1.398 HTTP/1.1
Host: propu.sh
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.selsabil.com/
Origin: https://www.selsabil.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 16 Oct 2022 16:49:54 GMT
content-type: application/javascript
last-modified: Thu, 13 Oct 2022 15:34:37 GMT
etag: W/"6348300d-17dc6"
access-control-allow-origin: https://www.selsabil.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
bedrapiona.com/5/5357184/?oo=1&js_build=iclick-v1.436.1
139.45.197.234403 Forbidden 7 B URL HTTP/2 bedrapiona.com/5/5357184/?oo=1&js_build=iclick-v1.436.1
IP 139.45.197.234:0
File type ASCII text, with no line terminators
Hash 758ff964ee78d0c90f3a14d8d4af8ab3
f248d30ac9849b0ead400537632beb02c9c703d1
00e3fbbf542561da72fdc5ea89cfd1405c17739dd49210252e611c3122018efe
GET /5/5357184/?oo=1&js_build=iclick-v1.436.1 HTTP/1.1
Host: bedrapiona.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.selsabil.com
Connection: keep-alive
Referer: https://www.selsabil.com/
Cookie: OAID=0b12a7a55b8d41db8d3a296d31fb4af2; oaidts=1665938994
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
server: nginx
date: Sun, 16 Oct 2022 16:49:54 GMT
content-type: text/plain; charset=utf-8
content-length: 7
access-control-allow-origin: https://www.selsabil.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
timing-allow-origin: *
X-Firefox-Spdy: h2
propu.sh/custom
139.45.197.250200 OK 0 B IP 139.45.197.250:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
OPTIONS /custom HTTP/1.1
Host: propu.sh
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.selsabil.com/
Origin: https://www.selsabil.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 16 Oct 2022 16:49:54 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://www.selsabil.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash f0413efff3fc4435819eea0892565002
68f2cbf9d99cbc2f3500c911fe2906ea03a6d72f
f5ebdb13ab4ad27844b4ad00d4bb79c9238bd02937bdab5dc83d0802d956895f
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=162013
Date: Sun, 16 Oct 2022 16:49:54 GMT
Etag: "634bf982-1d7"
Expires: Tue, 18 Oct 2022 13:50:07 GMT
Last-Modified: Sun, 16 Oct 2022 12:30:58 GMT
Server: ECS (nyb/1D12)
X-Cache: Miss from cloudfront
Via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: pDju6XDLPIVm9Pn2BgfQwt8tHRBxt2A9Y3X6sgE6Nd_VgnjRvdALDA==
Age: 4749
simplewebanalysis.com/stats
3.66.118.16200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 3.66.118.16:0
File type ASCII text, with no line terminators
Hash 337f55a75cda4f69777b829a5043104d
dca70656827b9532f3fb105dbba6bdd58e108698
e01b8216c0bc5186bc3ed3bf564b63893c469a8c18cd5d2e3ba7c7db2e711a5c
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.selsabil.com
Connection: keep-alive
Referer: https://www.selsabil.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 16 Oct 2022 16:49:54 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.selsabil.com
access-control-allow-credentials: true
set-cookie: uid_id2=81c0adca-a3a8-4ccd-bf75-c20dbd65e973:2:1; expires=Wed, 13 Oct 2032 16:49:54 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
propu.sh/custom
139.45.197.250200 OK 39 B IP 139.45.197.250:0
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Analyzer Verdict Alert fortinet Phishing
POST /custom HTTP/1.1
Host: propu.sh
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.selsabil.com/
Content-Type: application/json
Origin: https://www.selsabil.com
Content-Length: 414
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 16 Oct 2022 16:49:54 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 47a8f060db7bc14c14b4783a3bd96e39
access-control-allow-origin: https://www.selsabil.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
nanouwho.com/9?z=5390671&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww.selsabil.com%2F2020%2F05%2Fresume-science-islamique-3as-pdf.html&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=9d1ce4f285c04abea39acab48844335f
139.45.197.242204 No Content 0 B URL HTTP/2 nanouwho.com/9?z=5390671&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww.selsabil.com%2F2020%2F05%2Fresume-science-islamique-3as-pdf.html&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=9d1ce4f285c04abea39acab48844335f
IP 139.45.197.242:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
OPTIONS /9?z=5390671&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww.selsabil.com%2F2020%2F05%2Fresume-science-islamique-3as-pdf.html&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=9d1ce4f285c04abea39acab48844335f HTTP/1.1
Host: nanouwho.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.selsabil.com/
Origin: https://www.selsabil.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Sun, 16 Oct 2022 16:49:54 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://www.selsabil.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
saptorge.com/400/5357174?oo=1&oaid=9d1ce4f285c04abea39acab48844335f
139.45.197.238200 OK 1.3 kB URL HTTP/2 saptorge.com/400/5357174?oo=1&oaid=9d1ce4f285c04abea39acab48844335f
IP 139.45.197.238:0
Hash 835c4806d424fda01286d0eb5f974669
3e3c2023d46aca520de23ad538da0b1e7baf11c6
d585b6151b77e4072b1989d14cbb75af1eaf0384cd0a05ff2589bb0b0173f788
Analyzer Verdict Alert quad9 Sinkholed
GET /400/5357174?oo=1&oaid=9d1ce4f285c04abea39acab48844335f HTTP/1.1
Host: saptorge.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.selsabil.com
Connection: keep-alive
Referer: https://www.selsabil.com/
Cookie: OAID=721f5cd377c347a6a5cc5979e084d630
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 16 Oct 2022 16:49:54 GMT
content-type: application/json
x-trace-id: 6720ce2b4578251bc83ceeb98e95f7c9
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://www.selsabil.com
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=9d1ce4f285c04abea39acab48844335f; expires=Mon, 16 Oct 2023 16:49:54 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 17cb64f6dc22ca42c36153502b52ef32
b5f15abe06564980326d39741174deca96801d83
ba41176c879263336a826471440bf497bb9625285d51fdac05714b85342fea7b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1960
Cache-Control: max-age=96206
Content-Type: application/ocsp-response
Date: Sun, 16 Oct 2022 16:49:54 GMT
Etag: "634b0358-118"
Expires: Mon, 17 Oct 2022 19:33:20 GMT
Last-Modified: Sat, 15 Oct 2022 19:00:40 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 280
saptorge.com/500/5357174?excludes=&oaid=9d1ce4f285c04abea39acab48844335f&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fwww.selsabil.com%2F2020%2F05%2Fresume-science-islamique-3as-pdf.html&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.238200 OK 0 B URL HTTP/2 saptorge.com/500/5357174?excludes=&oaid=9d1ce4f285c04abea39acab48844335f&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fwww.selsabil.com%2F2020%2F05%2Fresume-science-islamique-3as-pdf.html&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.238:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
OPTIONS /500/5357174?excludes=&oaid=9d1ce4f285c04abea39acab48844335f&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fwww.selsabil.com%2F2020%2F05%2Fresume-science-islamique-3as-pdf.html&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: saptorge.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://www.selsabil.com/
Origin: https://www.selsabil.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 16 Oct 2022 16:49:54 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://www.selsabil.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-credentials: true
access-control-max-age: 600
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2
gloaphoo.net/500/5382274?excludes=&oaid=9d1ce4f285c04abea39acab48844335f&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fwww.selsabil.com%2F2020%2F05%2Fresume-science-islamique-3as-pdf.html&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.239200 OK 0 B URL HTTP/2 gloaphoo.net/500/5382274?excludes=&oaid=9d1ce4f285c04abea39acab48844335f&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fwww.selsabil.com%2F2020%2F05%2Fresume-science-islamique-3as-pdf.html&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.239:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
OPTIONS /500/5382274?excludes=&oaid=9d1ce4f285c04abea39acab48844335f&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fwww.selsabil.com%2F2020%2F05%2Fresume-science-islamique-3as-pdf.html&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: gloaphoo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://www.selsabil.com/
Origin: https://www.selsabil.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 16 Oct 2022 16:49:54 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://www.selsabil.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-credentials: true
access-control-max-age: 600
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2
nanouwho.com/27/3a63a2a43bbf0a0bb029696534151382
139.45.197.242200 OK 208 kB URL HTTP/2 nanouwho.com/27/3a63a2a43bbf0a0bb029696534151382
IP 139.45.197.242:0
File type ASCII text, with very long lines (65523)
Size 208 kB (208326 bytes)
Hash 30137d86aca71d47befa7a772801b1f6
d6ad61dd9ccc13124a59b35965f306aa9ca91c39
696dd6b7e1954a5fac900bb33f9683de4a87692b329839e2e068ad9114c839d6
Analyzer Verdict Alert quad9 Sinkholed
GET /27/3a63a2a43bbf0a0bb029696534151382 HTTP/1.1
Host: nanouwho.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.selsabil.com/
Cookie: scm=1; OAID=62f3cd0cba5d40faa76b533432a68037; oaidts=1665938994
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 16 Oct 2022 16:49:54 GMT
content-type: application/javascript
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
cache-control: max-age:290304000, public
last-modified: Thu, 13 Oct 2022 05:14:04 GMT
expires: Thu, 12 Nov 2082 05:14:04 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
nanouwho.com/11?rnd=901563861&z=5390671&b=14505326&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=aXixvaInsAlJM0NjrERDtfSZXh5HWtAsOYPbNFR15xa1eVkxxVnEF4Iojw25d82-6BeGl16r8Dgd4B4ilAWjU0alANvrFLrA1-ttLc0CkJ3E9fLmCautFssUdbs_fZ8UD_1mihUhsFvB1NMIX4Zi_5GjI3TQJzMvmd4qG63cqM2XW0n-vFht4ugid7tq-RV_Ga6yHMB5DoYbzDorsS9EB3vnMMm9Nu82bGr7AfrOxETeJ7eLbgqErwfVocE88g97TrPlc_sIR4PFs8JcarCAHOI0FSSqkd30q7rBQ6q7OlZPjDhb4P4uy-6PEDUwI3b0Y5aIYV1EneWWCtaagpR8CSVQo-BELM8dLLh10N_Wap-loMJxaEz2TSW3Sifl-XrK44zsRpbcG104ivEBDwaqwx8PfCUCvwtHkGzKdh9kNYJhk0E8x8I9S84dKo3vPc1FwWnBOiyWgpWNeUQwfVil8Dqa5kiHEQG6Qe7hxxtMbO_ARMoPlqr0KluJY6GtB7MiHxYpacAQnpwdGwx97dsizU_OQhZ3l0rBfHdvoolMvNvj-joSXdx1zOMbVf4_KiLQzvjMBTTa6IXW-KYaOsFVRPQnARZS64dB1N-y8if9pz6yTicF&ruid=842f095a-c0b0-471f-8aa4-a1636e2a9472&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww.selsabil.com%2F2020%2F05%2Fresume-science-islamique-3as-pdf.html&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&ot=256
139.45.197.242200 OK 0 B URL HTTP/2 nanouwho.com/11?rnd=901563861&z=5390671&b=14505326&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=aXixvaInsAlJM0NjrERDtfSZXh5HWtAsOYPbNFR15xa1eVkxxVnEF4Iojw25d82-6BeGl16r8Dgd4B4ilAWjU0alANvrFLrA1-ttLc0CkJ3E9fLmCautFssUdbs_fZ8UD_1mihUhsFvB1NMIX4Zi_5GjI3TQJzMvmd4qG63cqM2XW0n-vFht4ugid7tq-RV_Ga6yHMB5DoYbzDorsS9EB3vnMMm9Nu82bGr7AfrOxETeJ7eLbgqErwfVocE88g97TrPlc_sIR4PFs8JcarCAHOI0FSSqkd30q7rBQ6q7OlZPjDhb4P4uy-6PEDUwI3b0Y5aIYV1EneWWCtaagpR8CSVQo-BELM8dLLh10N_Wap-loMJxaEz2TSW3Sifl-XrK44zsRpbcG104ivEBDwaqwx8PfCUCvwtHkGzKdh9kNYJhk0E8x8I9S84dKo3vPc1FwWnBOiyWgpWNeUQwfVil8Dqa5kiHEQG6Qe7hxxtMbO_ARMoPlqr0KluJY6GtB7MiHxYpacAQnpwdGwx97dsizU_OQhZ3l0rBfHdvoolMvNvj-joSXdx1zOMbVf4_KiLQzvjMBTTa6IXW-KYaOsFVRPQnARZS64dB1N-y8if9pz6yTicF&ruid=842f095a-c0b0-471f-8aa4-a1636e2a9472&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww.selsabil.com%2F2020%2F05%2Fresume-science-islamique-3as-pdf.html&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&ot=256
IP 139.45.197.242:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /11?rnd=901563861&z=5390671&b=14505326&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=aXixvaInsAlJM0NjrERDtfSZXh5HWtAsOYPbNFR15xa1eVkxxVnEF4Iojw25d82-6BeGl16r8Dgd4B4ilAWjU0alANvrFLrA1-ttLc0CkJ3E9fLmCautFssUdbs_fZ8UD_1mihUhsFvB1NMIX4Zi_5GjI3TQJzMvmd4qG63cqM2XW0n-vFht4ugid7tq-RV_Ga6yHMB5DoYbzDorsS9EB3vnMMm9Nu82bGr7AfrOxETeJ7eLbgqErwfVocE88g97TrPlc_sIR4PFs8JcarCAHOI0FSSqkd30q7rBQ6q7OlZPjDhb4P4uy-6PEDUwI3b0Y5aIYV1EneWWCtaagpR8CSVQo-BELM8dLLh10N_Wap-loMJxaEz2TSW3Sifl-XrK44zsRpbcG104ivEBDwaqwx8PfCUCvwtHkGzKdh9kNYJhk0E8x8I9S84dKo3vPc1FwWnBOiyWgpWNeUQwfVil8Dqa5kiHEQG6Qe7hxxtMbO_ARMoPlqr0KluJY6GtB7MiHxYpacAQnpwdGwx97dsizU_OQhZ3l0rBfHdvoolMvNvj-joSXdx1zOMbVf4_KiLQzvjMBTTa6IXW-KYaOsFVRPQnARZS64dB1N-y8if9pz6yTicF&ruid=842f095a-c0b0-471f-8aa4-a1636e2a9472&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww.selsabil.com%2F2020%2F05%2Fresume-science-islamique-3as-pdf.html&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&ot=256 HTTP/1.1
Host: nanouwho.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.selsabil.com
Connection: keep-alive
Referer: https://www.selsabil.com/
Cookie: scm=1; OAID=9d1ce4f285c04abea39acab48844335f; oaidts=1665938994
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 16 Oct 2022 16:49:55 GMT
content-type: image/jpeg
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: https://www.selsabil.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: b75ca2495f12386f855f5f7c52dadff6
access-control-expose-headers: X-Sc
set-cookie: OAID=9d1ce4f285c04abea39acab48844335f; expires=Mon, 16 Oct 2023 16:49:55 GMT; secure; SameSite=None
oaidts=1665938994; expires=Mon, 16 Oct 2023 16:49:55 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 3c5d93406187812c759789771c37582b
403fa471695604f22c627a9d8b8c21ed0219ca06
13a51f1e35d06c18bc95bd018989edabe817af33f58b3ebdfeee1a09c13279a2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5985
Cache-Control: max-age=118601
Content-Type: application/ocsp-response
Date: Sun, 16 Oct 2022 16:49:55 GMT
Etag: "634b4b1b-116"
Expires: Tue, 18 Oct 2022 01:46:36 GMT
Last-Modified: Sun, 16 Oct 2022 00:06:51 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 278
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 467c98217b3c90dedabafc249207b8eb
8a0756b2c6003aaaba58cc75be784e8e283feb45
82b3ac154fd4347d2a7827d48ff7f0ccc8c0abe562cb6796a52b02e7cc9b6467
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "82B3AC154FD4347D2A7827D48FF7F0CCC8C0ABE562CB6796A52B02E7CC9B6467"
Last-Modified: Sat, 15 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8712
Expires: Sun, 16 Oct 2022 19:15:07 GMT
Date: Sun, 16 Oct 2022 16:49:55 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 467c98217b3c90dedabafc249207b8eb
8a0756b2c6003aaaba58cc75be784e8e283feb45
82b3ac154fd4347d2a7827d48ff7f0ccc8c0abe562cb6796a52b02e7cc9b6467
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "82B3AC154FD4347D2A7827D48FF7F0CCC8C0ABE562CB6796A52B02E7CC9B6467"
Last-Modified: Sat, 15 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8712
Expires: Sun, 16 Oct 2022 19:15:07 GMT
Date: Sun, 16 Oct 2022 16:49:55 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 467c98217b3c90dedabafc249207b8eb
8a0756b2c6003aaaba58cc75be784e8e283feb45
82b3ac154fd4347d2a7827d48ff7f0ccc8c0abe562cb6796a52b02e7cc9b6467
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "82B3AC154FD4347D2A7827D48FF7F0CCC8C0ABE562CB6796A52B02E7CC9B6467"
Last-Modified: Sat, 15 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8712
Expires: Sun, 16 Oct 2022 19:15:07 GMT
Date: Sun, 16 Oct 2022 16:49:55 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 023fc7d90b3dd67404b91e53015b122f
66f58640ca36b8b2b22e689d81e497c3f1b297f8
7bc796fbafdabb211d6fc96738e34e99b21fe7ddb44d049d7292784e937000d8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7BC796FBAFDABB211D6FC96738E34E99B21FE7DDB44D049D7292784E937000D8"
Last-Modified: Sat, 15 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14186
Expires: Sun, 16 Oct 2022 20:46:21 GMT
Date: Sun, 16 Oct 2022 16:49:55 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 467c98217b3c90dedabafc249207b8eb
8a0756b2c6003aaaba58cc75be784e8e283feb45
82b3ac154fd4347d2a7827d48ff7f0ccc8c0abe562cb6796a52b02e7cc9b6467
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "82B3AC154FD4347D2A7827D48FF7F0CCC8C0ABE562CB6796A52B02E7CC9B6467"
Last-Modified: Sat, 15 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8712
Expires: Sun, 16 Oct 2022 19:15:07 GMT
Date: Sun, 16 Oct 2022 16:49:55 GMT
Connection: keep-alive
propu.sh/pfe/current/tag.min.js?z=5390672
139.45.197.250200 OK 56 kB URL HTTP/2 propu.sh/pfe/current/tag.min.js?z=5390672
IP 139.45.197.250:0
Hash 70bd2eb20422b00b88b0feabf19b68c0
30fe6db9aaa277db3ca06d8ad99dd4ed23c22c76
8c5cb8256418abf59d09518da6b88d37dc3c19ccbb82c92354b302d6b2f8d6f0
GET /pfe/current/tag.min.js?z=5390672 HTTP/1.1
Host: propu.sh
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.selsabil.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 16 Oct 2022 16:49:54 GMT
content-type: application/javascript
last-modified: Thu, 13 Oct 2022 15:34:37 GMT
etag: W/"6348300d-39be"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6ea4d5d-0df9-4cfe-a9fc-e70b8e32f8ef.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6ea4d5d-0df9-4cfe-a9fc-e70b8e32f8ef.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 54edb9ab897821172fc13756df376ee7
2010f9656d87e6f5220f131628c537720c3673e1
6694c1be0adf97fa77d1bfa29337d9e609b729a58d42e141e9bb55ed6367b1d8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6ea4d5d-0df9-4cfe-a9fc-e70b8e32f8ef.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13261
x-amzn-requestid: dd760e09-701e-4956-9723-386edc97c694
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Z0fH6FzIoAMFzJg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6344deff-197cf4f048e146af5654d0bd;Sampled=0
x-amzn-remapped-date: Tue, 11 Oct 2022 03:11:59 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: FG87tXqLw2s9wd8SpMNGbYzroLHz4inDaCGnUMOUKhvEqSvqfBwR4A==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 16 Oct 2022 05:08:57 GMT
age: 42058
etag: "2010f9656d87e6f5220f131628c537720c3673e1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F89b2ee08-a53a-4763-aca2-fe23fd25f3d1.jpeg
34.120.237.76200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F89b2ee08-a53a-4763-aca2-fe23fd25f3d1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash df5f38c3dc43ccc382d0274bffb6b350
9a305072cce8bb61ca3753bb98b999695fb4706e
20ff21892e65787fecbadca0f59c05e54dee3a1359271839dab0ee5c9e796ab0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F89b2ee08-a53a-4763-aca2-fe23fd25f3d1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6367
x-amzn-requestid: 485c3cf9-d305-4540-8eef-8304d1103ccc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aEL5EHbOoAMFWsA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634b26a0-2ac206d826bf23193740e74c;Sampled=0
x-amzn-remapped-date: Sat, 15 Oct 2022 21:31:12 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: FDpKbEtkkBwyl0pq3hI50XU9_5Qk43D5_CCq2mdq6phymrT0Op_wzg==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 15 Oct 2022 22:00:32 GMT
age: 67763
etag: "9a305072cce8bb61ca3753bb98b999695fb4706e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
gloaphoo.net/401/5382274
139.45.197.239200 OK 39 kB IP 139.45.197.239:0
Hash 4d936a268d1b53231356065754702857
4ea3e015a0804daaebe40517c266b633e8081d79
3877c4c0eaf268c8aecbd28a81d6685d636d281ec9ebff5ef3b2fa97d29b7683
Analyzer Verdict Alert quad9 Sinkholed
GET /401/5382274 HTTP/1.1
Host: gloaphoo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.selsabil.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 16 Oct 2022 16:49:54 GMT
content-type: application/javascript
x-trace-id: a456bc9b1ff6801727432355f515396f
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=b8b8aae111244bbc86c324270ef41d95; expires=Mon, 16 Oct 2023 16:49:54 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbdbc5b51-a9c2-4f99-ad40-8ab061924326.jpeg
34.120.237.76200 OK 7.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbdbc5b51-a9c2-4f99-ad40-8ab061924326.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cd94762992136ed2f4d24dd34a745154
2050cee63f8005c5d9ac1a817730ada51b323f34
4548836d8846da958f477e1df952f6da9b9640e204804a7c76194d3e061b90a4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbdbc5b51-a9c2-4f99-ad40-8ab061924326.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7082
x-amzn-requestid: 5e98988f-faad-4e52-a49f-28d5a77b15d4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aEL46HFloAMFSag=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634b269f-6759e36c79241479181c1d05;Sampled=0
x-amzn-remapped-date: Sat, 15 Oct 2022 21:31:11 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: u2l4A1Vt7WLHe9NdaSFyBhwnBo9XfI3n5bXqpv8MGUXl7YaywUknJQ==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Sat, 15 Oct 2022 21:37:09 GMT
age: 69166
etag: "2050cee63f8005c5d9ac1a817730ada51b323f34"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
nanouwho.com/1?z=5390671
139.45.197.242200 OK 11 kB IP 139.45.197.242:0
Hash db0e8f20f551a890b13d97fcb4a458de
ab01e2af9c64baf0fed464708892246deccf7249
b3ba43b1ff517ae27a2fcdd41ce3f9e109f3c04691d13329e15a1b99359ad939
Analyzer Verdict Alert quad9 Sinkholed
GET /1?z=5390671 HTTP/1.1
Host: nanouwho.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.selsabil.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 16 Oct 2022 16:49:54 GMT
content-type: text/javascript
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: 5414b16c1221b9dda09d11fe9cdd3aa2
access-control-expose-headers: X-Sc
x-sc: amZ9XLbBWH74uU9Jk360rlhD_2kAPo6dm-8WSM1Szb69h83FrLqESShe0ygTbeNt2iBy9pyc5MLOsgJ_7bv1-g_JiTI=
set-cookie: scm=1; expires=Mon, 16 Oct 2023 16:49:54 GMT; secure; SameSite=None
OAID=62f3cd0cba5d40faa76b533432a68037; expires=Mon, 16 Oct 2023 16:49:54 GMT; secure; SameSite=None
oaidts=1665938994; expires=Mon, 16 Oct 2023 16:49:54 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4cebbc75-2448-4faf-839b-c39ac6e47b98.jpeg
34.120.237.76200 OK 7.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4cebbc75-2448-4faf-839b-c39ac6e47b98.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6432c2bf0bab32f918d931dd98a6e1e4
bba4f37b146e5aea2b6490f8f7da63fa61ffc849
bde0d98cb1dcd70f22cd2aee5860eb0cd824d1bb12ab18245ab8eed06a79cf1d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4cebbc75-2448-4faf-839b-c39ac6e47b98.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7337
x-amzn-requestid: 43a16c4d-c5b9-4d01-8ba4-e811b09e96b1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Z-WYqEwVoAMFe5A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6348d104-121eda8b7a73518849342e7a;Sampled=0
x-amzn-remapped-date: Fri, 14 Oct 2022 03:01:24 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: z8x5zYoU_lGHWGt8ZhQFB6G9gS1Q4YhG_AxOdLCqIpZkXp_-f45ExA==
via: 1.1 25b9a991f871f75614e7f92f97b136a4.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Sun, 16 Oct 2022 05:16:13 GMT
age: 41622
etag: "bba4f37b146e5aea2b6490f8f7da63fa61ffc849"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
betotodilea.com/500/5390670?excludes=&oaid=9d1ce4f285c04abea39acab48844335f&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fwww.selsabil.com%2F2020%2F05%2Fresume-science-islamique-3as-pdf.html&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.237200 OK 0 B URL HTTP/2 betotodilea.com/500/5390670?excludes=&oaid=9d1ce4f285c04abea39acab48844335f&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fwww.selsabil.com%2F2020%2F05%2Fresume-science-islamique-3as-pdf.html&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.237:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /500/5390670?excludes=&oaid=9d1ce4f285c04abea39acab48844335f&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fwww.selsabil.com%2F2020%2F05%2Fresume-science-islamique-3as-pdf.html&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: betotodilea.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://www.selsabil.com/
Origin: https://www.selsabil.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 16 Oct 2022 16:49:55 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://www.selsabil.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-credentials: true
access-control-max-age: 600
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f34b288d94497198bdbf2417049515ec
f58076b78be7a75b680647892ac42183a18ce12f
cc3f9276694f4aab0292f19c48a63cab2ca77f641495717f43c79b3c7eb25466
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CC3F9276694F4AAB0292F19C48A63CAB2CA77F641495717F43C79B3C7EB25466"
Last-Modified: Fri, 14 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=966
Expires: Sun, 16 Oct 2022 17:06:01 GMT
Date: Sun, 16 Oct 2022 16:49:55 GMT
Connection: keep-alive
interstitial-07.com/contents/s/f5/33/c9/3ff5b28ce50b1e6b9a5843d9f4/0744334562399.jpeg
139.45.197.154200 OK 20 kB URL HTTP/2 interstitial-07.com/contents/s/f5/33/c9/3ff5b28ce50b1e6b9a5843d9f4/0744334562399.jpeg
IP 139.45.197.154:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 256x256, components 3\012- data
Hash f533c93ff5b28ce50b1e6b9a5843d9f4
5483d2e7294716667f86cb07ad337e7b54409484
8037f98d491aa24e53a11eadf7cdc588d4a134b289955acca1f298379702ce81
GET /contents/s/f5/33/c9/3ff5b28ce50b1e6b9a5843d9f4/0744334562399.jpeg HTTP/1.1
Host: interstitial-07.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://interstitial-07.com/?l=5KiJw7BDBzgssAn&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fnanouwho.com%2F12%3Frnd%3D3475071755%26z%3D5390671%26b%3D14505326%26c%3D5990211%26var%3D%26d%3Dhttp%253A%252F%252Ftryhardnow.com%252Fbase.php%253Fc%253D350%2526key%253D2c1f9aa01554345b3025ac0d005c7bea%2526zoneid%253D%257Bzoneid%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3DaXixvaInsAlJM0NjrERDtfSZXh5HWtAsOYPbNFR15xa1eVkxxVnEF4Iojw25d82-6BeGl16r8Dgd4B4ilAWjU0alANvrFLrA1-ttLc0CkJ3E9fLmCautFssUdbs_fZ8UD_1mihUhsFvB1NMIX4Zi_5GjI3TQJzMvmd4qG63cqM2XW0n-vFht4ugid7tq-RV_Ga6yHMB5DoYbzDorsS9EB3vnMMm9Nu82bGr7AfrOxETeJ7eLbgqErwfVocE88g97TrPlc_sIR4PFs8JcarCAHOI0FSSqkd30q7rBQ6q7OlZPjDhb4P4uy-6PEDUwI3b0Y5aIYV1EneWWCtaagpR8CSVQo-BELM8dLLh10N_Wap-loMJxaEz2TSW3Sifl-XrK44zsRpbcG104ivEBDwaqwx8PfCUCvwtHkGzKdh9kNYJhk0E8x8I9S84dKo3vPc1FwWnBOiyWgpWNeUQwfVil8Dqa5kiHEQG6Qe7hxxtMbO_ARMoPlqr0KluJY6GtB7MiHxYpacAQnpwdGwx97dsizU_OQhZ3l0rBfHdvoolMvNvj-joSXdx1zOMbVf4_KiLQzvjMBTTa6IXW-KYaOsFVRPQnARZS64dB1N-y8if9pz6yTicF%26bag%3DaXppJzo0txTORmg9Yt646Q%3D%3D%26ruid%3D842f095a-c0b0-471f-8aa4-a1636e2a9472%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fwww.selsabil.com%252F2020%252F05%252Fresume-science-islamique-3as-pdf.html%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1268%26wiw%3D1280%26wih%3D939%26wfc%3D0%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 16 Oct 2022 16:49:55 GMT
content-type: image/jpeg
content-length: 20112
last-modified: Wed, 19 Jan 2022 15:54:56 GMT
etag: "61e83450-4e90"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ec2de28f2b1a45e0aec10642fd5a5bf7
9ac6fdf95a77d6d670dc704ed90e75c116ca53dd
7334365ad09803cb803f426f4e049eb7362ab8266c334623d6fa8f239a0f5fbd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7334365AD09803CB803F426F4E049EB7362AB8266C334623D6FA8F239A0F5FBD"
Last-Modified: Sat, 15 Oct 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9113
Expires: Sun, 16 Oct 2022 19:21:48 GMT
Date: Sun, 16 Oct 2022 16:49:55 GMT
Connection: keep-alive
interstitial-07.com/contents/s/5e/9b/98/c047812bb48d9b12a9d78bb7ba/0865874287824.jpeg
139.45.197.154200 OK 52 kB URL HTTP/2 interstitial-07.com/contents/s/5e/9b/98/c047812bb48d9b12a9d78bb7ba/0865874287824.jpeg
IP 139.45.197.154:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 492x328, components 3\012- data
Hash 5e9b98c047812bb48d9b12a9d78bb7ba
a55f54b8b3cc2cc1a76e9a13979e007961d59fa4
7410b691e0099ec4f7bf23af1234f23e6823b0fa973366ccb472844c4b782fdd
GET /contents/s/5e/9b/98/c047812bb48d9b12a9d78bb7ba/0865874287824.jpeg HTTP/1.1
Host: interstitial-07.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://interstitial-07.com/?l=5KiJw7BDBzgssAn&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fnanouwho.com%2F12%3Frnd%3D3475071755%26z%3D5390671%26b%3D14505326%26c%3D5990211%26var%3D%26d%3Dhttp%253A%252F%252Ftryhardnow.com%252Fbase.php%253Fc%253D350%2526key%253D2c1f9aa01554345b3025ac0d005c7bea%2526zoneid%253D%257Bzoneid%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3DaXixvaInsAlJM0NjrERDtfSZXh5HWtAsOYPbNFR15xa1eVkxxVnEF4Iojw25d82-6BeGl16r8Dgd4B4ilAWjU0alANvrFLrA1-ttLc0CkJ3E9fLmCautFssUdbs_fZ8UD_1mihUhsFvB1NMIX4Zi_5GjI3TQJzMvmd4qG63cqM2XW0n-vFht4ugid7tq-RV_Ga6yHMB5DoYbzDorsS9EB3vnMMm9Nu82bGr7AfrOxETeJ7eLbgqErwfVocE88g97TrPlc_sIR4PFs8JcarCAHOI0FSSqkd30q7rBQ6q7OlZPjDhb4P4uy-6PEDUwI3b0Y5aIYV1EneWWCtaagpR8CSVQo-BELM8dLLh10N_Wap-loMJxaEz2TSW3Sifl-XrK44zsRpbcG104ivEBDwaqwx8PfCUCvwtHkGzKdh9kNYJhk0E8x8I9S84dKo3vPc1FwWnBOiyWgpWNeUQwfVil8Dqa5kiHEQG6Qe7hxxtMbO_ARMoPlqr0KluJY6GtB7MiHxYpacAQnpwdGwx97dsizU_OQhZ3l0rBfHdvoolMvNvj-joSXdx1zOMbVf4_KiLQzvjMBTTa6IXW-KYaOsFVRPQnARZS64dB1N-y8if9pz6yTicF%26bag%3DaXppJzo0txTORmg9Yt646Q%3D%3D%26ruid%3D842f095a-c0b0-471f-8aa4-a1636e2a9472%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fwww.selsabil.com%252F2020%252F05%252Fresume-science-islamique-3as-pdf.html%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1268%26wiw%3D1280%26wih%3D939%26wfc%3D0%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 16 Oct 2022 16:49:55 GMT
content-type: image/jpeg
content-length: 51805
last-modified: Wed, 19 Jan 2022 15:54:55 GMT
etag: "61e8344f-ca5d"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
X-Firefox-Spdy: h2
unphionetor.com/vctx?t=72747
139.45.197.236204 No Content 0 B URL HTTP/2 unphionetor.com/vctx?t=72747
IP 139.45.197.236:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /vctx?t=72747 HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://interstitial-07.com
Connection: keep-alive
Referer: https://interstitial-07.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Sun, 16 Oct 2022 16:49:55 GMT
access-control-allow-origin: https://interstitial-07.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: a621807669a9bdcd1b4a23f896aabf2e
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
www.profitabledisplaycontent.com/watch.1152059403212.js?key=bacf3de7736532419e53fb5256ba151d&kw=%5B%22%D9%85%D9%84%D8%AE%D8%B5%22%2C%22%D8%AF%D8%B1%D9%88%D8%B3%22%2C%22%D8%A7%D9%84%D8%B9%D9%84%D9%88%D9%85%22%2C%22%D8%A7%D9%84%D8%A7%D8%B3%D9%84%D8%A7%D9%85%D9%8A%D8%A9%22%2C%22%D9%84%D9%84%D8%B3%D9%86%D8%A9%22%2C%22%D8%A7%D9%84%D8%AB%D8%A7%D9%84%D8%AB%D8%A9%22%2C%22%D8%AB%D8%A7%D9%86%D9%88%D9%8A%22%2C%22pdf%22%5D&refer=https%3A%2F%2Fwww.selsabil.com%2F2020%2F05%2Fresume-science-islamique-3as-pdf.html&tz=0&dev=r&res=12.31&uuid=b693c846-daea-4cf5-bd37-2d5ad96e5909%3A2%3A1
192.243.61.227307 Temporary Redirect 0 B URL HTTP/1.1 www.profitabledisplaycontent.com/watch.1152059403212.js?key=bacf3de7736532419e53fb5256ba151d&kw=%5B%22%D9%85%D9%84%D8%AE%D8%B5%22%2C%22%D8%AF%D8%B1%D9%88%D8%B3%22%2C%22%D8%A7%D9%84%D8%B9%D9%84%D9%88%D9%85%22%2C%22%D8%A7%D9%84%D8%A7%D8%B3%D9%84%D8%A7%D9%85%D9%8A%D8%A9%22%2C%22%D9%84%D9%84%D8%B3%D9%86%D8%A9%22%2C%22%D8%A7%D9%84%D8%AB%D8%A7%D9%84%D8%AB%D8%A9%22%2C%22%D8%AB%D8%A7%D9%86%D9%88%D9%8A%22%2C%22pdf%22%5D&refer=https%3A%2F%2Fwww.selsabil.com%2F2020%2F05%2Fresume-science-islamique-3as-pdf.html&tz=0&dev=r&res=12.31&uuid=b693c846-daea-4cf5-bd37-2d5ad96e5909%3A2%3A1
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /watch.1152059403212.js?key=bacf3de7736532419e53fb5256ba151d&kw=%5B%22%D9%85%D9%84%D8%AE%D8%B5%22%2C%22%D8%AF%D8%B1%D9%88%D8%B3%22%2C%22%D8%A7%D9%84%D8%B9%D9%84%D9%88%D9%85%22%2C%22%D8%A7%D9%84%D8%A7%D8%B3%D9%84%D8%A7%D9%85%D9%8A%D8%A9%22%2C%22%D9%84%D9%84%D8%B3%D9%86%D8%A9%22%2C%22%D8%A7%D9%84%D8%AB%D8%A7%D9%84%D8%AB%D8%A9%22%2C%22%D8%AB%D8%A7%D9%86%D9%88%D9%8A%22%2C%22pdf%22%5D&refer=https%3A%2F%2Fwww.selsabil.com%2F2020%2F05%2Fresume-science-islamique-3as-pdf.html&tz=0&dev=r&res=12.31&uuid=b693c846-daea-4cf5-bd37-2d5ad96e5909%3A2%3A1 HTTP/1.1
Host: www.profitabledisplaycontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.selsabil.com
Connection: keep-alive
Referer: https://www.selsabil.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.22.0
Date: Sun, 16 Oct 2022 16:49:55 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.selsabil.com
Access-Control-Allow-Origin: https://www.selsabil.com
Access-Control-Allow-Credentials: true
Location: https://www.profitabledisplaycontent.com/watch.1152059403212.js?key=bacf3de7736532419e53fb5256ba151d&kw=%5B%22%D9%85%D9%84%D8%AE%D8%B5%22%2C%22%D8%AF%D8%B1%D9%88%D8%B3%22%2C%22%D8%A7%D9%84%D8%B9%D9%84%D9%88%D9%85%22%2C%22%D8%A7%D9%84%D8%A7%D8%B3%D9%84%D8%A7%D9%85%D9%8A%D8%A9%22%2C%22%D9%84%D9%84%D8%B3%D9%86%D8%A9%22%2C%22%D8%A7%D9%84%D8%AB%D8%A7%D9%84%D8%AB%D8%A9%22%2C%22%D8%AB%D8%A7%D9%86%D9%88%D9%8A%22%2C%22pdf%22%5D&refer=https%3A%2F%2Fwww.selsabil.com%2F2020%2F05%2Fresume-science-islamique-3as-pdf.html&tz=0&dev=r&res=12.31&uuid=b693c846-daea-4cf5-bd37-2d5ad96e5909%3A2%3A1&shu=266141946c39591cbcdd5116ef36fca4834aa5e4a90d558bdbe1d848ea055260357fee763270c402a7ec2e16598a22ea72418158c33bc228d3ac23bdaaee854fe26e2d612b04580fe9b186c67112d1dbf7311b37&pst=1665939055&rmtc=t
Set-Cookie: u_pl=14407649; expires=Mon, 17 Oct 2022 16:49:55 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNDQwNzY0OSwiayI6ImJhY2YzZGU3NzM2NTMyNDE5ZTUzZmI1MjU2YmExNTFkIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxMDA2NDcsInBpZCI6ODA3NTAsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MjEsImFpZCI6MzIsInB0Ijo0LCJwayI6InV5M2I5eXNiIiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjc5OTU0MTk2LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjExNjY3MCwiYm4iOiJGaXJlZm94IiwiYnYiOiI5Ni4wIiwid3YiOmZhbHNlLCJlIjpmYWxzZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL3d3dy5zZWxzYWJpbC5jb20vMjAyMC8wNS9yZXN1bWUtc2NpZW5jZS1pc2xhbWlxdWUtM2FzLXBkZi5odG1sIn19.seaB74dCbtmt9A5frJ4kQ-G_CbH6Cjy8sJ0b0TZe99Q; expires=Sun, 16 Oct 2022 16:50:55 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 9badf6b063a813af0760765bba156d30
Strict-Transport-Security: max-age=0; includeSubdomains
betotodilea.com/500/5390670?excludes=&oaid=9d1ce4f285c04abea39acab48844335f&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fwww.selsabil.com%2F2020%2F05%2Fresume-science-islamique-3as-pdf.html&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.237200 OK 67 kB URL HTTP/2 betotodilea.com/500/5390670?excludes=&oaid=9d1ce4f285c04abea39acab48844335f&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fwww.selsabil.com%2F2020%2F05%2Fresume-science-islamique-3as-pdf.html&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.237:0
Hash 0560bbea98f14920d5dd7fa2a0026662
3f7e6b7e09ddee0fa7f84729d246058eaeec5bc7
a9f4f263ab77c24dd8c3ce01ca2c6f1b9a72386d024146ec8ff9cef22964d7b9
GET /500/5390670?excludes=&oaid=9d1ce4f285c04abea39acab48844335f&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Fwww.selsabil.com%2F2020%2F05%2Fresume-science-islamique-3as-pdf.html&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: betotodilea.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://www.selsabil.com
Connection: keep-alive
Referer: https://www.selsabil.com/
Cookie: OAID=9d1ce4f285c04abea39acab48844335f
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 16 Oct 2022 16:49:55 GMT
content-type: application/javascript
x-trace-id: 46d069d9c90862b522b42da19c85b8fd
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://www.selsabil.com
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=9d1ce4f285c04abea39acab48844335f; expires=Mon, 16 Oct 2023 16:49:55 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 51888e524274dd5a9f545aaf74dc773d
f92d558999c2ac533d872c5a57ac65465456f3f1
cb956fb32fc9ad87e0ea3e114e0d0a68bf3eb8b0015a0125349ad5e63d6b47ef
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CB956FB32FC9AD87E0EA3E114E0D0A68BF3EB8B0015A0125349AD5E63D6B47EF"
Last-Modified: Fri, 14 Oct 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2643
Expires: Sun, 16 Oct 2022 17:33:58 GMT
Date: Sun, 16 Oct 2022 16:49:55 GMT
Connection: keep-alive
unphionetor.com/vbl?t=72747&bid=undefined&aid=undefined
139.45.197.236204 No Content 0 B URL HTTP/2 unphionetor.com/vbl?t=72747&bid=undefined&aid=undefined
IP 139.45.197.236:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
POST /vbl?t=72747&bid=undefined&aid=undefined HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://interstitial-07.com
Connection: keep-alive
Referer: https://interstitial-07.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Sun, 16 Oct 2022 16:49:55 GMT
access-control-allow-origin: https://interstitial-07.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: bb8cb5c211ea917515c6f8a232711cd7
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
unphionetor.com/fv.js?t=72747&cb=1370187748
139.45.197.236200 OK 4.2 kB URL HTTP/2 unphionetor.com/fv.js?t=72747&cb=1370187748
IP 139.45.197.236:0
File type ASCII text, with very long lines (5226)
Hash 2c204671e5a49ac276d43bd82b0d373c
01e8a0a50b5667b928efada0399b2953e60e23ab
f24f2cf9a519650ec5d45cd1fa9b0bd1940e49dfbcb9c46651949f3ef7cf190b
Analyzer Verdict Alert quad9 Sinkholed
GET /fv.js?t=72747&cb=1370187748 HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://interstitial-07.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 16 Oct 2022 16:49:55 GMT
content-type: text/javascript; charset=utf8
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 5d712a0e430d9aed7b508846f1570518
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
massacreintentionalmemorize.com/sbar.json?key=a8b7775c94cdfb1faee492e5bec2c8ca&uuid=81c0adca-a3a8-4ccd-bf75-c20dbd65e973%3A2%3A1
173.233.137.52200 OK 4.3 kB URL HTTP/1.1 massacreintentionalmemorize.com/sbar.json?key=a8b7775c94cdfb1faee492e5bec2c8ca&uuid=81c0adca-a3a8-4ccd-bf75-c20dbd65e973%3A2%3A1
IP 173.233.137.52:0
File type JSON data\012- , ASCII text, with very long lines (6141), with no line terminators
Hash 1e5e19c6ff51faab8bd8cfb89154be6d
8cb883a4c6eb924d07ba8aeca8e4a116f81ee5e4
db3018be8aee3f2bcaefcceeeefac3a276dde4685662255c76a8133138ee5602
Analyzer Verdict Alert quad9 Sinkholed
GET /sbar.json?key=a8b7775c94cdfb1faee492e5bec2c8ca&uuid=81c0adca-a3a8-4ccd-bf75-c20dbd65e973%3A2%3A1 HTTP/1.1
Host: massacreintentionalmemorize.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.selsabil.com
Connection: keep-alive
Referer: https://www.selsabil.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 16 Oct 2022 16:49:55 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.selsabil.com
Access-Control-Allow-Origin: https://www.selsabil.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=17214981; expires=Mon, 17 Oct 2022 16:49:55 GMT; secure; SameSite=None
uid_id2=81c0adca-a3a8-4ccd-bf75-c20dbd65e973:2:1; expires=Sun, 23 Oct 2022 16:49:55 GMT; secure; SameSite=None
pdhtkv=true; expires=Mon, 17 Oct 2022 16:49:55 GMT; secure; SameSite=None
uncs=1; expires=Mon, 17 Oct 2022 16:49:55 GMT; secure; SameSite=None
pdhtkv29=true; expires=Mon, 17 Oct 2022 16:49:55 GMT; secure; SameSite=None
uncs29=1; expires=Mon, 17 Oct 2022 16:49:55 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 9906ce4b92092ebedcd6fbd2949dda87
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6d2abc1cad422cde0ca979cb4ec2a6f3
ac94a144d5e7042a63205cac83d8708a074934a4
74fc961bfa1c4f2be02481536d37167414552867779f300beedbfbf284b275fe
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 16 Oct 2022 16:49:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6d2abc1cad422cde0ca979cb4ec2a6f3
ac94a144d5e7042a63205cac83d8708a074934a4
74fc961bfa1c4f2be02481536d37167414552867779f300beedbfbf284b275fe
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 16 Oct 2022 16:49:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 5f309b801fdcff49c832652cf9f67fed
f0b6a27d0995fd7fd40f23ee385f8fe1fd752c13
53663428a1b73aeee2fc68815b072ad9ced52bfd3726416aaab332c29eb3aab6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 16 Oct 2022 16:49:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 5f309b801fdcff49c832652cf9f67fed
f0b6a27d0995fd7fd40f23ee385f8fe1fd752c13
53663428a1b73aeee2fc68815b072ad9ced52bfd3726416aaab332c29eb3aab6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 16 Oct 2022 16:49:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9f54a5e8bc9df618c759b36171c3dc59
daa13f44d63b193afc97b0f174b933aa20cb4f05
3b64fc1e4fb9f3f723929f5b66eecff56ffad04b823db4a168d363f5232314bb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3B64FC1E4FB9F3F723929F5B66EECFF56FFAD04B823DB4A168D363F5232314BB"
Last-Modified: Sat, 15 Oct 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11001
Expires: Sun, 16 Oct 2022 19:53:16 GMT
Date: Sun, 16 Oct 2022 16:49:55 GMT
Connection: keep-alive
interstitial-07.com/?l=5KiJw7BDBzgssAn&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fnanouwho.com%2F12%3Frnd%3D3475071755%26z%3D5390671%26b%3D14505326%26c%3D5990211%26var%3D%26d%3Dhttp%253A%252F%252Ftryhardnow.com%252Fbase.php%253Fc%253D350%2526key%253D2c1f9aa01554345b3025ac0d005c7bea%2526zoneid%253D%257Bzoneid%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3DaXixvaInsAlJM0NjrERDtfSZXh5HWtAsOYPbNFR15xa1eVkxxVnEF4Iojw25d82-6BeGl16r8Dgd4B4ilAWjU0alANvrFLrA1-ttLc0CkJ3E9fLmCautFssUdbs_fZ8UD_1mihUhsFvB1NMIX4Zi_5GjI3TQJzMvmd4qG63cqM2XW0n-vFht4ugid7tq-RV_Ga6yHMB5DoYbzDorsS9EB3vnMMm9Nu82bGr7AfrOxETeJ7eLbgqErwfVocE88g97TrPlc_sIR4PFs8JcarCAHOI0FSSqkd30q7rBQ6q7OlZPjDhb4P4uy-6PEDUwI3b0Y5aIYV1EneWWCtaagpR8CSVQo-BELM8dLLh10N_Wap-loMJxaEz2TSW3Sifl-XrK44zsRpbcG104ivEBDwaqwx8PfCUCvwtHkGzKdh9kNYJhk0E8x8I9S84dKo3vPc1FwWnBOiyWgpWNeUQwfVil8Dqa5kiHEQG6Qe7hxxtMbO_ARMoPlqr0KluJY6GtB7MiHxYpacAQnpwdGwx97dsizU_OQhZ3l0rBfHdvoolMvNvj-joSXdx1zOMbVf4_KiLQzvjMBTTa6IXW-KYaOsFVRPQnARZS64dB1N-y8if9pz6yTicF%26bag%3DaXppJzo0txTORmg9Yt646Q%3D%3D%26ruid%3D842f095a-c0b0-471f-8aa4-a1636e2a9472%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fwww.selsabil.com%252F2020%252F05%252Fresume-science-islamique-3as-pdf.html%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1268%26wiw%3D1280%26wih%3D939%26wfc%3D0%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
139.45.197.154200 OK 28 kB URL HTTP/2 interstitial-07.com/?l=5KiJw7BDBzgssAn&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fnanouwho.com%2F12%3Frnd%3D3475071755%26z%3D5390671%26b%3D14505326%26c%3D5990211%26var%3D%26d%3Dhttp%253A%252F%252Ftryhardnow.com%252Fbase.php%253Fc%253D350%2526key%253D2c1f9aa01554345b3025ac0d005c7bea%2526zoneid%253D%257Bzoneid%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3DaXixvaInsAlJM0NjrERDtfSZXh5HWtAsOYPbNFR15xa1eVkxxVnEF4Iojw25d82-6BeGl16r8Dgd4B4ilAWjU0alANvrFLrA1-ttLc0CkJ3E9fLmCautFssUdbs_fZ8UD_1mihUhsFvB1NMIX4Zi_5GjI3TQJzMvmd4qG63cqM2XW0n-vFht4ugid7tq-RV_Ga6yHMB5DoYbzDorsS9EB3vnMMm9Nu82bGr7AfrOxETeJ7eLbgqErwfVocE88g97TrPlc_sIR4PFs8JcarCAHOI0FSSqkd30q7rBQ6q7OlZPjDhb4P4uy-6PEDUwI3b0Y5aIYV1EneWWCtaagpR8CSVQo-BELM8dLLh10N_Wap-loMJxaEz2TSW3Sifl-XrK44zsRpbcG104ivEBDwaqwx8PfCUCvwtHkGzKdh9kNYJhk0E8x8I9S84dKo3vPc1FwWnBOiyWgpWNeUQwfVil8Dqa5kiHEQG6Qe7hxxtMbO_ARMoPlqr0KluJY6GtB7MiHxYpacAQnpwdGwx97dsizU_OQhZ3l0rBfHdvoolMvNvj-joSXdx1zOMbVf4_KiLQzvjMBTTa6IXW-KYaOsFVRPQnARZS64dB1N-y8if9pz6yTicF%26bag%3DaXppJzo0txTORmg9Yt646Q%3D%3D%26ruid%3D842f095a-c0b0-471f-8aa4-a1636e2a9472%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fwww.selsabil.com%252F2020%252F05%252Fresume-science-islamique-3as-pdf.html%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1268%26wiw%3D1280%26wih%3D939%26wfc%3D0%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
IP 139.45.197.154:0
Hash 5d615f1e9ed2490642271a518a0f8d87
0098dd4790b475f04b1d14076b9b3d2a85a0f3f5
a335f25be3d6ad8911ab0874d96839226904d83cd707a2fcbd87732cc6a06c2a
GET /?l=5KiJw7BDBzgssAn&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fnanouwho.com%2F12%3Frnd%3D3475071755%26z%3D5390671%26b%3D14505326%26c%3D5990211%26var%3D%26d%3Dhttp%253A%252F%252Ftryhardnow.com%252Fbase.php%253Fc%253D350%2526key%253D2c1f9aa01554345b3025ac0d005c7bea%2526zoneid%253D%257Bzoneid%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3DaXixvaInsAlJM0NjrERDtfSZXh5HWtAsOYPbNFR15xa1eVkxxVnEF4Iojw25d82-6BeGl16r8Dgd4B4ilAWjU0alANvrFLrA1-ttLc0CkJ3E9fLmCautFssUdbs_fZ8UD_1mihUhsFvB1NMIX4Zi_5GjI3TQJzMvmd4qG63cqM2XW0n-vFht4ugid7tq-RV_Ga6yHMB5DoYbzDorsS9EB3vnMMm9Nu82bGr7AfrOxETeJ7eLbgqErwfVocE88g97TrPlc_sIR4PFs8JcarCAHOI0FSSqkd30q7rBQ6q7OlZPjDhb4P4uy-6PEDUwI3b0Y5aIYV1EneWWCtaagpR8CSVQo-BELM8dLLh10N_Wap-loMJxaEz2TSW3Sifl-XrK44zsRpbcG104ivEBDwaqwx8PfCUCvwtHkGzKdh9kNYJhk0E8x8I9S84dKo3vPc1FwWnBOiyWgpWNeUQwfVil8Dqa5kiHEQG6Qe7hxxtMbO_ARMoPlqr0KluJY6GtB7MiHxYpacAQnpwdGwx97dsizU_OQhZ3l0rBfHdvoolMvNvj-joSXdx1zOMbVf4_KiLQzvjMBTTa6IXW-KYaOsFVRPQnARZS64dB1N-y8if9pz6yTicF%26bag%3DaXppJzo0txTORmg9Yt646Q%3D%3D%26ruid%3D842f095a-c0b0-471f-8aa4-a1636e2a9472%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fwww.selsabil.com%252F2020%252F05%252Fresume-science-islamique-3as-pdf.html%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1268%26wiw%3D1280%26wih%3D939%26wfc%3D0%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0 HTTP/1.1
Host: interstitial-07.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.selsabil.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 16 Oct 2022 16:49:55 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.4.26
set-cookie: reverse=zuFx-idLEYLMfjE7aJ1IOLIDh_DlSKt29VT5CoqwGWM; expires=Sun, 16-Oct-2022 17:49:55 GMT; Max-Age=3600; path=/
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-encoding: gzip
X-Firefox-Spdy: h2
www.blogger.com/dyn-css/authorization.css?targetBlogID=8398339737043528597&zx=e87d4dc5-1aa2-42cb-818b-51512e7a8bad
216.58.207.201200 OK 21 B URL HTTP/2 www.blogger.com/dyn-css/authorization.css?targetBlogID=8398339737043528597&zx=e87d4dc5-1aa2-42cb-818b-51512e7a8bad
IP 216.58.207.201:0
File type very short file (no magic)
Hash a62e4d501434033d5d177e67d3aafdd0
34f7300c9ed47334cf10826d57af785321e3138b
b0cabcbfed4b1830ab1956efbd2eec32289a968323cb854a47ef98360ed0f522
GET /dyn-css/authorization.css?targetBlogID=8398339737043528597&zx=e87d4dc5-1aa2-42cb-818b-51512e7a8bad HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.selsabil.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 16 Oct 2022 16:49:55 GMT
last-modified: Sun, 16 Oct 2022 16:49:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-length: 21
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.selsabil.com/favicon.ico
216.239.36.21200 OK 383 B URL HTTP/2 www.selsabil.com/favicon.ico
IP 216.239.36.21:0
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 87ae6d8cf308466e73b3c8a49c565a57
c2e62ba759d05822453c6146b3fc586f7d8b6a63
93e0276acc2cadb7cb9a35c3c04bbb4ad0bc529485408ac233cc4b8e8bc4ce02
GET /favicon.ico HTTP/1.1
Host: www.selsabil.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.selsabil.com/2020/05/resume-science-islamique-3as-pdf.html
Cookie: prefetchAd_5390673=true; dom3ic8zudi28v8lr6fgphwffqoz0j6c=81c0adca-a3a8-4ccd-bf75-c20dbd65e973%3A2%3A1; sb_main_a8b7775c94cdfb1faee492e5bec2c8ca=1; sb_count_a8b7775c94cdfb1faee492e5bec2c8ca=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/x-icon; charset=UTF-8
expires: Sun, 16 Oct 2022 16:49:55 GMT
date: Sun, 16 Oct 2022 16:49:55 GMT
cache-control: private, max-age=86400
last-modified: Sun, 16 Oct 2022 09:46:11 GMT
etag: W/"2e26b930e54d703a76b0edd1499aabebd028b9cd1575de2a32dc9f2538da04f3"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 383
server: GSE
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6d2abc1cad422cde0ca979cb4ec2a6f3
ac94a144d5e7042a63205cac83d8708a074934a4
74fc961bfa1c4f2be02481536d37167414552867779f300beedbfbf284b275fe
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 16 Oct 2022 16:49:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 618c6998deadeff1c1bd3c5c2a7380ee
b18462fd7d0df781bdbde02201d8d58231bf1a3d
237bb0fe3e531cafa69c5f0a921099190c1955a2f54ad1e8b95d4746c793a5d6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "237BB0FE3E531CAFA69C5F0A921099190C1955A2F54AD1E8B95D4746C793A5D6"
Last-Modified: Sun, 16 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10875
Expires: Sun, 16 Oct 2022 19:51:11 GMT
Date: Sun, 16 Oct 2022 16:49:56 GMT
Connection: keep-alive
massacreintentionalmemorize.com/ren.gif?sid=H4sIAAAAAAAC%2F1RST2%2FcRBwdt4EDPVH1goBqD0i0EtnY3l17lxwiQgiKCG3V8O%2BABOOZ2c2QsceasdebiENEJVRObL%2BB8zZ%2FBEQVfAAq5FTiEC5ZTkEinPgEFZzRbiMCv8vv2e%2BN9PTe78ud%2FIy4yOnp0rt6SypF51p1t3bjI8%2Bbr63KJB%2FUBu3gk6A5XzP91ztB3b1Ze1uwDT3nu57req5XW5ZGdPVgbkJCpocdr95x602%2F7rWaGJj%2Ff9vcgaUOeP%2BMXIXk45nHzjVIViGJv18SdiPT6WtvxbmimTbo84P3k41EFwniC9g1DrrJwbka2p4sP4JO9qZ2ofv%2FCiM5Js7PjxAlB%2BcmEfV3pz4jBZEg4ldQ9CsIVUHSCkzfg%2BQnBGAct24jifdvaVPQzacsnbBjMvP3E8hiTGZ%2Bv4Ykfrio5KC2plWeSZ1YDLol5KCC7FVI8yNkW5cgiyOw7AtITpDEJSQ%2FfaXtMZdyRmdpg7Znm4zx2agbtmaZ7%2FKIBy3RCRvTYKSsILsVlBiC2kvIrYNcOsi7DvLUQcxPa8zzvNDljLrtDmMNHooo4K5Hw65HPTdoI2cT70Nk6RBMDcHMNlKzjQ354KR1FSb%2FCXa9hOUObEbQ5yUKQVBYgoISFJKgyAiKfrnHlfVtuc%2BVzSPvfPvnu1GOdNbboXs664mE7KRn5PlJZs6zD5%2FBhjit0XYUhmGLdZqMdyOvS4VodnzRigTzWZtRWFlC2kug1sHWpL%2BvXkU62fMJInoEq47A5Eug%2BcugxSj0XdD1UbPtYis5tEJZGklVZzoG1yXSbAbZprOjzsgL0%2B7a%2B59CsOOFwxt%2FVV9%2FfBPMlEhNic%2FkY4Keuj%2B6qwuye1cXlvxwO81kLLfopNe1jGbi8rfviM1CG76yZIffvMEmxAQevidstkoTLpOeJd8tSs6FWdaGCfLjiv1QRHdyu76YmyRPV%2B%2B8ubwSp0ZYK3VSgcqTDz4Hk2Py3Iv16cFev%2FIbpKlg8hJxfkzOB1JXYOk2bHrh3urLMOpCE6UOirwcGT%2B6%2BKnkmPhP1qDE8cKoxf50fvkDNCphxX8eXuAdex89cx00uze91b4p0VclqBrC5pdHWWqOF35tTAeRckaRMs5upIx68DReK09rYaPh0qDT8sKQijBq%2Bu1u4HFK%2FWbgBwFtILNjtho0%2FgEAAP%2F%2FAQAA%2F%2F9tNVt4fwQAAA%3D%3D
173.233.137.52200 OK 7 B URL HTTP/1.1 massacreintentionalmemorize.com/ren.gif?sid=H4sIAAAAAAAC%2F1RST2%2FcRBwdt4EDPVH1goBqD0i0EtnY3l17lxwiQgiKCG3V8O%2BABOOZ2c2QsceasdebiENEJVRObL%2BB8zZ%2FBEQVfAAq5FTiEC5ZTkEinPgEFZzRbiMCv8vv2e%2BN9PTe78ud%2FIy4yOnp0rt6SypF51p1t3bjI8%2Bbr63KJB%2FUBu3gk6A5XzP91ztB3b1Ze1uwDT3nu57req5XW5ZGdPVgbkJCpocdr95x602%2F7rWaGJj%2Ff9vcgaUOeP%2BMXIXk45nHzjVIViGJv18SdiPT6WtvxbmimTbo84P3k41EFwniC9g1DrrJwbka2p4sP4JO9qZ2ofv%2FCiM5Js7PjxAlB%2BcmEfV3pz4jBZEg4ldQ9CsIVUHSCkzfg%2BQnBGAct24jifdvaVPQzacsnbBjMvP3E8hiTGZ%2Bv4Ykfrio5KC2plWeSZ1YDLol5KCC7FVI8yNkW5cgiyOw7AtITpDEJSQ%2FfaXtMZdyRmdpg7Znm4zx2agbtmaZ7%2FKIBy3RCRvTYKSsILsVlBiC2kvIrYNcOsi7DvLUQcxPa8zzvNDljLrtDmMNHooo4K5Hw65HPTdoI2cT70Nk6RBMDcHMNlKzjQ354KR1FSb%2FCXa9hOUObEbQ5yUKQVBYgoISFJKgyAiKfrnHlfVtuc%2BVzSPvfPvnu1GOdNbboXs664mE7KRn5PlJZs6zD5%2FBhjit0XYUhmGLdZqMdyOvS4VodnzRigTzWZtRWFlC2kug1sHWpL%2BvXkU62fMJInoEq47A5Eug%2BcugxSj0XdD1UbPtYis5tEJZGklVZzoG1yXSbAbZprOjzsgL0%2B7a%2B59CsOOFwxt%2FVV9%2FfBPMlEhNic%2FkY4Keuj%2B6qwuye1cXlvxwO81kLLfopNe1jGbi8rfviM1CG76yZIffvMEmxAQevidstkoTLpOeJd8tSs6FWdaGCfLjiv1QRHdyu76YmyRPV%2B%2B8ubwSp0ZYK3VSgcqTDz4Hk2Py3Iv16cFev%2FIbpKlg8hJxfkzOB1JXYOk2bHrh3urLMOpCE6UOirwcGT%2B6%2BKnkmPhP1qDE8cKoxf50fvkDNCphxX8eXuAdex89cx00uze91b4p0VclqBrC5pdHWWqOF35tTAeRckaRMs5upIx68DReK09rYaPh0qDT8sKQijBq%2Bu1u4HFK%2FWbgBwFtILNjtho0%2FgEAAP%2F%2FAQAA%2F%2F9tNVt4fwQAAA%3D%3D
IP 173.233.137.52:0
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RST2%2FcRBwdt4EDPVH1goBqD0i0EtnY3l17lxwiQgiKCG3V8O%2BABOOZ2c2QsceasdebiENEJVRObL%2BB8zZ%2FBEQVfAAq5FTiEC5ZTkEinPgEFZzRbiMCv8vv2e%2BN9PTe78ud%2FIy4yOnp0rt6SypF51p1t3bjI8%2Bbr63KJB%2FUBu3gk6A5XzP91ztB3b1Ze1uwDT3nu57req5XW5ZGdPVgbkJCpocdr95x602%2F7rWaGJj%2Ff9vcgaUOeP%2BMXIXk45nHzjVIViGJv18SdiPT6WtvxbmimTbo84P3k41EFwniC9g1DrrJwbka2p4sP4JO9qZ2ofv%2FCiM5Js7PjxAlB%2BcmEfV3pz4jBZEg4ldQ9CsIVUHSCkzfg%2BQnBGAct24jifdvaVPQzacsnbBjMvP3E8hiTGZ%2Bv4Ykfrio5KC2plWeSZ1YDLol5KCC7FVI8yNkW5cgiyOw7AtITpDEJSQ%2FfaXtMZdyRmdpg7Znm4zx2agbtmaZ7%2FKIBy3RCRvTYKSsILsVlBiC2kvIrYNcOsi7DvLUQcxPa8zzvNDljLrtDmMNHooo4K5Hw65HPTdoI2cT70Nk6RBMDcHMNlKzjQ354KR1FSb%2FCXa9hOUObEbQ5yUKQVBYgoISFJKgyAiKfrnHlfVtuc%2BVzSPvfPvnu1GOdNbboXs664mE7KRn5PlJZs6zD5%2FBhjit0XYUhmGLdZqMdyOvS4VodnzRigTzWZtRWFlC2kug1sHWpL%2BvXkU62fMJInoEq47A5Eug%2BcugxSj0XdD1UbPtYis5tEJZGklVZzoG1yXSbAbZprOjzsgL0%2B7a%2B59CsOOFwxt%2FVV9%2FfBPMlEhNic%2FkY4Keuj%2B6qwuye1cXlvxwO81kLLfopNe1jGbi8rfviM1CG76yZIffvMEmxAQevidstkoTLpOeJd8tSs6FWdaGCfLjiv1QRHdyu76YmyRPV%2B%2B8ubwSp0ZYK3VSgcqTDz4Hk2Py3Iv16cFev%2FIbpKlg8hJxfkzOB1JXYOk2bHrh3urLMOpCE6UOirwcGT%2B6%2BKnkmPhP1qDE8cKoxf50fvkDNCphxX8eXuAdex89cx00uze91b4p0VclqBrC5pdHWWqOF35tTAeRckaRMs5upIx68DReK09rYaPh0qDT8sKQijBq%2Bu1u4HFK%2FWbgBwFtILNjtho0%2FgEAAP%2F%2FAQAA%2F%2F9tNVt4fwQAAA%3D%3D HTTP/1.1
Host: massacreintentionalmemorize.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.selsabil.com/
Cookie: u_pl=17214981; uid_id2=81c0adca-a3a8-4ccd-bf75-c20dbd65e973:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 16 Oct 2022 16:49:56 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 40fa057292e9f840f3098114e26a51fe
Strict-Transport-Security: max-age=0; includeSubdomains
www.blogger.com/feeds/6694157898824685794/pages/default/7317598424819051988?alt=json-in-script&callback=garen
216.58.207.201200 OK 90 kB URL HTTP/2 www.blogger.com/feeds/6694157898824685794/pages/default/7317598424819051988?alt=json-in-script&callback=garen
IP 216.58.207.201:0
File type Unicode text, UTF-8 text, with very long lines (65507)
Hash 33f57155d1bc477e41c82f59fe94223a
c4d13894b5aa6284d3cfe7da3d614e1d5cb54903
1f49968df55b3420606d1b7a3ed9ed38074570790fc042fb36c69d38b5723c6f
GET /feeds/6694157898824685794/pages/default/7317598424819051988?alt=json-in-script&callback=garen HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.selsabil.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
cross-origin-resource-policy: cross-origin
content-type: text/javascript; charset=UTF-8
expires: Sun, 16 Oct 2022 16:49:55 GMT
date: Sun, 16 Oct 2022 16:49:55 GMT
cache-control: private, max-age=0
last-modified: Sun, 28 Aug 2022 16:05:01 GMT
etag: W/"077e649c139b64a200e7c66d5cd7425147782fb0033a886448ca036c8618256f"
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-length: 90098
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 483b069ba949f3b38cb5efaa5133def4
9926ffeacae23089f625bf687f5aaaa1c592acb1
20c3bcfcb4987e5b014dff8beb7b15e984388ae7ad0279a576e6d137a078ade3
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "20C3BCFCB4987E5B014DFF8BEB7B15E984388AE7AD0279A576E6D137A078ADE3"
Last-Modified: Sat, 15 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10814
Expires: Sun, 16 Oct 2022 19:50:10 GMT
Date: Sun, 16 Oct 2022 16:49:56 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 483b069ba949f3b38cb5efaa5133def4
9926ffeacae23089f625bf687f5aaaa1c592acb1
20c3bcfcb4987e5b014dff8beb7b15e984388ae7ad0279a576e6d137a078ade3
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "20C3BCFCB4987E5B014DFF8BEB7B15E984388AE7AD0279A576E6D137A078ADE3"
Last-Modified: Sat, 15 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10814
Expires: Sun, 16 Oct 2022 19:50:10 GMT
Date: Sun, 16 Oct 2022 16:49:56 GMT
Connection: keep-alive
cdn.sb4you1.com/sb/ssp/vpn/os-box/small/img/close.png
172.64.110.27200 OK 769 B URL HTTP/2 cdn.sb4you1.com/sb/ssp/vpn/os-box/small/img/close.png
IP 172.64.110.27:0
File type PNG image data, 23 x 23, 8-bit/color RGBA, non-interlaced\012- data
Hash 13b3b0cc6ce924780c0eec0b24c40c33
53b78225158a60f9327e135be26e365eb842f0df
7907c875d2dd81230f15826dffe1faa695cfb1f385adbb4d9480058d0d0112ad
GET /sb/ssp/vpn/os-box/small/img/close.png HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 16 Oct 2022 16:49:56 GMT
content-type: image/png
content-length: 769
last-modified: Tue, 21 Sep 2021 12:06:12 GMT
etag: "6149cab4-301"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 6417943
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ut9LjoI%2Fh5LNkxvv1iDUkPcgAKnC2EtkVsvfqgQHvbJsw37xoUOLwOshKmPGM2ppxe%2Fjo18ZA2YKISUmfB%2Bvd0rnndNa9li0MIKGH4MoW5txV3knzg5iRpnfYsBJeGt%2BugA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75b24a67cdad72e5-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.cloudimagesb.com/si/10/1d/de/101dde53a13f20e77eb46ba7dbbfa67c/1658583084.jpg
45.133.44.10200 OK 11 kB URL HTTP/2 cdn.cloudimagesb.com/si/10/1d/de/101dde53a13f20e77eb46ba7dbbfa67c/1658583084.jpg
IP 45.133.44.10:0
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 320x180, components 3\012- data
Hash 60f4178edf0467f7bcde165ceef1b8de
bae1ad4c4ec353ed2546c30aee459ccbe2305479
9b140f19559bc0912bce99d756ac39a8c062481a2d2326902000e1ae59db3d65
GET /si/10/1d/de/101dde53a13f20e77eb46ba7dbbfa67c/1658583084.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 16 Oct 2022 16:49:56 GMT
content-type: image/jpeg
content-length: 11400
server: nginx/1.17.6
last-modified: Sat, 23 Jul 2022 13:31:32 GMT
etag: "62dbf834-2c88"
expires: Tue, 18 Oct 2022 16:49:56 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.sb4you1.com/sb/ssp/vpn/os-box/small/js/jquery.min.js
172.64.110.27200 OK 31 kB URL HTTP/2 cdn.sb4you1.com/sb/ssp/vpn/os-box/small/js/jquery.min.js
IP 172.64.110.27:0
File type ASCII text, with very long lines (32025)
Hash 2f20abc50fb49cb33dfd585a89e31811
1a83d2261f7b66f7ab097324a19a2a7bc22da50d
91941fbd598b485a7311320fc5afc756c71a9f2de456d661e41609dfe3091c2b
GET /sb/ssp/vpn/os-box/small/js/jquery.min.js HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 16 Oct 2022 16:49:56 GMT
content-type: application/javascript
last-modified: Tue, 21 Sep 2021 12:06:14 GMT
etag: W/"6149cab6-1499c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 6417943
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jLHc2loG7NniA7auf3Luj830tVZiCtBSWZunBsMqSgf4DzRAzqTRsA%2BZOCf2v6Zdef%2FpocE%2Ft18dgjjN3Cbyd6CVB%2B6dZBulw85HxfNXEJBmqJi76y1OJS9BjK3f1JZ%2B6h8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75b24a67cdaf72e5-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.blogger.com/followers.g?blogID=8398339737043528597&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByM3Nzc3NzciByMzNTYwYWIqByMzNTYwYWIyByMwMDAwMDA6ByM3Nzc3NzdCByMzNTYwYWJKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50&pageSize=21&postID=1112513981371701383&origin=https://www.selsabil.com/&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.z9QjrzsHcOc.O%2Fd%3D1%2Frs%3DAHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA%2Fm%3D__features__
216.58.207.201302 Found 535 B URL HTTP/2 www.blogger.com/followers.g?blogID=8398339737043528597&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByM3Nzc3NzciByMzNTYwYWIqByMzNTYwYWIyByMwMDAwMDA6ByM3Nzc3NzdCByMzNTYwYWJKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50&pageSize=21&postID=1112513981371701383&origin=https://www.selsabil.com/&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.z9QjrzsHcOc.O%2Fd%3D1%2Frs%3DAHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA%2Fm%3D__features__
IP 216.58.207.201:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (1068)
Hash 6baced91a0834f1588ceca24abb029b9
3f0557f5604c762b3887891e1f1dfd61d700faa2
6f493571fe49d3aff586fe9309cc945f69af4c1b08e52888875825ae3ed5be39
GET /followers.g?blogID=8398339737043528597&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByM3Nzc3NzciByMzNTYwYWIqByMzNTYwYWIyByMwMDAwMDA6ByM3Nzc3NzdCByMzNTYwYWJKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50&pageSize=21&postID=1112513981371701383&origin=https://www.selsabil.com/&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.z9QjrzsHcOc.O%2Fd%3D1%2Frs%3DAHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA%2Fm%3D__features__ HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.selsabil.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
location: https://accounts.google.com/ServiceLogin?passive=true&continue=https://www.blogger.com/followers.g?blogID%3D8398339737043528597%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByM3Nzc3NzciByMzNTYwYWIqByMzNTYwYWIyByMwMDAwMDA6ByM3Nzc3NzdCByMzNTYwYWJKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50%26pageSize%3D21%26postID%3D1112513981371701383%26origin%3Dhttps://www.selsabil.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.z9QjrzsHcOc.O/d%253D1/rs%253DAHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/m%253D__features__%26bpli%3D1&followup=https://www.blogger.com/followers.g?blogID%3D8398339737043528597%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByM3Nzc3NzciByMzNTYwYWIqByMzNTYwYWIyByMwMDAwMDA6ByM3Nzc3NzdCByMzNTYwYWJKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50%26pageSize%3D21%26postID%3D1112513981371701383%26origin%3Dhttps://www.selsabil.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.z9QjrzsHcOc.O/d%253D1/rs%253DAHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/m%253D__features__%26bpli%3D1&go=true
content-type: text/html; charset=UTF-8
content-encoding: gzip
date: Sun, 16 Oct 2022 16:49:56 GMT
expires: Sun, 16 Oct 2022 16:49:56 GMT
cache-control: private, max-age=0
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 535
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.selsabil.com/2018/03/blog-post_814.html
216.239.36.21200 OK 76 kB URL HTTP/2 www.selsabil.com/2018/03/blog-post_814.html
IP 216.239.36.21:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1163)
Hash 3e6f610dd987e8b8d7bb57f26e73cdb1
3490cdf0112cd15d2df9ffd06f37c80b57c400fc
0a34e7d2975d5ce2c8e7fdc819e70d69ed64ce996538a193bfcc6aca1ddac936
GET /2018/03/blog-post_814.html HTTP/1.1
Host: www.selsabil.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.selsabil.com/2020/05/resume-science-islamique-3as-pdf.html
Cookie: prefetchAd_5390673=true; dom3ic8zudi28v8lr6fgphwffqoz0j6c=81c0adca-a3a8-4ccd-bf75-c20dbd65e973%3A2%3A1; sb_main_a8b7775c94cdfb1faee492e5bec2c8ca=1; sb_count_a8b7775c94cdfb1faee492e5bec2c8ca=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
expires: Sun, 16 Oct 2022 16:49:56 GMT
date: Sun, 16 Oct 2022 16:49:56 GMT
cache-control: private, max-age=0
last-modified: Sun, 16 Oct 2022 09:46:11 GMT
etag: W/"2e26b930e54d703a76b0edd1499aabebd028b9cd1575de2a32dc9f2538da04f3"
x-robots-tag: all,noodp
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 76435
server: GSE
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
142.250.74.10200 OK 1.1 kB URL HTTP/2 fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
IP 142.250.74.10:0
Hash e02bf4947a57f88fe43e8597f22139cb
8f1e186e05b61b829c54ae20f96797ca622ae605
6ad3b81a19467989d04ced721ac1f46b1353c421271f8b8d227fda5600c25535
GET /css?family=Roboto:300,400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 16 Oct 2022 16:49:56 GMT
date: Sun, 16 Oct 2022 16:49:56 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.selsabil.com/2017/06/2017_79.html
216.239.36.21200 OK 74 kB URL HTTP/2 www.selsabil.com/2017/06/2017_79.html
IP 216.239.36.21:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1163)
Hash 086af34924ea43d70d2ab3db0b3f7617
17adb2993b8723818e264de72cad67ba9a6aebfa
e39b0baa4ed498cb7beb4d19bf23bd034644e234fa3126707248c84b6b855f99
GET /2017/06/2017_79.html HTTP/1.1
Host: www.selsabil.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.selsabil.com/2020/05/resume-science-islamique-3as-pdf.html
Cookie: prefetchAd_5390673=true; dom3ic8zudi28v8lr6fgphwffqoz0j6c=81c0adca-a3a8-4ccd-bf75-c20dbd65e973%3A2%3A1; sb_main_a8b7775c94cdfb1faee492e5bec2c8ca=1; sb_count_a8b7775c94cdfb1faee492e5bec2c8ca=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
expires: Sun, 16 Oct 2022 16:49:56 GMT
date: Sun, 16 Oct 2022 16:49:56 GMT
cache-control: private, max-age=0
last-modified: Sun, 16 Oct 2022 09:46:11 GMT
etag: W/"2e26b930e54d703a76b0edd1499aabebd028b9cd1575de2a32dc9f2538da04f3"
x-robots-tag: all,noodp
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 74126
server: GSE
X-Firefox-Spdy: h2
accounts.google.com/ServiceLogin?passive=true&continue=https://www.blogger.com/followers.g?blogID%3D8398339737043528597%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByM3Nzc3NzciByMzNTYwYWIqByMzNTYwYWIyByMwMDAwMDA6ByM3Nzc3NzdCByMzNTYwYWJKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50%26pageSize%3D21%26postID%3D1112513981371701383%26origin%3Dhttps://www.selsabil.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.z9QjrzsHcOc.O/d%253D1/rs%253DAHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/m%253D__features__%26bpli%3D1&followup=https://www.blogger.com/followers.g?blogID%3D8398339737043528597%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByM3Nzc3NzciByMzNTYwYWIqByMzNTYwYWIyByMwMDAwMDA6ByM3Nzc3NzdCByMzNTYwYWJKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50%26pageSize%3D21%26postID%3D1112513981371701383%26origin%3Dhttps://www.selsabil.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.z9QjrzsHcOc.O/d%253D1/rs%253DAHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/m%253D__features__%26bpli%3D1&go=true
216.58.207.237302 Found 481 B URL HTTP/2 accounts.google.com/ServiceLogin?passive=true&continue=https://www.blogger.com/followers.g?blogID%3D8398339737043528597%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByM3Nzc3NzciByMzNTYwYWIqByMzNTYwYWIyByMwMDAwMDA6ByM3Nzc3NzdCByMzNTYwYWJKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50%26pageSize%3D21%26postID%3D1112513981371701383%26origin%3Dhttps://www.selsabil.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.z9QjrzsHcOc.O/d%253D1/rs%253DAHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/m%253D__features__%26bpli%3D1&followup=https://www.blogger.com/followers.g?blogID%3D8398339737043528597%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByM3Nzc3NzciByMzNTYwYWIqByMzNTYwYWIyByMwMDAwMDA6ByM3Nzc3NzdCByMzNTYwYWJKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50%26pageSize%3D21%26postID%3D1112513981371701383%26origin%3Dhttps://www.selsabil.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.z9QjrzsHcOc.O/d%253D1/rs%253DAHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/m%253D__features__%26bpli%3D1&go=true
IP 216.58.207.237:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (527)
Hash 08d0d12022aec0d6d325e5b29cf8071f
e6bd47243cebff3aa0e24de90e8228aeedb07451
ee759f334220fece25d45c1da6b2079683c84715cec236bc599d59e166afd0ab
GET /ServiceLogin?passive=true&continue=https://www.blogger.com/followers.g?blogID%3D8398339737043528597%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByM3Nzc3NzciByMzNTYwYWIqByMzNTYwYWIyByMwMDAwMDA6ByM3Nzc3NzdCByMzNTYwYWJKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50%26pageSize%3D21%26postID%3D1112513981371701383%26origin%3Dhttps://www.selsabil.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.z9QjrzsHcOc.O/d%253D1/rs%253DAHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/m%253D__features__%26bpli%3D1&followup=https://www.blogger.com/followers.g?blogID%3D8398339737043528597%26colors%3DCgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByM3Nzc3NzciByMzNTYwYWIqByMzNTYwYWIyByMwMDAwMDA6ByM3Nzc3NzdCByMzNTYwYWJKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50%26pageSize%3D21%26postID%3D1112513981371701383%26origin%3Dhttps://www.selsabil.com/%26usegapi%3D1%26jsh%3Dm;/_/scs/abc-static/_/js/k%253Dgapi.lb.en.z9QjrzsHcOc.O/d%253D1/rs%253DAHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/m%253D__features__%26bpli%3D1&go=true HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.selsabil.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 16 Oct 2022 16:49:56 GMT
location: https://www.blogger.com/followers.g?blogID=8398339737043528597&colors=Cgt0cmFuc3BhcmVudBILdHJhbnNwYXJlbnQaByM3Nzc3NzciByMzNTYwYWIqByMzNTYwYWIyByMwMDAwMDA6ByM3Nzc3NzdCByMzNTYwYWJKByMwMDAwMDBSByNGRkZGRkZaC3RyYW5zcGFyZW50&pageSize=21&postID=1112513981371701383&origin=https%3A%2F%2Fwww.selsabil.com%2F&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.z9QjrzsHcOc.O%2Fd%3D1%2Frs%3DAHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA%2Fm%3D__features__&bpli=1
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-security-policy: script-src 'nonce-wUgI0VmD3O-diJcgWpcHIw' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 481
server: GSE
set-cookie: __Host-GAPS=1:hqHZ-OV2fsewwbGMBQyoTdeTy7fFuw:CnM6z9MNP0QemId1;Path=/;Expires=Tue, 15-Oct-2024 16:49:56 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.sb4you1.com/sb/ssp/vpn/os-box/small/js/script.js
172.64.110.27200 OK 43 kB URL HTTP/2 cdn.sb4you1.com/sb/ssp/vpn/os-box/small/js/script.js
IP 172.64.110.27:0
Hash 123dfc2b8597fb07dc73a053e0d62f5a
d4bd7246240f41d2c276359953b26136e9c9b319
30500de063740715bc6adb58b4d56445545974dc5365b0848d250dd73e57cc42
GET /sb/ssp/vpn/os-box/small/js/script.js HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.selsabil.com
Connection: keep-alive
Referer: https://www.selsabil.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 16 Oct 2022 16:49:56 GMT
content-type: application/javascript
last-modified: Tue, 21 Sep 2021 12:06:14 GMT
etag: W/"6149cab6-307"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cq4GntyHbwqHKdx5NZQeNuVkKFZWirwZ8cCu2gENcu20inNfX9is7ixxy%2FJjI9Z7G7%2BHqAwXE5mWoeiiIwHv%2BT%2FnMWGwbTbNODjByYb%2B96NhMLuOukqSav2J7jAcg8XIagY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75b24a683e4f72e5-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 231a5834edd086a67640c2c0cc18c55c
3427d0baffebad62c95754da193be354ca2b270c
2533d2d520b731b0073fcd224375cdd6dc2fde77908f93dcb0c659ec6dc7501b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 16 Oct 2022 16:49:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 231a5834edd086a67640c2c0cc18c55c
3427d0baffebad62c95754da193be354ca2b270c
2533d2d520b731b0073fcd224375cdd6dc2fde77908f93dcb0c659ec6dc7501b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 16 Oct 2022 16:49:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash eaec157896b4103f8d4d6d7322b18b9d
45f4cc9bf0c5cc04ae4388682a8e058f58e30666
1b51a26aecfb438b88ca21570614048ec6232aafc94ee1049846dda6e868c400
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 16 Oct 2022 16:49:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 231a5834edd086a67640c2c0cc18c55c
3427d0baffebad62c95754da193be354ca2b270c
2533d2d520b731b0073fcd224375cdd6dc2fde77908f93dcb0c659ec6dc7501b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 16 Oct 2022 16:49:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash eaec157896b4103f8d4d6d7322b18b9d
45f4cc9bf0c5cc04ae4388682a8e058f58e30666
1b51a26aecfb438b88ca21570614048ec6232aafc94ee1049846dda6e868c400
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 16 Oct 2022 16:49:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/s2/photos/public/AIbEiAIAAABECJ6B2pLhmrqWzwEiC3ZjYXJkX3Bob3RvKig3OGJiYzg0ZDg4ZTljZGI2OTQ0YTljYzM0MDhkMzMwZTM1ZDE1N2M0MAF33KkuygOBhAk1o61esrpcrI22XA
142.250.74.164302 Found 0 B URL HTTP/2 www.google.com/s2/photos/public/AIbEiAIAAABECJ6B2pLhmrqWzwEiC3ZjYXJkX3Bob3RvKig3OGJiYzg0ZDg4ZTljZGI2OTQ0YTljYzM0MDhkMzMwZTM1ZDE1N2M0MAF33KkuygOBhAk1o61esrpcrI22XA
IP 142.250.74.164:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s2/photos/public/AIbEiAIAAABECJ6B2pLhmrqWzwEiC3ZjYXJkX3Bob3RvKig3OGJiYzg0ZDg4ZTljZGI2OTQ0YTljYzM0MDhkMzMwZTM1ZDE1N2M0MAF33KkuygOBhAk1o61esrpcrI22XA HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
content-type: application/binary
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 16 Oct 2022 16:49:57 GMT
location: https://lh3.googleusercontent.com/a-/ACNPEu-eAmeYGXn_Pg7Chz3M-T4n3PHvBMaSLB1IpPAj=s96-p
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
content-security-policy: script-src 'nonce-dHAuO7jcHYqIpM8tMrh9cw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /s2/_/SocialGraphPhotosSouffle/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /s2/_/SocialGraphPhotosSouffle/cspreport/allowlist, require-trusted-types-for 'script';report-uri /s2/_/SocialGraphPhotosSouffle/cspreport
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: NID=511=Bp40BAI9zdwpB0HmD2D44IaqVSJf2BfnBULgqKsU5jTF-jNCWemghQJfu5QQiYNHhxF8CkC7NtjoXifZMgOMiul3hsELpVBChrbLAV7SE_3uXgIRiq-7CDVP80g8IFJbn_wN2-jCXjiaSuwrL8gnWgWeAQAKPY5pYxbV4Us_Y1Y; expires=Mon, 17-Apr-2023 16:49:57 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/s2/photos/public/AIbEiAIAAABDCOCVlp6j4_XHeCILdmNhcmRfcGhvdG8qKDA1MWEyNmY2YjM2NzM1OTI2NTU1MTM2ZjA3ZjI1Mzg2MmQyM2U2NmQwAa9EmzcFDYm-WcKVTygv8VZusQgT
142.250.74.164302 Found 0 B URL HTTP/2 www.google.com/s2/photos/public/AIbEiAIAAABDCOCVlp6j4_XHeCILdmNhcmRfcGhvdG8qKDA1MWEyNmY2YjM2NzM1OTI2NTU1MTM2ZjA3ZjI1Mzg2MmQyM2U2NmQwAa9EmzcFDYm-WcKVTygv8VZusQgT
IP 142.250.74.164:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s2/photos/public/AIbEiAIAAABDCOCVlp6j4_XHeCILdmNhcmRfcGhvdG8qKDA1MWEyNmY2YjM2NzM1OTI2NTU1MTM2ZjA3ZjI1Mzg2MmQyM2U2NmQwAa9EmzcFDYm-WcKVTygv8VZusQgT HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: application/binary
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 16 Oct 2022 16:49:57 GMT
location: https://lh3.googleusercontent.com/a-/ACNPEu9bm_Ti7si-qTSb0o78zI0q7p1lHU997bi_xpdI=s96-p
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
content-security-policy: script-src 'nonce-UV6DD-33wgJNsr4o6konSQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /s2/_/SocialGraphPhotosSouffle/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /s2/_/SocialGraphPhotosSouffle/cspreport/allowlist, require-trusted-types-for 'script';report-uri /s2/_/SocialGraphPhotosSouffle/cspreport
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: NID=511=gd_e2rclxay5CxWFjPQjmMc8tkRxmCFSn8wNJ8jE_pyH3DVPeyU81H5mSg5aVTliAy0kSY5Kvpmrr-D4Ju8iyUwaSRgoOFpln8mog5KQJrhQytiNRmWC_pJsJGrRDFx5-yCO6A9-yXvxkSppEO-MckvdxWqgZvQy891SeuPV5cs; expires=Mon, 17-Apr-2023 16:49:57 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/s2/photos/public/AIbEiAIAAABECMOP2tjX0aGTmwEiC3ZjYXJkX3Bob3RvKigzMzQxOThkMTkwNGRhMjRkZTY5MTE4MjExYmVmMjhlMzIxNjNlZGVkMAFMvXBlh3mOmLQ70x2gcYYU1TvU8A
142.250.74.164302 Found 0 B URL HTTP/2 www.google.com/s2/photos/public/AIbEiAIAAABECMOP2tjX0aGTmwEiC3ZjYXJkX3Bob3RvKigzMzQxOThkMTkwNGRhMjRkZTY5MTE4MjExYmVmMjhlMzIxNjNlZGVkMAFMvXBlh3mOmLQ70x2gcYYU1TvU8A
IP 142.250.74.164:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s2/photos/public/AIbEiAIAAABECMOP2tjX0aGTmwEiC3ZjYXJkX3Bob3RvKigzMzQxOThkMTkwNGRhMjRkZTY5MTE4MjExYmVmMjhlMzIxNjNlZGVkMAFMvXBlh3mOmLQ70x2gcYYU1TvU8A HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
content-type: application/binary
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 16 Oct 2022 16:49:57 GMT
location: https://lh3.googleusercontent.com/a-/ACNPEu-xkvTFQ7vVLtn5_AjtoOKY6qEjADLKiAd5qCFX=s96-p
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-opener-policy: same-origin
content-security-policy: script-src 'nonce-V8pKZ5ceI1GjbOOlcxxl5w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /s2/_/SocialGraphPhotosSouffle/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /s2/_/SocialGraphPhotosSouffle/cspreport/allowlist, require-trusted-types-for 'script';report-uri /s2/_/SocialGraphPhotosSouffle/cspreport
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: NID=511=DSqa2F4ut1jkVLV79UsIFdxQTb8ePqi8lY4wO6fcFH1godRqP_CMWpb1MngcoY9cdH73CULVRc4y_RDbkTtKHtYPRDouQcLaNt4HU1lPdp79vvZGXPi54y5BTMhzv36fpyF0qwPG0Mpmafe8rUepGyMQ0hs-Cy3WrkoH2-jbcbc; expires=Mon, 17-Apr-2023 16:49:57 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/s2/photos/public/AIbEiAIAAABDCI2ogvqjrrnmICILdmNhcmRfcGhvdG8qKGU0OWZhMDBiNjM2ZmU4YzRjMTIyOTY4NDNiMDgzZjc0Yzc4NTA1ZDkwATEAokou6jMdPWvFAqRhXY2A8efj
142.250.74.164302 Found 0 B URL HTTP/2 www.google.com/s2/photos/public/AIbEiAIAAABDCI2ogvqjrrnmICILdmNhcmRfcGhvdG8qKGU0OWZhMDBiNjM2ZmU4YzRjMTIyOTY4NDNiMDgzZjc0Yzc4NTA1ZDkwATEAokou6jMdPWvFAqRhXY2A8efj
IP 142.250.74.164:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s2/photos/public/AIbEiAIAAABDCI2ogvqjrrnmICILdmNhcmRfcGhvdG8qKGU0OWZhMDBiNjM2ZmU4YzRjMTIyOTY4NDNiMDgzZjc0Yzc4NTA1ZDkwATEAokou6jMdPWvFAqRhXY2A8efj HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
content-type: application/binary
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 16 Oct 2022 16:49:57 GMT
location: https://lh3.googleusercontent.com/a-/ACNPEu-tSJyK8D3i9Wtz3v2FJzWi3SxGZRLtnWBwhwp4Hw=s96-p
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-security-policy: script-src 'nonce-HOmF3uQn9vehIJ49wbpS1g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /s2/_/SocialGraphPhotosSouffle/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /s2/_/SocialGraphPhotosSouffle/cspreport/allowlist, require-trusted-types-for 'script';report-uri /s2/_/SocialGraphPhotosSouffle/cspreport
cross-origin-opener-policy: same-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: NID=511=dUGFtGEkGwtCTi4dFqAfneKXfoX3Kf0mg5aRdaVTuq7ItT1pkp2Gvjtf8xsQ-o_PrEggjqJmImLzhWPvPOSxi8R0SPSYocSwx0IWA4XURGp95IbtiqvlVbSr0IRlRBQ-P_ItWhOwMfNukXE4BJVxRhS85CIIQWXpuu1Mxj8uyZc; expires=Mon, 17-Apr-2023 16:49:57 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/s2/photos/public/AIbEiAIAAABDCKOo6PyPqPb2aSILdmNhcmRfcGhvdG8qKDYwZTkzY2YwMGFkNjNjMzMyOGJhZDEzMTRmZjc1Njc0ODNhNTg1MmUwAQ-5ye5co2YLJcBfLYxC61esqFGj
142.250.74.164302 Found 0 B URL HTTP/2 www.google.com/s2/photos/public/AIbEiAIAAABDCKOo6PyPqPb2aSILdmNhcmRfcGhvdG8qKDYwZTkzY2YwMGFkNjNjMzMyOGJhZDEzMTRmZjc1Njc0ODNhNTg1MmUwAQ-5ye5co2YLJcBfLYxC61esqFGj
IP 142.250.74.164:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s2/photos/public/AIbEiAIAAABDCKOo6PyPqPb2aSILdmNhcmRfcGhvdG8qKDYwZTkzY2YwMGFkNjNjMzMyOGJhZDEzMTRmZjc1Njc0ODNhNTg1MmUwAQ-5ye5co2YLJcBfLYxC61esqFGj HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
content-type: application/binary
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 16 Oct 2022 16:49:57 GMT
location: https://lh3.googleusercontent.com/a-/ACNPEu9EFpkZBF9FQH-Xuzpus_A9E3GzMiZqSb5yP2vOnQ=s96-p
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-security-policy: script-src 'nonce-2tBxnFHdnucrmv6FQM5szQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /s2/_/SocialGraphPhotosSouffle/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /s2/_/SocialGraphPhotosSouffle/cspreport/allowlist, require-trusted-types-for 'script';report-uri /s2/_/SocialGraphPhotosSouffle/cspreport
cross-origin-opener-policy: same-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: NID=511=YDly6c2dokz7lrC_iJW_RJdfcroxLzA_ykTslA-hd5tFfy7IDzicuCPae1AUG3OKtZ3piso_ehMywZV9PLdod9v_yA_QWR3fMwJIdSsDeoZbCmBqZY7NOlAoIr12iamhxA0et2_254StYB49wvKoXA-bD5jdiKBZpy2v_2oKpLU; expires=Mon, 17-Apr-2023 16:49:57 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.sb4you1.com/sb/ssp/vpn/os-box/small/css/animate.css
172.64.110.27200 OK 45 kB URL HTTP/2 cdn.sb4you1.com/sb/ssp/vpn/os-box/small/css/animate.css
IP 172.64.110.27:0
Hash cf018fdc1cbec8d986d3796258186502
c588d533f969006d116f839ff595b62f80b17b9e
a5e874a7f2980ff198803b4c16eeab813492055e36144b63014d3c97cfddc00d
GET /sb/ssp/vpn/os-box/small/css/animate.css HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.selsabil.com
Connection: keep-alive
Referer: https://www.selsabil.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 16 Oct 2022 16:49:56 GMT
content-type: text/css
last-modified: Tue, 21 Sep 2021 12:06:11 GMT
etag: W/"6149cab3-13591"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bscQrrYCTXdLDEpO5xRd1dQiT7DKrz5vJlF%2BM5PDQA6pZNkadjnTvfDxdOL6ovUGw8gl4QsLn5zJ7XY5r0rnAci%2F7OLzRlDFEqIZjVHwxBUzlMDubna4XN4AFygasq4rqYs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75b24a678d4c72e5-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.google.com/s2/photos/public/AIbEiAIAAABECI7h3NPWxsa7qAEiC3ZjYXJkX3Bob3RvKihhN2Q3NzhiYTJlNDEzODY1YTA1MzJiOGRhOTRhZTk2MWNiODZiZTFjMAGlg-85baq170s5QqG_XkYUHYAsQA
142.250.74.164302 Found 0 B URL HTTP/2 www.google.com/s2/photos/public/AIbEiAIAAABECI7h3NPWxsa7qAEiC3ZjYXJkX3Bob3RvKihhN2Q3NzhiYTJlNDEzODY1YTA1MzJiOGRhOTRhZTk2MWNiODZiZTFjMAGlg-85baq170s5QqG_XkYUHYAsQA
IP 142.250.74.164:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s2/photos/public/AIbEiAIAAABECI7h3NPWxsa7qAEiC3ZjYXJkX3Bob3RvKihhN2Q3NzhiYTJlNDEzODY1YTA1MzJiOGRhOTRhZTk2MWNiODZiZTFjMAGlg-85baq170s5QqG_XkYUHYAsQA HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: application/binary
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 16 Oct 2022 16:49:57 GMT
location: https://lh3.googleusercontent.com/a-/ACNPEu9bziYaky_vRkY2avbasxbu_nJ65psw-bv6rnWB=s96-p
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
content-security-policy: script-src 'nonce-BLjXKz6jELi9vMPbV-djhg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /s2/_/SocialGraphPhotosSouffle/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /s2/_/SocialGraphPhotosSouffle/cspreport/allowlist, require-trusted-types-for 'script';report-uri /s2/_/SocialGraphPhotosSouffle/cspreport
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: NID=511=L-FaWFEzJgP_Ln6HbGJbcfkWo8LbnRH0BYjlTmSrvozlOYI9HByFtD6T4TtyzS7Z80RJNvXSSz2mvfD6h0t02GpzrHpdcKDe1kiGLdOLkgr9x4R-NpbHeFapPvZ1x81pMSrFzngF-9a1BLUVgHXeaEeIk-1ka3_1OhDe90OUpeM; expires=Mon, 17-Apr-2023 16:49:57 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/s2/photos/public/AIbEiAIAAABECNDViv7U9eaf_wEiC3ZjYXJkX3Bob3RvKigyNTU2ODc2ZTgwNmU2YWQxMWZhOTM2Y2Q1MmM5MmExNTdlMTg3N2Y5MAElTFbnr62Hqmfsfr3ojoBafVPWPw
142.250.74.164302 Found 0 B URL HTTP/2 www.google.com/s2/photos/public/AIbEiAIAAABECNDViv7U9eaf_wEiC3ZjYXJkX3Bob3RvKigyNTU2ODc2ZTgwNmU2YWQxMWZhOTM2Y2Q1MmM5MmExNTdlMTg3N2Y5MAElTFbnr62Hqmfsfr3ojoBafVPWPw
IP 142.250.74.164:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s2/photos/public/AIbEiAIAAABECNDViv7U9eaf_wEiC3ZjYXJkX3Bob3RvKigyNTU2ODc2ZTgwNmU2YWQxMWZhOTM2Y2Q1MmM5MmExNTdlMTg3N2Y5MAElTFbnr62Hqmfsfr3ojoBafVPWPw HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
content-type: application/binary
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 16 Oct 2022 16:49:57 GMT
location: https://lh3.googleusercontent.com/a-/ACNPEu8Q4PATQM2r6mu6FZliJBRtA7BJBfiwDtkqFjJ9=s96-p
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-opener-policy: same-origin
content-security-policy: script-src 'nonce-y_QVWN3uz4Fiz4u6kop-3A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /s2/_/SocialGraphPhotosSouffle/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /s2/_/SocialGraphPhotosSouffle/cspreport/allowlist, require-trusted-types-for 'script';report-uri /s2/_/SocialGraphPhotosSouffle/cspreport
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: NID=511=K2E44q47rWSbeCkQnYpRsRGiw6nmORzdItgZgPNSLC097FSfrjDxrC2PCKt1xfees7lDsg_Xt3fztvSuqcAeoogMlqlb8LZksX3G7udLltDFHSzaRU_E1RhnDGJwjc10zvcm44Syre82d-RY-EmW838pg5SCTx41qOhNuQKvHEk; expires=Mon, 17-Apr-2023 16:49:57 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/s2/photos/public/AIbEiAIAAABDCK_g6IDWvfOlBCILdmNhcmRfcGhvdG8qKDkzMDU0YTdiODE0NzI5ZGZmMmViZTFhMTNlZjIyZWU2NjFlNzM1YTAwAVszOc_1wGFpRITlhf656ni-r6Oc
142.250.74.164302 Found 0 B URL HTTP/2 www.google.com/s2/photos/public/AIbEiAIAAABDCK_g6IDWvfOlBCILdmNhcmRfcGhvdG8qKDkzMDU0YTdiODE0NzI5ZGZmMmViZTFhMTNlZjIyZWU2NjFlNzM1YTAwAVszOc_1wGFpRITlhf656ni-r6Oc
IP 142.250.74.164:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s2/photos/public/AIbEiAIAAABDCK_g6IDWvfOlBCILdmNhcmRfcGhvdG8qKDkzMDU0YTdiODE0NzI5ZGZmMmViZTFhMTNlZjIyZWU2NjFlNzM1YTAwAVszOc_1wGFpRITlhf656ni-r6Oc HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: application/binary
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 16 Oct 2022 16:49:57 GMT
location: https://lh3.googleusercontent.com/a-/ACNPEu_TyHfzn1xstuulKFhnqyteICwe2Cdx_69fknDI1Q=s96-p
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-security-policy: script-src 'nonce-rxNS7x3KlA9CWluJOHtecw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /s2/_/SocialGraphPhotosSouffle/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /s2/_/SocialGraphPhotosSouffle/cspreport/allowlist, require-trusted-types-for 'script';report-uri /s2/_/SocialGraphPhotosSouffle/cspreport
cross-origin-opener-policy: same-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: NID=511=ihnF2eaIKhloHly2qUQzSfVFk-T8NjJwKRbyjrJkp2lexTXECJr6w18Jy4os7fs6l-m_3OryPVzxa44ABXvolvZyyuZC4wBncD_MLGxi0_-u4-XUUQ5zj_ZnUPF9oWoUbbuMCP9qROYyNRsXImXx4Qraf0FXpnq9DTgFFbP9a20; expires=Mon, 17-Apr-2023 16:49:57 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/s2/photos/public/AIbEiAIAAABECLC7zb3s55bnnQEiC3ZjYXJkX3Bob3RvKigyNGY4YWM0ZmI4NzExZTQ3NTgxYzBmYTdiYjYzZWRmMDk0NDZjZjNiMAEQsmQKQiEiIMmQjMn8rZcWbdGV_g
142.250.74.164302 Found 0 B URL HTTP/2 www.google.com/s2/photos/public/AIbEiAIAAABECLC7zb3s55bnnQEiC3ZjYXJkX3Bob3RvKigyNGY4YWM0ZmI4NzExZTQ3NTgxYzBmYTdiYjYzZWRmMDk0NDZjZjNiMAEQsmQKQiEiIMmQjMn8rZcWbdGV_g
IP 142.250.74.164:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s2/photos/public/AIbEiAIAAABECLC7zb3s55bnnQEiC3ZjYXJkX3Bob3RvKigyNGY4YWM0ZmI4NzExZTQ3NTgxYzBmYTdiYjYzZWRmMDk0NDZjZjNiMAEQsmQKQiEiIMmQjMn8rZcWbdGV_g HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: application/binary
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 16 Oct 2022 16:49:57 GMT
location: https://lh3.googleusercontent.com/a-/ACNPEu850CCRJfgUQNIU2uiph_rVubGRkx6tvbkJ_JL1=s96-p
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-security-policy: script-src 'nonce-jAdWHTijPx_nJGSQ1aoKow' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /s2/_/SocialGraphPhotosSouffle/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /s2/_/SocialGraphPhotosSouffle/cspreport/allowlist, require-trusted-types-for 'script';report-uri /s2/_/SocialGraphPhotosSouffle/cspreport
cross-origin-opener-policy: same-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: NID=511=Lhxe7cF49ckdt63Byf7-jL7CR8u9dXgwGfRrBRXWC2hMNZZ-NU7-mB9YNGdzsRSa6OT4HUwfalfWl9iPI-SdlMpLCVgZP47A4ARGaAejQ4hmjoY1g4m_tkKNmztM10RFI_Sp5gEWdDwO8F8WlJbXpCn4wTufzL938QtPklbSkLY; expires=Mon, 17-Apr-2023 16:49:57 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/s2/photos/public/AIbEiAIAAABDCJ7y6v_6gpa7ByILdmNhcmRfcGhvdG8qKDk5ZmQ1NzU0M2M5YmFiMjVjYjI4ODIzNTJkNmVhOTIwYjM5MDk4YzMwAdiPHGahukrdpOudLI-u2-DBxx1-
142.250.74.164302 Found 0 B URL HTTP/2 www.google.com/s2/photos/public/AIbEiAIAAABDCJ7y6v_6gpa7ByILdmNhcmRfcGhvdG8qKDk5ZmQ1NzU0M2M5YmFiMjVjYjI4ODIzNTJkNmVhOTIwYjM5MDk4YzMwAdiPHGahukrdpOudLI-u2-DBxx1-
IP 142.250.74.164:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s2/photos/public/AIbEiAIAAABDCJ7y6v_6gpa7ByILdmNhcmRfcGhvdG8qKDk5ZmQ1NzU0M2M5YmFiMjVjYjI4ODIzNTJkNmVhOTIwYjM5MDk4YzMwAdiPHGahukrdpOudLI-u2-DBxx1- HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: application/binary
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 16 Oct 2022 16:49:57 GMT
location: https://lh3.googleusercontent.com/a-/ACNPEu-NBIDTg6FYaB_FbJj8Hc4muNSQW-LPWFnOYwvP=s96-p
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-security-policy: script-src 'nonce-yX2YzseB85INkksq3q1Ilw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /s2/_/SocialGraphPhotosSouffle/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /s2/_/SocialGraphPhotosSouffle/cspreport/allowlist, require-trusted-types-for 'script';report-uri /s2/_/SocialGraphPhotosSouffle/cspreport
cross-origin-opener-policy: same-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: NID=511=m3bAPCFQcM0yOt_eOu64_YxofPO6BEtRCdUbJhPL9Ex_rs8mWLJaX0R8CGJgKcr1qvRwFBT_TTISMsLF6o1vbPu_XiUYKh4Fdjt1VFqsTF9UZSz1kfnMAC2aKBfVd1SJhH1JiFn9v6HpD9xOMInCLfIJi8HQrRTBeyEDp3hUkCQ; expires=Mon, 17-Apr-2023 16:49:57 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/a-/ACNPEu_iTRPTgX2L1ZHSlPyXMpxKvhR7dc97Y6QN2vm7ow=s45-c
142.250.74.33200 OK 661 B URL HTTP/2 lh3.googleusercontent.com/a-/ACNPEu_iTRPTgX2L1ZHSlPyXMpxKvhR7dc97Y6QN2vm7ow=s45-c
IP 142.250.74.33:0
File type PNG image data, 45 x 45, 8-bit/color RGB, non-interlaced\012- data
Hash e74906c7060f46a359a768954b76b216
3d28ebad8149c75ecc12ec4ffcb8eab8c7c8a879
0df7ba0b5270e8b2fd797126799447fe39ee099d8d045b5c43a11039da268a60
GET /a-/ACNPEu_iTRPTgX2L1ZHSlPyXMpxKvhR7dc97Y6QN2vm7ow=s45-c HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
expires: Mon, 17 Oct 2022 16:49:57 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
content-type: image/png
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Sun, 16 Oct 2022 16:49:57 GMT
server: fife
content-length: 661
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/a/default-user=s45-c
142.250.74.33200 OK 316 B URL HTTP/2 lh3.googleusercontent.com/a/default-user=s45-c
IP 142.250.74.33:0
File type PNG image data, 45 x 45, 8-bit colormap, non-interlaced\012- data
Hash 9fae1841320a0eaa434a022513f60859
245fac7a1ba86adda5bf5571babef7d5280672a4
1e2ce2743c2908d3aa1ce10a03be76d756eaa493cd41f9dcc94a3cc35cbfa1bd
GET /a/default-user=s45-c HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.png"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 316
x-xss-protection: 0
date: Sun, 16 Oct 2022 15:40:00 GMT
expires: Thu, 13 Oct 2022 11:38:13 GMT
cache-control: public, max-age=86400, no-transform
age: 4197
etag: "v0"
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/a-/ACNPEu-eAmeYGXn_Pg7Chz3M-T4n3PHvBMaSLB1IpPAj=s96-p
142.250.74.33200 OK 15 kB URL HTTP/2 lh3.googleusercontent.com/a-/ACNPEu-eAmeYGXn_Pg7Chz3M-T4n3PHvBMaSLB1IpPAj=s96-p
IP 142.250.74.33:0
File type PNG image data, 96 x 96, 8-bit/color RGB, non-interlaced\012- data
Hash e766c07730cba8707669a4c2c476a5cf
be03478b5582a9a64d4e01d030e2cd3f2eda5afb
73f7f84b5bd6b9e6476477c84cf036d1e48b173cdd8a06029c01a6b3443aa8c0
GET /a-/ACNPEu-eAmeYGXn_Pg7Chz3M-T4n3PHvBMaSLB1IpPAj=s96-p HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v8"
expires: Mon, 17 Oct 2022 16:49:57 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
content-type: image/png
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Sun, 16 Oct 2022 16:49:57 GMT
server: fife
content-length: 14697
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/s2/photos/public/AIbEiAIAAABECPWVnanEn4rcmgEiC3ZjYXJkX3Bob3RvKig1NDFjMGJjOTUwNjFiNDJlODc1ZjNhMDU4MWU5OGM5NTIxZGI2OTczMAEQEK0NKl3tWqSfIH5mzshZ6SbMcA
142.250.74.164302 Found 0 B URL HTTP/2 www.google.com/s2/photos/public/AIbEiAIAAABECPWVnanEn4rcmgEiC3ZjYXJkX3Bob3RvKig1NDFjMGJjOTUwNjFiNDJlODc1ZjNhMDU4MWU5OGM5NTIxZGI2OTczMAEQEK0NKl3tWqSfIH5mzshZ6SbMcA
IP 142.250.74.164:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s2/photos/public/AIbEiAIAAABECPWVnanEn4rcmgEiC3ZjYXJkX3Bob3RvKig1NDFjMGJjOTUwNjFiNDJlODc1ZjNhMDU4MWU5OGM5NTIxZGI2OTczMAEQEK0NKl3tWqSfIH5mzshZ6SbMcA HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: application/binary
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sun, 16 Oct 2022 16:49:57 GMT
location: https://lh3.googleusercontent.com/a-/ACNPEu9-222L_5sEp7VtGUHYsVVeAo86Iu1bMWBTNznJ=s96-p
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
content-security-policy: script-src 'nonce-J1-e5i5o5xfbiJNPmZ51zw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /s2/_/SocialGraphPhotosSouffle/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /s2/_/SocialGraphPhotosSouffle/cspreport/allowlist, require-trusted-types-for 'script';report-uri /s2/_/SocialGraphPhotosSouffle/cspreport
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: NID=511=EL4BtN0z80MS9FRF3j6ub2vCaPIQDDqbefQli1BKvY6Qews2ZJDNKeMIpIMYflV4W0mj5_4_C-6ILAqElSTIuvTy3qSNKqJD0WzT0RacupbGDWsk_zhXaSZdnhZduAY9R6A9Gk7xu3Sx57OHgd8mFO9OBq-fFe8Xuumsf58Jh2o; expires=Mon, 17-Apr-2023 16:49:57 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/a-/ACNPEu-tSJyK8D3i9Wtz3v2FJzWi3SxGZRLtnWBwhwp4Hw=s96-p
142.250.74.33200 OK 5.8 kB URL HTTP/2 lh3.googleusercontent.com/a-/ACNPEu-tSJyK8D3i9Wtz3v2FJzWi3SxGZRLtnWBwhwp4Hw=s96-p
IP 142.250.74.33:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 96x96, components 3\012- data
Hash 238de420f2ff28249ffde31ebcc73634
5207e0a0dc7dd9ad0bb147136c1d8fd1b5046224
f14621ccadeec0e71a89f0076f4d3b4c4b8aad55da6f965e12564be78b9cc89d
GET /a-/ACNPEu-tSJyK8D3i9Wtz3v2FJzWi3SxGZRLtnWBwhwp4Hw=s96-p HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 5838
x-xss-protection: 0
date: Sun, 16 Oct 2022 16:49:57 GMT
expires: Sat, 15 Oct 2022 21:42:01 GMT
cache-control: public, max-age=86400, no-transform
etag: "v180"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/a-/ACNPEu-xkvTFQ7vVLtn5_AjtoOKY6qEjADLKiAd5qCFX=s96-p
142.250.74.33200 OK 5.7 kB URL HTTP/2 lh3.googleusercontent.com/a-/ACNPEu-xkvTFQ7vVLtn5_AjtoOKY6qEjADLKiAd5qCFX=s96-p
IP 142.250.74.33:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 96x96, components 3\012- data
Hash 3273e635b257d69a4cf7f37701c19c91
3235c723535507f493f81b604355c388e9f807e1
3864d02f21e20d568a52a624e9125c9145a8aa2ac754df361b0df38c95b69478
GET /a-/ACNPEu-xkvTFQ7vVLtn5_AjtoOKY6qEjADLKiAd5qCFX=s96-p HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v5"
expires: Mon, 17 Oct 2022 16:49:57 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Sun, 16 Oct 2022 16:49:57 GMT
server: fife
content-length: 5740
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/a-/ACNPEu9EFpkZBF9FQH-Xuzpus_A9E3GzMiZqSb5yP2vOnQ=s96-p
142.250.74.33200 OK 5.2 kB URL HTTP/2 lh3.googleusercontent.com/a-/ACNPEu9EFpkZBF9FQH-Xuzpus_A9E3GzMiZqSb5yP2vOnQ=s96-p
IP 142.250.74.33:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 96x96, components 3\012- data
Hash 9ab3b5a450c5f54242279eddf0a69a7e
75f16c9badc91c643ae830c37138868e1d5939ad
6542524644ff4eefbac02da485c65f26ad5330fbd018c60080868722c0cf7bb9
GET /a-/ACNPEu9EFpkZBF9FQH-Xuzpus_A9E3GzMiZqSb5yP2vOnQ=s96-p HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v117"
expires: Mon, 17 Oct 2022 16:49:57 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Sun, 16 Oct 2022 16:49:57 GMT
server: fife
content-length: 5185
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/a-/ACNPEu9bziYaky_vRkY2avbasxbu_nJ65psw-bv6rnWB=s96-p
142.250.74.33200 OK 2.2 kB URL HTTP/2 lh3.googleusercontent.com/a-/ACNPEu9bziYaky_vRkY2avbasxbu_nJ65psw-bv6rnWB=s96-p
IP 142.250.74.33:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 96x96, components 3\012- data
Hash a1668603be07aa10ab21dccc64ff3d3b
4d20680eec032eb7590d2de5263e9e94c6e8ad86
b2f18cf22cc0f98548d009a64ab62246dc628eb8ff6372ec1acb988c970fc253
GET /a-/ACNPEu9bziYaky_vRkY2avbasxbu_nJ65psw-bv6rnWB=s96-p HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v8"
expires: Mon, 17 Oct 2022 16:49:57 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Sun, 16 Oct 2022 16:49:57 GMT
server: fife
content-length: 2245
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/a-/ACNPEu8Q4PATQM2r6mu6FZliJBRtA7BJBfiwDtkqFjJ9=s96-p
142.250.74.33200 OK 2.7 kB URL HTTP/2 lh3.googleusercontent.com/a-/ACNPEu8Q4PATQM2r6mu6FZliJBRtA7BJBfiwDtkqFjJ9=s96-p
IP 142.250.74.33:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 96x96, components 3\012- data
Hash 40bd830d37b50abf786774250c2bbed2
c22d2e156bd199b2ed45030131d0f5ca0fd19a02
1f3cce76e54f12e23605117468a13338816f3d6ea91377b14d32f7c2b1e0a3db
GET /a-/ACNPEu8Q4PATQM2r6mu6FZliJBRtA7BJBfiwDtkqFjJ9=s96-p HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 2735
x-xss-protection: 0
date: Sun, 16 Oct 2022 16:49:57 GMT
expires: Sat, 15 Oct 2022 21:42:01 GMT
cache-control: public, max-age=86400, no-transform
etag: "v7"
content-type: image/jpeg
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/a-/ACNPEu_TyHfzn1xstuulKFhnqyteICwe2Cdx_69fknDI1Q=s96-p
142.250.74.33200 OK 4.8 kB URL HTTP/2 lh3.googleusercontent.com/a-/ACNPEu_TyHfzn1xstuulKFhnqyteICwe2Cdx_69fknDI1Q=s96-p
IP 142.250.74.33:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 96x96, components 3\012- data
Hash fd201456ec12a0e22533384929728fc4
1a1c7c749b0fea41df494f66d9c803dd2229847d
1ca1c8de975b8731f0f2357ddb48142c9475d1a4342ea4c9324b97cb646265b3
GET /a-/ACNPEu_TyHfzn1xstuulKFhnqyteICwe2Cdx_69fknDI1Q=s96-p HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "vd3"
expires: Mon, 17 Oct 2022 16:49:57 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Sun, 16 Oct 2022 16:49:57 GMT
server: fife
content-length: 4789
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/a-/ACNPEu9bm_Ti7si-qTSb0o78zI0q7p1lHU997bi_xpdI=s96-p
142.250.74.33200 OK 145 kB URL HTTP/2 lh3.googleusercontent.com/a-/ACNPEu9bm_Ti7si-qTSb0o78zI0q7p1lHU997bi_xpdI=s96-p
IP 142.250.74.33:0
File type GIF image data, version 89a, 96 x 96\012- data
Size 145 kB (145389 bytes)
Hash 91baa97a884691a00c8a0d6c04e7b0f6
e410684c5f813361778e30ccc2d2771c8d1fa37c
62c4e9e89b1197a3377b404b5ed5d62440d00ca4125bdd0733654ac320b4d35f
GET /a-/ACNPEu9bm_Ti7si-qTSb0o78zI0q7p1lHU997bi_xpdI=s96-p HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v5f"
expires: Mon, 17 Oct 2022 16:49:57 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.gif"
content-type: image/gif
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Sun, 16 Oct 2022 16:49:57 GMT
server: fife
content-length: 145389
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/a-/ACNPEu850CCRJfgUQNIU2uiph_rVubGRkx6tvbkJ_JL1=s96-p
142.250.74.33200 OK 4.8 kB URL HTTP/2 lh3.googleusercontent.com/a-/ACNPEu850CCRJfgUQNIU2uiph_rVubGRkx6tvbkJ_JL1=s96-p
IP 142.250.74.33:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 96x96, components 3\012- data
Hash 9e1fd590f9ca282d6a45c5bf2542db24
819e86763dfe5d71287ae41ddd94376614d0f6c3
714e081822f992cb714574fd1fcd3089d25c8cd37e17b93f9aed4a097ce4dcab
GET /a-/ACNPEu850CCRJfgUQNIU2uiph_rVubGRkx6tvbkJ_JL1=s96-p HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v5"
expires: Mon, 17 Oct 2022 16:49:57 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Sun, 16 Oct 2022 16:49:57 GMT
server: fife
content-length: 4761
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/a-/ACNPEu-NBIDTg6FYaB_FbJj8Hc4muNSQW-LPWFnOYwvP=s96-p
142.250.74.33200 OK 4.2 kB URL HTTP/2 lh3.googleusercontent.com/a-/ACNPEu-NBIDTg6FYaB_FbJj8Hc4muNSQW-LPWFnOYwvP=s96-p
IP 142.250.74.33:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 96x96, components 3\012- data
Hash b3668c60fa4ae7336b3d9f4d3b794815
28036f1d538e5eccb74654b949dadac5cb3896a8
d3060023c819d51a89de1c954e728c6ec177389e06e2fc62bce52e9c887ee0a3
GET /a-/ACNPEu-NBIDTg6FYaB_FbJj8Hc4muNSQW-LPWFnOYwvP=s96-p HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v1c"
expires: Mon, 17 Oct 2022 16:49:57 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Sun, 16 Oct 2022 16:49:57 GMT
server: fife
content-length: 4210
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lh3.googleusercontent.com/a-/ACNPEu9-222L_5sEp7VtGUHYsVVeAo86Iu1bMWBTNznJ=s96-p
142.250.74.33200 OK 6.1 kB URL HTTP/2 lh3.googleusercontent.com/a-/ACNPEu9-222L_5sEp7VtGUHYsVVeAo86Iu1bMWBTNznJ=s96-p
IP 142.250.74.33:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 96x96, components 3\012- data
Hash 767c609678e025a10dee7e1aeb83dd85
a63ede66cadecc500a0694c1d80b2b451151d592
a21684ce35a6b30ac12e3ed3f78c741c9e26f403a71136a0d57a71673333d0a9
GET /a-/ACNPEu9-222L_5sEp7VtGUHYsVVeAo86Iu1bMWBTNznJ=s96-p HTTP/1.1
Host: lh3.googleusercontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v16"
expires: Mon, 17 Oct 2022 16:49:57 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Sun, 16 Oct 2022 16:49:57 GMT
server: fife
content-length: 6094
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash eaec157896b4103f8d4d6d7322b18b9d
45f4cc9bf0c5cc04ae4388682a8e058f58e30666
1b51a26aecfb438b88ca21570614048ec6232aafc94ee1049846dda6e868c400
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 16 Oct 2022 16:49:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
propu.sh/custom
139.45.197.250200 OK 39 B IP 139.45.197.250:0
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Analyzer Verdict Alert fortinet Phishing
POST /custom HTTP/1.1
Host: propu.sh
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.selsabil.com/
Content-Type: application/json
Origin: https://www.selsabil.com
Content-Length: 779
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 16 Oct 2022 16:49:57 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: e84496ba814ce0aa63d8eebad7031a8f
access-control-allow-origin: https://www.selsabil.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.selsabil.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 12 Oct 2022 19:34:08 GMT
expires: Thu, 12 Oct 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 335749
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.selsabil.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 12 Oct 2022 19:34:08 GMT
expires: Thu, 12 Oct 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 335749
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
massacreintentionalmemorize.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSS28cRRjsSQwHciLKBQHRHpBIJLye2ffig4UxRhYmiWJeByTo16wb90yPumd21hYHi0gonNj8g3GtHwKsCH4AERpH4mAuXk5Gwpz4BRGc0W4sDN%2Flq5mqlkpV35c72RnxkdHTpXfNltKazjWrfuXGR0EwX1lVcTaoDDqtT1qN%2BYrtv95tVf2blbcl3zBzNT%2Fw%2FcAPKsvKytAM5iYkVHLYDapdv9qoVYNmAwP7%2F2%2BXeXDUg%2BifkatQYjzz2LsGxUvE0fdL0m2kJnntrSjTNDUWfXHwfrwRmzxGdAFD6yGMD87VMO5k%2BRFMvDe1C9P%2FV8jUmHg%2FPwKLD85NgvV3pz6ZhozBxBXk%2FRJSl1C0BDf3oMQJAbjArduIo%2F1bxuZ08ylLJ%2ByYzPz9BCofk5nfryGOHi5qNaisGZ2lysQOg7CAGpRQvRJJdoR06xJUfgSefgElCOKogBKnr3QC7lPB6Syt085sg3Mxy8J2c5bXfMFEqym77fo0GKVKqLCElkNQdwmZ85ApD1noIUs8ROK0woMgaPuCU7%2FT5bwu2pK1hB%2FQdhjQwG91kPGJ9yHSZAiuh%2BB2G4ndxoZ6cNK8Cpv9BLdewAkPLiXoiwK5JMgdQU4JckWQpwR5v9gT2tVcsS%2B0y1hwvmvnu16MTNrboXsm7cmY7CRn5PlJZt6zD5%2FBhjyt0A5rt9tN3m1wEbIgpFI2ujXZZJLXeIdTOFVAuUugzsPWpL%2BvXkUy2fMxGD2C00fg6iXQ7GXQfNSu%2BaDro0bHx1Z86KR2lCld5SaCMAWSdAbpprejz8gL0%2B46%2B59C8uOFwxt%2FlV9%2FfBPcFkhsgc%2FUY4Kevj%2B6a3Kye9fkjvxwO0lVpLbopNe1lKby8rfvyM3cWLGy5IbfvMEnxAQeviddukpjoeKeI98tKiGkXTaWS%2FLjivtQsjuZW1%2FMbJwlq3feXF6JEiudUyYuQdXJB5%2BDqzF57sXq9GCvX%2FkNypawWYEoOybnA2VK8GQbLrlw78xlWH2hYYmHPCtGtsYufmo1JrUna9DyeGHU5H96v%2FwBygo4%2BZ%2BHF3jH3UfPXgdN701vtW8L9HUBqodw2eVRmtjjhV%2Fr0wHT3ohp6%2B0ybfWDp%2FE6dVqp%2B6LNZCjbTDaajVBywZpN5vOQs7rodDhSN%2Barrfo%2FAAAA%2F%2F8BAAD%2F%2F%2B3hjpB%2FBAAA
173.233.137.52200 OK 7 B URL HTTP/1.1 massacreintentionalmemorize.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSS28cRRjsSQwHciLKBQHRHpBIJLye2ffig4UxRhYmiWJeByTo16wb90yPumd21hYHi0gonNj8g3GtHwKsCH4AERpH4mAuXk5Gwpz4BRGc0W4sDN%2Flq5mqlkpV35c72RnxkdHTpXfNltKazjWrfuXGR0EwX1lVcTaoDDqtT1qN%2BYrtv95tVf2blbcl3zBzNT%2Fw%2FcAPKsvKytAM5iYkVHLYDapdv9qoVYNmAwP7%2F2%2BXeXDUg%2BifkatQYjzz2LsGxUvE0fdL0m2kJnntrSjTNDUWfXHwfrwRmzxGdAFD6yGMD87VMO5k%2BRFMvDe1C9P%2FV8jUmHg%2FPwKLD85NgvV3pz6ZhozBxBXk%2FRJSl1C0BDf3oMQJAbjArduIo%2F1bxuZ08ylLJ%2ByYzPz9BCofk5nfryGOHi5qNaisGZ2lysQOg7CAGpRQvRJJdoR06xJUfgSefgElCOKogBKnr3QC7lPB6Syt085sg3Mxy8J2c5bXfMFEqym77fo0GKVKqLCElkNQdwmZ85ApD1noIUs8ROK0woMgaPuCU7%2FT5bwu2pK1hB%2FQdhjQwG91kPGJ9yHSZAiuh%2BB2G4ndxoZ6cNK8Cpv9BLdewAkPLiXoiwK5JMgdQU4JckWQpwR5v9gT2tVcsS%2B0y1hwvmvnu16MTNrboXsm7cmY7CRn5PlJZt6zD5%2FBhjyt0A5rt9tN3m1wEbIgpFI2ujXZZJLXeIdTOFVAuUugzsPWpL%2BvXkUy2fMxGD2C00fg6iXQ7GXQfNSu%2BaDro0bHx1Z86KR2lCld5SaCMAWSdAbpprejz8gL0%2B46%2B59C8uOFwxt%2FlV9%2FfBPcFkhsgc%2FUY4Kevj%2B6a3Kye9fkjvxwO0lVpLbopNe1lKby8rfvyM3cWLGy5IbfvMEnxAQeviddukpjoeKeI98tKiGkXTaWS%2FLjivtQsjuZW1%2FMbJwlq3feXF6JEiudUyYuQdXJB5%2BDqzF57sXq9GCvX%2FkNypawWYEoOybnA2VK8GQbLrlw78xlWH2hYYmHPCtGtsYufmo1JrUna9DyeGHU5H96v%2FwBygo4%2BZ%2BHF3jH3UfPXgdN701vtW8L9HUBqodw2eVRmtjjhV%2Fr0wHT3ohp6%2B0ybfWDp%2FE6dVqp%2B6LNZCjbTDaajVBywZpN5vOQs7rodDhSN%2Barrfo%2FAAAA%2F%2F8BAAD%2F%2F%2B3hjpB%2FBAAA
IP 173.233.137.52:0
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSS28cRRjsSQwHciLKBQHRHpBIJLye2ffig4UxRhYmiWJeByTo16wb90yPumd21hYHi0gonNj8g3GtHwKsCH4AERpH4mAuXk5Gwpz4BRGc0W4sDN%2Flq5mqlkpV35c72RnxkdHTpXfNltKazjWrfuXGR0EwX1lVcTaoDDqtT1qN%2BYrtv95tVf2blbcl3zBzNT%2Fw%2FcAPKsvKytAM5iYkVHLYDapdv9qoVYNmAwP7%2F2%2BXeXDUg%2BifkatQYjzz2LsGxUvE0fdL0m2kJnntrSjTNDUWfXHwfrwRmzxGdAFD6yGMD87VMO5k%2BRFMvDe1C9P%2FV8jUmHg%2FPwKLD85NgvV3pz6ZhozBxBXk%2FRJSl1C0BDf3oMQJAbjArduIo%2F1bxuZ08ylLJ%2ByYzPz9BCofk5nfryGOHi5qNaisGZ2lysQOg7CAGpRQvRJJdoR06xJUfgSefgElCOKogBKnr3QC7lPB6Syt085sg3Mxy8J2c5bXfMFEqym77fo0GKVKqLCElkNQdwmZ85ApD1noIUs8ROK0woMgaPuCU7%2FT5bwu2pK1hB%2FQdhjQwG91kPGJ9yHSZAiuh%2BB2G4ndxoZ6cNK8Cpv9BLdewAkPLiXoiwK5JMgdQU4JckWQpwR5v9gT2tVcsS%2B0y1hwvmvnu16MTNrboXsm7cmY7CRn5PlJZt6zD5%2FBhjyt0A5rt9tN3m1wEbIgpFI2ujXZZJLXeIdTOFVAuUugzsPWpL%2BvXkUy2fMxGD2C00fg6iXQ7GXQfNSu%2BaDro0bHx1Z86KR2lCld5SaCMAWSdAbpprejz8gL0%2B46%2B59C8uOFwxt%2FlV9%2FfBPcFkhsgc%2FUY4Kevj%2B6a3Kye9fkjvxwO0lVpLbopNe1lKby8rfvyM3cWLGy5IbfvMEnxAQeviddukpjoeKeI98tKiGkXTaWS%2FLjivtQsjuZW1%2FMbJwlq3feXF6JEiudUyYuQdXJB5%2BDqzF57sXq9GCvX%2FkNypawWYEoOybnA2VK8GQbLrlw78xlWH2hYYmHPCtGtsYufmo1JrUna9DyeGHU5H96v%2FwBygo4%2BZ%2BHF3jH3UfPXgdN701vtW8L9HUBqodw2eVRmtjjhV%2Fr0wHT3ohp6%2B0ybfWDp%2FE6dVqp%2B6LNZCjbTDaajVBywZpN5vOQs7rodDhSN%2Barrfo%2FAAAA%2F%2F8BAAD%2F%2F%2B3hjpB%2FBAAA HTTP/1.1
Host: massacreintentionalmemorize.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.selsabil.com/
Cookie: u_pl=17214981; uid_id2=81c0adca-a3a8-4ccd-bf75-c20dbd65e973:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 16 Oct 2022 16:49:57 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 1498710b8f4883f8b73e739a9c5407c3
Strict-Transport-Security: max-age=0; includeSubdomains
massacreintentionalmemorize.com/pixel/sbs?c=1
173.233.137.52200 OK 0 B URL HTTP/1.1 massacreintentionalmemorize.com/pixel/sbs?c=1
IP 173.233.137.52:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbs?c=1 HTTP/1.1
Host: massacreintentionalmemorize.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.selsabil.com/
Cookie: u_pl=17214981; uid_id2=81c0adca-a3a8-4ccd-bf75-c20dbd65e973:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 16 Oct 2022 16:49:57 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e838174f787f000e6707e58e1247bbf7
d48db15188d1eec3b0103a47fc8264d49496e058
27447c05944540c1012b421384ae1acc2b23c7f31eaba0b38240aaa910cd91a1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "27447C05944540C1012B421384AE1ACC2B23C7F31EABA0B38240AAA910CD91A1"
Last-Modified: Sun, 16 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9049
Expires: Sun, 16 Oct 2022 19:20:46 GMT
Date: Sun, 16 Oct 2022 16:49:57 GMT
Connection: keep-alive
unseenreport.com/pxf.gif?uuid=81c0adca-a3a8-4ccd-bf75-c20dbd65e973&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.31&b_frame=0&pk=a8b7775c94cdfb1faee492e5bec2c8ca&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=16
192.243.61.227200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=81c0adca-a3a8-4ccd-bf75-c20dbd65e973&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.31&b_frame=0&pk=a8b7775c94cdfb1faee492e5bec2c8ca&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=16
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=81c0adca-a3a8-4ccd-bf75-c20dbd65e973&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.31&b_frame=0&pk=a8b7775c94cdfb1faee492e5bec2c8ca&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=16 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.selsabil.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sun, 16 Oct 2022 16:49:57 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 9b67e2125d495f453ce9d3da5ee318c5
Strict-Transport-Security: max-age=0; includeSubdomains
betotodilea.com/impression/H81cL_S479WP-5K42s6pCkJtUh8xSE_4bEzlig3XAIhQzE9ojMx9HMi72RGGxVFjmg1Mw4Zr5Qyt25HqZWwxZqjt2a-3iYxb98zW4R9m6x-6M4YcArWZeKCZ0nxVF7oz17gPPOr2-kJTRLI-5MfK6xwB8rX-SqehZyECRGY3cCBNSrH9UArIoxVJDHIx0aSUGv_2lc_zps4m_joiZwTmzKR9ifFbSi7Cd75m5PBO-P6_cLCWhEJO0hWxT6CGV4cS51mfxqHm0QPDtN0JWNUZaNWritDqZBznr_vKqh7P7zJZlm-ZDZpF_qMPggldjN-4aGVAkEY9U_oR_0qCn3eeZFQhRsGvYbUNpJ_LjyVUtkbVUxQu2dMczixPQLrmX_f7nkDgPlx-7o8y4oRALWsY6149fb0POrFSQo-yZM92xBGFaqAYfJfj9_WmB6Eoxw7GnoPP6Wf4ErHU3Ey6yrNaXFdV2y_cElEg_BcRuAh8-cu9ZO7yq8zoUwymfnu61E4IpiWNEeNLtQ7Q5X1cB3l1bPcq6ZYYuYetAF0FauZ6rWvmzhFj10k8FaGLl4UU-7ZVN_NFHvmHA_ovaZ1iN3h334VZx57LjXrcg8PWYrsLHDQ=?_z=5390670&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=4&pl=https%3A%2F%2Fwww.selsabil.com%2F2020%2F05%2Fresume-science-islamique-3as-pdf.html&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.237200 OK 43 B URL HTTP/2 betotodilea.com/impression/H81cL_S479WP-5K42s6pCkJtUh8xSE_4bEzlig3XAIhQzE9ojMx9HMi72RGGxVFjmg1Mw4Zr5Qyt25HqZWwxZqjt2a-3iYxb98zW4R9m6x-6M4YcArWZeKCZ0nxVF7oz17gPPOr2-kJTRLI-5MfK6xwB8rX-SqehZyECRGY3cCBNSrH9UArIoxVJDHIx0aSUGv_2lc_zps4m_joiZwTmzKR9ifFbSi7Cd75m5PBO-P6_cLCWhEJO0hWxT6CGV4cS51mfxqHm0QPDtN0JWNUZaNWritDqZBznr_vKqh7P7zJZlm-ZDZpF_qMPggldjN-4aGVAkEY9U_oR_0qCn3eeZFQhRsGvYbUNpJ_LjyVUtkbVUxQu2dMczixPQLrmX_f7nkDgPlx-7o8y4oRALWsY6149fb0POrFSQo-yZM92xBGFaqAYfJfj9_WmB6Eoxw7GnoPP6Wf4ErHU3Ey6yrNaXFdV2y_cElEg_BcRuAh8-cu9ZO7yq8zoUwymfnu61E4IpiWNEeNLtQ7Q5X1cB3l1bPcq6ZYYuYetAF0FauZ6rWvmzhFj10k8FaGLl4UU-7ZVN_NFHvmHA_ovaZ1iN3h334VZx57LjXrcg8PWYrsLHDQ=?_z=5390670&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=4&pl=https%3A%2F%2Fwww.selsabil.com%2F2020%2F05%2Fresume-science-islamique-3as-pdf.html&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.237:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /impression/H81cL_S479WP-5K42s6pCkJtUh8xSE_4bEzlig3XAIhQzE9ojMx9HMi72RGGxVFjmg1Mw4Zr5Qyt25HqZWwxZqjt2a-3iYxb98zW4R9m6x-6M4YcArWZeKCZ0nxVF7oz17gPPOr2-kJTRLI-5MfK6xwB8rX-SqehZyECRGY3cCBNSrH9UArIoxVJDHIx0aSUGv_2lc_zps4m_joiZwTmzKR9ifFbSi7Cd75m5PBO-P6_cLCWhEJO0hWxT6CGV4cS51mfxqHm0QPDtN0JWNUZaNWritDqZBznr_vKqh7P7zJZlm-ZDZpF_qMPggldjN-4aGVAkEY9U_oR_0qCn3eeZFQhRsGvYbUNpJ_LjyVUtkbVUxQu2dMczixPQLrmX_f7nkDgPlx-7o8y4oRALWsY6149fb0POrFSQo-yZM92xBGFaqAYfJfj9_WmB6Eoxw7GnoPP6Wf4ErHU3Ey6yrNaXFdV2y_cElEg_BcRuAh8-cu9ZO7yq8zoUwymfnu61E4IpiWNEeNLtQ7Q5X1cB3l1bPcq6ZYYuYetAF0FauZ6rWvmzhFj10k8FaGLl4UU-7ZVN_NFHvmHA_ovaZ1iN3h334VZx57LjXrcg8PWYrsLHDQ=?_z=5390670&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=4&pl=https%3A%2F%2Fwww.selsabil.com%2F2020%2F05%2Fresume-science-islamique-3as-pdf.html&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: betotodilea.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.selsabil.com/
Cookie: OAID=9d1ce4f285c04abea39acab48844335f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 16 Oct 2022 16:49:59 GMT
content-type: image/gif
content-length: 43
x-trace-id: a4e9ffc3c2abe177dea949b847af883d
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
gloaphoo.net/impression/KxV43wDtFtkjiU4QfZZvLnivw9hrsyAYOY26PfVOtwh1sus2tlOXlvAtSKfs3eRQ_L2CeD-U-o7qQqbyJBS7iXQeeD6D9AsJXay_3pHyEnvPPpRiH9u-qCyP5aHJ8V0kwQznlAVhZmk6wNY3yXjQK4r4xDugAcVHk6SZBXCewf8bFSG8jKlJuSs37q2P_lQrJcXj-iDeA3v00Q1zAQ73M3cCQEmwswc0Au04mwFXB2UfS3r-IimtCLcpQi8ynzbGa3lm81la5Mh_6lD276dFTCxSAwDRmKmjutY8S51k3LlzcMUnu9RrSTF-4KxfX_Cgg0TOdsGIp1tukB-Jqn4UAFRiMVXEzZFivKTNNkFq5Yr1zSQLfrtVl2NHHhefWkTqH7KF5hJAM3RCn8HtmsEJeMNQ4c-3xednv0Jp2j-FD3FXozGvawCXnAjhyYgCTD_5WUsTQhBxHJ3rkNCxZLB0pr6RuPpw8BvWCeJDTwQLOyde3djslnC0BboeQ3Nz4nznwr3DiGDOWkcogSL2lLuqQ8yfxVO4TRxF5P1_z4fkvd6VoxTH6vtXta5UzNz2VAeoX33ewqENAafmRRPlG-uMbJYsacTyYSmS?_z=5382274&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=5&pl=https%3A%2F%2Fwww.selsabil.com%2F2020%2F05%2Fresume-science-islamique-3as-pdf.html&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.239200 OK 43 B URL HTTP/2 gloaphoo.net/impression/KxV43wDtFtkjiU4QfZZvLnivw9hrsyAYOY26PfVOtwh1sus2tlOXlvAtSKfs3eRQ_L2CeD-U-o7qQqbyJBS7iXQeeD6D9AsJXay_3pHyEnvPPpRiH9u-qCyP5aHJ8V0kwQznlAVhZmk6wNY3yXjQK4r4xDugAcVHk6SZBXCewf8bFSG8jKlJuSs37q2P_lQrJcXj-iDeA3v00Q1zAQ73M3cCQEmwswc0Au04mwFXB2UfS3r-IimtCLcpQi8ynzbGa3lm81la5Mh_6lD276dFTCxSAwDRmKmjutY8S51k3LlzcMUnu9RrSTF-4KxfX_Cgg0TOdsGIp1tukB-Jqn4UAFRiMVXEzZFivKTNNkFq5Yr1zSQLfrtVl2NHHhefWkTqH7KF5hJAM3RCn8HtmsEJeMNQ4c-3xednv0Jp2j-FD3FXozGvawCXnAjhyYgCTD_5WUsTQhBxHJ3rkNCxZLB0pr6RuPpw8BvWCeJDTwQLOyde3djslnC0BboeQ3Nz4nznwr3DiGDOWkcogSL2lLuqQ8yfxVO4TRxF5P1_z4fkvd6VoxTH6vtXta5UzNz2VAeoX33ewqENAafmRRPlG-uMbJYsacTyYSmS?_z=5382274&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=5&pl=https%3A%2F%2Fwww.selsabil.com%2F2020%2F05%2Fresume-science-islamique-3as-pdf.html&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.239:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Analyzer Verdict Alert quad9 Sinkholed
GET /impression/KxV43wDtFtkjiU4QfZZvLnivw9hrsyAYOY26PfVOtwh1sus2tlOXlvAtSKfs3eRQ_L2CeD-U-o7qQqbyJBS7iXQeeD6D9AsJXay_3pHyEnvPPpRiH9u-qCyP5aHJ8V0kwQznlAVhZmk6wNY3yXjQK4r4xDugAcVHk6SZBXCewf8bFSG8jKlJuSs37q2P_lQrJcXj-iDeA3v00Q1zAQ73M3cCQEmwswc0Au04mwFXB2UfS3r-IimtCLcpQi8ynzbGa3lm81la5Mh_6lD276dFTCxSAwDRmKmjutY8S51k3LlzcMUnu9RrSTF-4KxfX_Cgg0TOdsGIp1tukB-Jqn4UAFRiMVXEzZFivKTNNkFq5Yr1zSQLfrtVl2NHHhefWkTqH7KF5hJAM3RCn8HtmsEJeMNQ4c-3xednv0Jp2j-FD3FXozGvawCXnAjhyYgCTD_5WUsTQhBxHJ3rkNCxZLB0pr6RuPpw8BvWCeJDTwQLOyde3djslnC0BboeQ3Nz4nznwr3DiGDOWkcogSL2lLuqQ8yfxVO4TRxF5P1_z4fkvd6VoxTH6vtXta5UzNz2VAeoX33ewqENAafmRRPlG-uMbJYsacTyYSmS?_z=5382274&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=5&pl=https%3A%2F%2Fwww.selsabil.com%2F2020%2F05%2Fresume-science-islamique-3as-pdf.html&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: gloaphoo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.selsabil.com/
Cookie: OAID=9d1ce4f285c04abea39acab48844335f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 16 Oct 2022 16:49:59 GMT
content-type: image/gif
content-length: 43
x-trace-id: 18fc2ce934d661752a2b45ecb0a5c189
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
betotodilea.com/500/5390670?excludes=10242828&oaid=9d1ce4f285c04abea39acab48844335f&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=6&pl=https%3A%2F%2Fwww.selsabil.com%2F2020%2F05%2Fresume-science-islamique-3as-pdf.html&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.237200 OK 0 B URL HTTP/2 betotodilea.com/500/5390670?excludes=10242828&oaid=9d1ce4f285c04abea39acab48844335f&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=6&pl=https%3A%2F%2Fwww.selsabil.com%2F2020%2F05%2Fresume-science-islamique-3as-pdf.html&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.237:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /500/5390670?excludes=10242828&oaid=9d1ce4f285c04abea39acab48844335f&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=6&pl=https%3A%2F%2Fwww.selsabil.com%2F2020%2F05%2Fresume-science-islamique-3as-pdf.html&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: betotodilea.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://www.selsabil.com/
Origin: https://www.selsabil.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 16 Oct 2022 16:49:59 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://www.selsabil.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-credentials: true
access-control-max-age: 600
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2
betotodilea.com/500/5390670?excludes=10242828&oaid=9d1ce4f285c04abea39acab48844335f&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=6&pl=https%3A%2F%2Fwww.selsabil.com%2F2020%2F05%2Fresume-science-islamique-3as-pdf.html&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.237200 OK 102 kB URL HTTP/2 betotodilea.com/500/5390670?excludes=10242828&oaid=9d1ce4f285c04abea39acab48844335f&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=6&pl=https%3A%2F%2Fwww.selsabil.com%2F2020%2F05%2Fresume-science-islamique-3as-pdf.html&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.237:0
Size 102 kB (101555 bytes)
Hash 16e683b70e357062c15a36e5be83f745
fa8c1543ee596c00cb9cadd1eb60410b9ab507b3
3196adc49335d5a13bd2410db86bd0b60d167d46e3000698883bb9d6e19435ec
GET /500/5390670?excludes=10242828&oaid=9d1ce4f285c04abea39acab48844335f&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=6&pl=https%3A%2F%2Fwww.selsabil.com%2F2020%2F05%2Fresume-science-islamique-3as-pdf.html&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: betotodilea.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://www.selsabil.com
Connection: keep-alive
Referer: https://www.selsabil.com/
Cookie: OAID=9d1ce4f285c04abea39acab48844335f
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 16 Oct 2022 16:49:59 GMT
content-type: application/javascript
x-trace-id: ada0a99db3eb0b5243213459b0a33763
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://www.selsabil.com
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=9d1ce4f285c04abea39acab48844335f; expires=Mon, 16 Oct 2023 16:49:59 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
propu.sh/custom
139.45.197.250200 OK 39 B IP 139.45.197.250:0
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Analyzer Verdict Alert fortinet Phishing
POST /custom HTTP/1.1
Host: propu.sh
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.selsabil.com/
Content-Type: application/json
Origin: https://www.selsabil.com
Content-Length: 422
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 16 Oct 2022 16:50:02 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 5930f338bbc6d1672f24d40796aa7821
access-control-allow-origin: https://www.selsabil.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
my.rtmark.net/gid.js?pub=0&userId=732a15a94cab4275b2b954689518d6d1&zoneId=5390672&checkDuplicate=true&ymid=&var=
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?pub=0&userId=732a15a94cab4275b2b954689518d6d1&zoneId=5390672&checkDuplicate=true&ymid=&var=
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash 44b2bb01dbfcfa4f47e6e82a277c569d
022db0862d70c1abb56675af06018c3407fe0be4
7e99cdd1195d6f9bb9cfe13fa9425fb88fd387ce7bf1ae49121819a51ac2f43a
GET /gid.js?pub=0&userId=732a15a94cab4275b2b954689518d6d1&zoneId=5390672&checkDuplicate=true&ymid=&var= HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.selsabil.com/
Origin: https://www.selsabil.com
Connection: keep-alive
Cookie: ID=9d1ce4f285c04abea39acab48844335f
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 16 Oct 2022 16:50:02 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://www.selsabil.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=9d1ce4f285c04abea39acab48844335f; expires=Mon, 16 Oct 2023 16:50:02 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
tzegilo.com/stattag.js
172.67.194.45200 OK 0 B IP 172.67.194.45:0
GET /stattag.js HTTP/1.1
Host: tzegilo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.selsabil.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 16 Oct 2022 16:49:54 GMT
content-type: application/javascript
last-modified: Thu, 04 Aug 2022 15:18:11 GMT
etag: W/"62ebe333-8007"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 2369
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kVVcTUhEO38e7EH1Zw%2FSrUQyTUNmFQKm9wMkuces74y5t4UJzGPwGZhbqdjrniPB0OpzydqluiWbSDAC7DoWgeZ5e%2FTfNe7cocL0M9BYViah9WSMIJ8buMFq51Eu8A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75b24a597c7cb515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.barscreative1.com/sb/au/ef/6d/9c/ef6d9ce2996acaba379ea30acdea20ae/1632400430.html
45.133.44.4200 OK 0 B URL HTTP/2 cdn.barscreative1.com/sb/au/ef/6d/9c/ef6d9ce2996acaba379ea30acdea20ae/1632400430.html
IP 45.133.44.4:0
ASN #39572 DataWeb Global Group B.V.
Analyzer Verdict Alert fortinet Phishing
GET /sb/au/ef/6d/9c/ef6d9ce2996acaba379ea30acdea20ae/1632400430.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.selsabil.com
Connection: keep-alive
Referer: https://www.selsabil.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 16 Oct 2022 16:49:56 GMT
content-type: text/html; charset=utf-8
server: nginx/1.17.6
last-modified: Thu, 23 Sep 2021 12:33:57 GMT
etag: W/"614c7435-4c2"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Sun, 16 Oct 2022 17:49:56 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2
onmarshtompor.com/?rb=e5PUGgWY6WsEqxhfhw89HTeJ7mBUTr_CEHwWT3LIw1JrvH7f-lgANAamS4IcMLZWSw9tQPpZ3y3S1kml44jtVxxG1kR9_QGP0HEH1e49SyXRxFAy2exUgNx7714Jrsnsxy543tOEx9JScaQqbtJFkCO4CjXh-49ruD2qJhTXOMjFvE6buPPjf1N5h12tFEMLNwMhefREwkLuD2mjVChnXlercyw%3D&request_ab2=0&zoneid=5390673&js_build=iclick-v1.436.1&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=0&pl=https%3A%2F%2Fwww.selsabil.com%2F2020%2F05%2Fresume-science-islamique-3as-pdf.html&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.436.1&bs=8eb79e52-5ed9-4869-9989-45ac9b820148&userId=9d1ce4f285c04abea39acab48844335f&m=link
139.45.197.243200 OK 0 B URL HTTP/2 onmarshtompor.com/?rb=e5PUGgWY6WsEqxhfhw89HTeJ7mBUTr_CEHwWT3LIw1JrvH7f-lgANAamS4IcMLZWSw9tQPpZ3y3S1kml44jtVxxG1kR9_QGP0HEH1e49SyXRxFAy2exUgNx7714Jrsnsxy543tOEx9JScaQqbtJFkCO4CjXh-49ruD2qJhTXOMjFvE6buPPjf1N5h12tFEMLNwMhefREwkLuD2mjVChnXlercyw%3D&request_ab2=0&zoneid=5390673&js_build=iclick-v1.436.1&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=0&pl=https%3A%2F%2Fwww.selsabil.com%2F2020%2F05%2Fresume-science-islamique-3as-pdf.html&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.436.1&bs=8eb79e52-5ed9-4869-9989-45ac9b820148&userId=9d1ce4f285c04abea39acab48844335f&m=link
IP 139.45.197.243:0
GET /?rb=e5PUGgWY6WsEqxhfhw89HTeJ7mBUTr_CEHwWT3LIw1JrvH7f-lgANAamS4IcMLZWSw9tQPpZ3y3S1kml44jtVxxG1kR9_QGP0HEH1e49SyXRxFAy2exUgNx7714Jrsnsxy543tOEx9JScaQqbtJFkCO4CjXh-49ruD2qJhTXOMjFvE6buPPjf1N5h12tFEMLNwMhefREwkLuD2mjVChnXlercyw%3D&request_ab2=0&zoneid=5390673&js_build=iclick-v1.436.1&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=0&pl=https%3A%2F%2Fwww.selsabil.com%2F2020%2F05%2Fresume-science-islamique-3as-pdf.html&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.436.1&bs=8eb79e52-5ed9-4869-9989-45ac9b820148&userId=9d1ce4f285c04abea39acab48844335f&m=link HTTP/1.1
Host: onmarshtompor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.selsabil.com/
Origin: https://www.selsabil.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 16 Oct 2022 16:49:54 GMT
content-type: application/json
x-trace-id: 1580d586c1a2579cab50d53dd8fe84ed
access-control-allow-origin: https://www.selsabil.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=9d1ce4f285c04abea39acab48844335f; expires=Mon, 16 Oct 2023 16:49:54 GMT; path=/; secure; SameSite=None
oaidts=1665938994; expires=Mon, 16 Oct 2023 16:49:54 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Sun, 23 Oct 2022 16:49:54 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
saptorge.com/500/5357174?excludes=&oaid=9d1ce4f285c04abea39acab48844335f&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fwww.selsabil.com%2F2020%2F05%2Fresume-science-islamique-3as-pdf.html&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.238200 OK 0 B URL HTTP/2 saptorge.com/500/5357174?excludes=&oaid=9d1ce4f285c04abea39acab48844335f&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fwww.selsabil.com%2F2020%2F05%2Fresume-science-islamique-3as-pdf.html&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.238:0
Analyzer Verdict Alert quad9 Sinkholed
GET /500/5357174?excludes=&oaid=9d1ce4f285c04abea39acab48844335f&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fwww.selsabil.com%2F2020%2F05%2Fresume-science-islamique-3as-pdf.html&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: saptorge.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://www.selsabil.com
Connection: keep-alive
Referer: https://www.selsabil.com/
Cookie: OAID=9d1ce4f285c04abea39acab48844335f
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 16 Oct 2022 16:49:54 GMT
content-type: application/javascript
x-trace-id: 59f779300aea5f76ce5e4619542d774d
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://www.selsabil.com
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=9d1ce4f285c04abea39acab48844335f; expires=Mon, 16 Oct 2023 16:49:54 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
betotodilea.com/400/5390670?oo=1&oaid=9d1ce4f285c04abea39acab48844335f
139.45.197.237200 OK 0 B URL HTTP/2 betotodilea.com/400/5390670?oo=1&oaid=9d1ce4f285c04abea39acab48844335f
IP 139.45.197.237:0
GET /400/5390670?oo=1&oaid=9d1ce4f285c04abea39acab48844335f HTTP/1.1
Host: betotodilea.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.selsabil.com
Connection: keep-alive
Referer: https://www.selsabil.com/
Cookie: OAID=4f99ab92434e4ef1b491f8bbf5f9ff8e
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 16 Oct 2022 16:49:54 GMT
content-type: application/json
x-trace-id: e8a7e9c62e98c64c6f59fecd6a096da6
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://www.selsabil.com
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=9d1ce4f285c04abea39acab48844335f; expires=Mon, 16 Oct 2023 16:49:54 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
saptorge.com/400/5357174
139.45.197.238200 OK 0 B IP 139.45.197.238:0
Analyzer Verdict Alert quad9 Sinkholed
GET /400/5357174 HTTP/1.1
Host: saptorge.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.selsabil.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 16 Oct 2022 16:49:54 GMT
content-type: application/javascript
x-trace-id: c67f2588702b9bb3b35bc909c3e614ea
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=721f5cd377c347a6a5cc5979e084d630; expires=Mon, 16 Oct 2023 16:49:54 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
nanouwho.com/9?z=5390671&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww.selsabil.com%2F2020%2F05%2Fresume-science-islamique-3as-pdf.html&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=9d1ce4f285c04abea39acab48844335f
139.45.197.242200 OK 0 B URL HTTP/2 nanouwho.com/9?z=5390671&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww.selsabil.com%2F2020%2F05%2Fresume-science-islamique-3as-pdf.html&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=9d1ce4f285c04abea39acab48844335f
IP 139.45.197.242:0
Analyzer Verdict Alert quad9 Sinkholed
POST /9?z=5390671&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww.selsabil.com%2F2020%2F05%2Fresume-science-islamique-3as-pdf.html&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=9d1ce4f285c04abea39acab48844335f HTTP/1.1
Host: nanouwho.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 819
Origin: https://www.selsabil.com
Connection: keep-alive
Referer: https://www.selsabil.com/
Cookie: scm=1; OAID=62f3cd0cba5d40faa76b533432a68037; oaidts=1665938994
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 16 Oct 2022 16:49:54 GMT
content-type: application/json
access-control-allow-credentials: true
access-control-allow-origin: https://www.selsabil.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: 5e2fe9099b9482e12ff06bef63e3962f
access-control-expose-headers: X-Sc
set-cookie: OAID=9d1ce4f285c04abea39acab48844335f; expires=Mon, 16 Oct 2023 16:49:54 GMT; secure; SameSite=None
oaidts=1665938994; expires=Mon, 16 Oct 2023 16:49:54 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
creepingbrings.com/sfp.js
104.21.234.232200 OK 0 B URL HTTP/2 creepingbrings.com/sfp.js
IP 104.21.234.232:0
GET /sfp.js HTTP/1.1
Host: creepingbrings.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.selsabil.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 16 Oct 2022 16:49:54 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 164169277d4431026b7c591745fa0559
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Sun, 16 Oct 2022 16:49:54 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K2HwegWTYkod8GIdLURNGjeaXWByNtFQJoZEcKkONuvQu7bN6gNHHSJRHBmgCoTWZYLp2zm4ar%2BpTgPSrDPzWIMImlgrApFAYuAaeq28FJxJT9pFbzewfhbupTEpPE7LXYgpHI4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75b24a5cd828f3f3-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
gloaphoo.net/500/5382274?excludes=&oaid=9d1ce4f285c04abea39acab48844335f&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fwww.selsabil.com%2F2020%2F05%2Fresume-science-islamique-3as-pdf.html&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.239200 OK 0 B URL HTTP/2 gloaphoo.net/500/5382274?excludes=&oaid=9d1ce4f285c04abea39acab48844335f&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fwww.selsabil.com%2F2020%2F05%2Fresume-science-islamique-3as-pdf.html&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.239:0
Analyzer Verdict Alert quad9 Sinkholed
GET /500/5382274?excludes=&oaid=9d1ce4f285c04abea39acab48844335f&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&pl=https%3A%2F%2Fwww.selsabil.com%2F2020%2F05%2Fresume-science-islamique-3as-pdf.html&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: gloaphoo.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://www.selsabil.com
Connection: keep-alive
Referer: https://www.selsabil.com/
Cookie: OAID=b8b8aae111244bbc86c324270ef41d95
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 16 Oct 2022 16:49:54 GMT
content-type: application/javascript
x-trace-id: c541e50bc6aedee3f1395e30777ff0ef
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
vary: Origin
access-control-allow-origin: https://www.selsabil.com
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=9d1ce4f285c04abea39acab48844335f; expires=Mon, 16 Oct 2023 16:49:54 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2