onepiecean.com/%D9%85%D8%A7%D9%86%D8%AC%D8%A7-%D9%88%D9%86-%D8%A8%D9%8A%D8%B3-%D9%81%D8%B5%D9%84-1075/
153.92.220.123301 Moved Permanently 707 B URL HTTP/1.1 onepiecean.com/%D9%85%D8%A7%D9%86%D8%AC%D8%A7-%D9%88%D9%86-%D8%A8%D9%8A%D8%B3-%D9%81%D8%B5%D9%84-1075/
IP 153.92.220.123:0
ASN #47583 Hostinger International Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
GET /%D9%85%D8%A7%D9%86%D8%AC%D8%A7-%D9%88%D9%86-%D8%A8%D9%8A%D8%B3-%D9%81%D8%B5%D9%84-1075/ HTTP/1.1
Host: onepiecean.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Wed, 15 Feb 2023 23:43:13 GMT
server: LiteSpeed
location: https://onepiecean.com/مانجا-ون-بيس-فصل-1075/
platform: hostinger
content-security-policy: upgrade-insecure-requests
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4e78a380539960903ccc45f8ce47f434
87563f3db248a83ef5cb030836137976ab500be7
aa0a995b254f5db7f523b19e8d1d169828eb621680e8b6169df8e99643f85b73
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AA0A995B254F5DB7F523B19E8D1D169828EB621680E8B6169DF8E99643F85B73"
Last-Modified: Tue, 14 Feb 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10347
Expires: Thu, 16 Feb 2023 02:35:40 GMT
Date: Wed, 15 Feb 2023 23:43:13 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9b39c3955aa73765d5c9cbe0d4c52f83
b13bf774f0189207d90d846b86b68fcf2f64f868
f6fea261b800d26e329ced17006c9f5d10b6c490dac3b2276cc7b0e2aa38316c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F6FEA261B800D26E329CED17006C9F5D10B6C490DAC3B2276CC7B0E2AA38316C"
Last-Modified: Mon, 13 Feb 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12358
Expires: Thu, 16 Feb 2023 03:09:11 GMT
Date: Wed, 15 Feb 2023 23:43:13 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Backoff, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 15 Feb 2023 22:49:10 GMT
content-type: application/json
age: 3243
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e4879878d8594ad779e96e43ceadae35
e81c37ddd67123e47ea15707896b807a306d8d7e
c50069d7380586c743cddc2678baab9bb04400c70c28c3102650264ef806319c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C50069D7380586C743CDDC2678BAAB9BB04400C70C28C3102650264EF806319C"
Last-Modified: Wed, 15 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6835
Expires: Thu, 16 Feb 2023 01:37:08 GMT
Date: Wed, 15 Feb 2023 23:43:13 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e76071a28ee566dababb3834f46d68ed
aebb4e68c1ba2de0f90025283e8ed8470944fde0
78b6df2627172e5b35476bc31020f02898cdc412aaf4337af2c3b049a60912b6
GET /chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: QbmUC2XApDlhK6/KKLBpMkx6U6jE1/4qI3iH3Ja4rhCxpZtSGZvm1tOyr5/KfR8KsBIG1Ec8lmI=
x-amz-request-id: 6M0H82GTBD8BGBDS
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 15 Feb 2023 22:49:07 GMT
age: 3246
last-modified: Sun, 29 Jan 2023 18:44:47 GMT
etag: "e76071a28ee566dababb3834f46d68ed"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 15 Feb 2023 23:43:13 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
onepiecean.com/%D9%85%D8%A7%D9%86%D8%AC%D8%A7-%D9%88%D9%86-%D8%A8%D9%8A%D8%B3-%D9%81%D8%B5%D9%84-1075/
153.92.220.123200 OK 162 kB URL HTTP/2 onepiecean.com/%D9%85%D8%A7%D9%86%D8%AC%D8%A7-%D9%88%D9%86-%D8%A8%D9%8A%D8%B3-%D9%81%D8%B5%D9%84-1075/
IP 153.92.220.123:0
ASN #47583 Hostinger International Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (13672), with CRLF, LF line terminators
Size 162 kB (162431 bytes)
Hash 39f33b4940076be001a635e7f0f3b674
6d37980229345453619262f5748067e5781869f7
e353cc8ad5049227364bde5e6b170923b11d2ca750e9b90ce93ff4cf9f1de172
GET /%D9%85%D8%A7%D9%86%D8%AC%D8%A7-%D9%88%D9%86-%D8%A8%D9%8A%D8%B3-%D9%81%D8%B5%D9%84-1075/ HTTP/1.1
Host: onepiecean.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
x-powered-by: PHP/8.0.24
content-type: text/html; charset=UTF-8
x-pingback: https://onepiecean.com/xmlrpc.php
link: <https://onepiecean.com/wp-json/>; rel="https://api.w.org/", <https://onepiecean.com/wp-json/wp/v2/posts/4136>; rel="alternate"; type="application/json", <https://onepiecean.com/?p=4136>; rel=shortlink
etag: "34-1676302037;br"
x-litespeed-cache: hit
content-encoding: br
vary: Accept-Encoding
content-length: 162431
date: Wed, 15 Feb 2023 23:43:13 GMT
server: LiteSpeed
platform: hostinger
content-security-policy: upgrade-insecure-requests
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
c0.wp.com/c/6.1.1/wp-includes/css/classic-themes.min.css
192.0.77.37200 OK 217 B URL HTTP/2 c0.wp.com/c/6.1.1/wp-includes/css/classic-themes.min.css
IP 192.0.77.37:0
Hash 95e891f28e44a9b314c09545d86be2b7
f9b13a8bd47273b086a0a07df15f314e0af0bc3e
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
GET /c/6.1.1/wp-includes/css/classic-themes.min.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://onepiecean.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 15 Feb 2023 23:43:14 GMT
content-type: text/css
content-length: 217
last-modified: Tue, 25 Oct 2022 13:45:16 GMT
expires: Thu, 15 Feb 2024 23:43:14 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 41f786dc320d596c3f7fc011124a2ee6
5f435091c663d764e3945979fba8b4980d20117b
6e8c88df236712198e3550b6017c73d0b39d097316baaefbbe0023def56b17d4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 15 Feb 2023 23:43:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
c0.wp.com/p/jetpack/11.8/css/jetpack-rtl.css
192.0.77.37200 OK 19 kB URL HTTP/2 c0.wp.com/p/jetpack/11.8/css/jetpack-rtl.css
IP 192.0.77.37:0
File type Unicode text, UTF-8 text, with very long lines (65533), with no line terminators
Hash 70cd64887357594be61d5c853cf59849
e101b330b4264fa60b48f55ac6c1a3799f5d332b
6ee4c594c549dfbe9c911586484bab649876b8a1507ef16619c2fa5bea63c082
GET /p/jetpack/11.8/css/jetpack-rtl.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://onepiecean.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 15 Feb 2023 23:43:14 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Tue, 31 Jan 2023 16:51:57 GMT
content-encoding: br
expires: Thu, 15 Feb 2024 23:43:14 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 81a861ad34eebfde7b0fb8be89ae9a80
4e36dac83150fac2efa4cada5b72ae50fe7aa95c
f9dca744ee31eaffa8710d2e1863ce4ee0e0a206b0288b82a6631f4e424c561d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 15 Feb 2023 23:43:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 81a861ad34eebfde7b0fb8be89ae9a80
4e36dac83150fac2efa4cada5b72ae50fe7aa95c
f9dca744ee31eaffa8710d2e1863ce4ee0e0a206b0288b82a6631f4e424c561d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 15 Feb 2023 23:43:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
c0.wp.com/c/6.1.1/wp-includes/js/jquery/jquery-migrate.min.js
192.0.77.37200 OK 4.5 kB URL HTTP/2 c0.wp.com/c/6.1.1/wp-includes/js/jquery/jquery-migrate.min.js
IP 192.0.77.37:0
File type ASCII text, with very long lines (11126)
Hash 665041d8a28f071ee9d16c023a3003d3
f82a3f3144999a9130ac4a48006afcfef647ea2f
747662ee30a8426952fe6e01052f3add0b592c0e6755a7a2677a534b2d872fe8
GET /c/6.1.1/wp-includes/js/jquery/jquery-migrate.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://onepiecean.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 15 Feb 2023 23:43:14 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
content-encoding: br
expires: Thu, 15 Feb 2024 23:43:14 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=G-HC57ZV9X5S
142.250.74.40200 OK 68 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-HC57ZV9X5S
IP 142.250.74.40:0
File type ASCII text, with very long lines (6356)
Hash c355f5784d9421354cb59d623cb0792b
6d7ca0a431938ff3cfe6d78baf02577fea5d7211
ddf97c041cc0de493bfb2deb461a31b2374f6038774cc56f4220bdb9079b05c3
GET /gtag/js?id=G-HC57ZV9X5S HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://onepiecean.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 15 Feb 2023 23:43:14 GMT
expires: Wed, 15 Feb 2023 23:43:14 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 68150
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 81a861ad34eebfde7b0fb8be89ae9a80
4e36dac83150fac2efa4cada5b72ae50fe7aa95c
f9dca744ee31eaffa8710d2e1863ce4ee0e0a206b0288b82a6631f4e424c561d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 15 Feb 2023 23:43:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
c0.wp.com/c/6.1.1/wp-includes/js/comment-reply.min.js
192.0.77.37200 OK 1.7 kB URL HTTP/2 c0.wp.com/c/6.1.1/wp-includes/js/comment-reply.min.js
IP 192.0.77.37:0
File type ASCII text, with very long lines (2946)
Hash 80d1e0c100e6e40c3749fc0e550233f6
aea23dcdc7d190a8d6111195fcf931ac8af6e7bf
b209521ed2ed86786ede511025ca9962d686b54db551d4ab0adbcb028b19aef9
GET /c/6.1.1/wp-includes/js/comment-reply.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://onepiecean.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 15 Feb 2023 23:43:14 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Fri, 08 Apr 2022 20:07:18 GMT
content-encoding: br
expires: Thu, 15 Feb 2024 23:43:14 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 835f4eb44d54a936a580f5b24f1fcfed
8dd20b3a96ba5d6217ab9897e98e136004496126
a02ffeb5dc7ef8e6f01d19515934d6e48ae475b6ee9611dd1c9a69219f0bc2f4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A02FFEB5DC7EF8E6F01D19515934D6E48AE475B6EE9611DD1C9A69219F0BC2F4"
Last-Modified: Tue, 14 Feb 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15913
Expires: Thu, 16 Feb 2023 04:08:27 GMT
Date: Wed, 15 Feb 2023 23:43:14 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash e811c05d7b791b98aea6b2fcb476f10e
22446c9850bfaad80e9a21ae5e12b6f08eab0322
f07288128edd8100435652b4323bea8c678afcfb5769f8a7ca00be962b8e989a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 15 Feb 2023 23:43:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 81a861ad34eebfde7b0fb8be89ae9a80
4e36dac83150fac2efa4cada5b72ae50fe7aa95c
f9dca744ee31eaffa8710d2e1863ce4ee0e0a206b0288b82a6631f4e424c561d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 15 Feb 2023 23:43:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 343462596febed951e5416f782fdb410
482a2d8fb0097a455ac0cf361f8cddb4239ef236
19eda0a653b9dfbfdbc19cf6f7fdd95cdc816f5c090aa13f8290bd9dbc63d6ee
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "19EDA0A653B9DFBFDBC19CF6F7FDD95CDC816F5C090AA13F8290BD9DBC63D6EE"
Last-Modified: Wed, 15 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18413
Expires: Thu, 16 Feb 2023 04:50:07 GMT
Date: Wed, 15 Feb 2023 23:43:14 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Last-Modified, Alert, Backoff, Content-Type, Pragma, Expires, Cache-Control, Retry-After, ETag
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 15 Feb 2023 23:14:54 GMT
age: 1700
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d454431cc6b41a0b2dd150aa93fcf5e4
c3fd421ed778ac50c890a82406196d42b3da7dbc
9a9e38082f3289e524c242580153fd1bafd35f4700c9af89fb7e2a92d4adf638
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9A9E38082F3289E524C242580153FD1BAFD35F4700C9AF89FB7E2A92D4ADF638"
Last-Modified: Wed, 15 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8839
Expires: Thu, 16 Feb 2023 02:10:33 GMT
Date: Wed, 15 Feb 2023 23:43:14 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c7ef2d6814890e55cd67787012176d5d
635326a8497e57a17c6d79b9bf799bdd7be19963
d748db27a50bb1d48d7e2eceed3fe4d1a1a0d9daa58248993a403e133757271b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D748DB27A50BB1D48D7E2ECEED3FE4D1A1A0D9DAA58248993A403E133757271B"
Last-Modified: Wed, 15 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4805
Expires: Thu, 16 Feb 2023 01:03:19 GMT
Date: Wed, 15 Feb 2023 23:43:14 GMT
Connection: keep-alive
stats.wp.com/e-202307.js
192.0.76.3200 OK 3.0 kB IP 192.0.76.3:0
File type ASCII text, with very long lines (2690)
Hash 9f409cdc9d77b01eb7a8256278883970
98c47d838098cf7bd468fdad4b494f648bfc0388
e51981b99d804b5e7a722e4d174ed49df41a9383b0de74be8a55743072f70606
GET /e-202307.js HTTP/1.1
Host: stats.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://onepiecean.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 15 Feb 2023 23:43:14 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"6197c5cf-3508"
content-encoding: br
expires: Mon, 12 Feb 2024 07:22:00 GMT
cache-control: max-age=31536000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5ea69200b2e7a122c79c5da762d037de
bb5bb0e3cf15fc4023409249dcb7878e9e148ca0
e5a679e6cdbc2c00b1fdee7766e7dc9b6ae5094134361b904f0d5d978cdfbafb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 15 Feb 2023 23:43:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
c0.wp.com/c/6.1.1/wp-includes/css/dist/editor/style-rtl.min.css
192.0.77.37200 OK 82 kB URL HTTP/2 c0.wp.com/c/6.1.1/wp-includes/css/dist/editor/style-rtl.min.css
IP 192.0.77.37:0
File type Unicode text, UTF-8 text, with very long lines (18796), with no line terminators
Hash 602e49c98e1901d3695d378a6a0f6032
644c64ab359bb97b4393b2bd4bcc2e7c9e97faf5
a1e66abfb5e563e399728b8735f21f5ecdf147098ff96d01ccdbcf3326c97002
GET /c/6.1.1/wp-includes/css/dist/editor/style-rtl.min.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://onepiecean.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 15 Feb 2023 23:43:14 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Tue, 20 Sep 2022 15:43:29 GMT
content-encoding: br
expires: Thu, 15 Feb 2024 23:43:14 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
c0.wp.com/c/6.1.1/wp-includes/js/mediaelement/wp-mediaelement.min.css
192.0.77.37200 OK 1.5 kB URL HTTP/2 c0.wp.com/c/6.1.1/wp-includes/js/mediaelement/wp-mediaelement.min.css
IP 192.0.77.37:0
File type ASCII text, with very long lines (4186), with no line terminators
Hash 83d861f9c45c483c9eb002c812247099
e144cad63e796ceac0ad90e0ec2dcfee95074463
75bc4556524d455f18d857cfd097c04ccf3396424d1e6d0893deffbf2f6fe8dd
GET /c/6.1.1/wp-includes/js/mediaelement/wp-mediaelement.min.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://onepiecean.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 15 Feb 2023 23:43:14 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Fri, 07 Jun 2019 20:45:02 GMT
content-encoding: br
expires: Thu, 15 Feb 2024 23:43:14 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
fonts.gstatic.com/ea/droidarabicnaskh/v7/DroidNaskh-Regular.woff2
142.250.74.35200 OK 39 kB URL HTTP/2 fonts.gstatic.com/ea/droidarabicnaskh/v7/DroidNaskh-Regular.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 39220, version 1.0\012- data
Hash 7a296cb107508f675d6379a568b635f4
44f744aef0571689f6747cb26dda6289957a3751
68b4ac5833d4474ef046db5c1495c5b70c16f6fe6f219656dbb7129b8faeed20
GET /ea/droidarabicnaskh/v7/DroidNaskh-Regular.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://onepiecean.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 39220
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 10 Feb 2023 03:17:22 GMT
expires: Sat, 10 Feb 2024 03:17:22 GMT
cache-control: public, max-age=31536000
age: 505552
last-modified: Wed, 13 Aug 2014 16:50:04 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
c0.wp.com/c/6.1.1/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css
192.0.77.37200 OK 44 kB URL HTTP/2 c0.wp.com/c/6.1.1/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css
IP 192.0.77.37:0
File type ASCII text, with very long lines (11256), with no line terminators
Hash 215559672c93e39960394f50970d0c22
23405e02461f98c39f2f97bae63cf680368435de
0e51f75cb65dc2123208cf64d1df1ac099e217f0b3f358ab301f413aabfb131a
GET /c/6.1.1/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://onepiecean.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 15 Feb 2023 23:43:14 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Tue, 29 Sep 2020 15:53:06 GMT
content-encoding: br
expires: Thu, 15 Feb 2024 23:43:14 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
fonts.gstatic.com/s/muli/v28/7Auwp_0qiz-afTLGLQ.woff2
142.250.74.35200 OK 31 kB URL HTTP/2 fonts.gstatic.com/s/muli/v28/7Auwp_0qiz-afTLGLQ.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 31196, version 1.0\012- data
Hash ea2343c7dccad57360fb611d67204445
b603d9e68bb1ed5e4b33d5e31121160cb4d23452
2a04078f9550381b5148170ceaf5b378a1b31ed8274c6d0094aeba6f599462cc
GET /s/muli/v28/7Auwp_0qiz-afTLGLQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://onepiecean.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 31196
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 Feb 2023 12:07:24 GMT
expires: Fri, 09 Feb 2024 12:07:24 GMT
cache-control: public, max-age=31536000
age: 560150
last-modified: Mon, 11 Jul 2022 20:43:05 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
glizauvo.net/400/5643867
139.45.197.236200 OK 33 kB IP 139.45.197.236:0
Hash 9b3aa536fc1e101c9d3ac26e63620474
d1a2250f01edd5f2a16a9eb54331040a6c1852c1
a83103811a7047c29de1047fb1e8c9cb117e3118b070097870f23ab8c87d83e9
GET /400/5643867 HTTP/1.1
Host: glizauvo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://onepiecean.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 15 Feb 2023 23:43:14 GMT
content-type: application/javascript
x-trace-id: 71091e4c5ed3afd539eb842049f55d56
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=3e7e1e8dbf0041729bcd909442d098e1; expires=Thu, 15 Feb 2024 23:43:14 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
fonts.gstatic.com/ea/droidarabickufi/v6/DroidKufi-Regular.woff2
142.250.74.35200 OK 31 kB URL HTTP/2 fonts.gstatic.com/ea/droidarabickufi/v6/DroidKufi-Regular.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 31248, version 1.0\012- data
Hash 436938da6ed799ca17110e719e4d2e51
b7ef31b6085a9f0963dffe7939abca527724d389
a7b09bb9c8e8e2fb189204e08ed94bd8096c118780b5e926847cf2748ca7c5c2
GET /ea/droidarabickufi/v6/DroidKufi-Regular.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://onepiecean.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 31248
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 Feb 2023 05:45:31 GMT
expires: Fri, 09 Feb 2024 05:45:31 GMT
cache-control: public, max-age=31536000
age: 583063
last-modified: Wed, 13 Aug 2014 16:50:04 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8aa1918d44330cd0ffa5893ff16ca66b
aeadb9d884c1c9e0ef44b902b6bf5aaa4949ca46
bc1c2e179713e1d9ea65de7fed5e3579de6e8e9810bf3b975837f4d70bc1e622
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BC1C2E179713E1D9EA65DE7FED5E3579DE6E8E9810BF3B975837F4D70BC1E622"
Last-Modified: Tue, 14 Feb 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1249
Expires: Thu, 16 Feb 2023 00:04:03 GMT
Date: Wed, 15 Feb 2023 23:43:14 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9f1f931fc46fde4b518b88a2d937f409
6a490a6f920afb610fa120b58067c493b7fec79c
0c47a068a63792fe26a1fcc6f92921406aa431a1c35fe5f788d199997e2e03e3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0C47A068A63792FE26A1FCC6F92921406AA431A1C35FE5F788D199997E2E03E3"
Last-Modified: Wed, 15 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1823
Expires: Thu, 16 Feb 2023 00:13:37 GMT
Date: Wed, 15 Feb 2023 23:43:14 GMT
Connection: keep-alive
fonts.gstatic.com/s/notokufiarabic/v15/CSRk4ydQnPyaDxEXLFF6LZVLKrodrOYFFg.woff2
142.250.74.35200 OK 86 kB URL HTTP/2 fonts.gstatic.com/s/notokufiarabic/v15/CSRk4ydQnPyaDxEXLFF6LZVLKrodrOYFFg.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 86024, version 1.0\012- data
Hash 9a07c05956777b7237568cfcfdf20532
782172cbf31125e67beab9b8b82c876c142294fd
ea591f0d4d85b2fc80db86a816a83f9d206faa51d4bad44025bff11057dff992
GET /s/notokufiarabic/v15/CSRk4ydQnPyaDxEXLFF6LZVLKrodrOYFFg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://onepiecean.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 86024
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 13 Feb 2023 08:55:48 GMT
expires: Tue, 13 Feb 2024 08:55:48 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 18 Jul 2022 19:16:13 GMT
content-type: font/woff2
age: 226046
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
c0.wp.com/c/6.1.1/wp-includes/css/dist/nux/style-rtl.min.css
192.0.77.37200 OK 16 kB URL HTTP/2 c0.wp.com/c/6.1.1/wp-includes/css/dist/nux/style-rtl.min.css
IP 192.0.77.37:0
File type ASCII text, with very long lines (2671), with no line terminators
Hash 045f273c193a5088947de18733bd7743
606d7a2c5e0332adfc8c4dd6a794f3e9fdbab20a
80f71482d8aac82c280424892315d6a8a30672990b7d8ffb3cb07b441001dc25
GET /c/6.1.1/wp-includes/css/dist/nux/style-rtl.min.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://onepiecean.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 15 Feb 2023 23:43:14 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Tue, 20 Sep 2022 15:43:29 GMT
content-encoding: br
expires: Thu, 15 Feb 2024 23:43:14 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
c0.wp.com/c/6.1.1/wp-includes/css/dist/reusable-blocks/style-rtl.min.css
192.0.77.37200 OK 16 kB URL HTTP/2 c0.wp.com/c/6.1.1/wp-includes/css/dist/reusable-blocks/style-rtl.min.css
IP 192.0.77.37:0
File type ASCII text, with very long lines (522), with no line terminators
Hash 93dbccc4c05ab8a6a47e11efe1d60894
53aa3df17c80e6524baee253eafd05b3c59087ca
568a966b69d608f71e1299656fc40febafd542cef3aca964f5ebe4b6501617c2
GET /c/6.1.1/wp-includes/css/dist/reusable-blocks/style-rtl.min.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://onepiecean.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 15 Feb 2023 23:43:14 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Mon, 08 Nov 2021 14:29:21 GMT
content-encoding: br
expires: Thu, 15 Feb 2024 23:43:14 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
c0.wp.com/c/6.1.1/wp-includes/css/dist/components/style-rtl.min.css
192.0.77.37200 OK 43 kB URL HTTP/2 c0.wp.com/c/6.1.1/wp-includes/css/dist/components/style-rtl.min.css
IP 192.0.77.37:0
File type Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
Hash 8b99df6bd9ebb44e65019558bcb01026
e2470bca28406b33a118d4f0c539d8cf3a43c285
54b4a1fa9be28b981d5d6af1af1b1b207be515e892c3bac0feb016c5979cb663
GET /c/6.1.1/wp-includes/css/dist/components/style-rtl.min.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://onepiecean.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 15 Feb 2023 23:43:14 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Tue, 20 Sep 2022 15:43:29 GMT
content-encoding: br
expires: Thu, 15 Feb 2024 23:43:14 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
pixel.wp.com/g.gif?v=ext&blog=213600528&post=4136&tz=0&srv=onepiecean.com&j=1%3A11.8&host=onepiecean.com&ref=&fcp=1159&rand=0.43915610857732656
192.0.76.3200 OK 50 B URL HTTP/2 pixel.wp.com/g.gif?v=ext&blog=213600528&post=4136&tz=0&srv=onepiecean.com&j=1%3A11.8&host=onepiecean.com&ref=&fcp=1159&rand=0.43915610857732656
IP 192.0.76.3:0
File type GIF image data, version 89a, 6 x 5\012- data
Hash e4d673a55c5656f19ef81563fb10884c
1f2d8ed221d39329251ad3a6ff1edb20b7219443
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
GET /g.gif?v=ext&blog=213600528&post=4136&tz=0&srv=onepiecean.com&j=1%3A11.8&host=onepiecean.com&ref=&fcp=1159&rand=0.43915610857732656 HTTP/1.1
Host: pixel.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://onepiecean.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 15 Feb 2023 23:43:14 GMT
content-type: image/gif
content-length: 50
cache-control: no-cache
access-control-allow-origin: *
X-Firefox-Spdy: h2
whulsaux.com/tag.min.js
139.45.197.244200 OK 24 kB IP 139.45.197.244:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 376b9ac99161ce4cfaf60d921781a401
84f418e24d7a44b2d9e9cac0589ec1b819f9bf5f
c11eade1f85f12ebaf4bcc8c767d2abacc9104e73b1787612c15331a209bc4f6
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /tag.min.js HTTP/1.1
Host: whulsaux.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://onepiecean.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 15 Feb 2023 23:43:14 GMT
content-type: text/javascript; charset=utf-8
content-length: 23567
content-encoding: br
x-trace-id: 789b31701df1e499ad200caebaf1fc70
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
accept-ranges: bytes
last-modified: Tue, 14 Feb 2023 15:09:00 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
whulsaux.com/5/5645211/?oo=1&aab=1
139.45.197.244200 OK 30 kB URL HTTP/2 whulsaux.com/5/5645211/?oo=1&aab=1
IP 139.45.197.244:0
Hash c4e3fc6ef2d6496ff30c1d0a9c8b352c
7a6c3fbe17768abc7342432aba0b9d9bcc5a16d6
a739a26ba98ed88557d8cb008eb7cf769b058969320bf09f6f5b70d291a2805f
Analyzer Verdict Alert quad9 Sinkholed
GET /5/5645211/?oo=1&aab=1 HTTP/1.1
Host: whulsaux.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://onepiecean.com
Connection: keep-alive
Referer: https://onepiecean.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 15 Feb 2023 23:43:14 GMT
content-type: application/json
x-trace-id: d87cb06c4052766b90220d9756d1794b
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: https://onepiecean.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=88e3fe6603d148a99d53f11881fdc21d; expires=Thu, 15 Feb 2024 23:43:14 GMT; path=/; secure; SameSite=None
oaidts=1676504594; expires=Thu, 15 Feb 2024 23:43:14 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
push.services.mozilla.com/
52.39.176.227101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.39.176.227:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: eTgJk16GtVx3ceKFHewpSQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: tWF6W7lAB5faUE5ylfgnF6Zlx4c=
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5ea69200b2e7a122c79c5da762d037de
bb5bb0e3cf15fc4023409249dcb7878e9e148ca0
e5a679e6cdbc2c00b1fdee7766e7dc9b6ae5094134361b904f0d5d978cdfbafb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 15 Feb 2023 23:43:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1p5/tEiVXY8dcAs
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/tEiVXY8dcAs
IP 142.250.74.131:0
Hash 06239d4a666fb80e0f2aac2a7e3787ea
f179985b5ffa13000a818d63263911b609ebd973
2cec6dbf65b883d3e87672d63d0d8cfab132827831b0f73026667454932cf7a1
POST /s/gts1p5/tEiVXY8dcAs HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 15 Feb 2023 23:43:15 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 87d22feffcbb4a73f31eda8015df7f0a
2f76e3285aab224dcadc937c8bd446b6596620fe
2cf0a791e8a5a398d3692bd3616e68131e3a5e4979421c9855073caed4d2fd39
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2CF0A791E8A5A398D3692BD3616E68131E3A5E4979421C9855073CAED4D2FD39"
Last-Modified: Wed, 15 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2316
Expires: Thu, 16 Feb 2023 00:21:51 GMT
Date: Wed, 15 Feb 2023 23:43:15 GMT
Connection: keep-alive
tzegilo.com/stattag.js
172.64.204.17200 OK 7.2 kB IP 172.64.204.17:0
File type ASCII text, with very long lines (17335), with no line terminators
Hash 48743c537c14b84c7440b9bf0d371129
bafaac3652f0fbbfe94761f095b4d11c3849b11e
ac39d4d0e8ec246f38c516b68210a586a89e92a7f3287465548907b53d12236b
GET /stattag.js HTTP/1.1
Host: tzegilo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://onepiecean.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 15 Feb 2023 23:43:15 GMT
content-type: application/javascript
last-modified: Fri, 10 Feb 2023 11:04:16 GMT
etag: W/"63e624b0-43b7"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 2978
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tOdbs9V15uxwGlPEMeZfLb6d%2F3uctiHX1APIzkOO%2BHCM%2BokBYa%2FhDF98%2Bbkw9s%2Fiw%2FamqI5jCVjl81unlzGNCd7d2w4iSYtfdkktremXAVms5Um5fst6BwUQAGKyag%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 79a1e798ebd47484-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
my.rtmark.net/gid.js
139.45.195.8200 OK 65 B IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash b6eabc3e5b6a45d6e9b3542f17f25060
be792d67af1ebd9f7676f3f4fd3753b1cf29fb50
513e333dc1ff52ebe27e7c45229b6cbe939a40413b9eed327172b11fbe96b10b
GET /gid.js HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://onepiecean.com
Connection: keep-alive
Referer: https://onepiecean.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 15 Feb 2023 23:43:15 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://onepiecean.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=5f7bef3400c5445ca127d577339c9a23; expires=Thu, 15 Feb 2024 23:43:15 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
arsnivyr.com/9?z=5645957&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fonepiecean.com%2F%25D9%2585%25D8%25A7%25D9%2586%25D8%25AC%25D8%25A7-%25D9%2588%25D9%2586-%25D8%25A8%25D9%258A%25D8%25B3-%25D9%2581%25D8%25B5%25D9%2584-1075%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=4&sah=1002&drf=&hil=1&ist=0&oaid=5f7bef3400c5445ca127d577339c9a23
139.45.197.242204 No Content 0 B URL HTTP/2 arsnivyr.com/9?z=5645957&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fonepiecean.com%2F%25D9%2585%25D8%25A7%25D9%2586%25D8%25AC%25D8%25A7-%25D9%2588%25D9%2586-%25D8%25A8%25D9%258A%25D8%25B3-%25D9%2581%25D8%25B5%25D9%2584-1075%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=4&sah=1002&drf=&hil=1&ist=0&oaid=5f7bef3400c5445ca127d577339c9a23
IP 139.45.197.242:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /9?z=5645957&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fonepiecean.com%2F%25D9%2585%25D8%25A7%25D9%2586%25D8%25AC%25D8%25A7-%25D9%2588%25D9%2586-%25D8%25A8%25D9%258A%25D8%25B3-%25D9%2581%25D8%25B5%25D9%2584-1075%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=4&sah=1002&drf=&hil=1&ist=0&oaid=5f7bef3400c5445ca127d577339c9a23 HTTP/1.1
Host: arsnivyr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://onepiecean.com/
Origin: https://onepiecean.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Wed, 15 Feb 2023 23:43:15 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://onepiecean.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
arsnivyr.com/11?rnd=1596055502&z=5645957&b=15763363&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=KWmaAjNJ2YTrefpcrS9DfdLS_mjGFe0nTL3-IIAO_cUHMXQAJKY6nygUhNlZ76x-_4js3DcZf7ZR8zPGY4QfgMACnJdb2NG3M1MDNvHSAes1q5f3GzNPZQXeFyUYdKWQ-wu3N3lvl5kUMMvsxT79qDJVpkLn9X7_6LzhN1TaVt8ykSgkGahO_Zr_jYKC9U8OiTDz9c4ymEZuJMvvrpXQXnv7mh6OejLcjlHWPluvLxGCe0wP_o5-IXETOEJuespsxWb7Yf5ViVrOsCJ3hfWziEM8hRZHbmCoD-UPzi2aJ3djEHSDT-BvHXDIwcMp6sYWcHyqt6jCGohYA6OkM7cB4DCcdMafyk_KdS2OYbYHV_cgs8_HrFYfz3lNNqABKtpeVrKZ5Wm9bBpbg5lhOQ_pfi11qE37bDVY6a0d92Btmp3sSqxmpRVt6KvmLiui1HjNlieKh3AXVV9Qe0wlVtC4m_hUraOkMbzpFEJ5fjlXsfDX2416mIzTWvjyx3bZMXi_rRULRNKA7q9N0syBxAfTnv6qZVqXlUDL09_vI4fWer77LBHXCiqXjNLc3xF8xut18Zn51P6sY7-JoZBn1C06-huTvBWOjUB2T63_VW3L3io0IZW-lF_k8hzhxESFOW9IGO_rGDr27O4whq0QKUA6kqddCTAczaa6xCPSn9B9o4cYw7Jznnq_ZaDYseQEEdYzYK08ZoOl1bFQ15N2IsC5KQ==&ruid=5e482dee-777e-4b8e-967b-b62331ec1c75&subid=649869982303268864&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fonepiecean.com%2F%25D9%2585%25D8%25A7%25D9%2586%25D8%25AC%25D8%25A7-%25D9%2588%25D9%2586-%25D8%25A8%25D9%258A%25D8%25B3-%25D9%2581%25D8%25B5%25D9%2584-1075%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=4&sah=1002&drf=&hil=1&ist=0&ot=85
139.45.197.242200 OK 0 B URL HTTP/2 arsnivyr.com/11?rnd=1596055502&z=5645957&b=15763363&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=KWmaAjNJ2YTrefpcrS9DfdLS_mjGFe0nTL3-IIAO_cUHMXQAJKY6nygUhNlZ76x-_4js3DcZf7ZR8zPGY4QfgMACnJdb2NG3M1MDNvHSAes1q5f3GzNPZQXeFyUYdKWQ-wu3N3lvl5kUMMvsxT79qDJVpkLn9X7_6LzhN1TaVt8ykSgkGahO_Zr_jYKC9U8OiTDz9c4ymEZuJMvvrpXQXnv7mh6OejLcjlHWPluvLxGCe0wP_o5-IXETOEJuespsxWb7Yf5ViVrOsCJ3hfWziEM8hRZHbmCoD-UPzi2aJ3djEHSDT-BvHXDIwcMp6sYWcHyqt6jCGohYA6OkM7cB4DCcdMafyk_KdS2OYbYHV_cgs8_HrFYfz3lNNqABKtpeVrKZ5Wm9bBpbg5lhOQ_pfi11qE37bDVY6a0d92Btmp3sSqxmpRVt6KvmLiui1HjNlieKh3AXVV9Qe0wlVtC4m_hUraOkMbzpFEJ5fjlXsfDX2416mIzTWvjyx3bZMXi_rRULRNKA7q9N0syBxAfTnv6qZVqXlUDL09_vI4fWer77LBHXCiqXjNLc3xF8xut18Zn51P6sY7-JoZBn1C06-huTvBWOjUB2T63_VW3L3io0IZW-lF_k8hzhxESFOW9IGO_rGDr27O4whq0QKUA6kqddCTAczaa6xCPSn9B9o4cYw7Jznnq_ZaDYseQEEdYzYK08ZoOl1bFQ15N2IsC5KQ==&ruid=5e482dee-777e-4b8e-967b-b62331ec1c75&subid=649869982303268864&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fonepiecean.com%2F%25D9%2585%25D8%25A7%25D9%2586%25D8%25AC%25D8%25A7-%25D9%2588%25D9%2586-%25D8%25A8%25D9%258A%25D8%25B3-%25D9%2581%25D8%25B5%25D9%2584-1075%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=4&sah=1002&drf=&hil=1&ist=0&ot=85
IP 139.45.197.242:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /11?rnd=1596055502&z=5645957&b=15763363&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=KWmaAjNJ2YTrefpcrS9DfdLS_mjGFe0nTL3-IIAO_cUHMXQAJKY6nygUhNlZ76x-_4js3DcZf7ZR8zPGY4QfgMACnJdb2NG3M1MDNvHSAes1q5f3GzNPZQXeFyUYdKWQ-wu3N3lvl5kUMMvsxT79qDJVpkLn9X7_6LzhN1TaVt8ykSgkGahO_Zr_jYKC9U8OiTDz9c4ymEZuJMvvrpXQXnv7mh6OejLcjlHWPluvLxGCe0wP_o5-IXETOEJuespsxWb7Yf5ViVrOsCJ3hfWziEM8hRZHbmCoD-UPzi2aJ3djEHSDT-BvHXDIwcMp6sYWcHyqt6jCGohYA6OkM7cB4DCcdMafyk_KdS2OYbYHV_cgs8_HrFYfz3lNNqABKtpeVrKZ5Wm9bBpbg5lhOQ_pfi11qE37bDVY6a0d92Btmp3sSqxmpRVt6KvmLiui1HjNlieKh3AXVV9Qe0wlVtC4m_hUraOkMbzpFEJ5fjlXsfDX2416mIzTWvjyx3bZMXi_rRULRNKA7q9N0syBxAfTnv6qZVqXlUDL09_vI4fWer77LBHXCiqXjNLc3xF8xut18Zn51P6sY7-JoZBn1C06-huTvBWOjUB2T63_VW3L3io0IZW-lF_k8hzhxESFOW9IGO_rGDr27O4whq0QKUA6kqddCTAczaa6xCPSn9B9o4cYw7Jznnq_ZaDYseQEEdYzYK08ZoOl1bFQ15N2IsC5KQ==&ruid=5e482dee-777e-4b8e-967b-b62331ec1c75&subid=649869982303268864&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fonepiecean.com%2F%25D9%2585%25D8%25A7%25D9%2586%25D8%25AC%25D8%25A7-%25D9%2588%25D9%2586-%25D8%25A8%25D9%258A%25D8%25B3-%25D9%2581%25D8%25B5%25D9%2584-1075%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=4&sah=1002&drf=&hil=1&ist=0&ot=85 HTTP/1.1
Host: arsnivyr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://onepiecean.com
Connection: keep-alive
Referer: https://onepiecean.com/
Cookie: scm=1; OAID=5f7bef3400c5445ca127d577339c9a23; oaidts=1676504594
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 15 Feb 2023 23:43:15 GMT
content-type: image/jpeg
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: https://onepiecean.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID
x-trace-id: 163e2aab41a1a0e287239892101f66ef
access-control-expose-headers: X-Sc
set-cookie: OAID=5f7bef3400c5445ca127d577339c9a23; expires=Thu, 15 Feb 2024 23:43:15 GMT; secure; SameSite=None
oaidts=1676504594; expires=Thu, 15 Feb 2024 23:43:15 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
arsnivyr.com/121?rnd=75140500&z=5645957&b=15763363&c=6332999&var=&d=https%3A%2F%2Fwww.nbfcs.org%2F%23signUp%3D649869982303268864&cln={CELL_NUMBER}&btp=7&rb=KWmaAjNJ2YTrefpcrS9DfdLS_mjGFe0nTL3-IIAO_cUHMXQAJKY6nygUhNlZ76x-_4js3DcZf7ZR8zPGY4QfgMACnJdb2NG3M1MDNvHSAes1q5f3GzNPZQXeFyUYdKWQ-wu3N3lvl5kUMMvsxT79qDJVpkLn9X7_6LzhN1TaVt8ykSgkGahO_Zr_jYKC9U8OiTDz9c4ymEZuJMvvrpXQXnv7mh6OejLcjlHWPluvLxGCe0wP_o5-IXETOEJuespsxWb7Yf5ViVrOsCJ3hfWziEM8hRZHbmCoD-UPzi2aJ3djEHSDT-BvHXDIwcMp6sYWcHyqt6jCGohYA6OkM7cB4DCcdMafyk_KdS2OYbYHV_cgs8_HrFYfz3lNNqABKtpeVrKZ5Wm9bBpbg5lhOQ_pfi11qE37bDVY6a0d92Btmp3sSqxmpRVt6KvmLiui1HjNlieKh3AXVV9Qe0wlVtC4m_hUraOkMbzpFEJ5fjlXsfDX2416mIzTWvjyx3bZMXi_rRULRNKA7q9N0syBxAfTnv6qZVqXlUDL09_vI4fWer77LBHXCiqXjNLc3xF8xut18Zn51P6sY7-JoZBn1C06-huTvBWOjUB2T63_VW3L3io0IZW-lF_k8hzhxESFOW9IGO_rGDr27O4whq0QKUA6kqddCTAczaa6xCPSn9B9o4cYw7Jznnq_ZaDYseQEEdYzYK08ZoOl1bFQ15N2IsC5KQ==&bag=Z8TNkx2rYpVzPZCPM-ety0WIDVtkhvpV&ruid=5e482dee-777e-4b8e-967b-b62331ec1c75&subid=649869982303268864
139.45.197.242302 Found 0 B URL HTTP/2 arsnivyr.com/121?rnd=75140500&z=5645957&b=15763363&c=6332999&var=&d=https%3A%2F%2Fwww.nbfcs.org%2F%23signUp%3D649869982303268864&cln={CELL_NUMBER}&btp=7&rb=KWmaAjNJ2YTrefpcrS9DfdLS_mjGFe0nTL3-IIAO_cUHMXQAJKY6nygUhNlZ76x-_4js3DcZf7ZR8zPGY4QfgMACnJdb2NG3M1MDNvHSAes1q5f3GzNPZQXeFyUYdKWQ-wu3N3lvl5kUMMvsxT79qDJVpkLn9X7_6LzhN1TaVt8ykSgkGahO_Zr_jYKC9U8OiTDz9c4ymEZuJMvvrpXQXnv7mh6OejLcjlHWPluvLxGCe0wP_o5-IXETOEJuespsxWb7Yf5ViVrOsCJ3hfWziEM8hRZHbmCoD-UPzi2aJ3djEHSDT-BvHXDIwcMp6sYWcHyqt6jCGohYA6OkM7cB4DCcdMafyk_KdS2OYbYHV_cgs8_HrFYfz3lNNqABKtpeVrKZ5Wm9bBpbg5lhOQ_pfi11qE37bDVY6a0d92Btmp3sSqxmpRVt6KvmLiui1HjNlieKh3AXVV9Qe0wlVtC4m_hUraOkMbzpFEJ5fjlXsfDX2416mIzTWvjyx3bZMXi_rRULRNKA7q9N0syBxAfTnv6qZVqXlUDL09_vI4fWer77LBHXCiqXjNLc3xF8xut18Zn51P6sY7-JoZBn1C06-huTvBWOjUB2T63_VW3L3io0IZW-lF_k8hzhxESFOW9IGO_rGDr27O4whq0QKUA6kqddCTAczaa6xCPSn9B9o4cYw7Jznnq_ZaDYseQEEdYzYK08ZoOl1bFQ15N2IsC5KQ==&bag=Z8TNkx2rYpVzPZCPM-ety0WIDVtkhvpV&ruid=5e482dee-777e-4b8e-967b-b62331ec1c75&subid=649869982303268864
IP 139.45.197.242:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /121?rnd=75140500&z=5645957&b=15763363&c=6332999&var=&d=https%3A%2F%2Fwww.nbfcs.org%2F%23signUp%3D649869982303268864&cln={CELL_NUMBER}&btp=7&rb=KWmaAjNJ2YTrefpcrS9DfdLS_mjGFe0nTL3-IIAO_cUHMXQAJKY6nygUhNlZ76x-_4js3DcZf7ZR8zPGY4QfgMACnJdb2NG3M1MDNvHSAes1q5f3GzNPZQXeFyUYdKWQ-wu3N3lvl5kUMMvsxT79qDJVpkLn9X7_6LzhN1TaVt8ykSgkGahO_Zr_jYKC9U8OiTDz9c4ymEZuJMvvrpXQXnv7mh6OejLcjlHWPluvLxGCe0wP_o5-IXETOEJuespsxWb7Yf5ViVrOsCJ3hfWziEM8hRZHbmCoD-UPzi2aJ3djEHSDT-BvHXDIwcMp6sYWcHyqt6jCGohYA6OkM7cB4DCcdMafyk_KdS2OYbYHV_cgs8_HrFYfz3lNNqABKtpeVrKZ5Wm9bBpbg5lhOQ_pfi11qE37bDVY6a0d92Btmp3sSqxmpRVt6KvmLiui1HjNlieKh3AXVV9Qe0wlVtC4m_hUraOkMbzpFEJ5fjlXsfDX2416mIzTWvjyx3bZMXi_rRULRNKA7q9N0syBxAfTnv6qZVqXlUDL09_vI4fWer77LBHXCiqXjNLc3xF8xut18Zn51P6sY7-JoZBn1C06-huTvBWOjUB2T63_VW3L3io0IZW-lF_k8hzhxESFOW9IGO_rGDr27O4whq0QKUA6kqddCTAczaa6xCPSn9B9o4cYw7Jznnq_ZaDYseQEEdYzYK08ZoOl1bFQ15N2IsC5KQ==&bag=Z8TNkx2rYpVzPZCPM-ety0WIDVtkhvpV&ruid=5e482dee-777e-4b8e-967b-b62331ec1c75&subid=649869982303268864 HTTP/1.1
Host: arsnivyr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: scm=1; OAID=5f7bef3400c5445ca127d577339c9a23; oaidts=1676504594
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx
date: Wed, 15 Feb 2023 23:43:15 GMT
content-length: 0
location: https://www.nbfcs.org/#signUp=649869982303268864
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID
x-trace-id: bccce3a93de281c425b03493bbf7b57a
access-control-expose-headers: X-Sc
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
arsnivyr.com/11?rnd=1596055502&z=5645957&b=15763363&var=&rqtdbc=0&rcvdbc=0&btp=7&rb=KWmaAjNJ2YTrefpcrS9DfdLS_mjGFe0nTL3-IIAO_cUHMXQAJKY6nygUhNlZ76x-_4js3DcZf7ZR8zPGY4QfgMACnJdb2NG3M1MDNvHSAes1q5f3GzNPZQXeFyUYdKWQ-wu3N3lvl5kUMMvsxT79qDJVpkLn9X7_6LzhN1TaVt8ykSgkGahO_Zr_jYKC9U8OiTDz9c4ymEZuJMvvrpXQXnv7mh6OejLcjlHWPluvLxGCe0wP_o5-IXETOEJuespsxWb7Yf5ViVrOsCJ3hfWziEM8hRZHbmCoD-UPzi2aJ3djEHSDT-BvHXDIwcMp6sYWcHyqt6jCGohYA6OkM7cB4DCcdMafyk_KdS2OYbYHV_cgs8_HrFYfz3lNNqABKtpeVrKZ5Wm9bBpbg5lhOQ_pfi11qE37bDVY6a0d92Btmp3sSqxmpRVt6KvmLiui1HjNlieKh3AXVV9Qe0wlVtC4m_hUraOkMbzpFEJ5fjlXsfDX2416mIzTWvjyx3bZMXi_rRULRNKA7q9N0syBxAfTnv6qZVqXlUDL09_vI4fWer77LBHXCiqXjNLc3xF8xut18Zn51P6sY7-JoZBn1C06-huTvBWOjUB2T63_VW3L3io0IZW-lF_k8hzhxESFOW9IGO_rGDr27O4whq0QKUA6kqddCTAczaa6xCPSn9B9o4cYw7Jznnq_ZaDYseQEEdYzYK08ZoOl1bFQ15N2IsC5KQ==&ruid=5e482dee-777e-4b8e-967b-b62331ec1c75&subid=649869982303268864&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fonepiecean.com%2F%25D9%2585%25D8%25A7%25D9%2586%25D8%25AC%25D8%25A7-%25D9%2588%25D9%2586-%25D8%25A8%25D9%258A%25D8%25B3-%25D9%2581%25D8%25B5%25D9%2584-1075%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=4&sah=1002&drf=&hil=1&ist=0&ri=1&wvd=0&wvr=1.0000&isions=1
139.45.197.242200 OK 0 B URL HTTP/2 arsnivyr.com/11?rnd=1596055502&z=5645957&b=15763363&var=&rqtdbc=0&rcvdbc=0&btp=7&rb=KWmaAjNJ2YTrefpcrS9DfdLS_mjGFe0nTL3-IIAO_cUHMXQAJKY6nygUhNlZ76x-_4js3DcZf7ZR8zPGY4QfgMACnJdb2NG3M1MDNvHSAes1q5f3GzNPZQXeFyUYdKWQ-wu3N3lvl5kUMMvsxT79qDJVpkLn9X7_6LzhN1TaVt8ykSgkGahO_Zr_jYKC9U8OiTDz9c4ymEZuJMvvrpXQXnv7mh6OejLcjlHWPluvLxGCe0wP_o5-IXETOEJuespsxWb7Yf5ViVrOsCJ3hfWziEM8hRZHbmCoD-UPzi2aJ3djEHSDT-BvHXDIwcMp6sYWcHyqt6jCGohYA6OkM7cB4DCcdMafyk_KdS2OYbYHV_cgs8_HrFYfz3lNNqABKtpeVrKZ5Wm9bBpbg5lhOQ_pfi11qE37bDVY6a0d92Btmp3sSqxmpRVt6KvmLiui1HjNlieKh3AXVV9Qe0wlVtC4m_hUraOkMbzpFEJ5fjlXsfDX2416mIzTWvjyx3bZMXi_rRULRNKA7q9N0syBxAfTnv6qZVqXlUDL09_vI4fWer77LBHXCiqXjNLc3xF8xut18Zn51P6sY7-JoZBn1C06-huTvBWOjUB2T63_VW3L3io0IZW-lF_k8hzhxESFOW9IGO_rGDr27O4whq0QKUA6kqddCTAczaa6xCPSn9B9o4cYw7Jznnq_ZaDYseQEEdYzYK08ZoOl1bFQ15N2IsC5KQ==&ruid=5e482dee-777e-4b8e-967b-b62331ec1c75&subid=649869982303268864&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fonepiecean.com%2F%25D9%2585%25D8%25A7%25D9%2586%25D8%25AC%25D8%25A7-%25D9%2588%25D9%2586-%25D8%25A8%25D9%258A%25D8%25B3-%25D9%2581%25D8%25B5%25D9%2584-1075%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=4&sah=1002&drf=&hil=1&ist=0&ri=1&wvd=0&wvr=1.0000&isions=1
IP 139.45.197.242:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /11?rnd=1596055502&z=5645957&b=15763363&var=&rqtdbc=0&rcvdbc=0&btp=7&rb=KWmaAjNJ2YTrefpcrS9DfdLS_mjGFe0nTL3-IIAO_cUHMXQAJKY6nygUhNlZ76x-_4js3DcZf7ZR8zPGY4QfgMACnJdb2NG3M1MDNvHSAes1q5f3GzNPZQXeFyUYdKWQ-wu3N3lvl5kUMMvsxT79qDJVpkLn9X7_6LzhN1TaVt8ykSgkGahO_Zr_jYKC9U8OiTDz9c4ymEZuJMvvrpXQXnv7mh6OejLcjlHWPluvLxGCe0wP_o5-IXETOEJuespsxWb7Yf5ViVrOsCJ3hfWziEM8hRZHbmCoD-UPzi2aJ3djEHSDT-BvHXDIwcMp6sYWcHyqt6jCGohYA6OkM7cB4DCcdMafyk_KdS2OYbYHV_cgs8_HrFYfz3lNNqABKtpeVrKZ5Wm9bBpbg5lhOQ_pfi11qE37bDVY6a0d92Btmp3sSqxmpRVt6KvmLiui1HjNlieKh3AXVV9Qe0wlVtC4m_hUraOkMbzpFEJ5fjlXsfDX2416mIzTWvjyx3bZMXi_rRULRNKA7q9N0syBxAfTnv6qZVqXlUDL09_vI4fWer77LBHXCiqXjNLc3xF8xut18Zn51P6sY7-JoZBn1C06-huTvBWOjUB2T63_VW3L3io0IZW-lF_k8hzhxESFOW9IGO_rGDr27O4whq0QKUA6kqddCTAczaa6xCPSn9B9o4cYw7Jznnq_ZaDYseQEEdYzYK08ZoOl1bFQ15N2IsC5KQ==&ruid=5e482dee-777e-4b8e-967b-b62331ec1c75&subid=649869982303268864&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fonepiecean.com%2F%25D9%2585%25D8%25A7%25D9%2586%25D8%25AC%25D8%25A7-%25D9%2588%25D9%2586-%25D8%25A8%25D9%258A%25D8%25B3-%25D9%2581%25D8%25B5%25D9%2584-1075%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=4&sah=1002&drf=&hil=1&ist=0&ri=1&wvd=0&wvr=1.0000&isions=1 HTTP/1.1
Host: arsnivyr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://onepiecean.com
Connection: keep-alive
Referer: https://onepiecean.com/
Cookie: scm=1; OAID=5f7bef3400c5445ca127d577339c9a23; oaidts=1676504594
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 15 Feb 2023 23:43:15 GMT
content-type: image/jpeg
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: https://onepiecean.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID
x-trace-id: 186fb9eaac731891371b19a3271408fb
access-control-expose-headers: X-Sc
set-cookie: OAID=5f7bef3400c5445ca127d577339c9a23; expires=Thu, 15 Feb 2024 23:43:15 GMT; secure; SameSite=None
oaidts=1676504594; expires=Thu, 15 Feb 2024 23:43:15 GMT; secure; SameSite=None
oaidvc=1; expires=Thu, 15 Feb 2024 23:43:15 GMT; secure; SameSite=None
CNT=1_v1_o4fwAAEAAADLSwAA; expires=Thu, 16 Feb 2023 00:43:15 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
asleavannychan.com/custom
139.45.197.250200 OK 0 B URL HTTP/2 asleavannychan.com/custom
IP 139.45.197.250:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
OPTIONS /custom HTTP/1.1
Host: asleavannychan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://onepiecean.com/
Origin: https://onepiecean.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 15 Feb 2023 23:43:15 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://onepiecean.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
c0.wp.com/c/6.1.1/wp-includes/css/dist/block-library/style-rtl.min.css
192.0.77.37200 OK 12 kB URL HTTP/2 c0.wp.com/c/6.1.1/wp-includes/css/dist/block-library/style-rtl.min.css
IP 192.0.77.37:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 516a21a4dbddf292512593f2ffebda72
420f2a48c2213afe55679fd88c10bc454a247bf9
ccc615931584d1b29fbe0301dedb4888ce97769b49a07477c74efa9e1a5f733a
GET /c/6.1.1/wp-includes/css/dist/block-library/style-rtl.min.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://onepiecean.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 15 Feb 2023 23:43:14 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Fri, 11 Nov 2022 14:56:45 GMT
content-encoding: br
expires: Thu, 15 Feb 2024 23:43:14 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
punoocke.com/500/5643483?excludes=&oaid=5f7bef3400c5445ca127d577339c9a23&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=4&pl=https%3A%2F%2Fonepiecean.com%2F%25D9%2585%25D8%25A7%25D9%2586%25D8%25AC%25D8%25A7-%25D9%2588%25D9%2586-%25D8%25A8%25D9%258A%25D8%25B3-%25D9%2581%25D8%25B5%25D9%2584-1075%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.236200 OK 0 B URL HTTP/2 punoocke.com/500/5643483?excludes=&oaid=5f7bef3400c5445ca127d577339c9a23&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=4&pl=https%3A%2F%2Fonepiecean.com%2F%25D9%2585%25D8%25A7%25D9%2586%25D8%25AC%25D8%25A7-%25D9%2588%25D9%2586-%25D8%25A8%25D9%258A%25D8%25B3-%25D9%2581%25D8%25B5%25D9%2584-1075%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.236:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /500/5643483?excludes=&oaid=5f7bef3400c5445ca127d577339c9a23&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=4&pl=https%3A%2F%2Fonepiecean.com%2F%25D9%2585%25D8%25A7%25D9%2586%25D8%25AC%25D8%25A7-%25D9%2588%25D9%2586-%25D8%25A8%25D9%258A%25D8%25B3-%25D9%2581%25D8%25B5%25D9%2584-1075%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: punoocke.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://onepiecean.com/
Origin: https://onepiecean.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 15 Feb 2023 23:43:15 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://onepiecean.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-credentials: true
access-control-max-age: 600
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2
glizauvo.net/500/5643867?excludes=&oaid=5f7bef3400c5445ca127d577339c9a23&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=4&pl=https%3A%2F%2Fonepiecean.com%2F%25D9%2585%25D8%25A7%25D9%2586%25D8%25AC%25D8%25A7-%25D9%2588%25D9%2586-%25D8%25A8%25D9%258A%25D8%25B3-%25D9%2581%25D8%25B5%25D9%2584-1075%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.236200 OK 0 B URL HTTP/2 glizauvo.net/500/5643867?excludes=&oaid=5f7bef3400c5445ca127d577339c9a23&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=4&pl=https%3A%2F%2Fonepiecean.com%2F%25D9%2585%25D8%25A7%25D9%2586%25D8%25AC%25D8%25A7-%25D9%2588%25D9%2586-%25D8%25A8%25D9%258A%25D8%25B3-%25D9%2581%25D8%25B5%25D9%2584-1075%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.236:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /500/5643867?excludes=&oaid=5f7bef3400c5445ca127d577339c9a23&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=4&pl=https%3A%2F%2Fonepiecean.com%2F%25D9%2585%25D8%25A7%25D9%2586%25D8%25AC%25D8%25A7-%25D9%2588%25D9%2586-%25D8%25A8%25D9%258A%25D8%25B3-%25D9%2581%25D8%25B5%25D9%2584-1075%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: glizauvo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://onepiecean.com/
Origin: https://onepiecean.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 15 Feb 2023 23:43:15 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://onepiecean.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-credentials: true
access-control-max-age: 600
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2
asleavannychan.com/custom
139.45.197.250200 OK 39 B URL HTTP/2 asleavannychan.com/custom
IP 139.45.197.250:0
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
POST /custom HTTP/1.1
Host: asleavannychan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://onepiecean.com/
Content-Type: application/json
Origin: https://onepiecean.com
Content-Length: 452
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 15 Feb 2023 23:43:16 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: ec57df4a13e593ffddc26461d08fae23
access-control-allow-origin: https://onepiecean.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
asleavannychan.com/custom
139.45.197.250200 OK 39 B URL HTTP/2 asleavannychan.com/custom
IP 139.45.197.250:0
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
POST /custom HTTP/1.1
Host: asleavannychan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://onepiecean.com/
Content-Type: application/json
Origin: https://onepiecean.com
Content-Length: 836
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 15 Feb 2023 23:43:16 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 59a058d32d5955f636bfe46405415c54
access-control-allow-origin: https://onepiecean.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash f3595ccf6835bf2c77210ecc6e4b02b0
a689ba67964a289884732a7bcd7f866ac76b8bb3
04659be1ec420e73eecc0edbc4df44f307969bd35925bff859adfda9009ec321
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 15 Feb 2023 23:43:16 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 15 Feb 2023 15:49:35 GMT
Expires: Wed, 22 Feb 2023 15:49:34 GMT
Etag: "a689ba67964a289884732a7bcd7f866ac76b8bb3"
Cache-Control: max-age=575777,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 79a1e79d0e3db50f-OSL
region1.google-analytics.com/g/collect?v=2&tid=G-HC57ZV9X5S>m=45je32f0&_p=1331150184&gdid=dZGIzZG&cid=1086149170.1676504595&ul=en-us&sr=1280x1024&_s=1&sid=1676504595&sct=1&seg=0&dl=https%3A%2F%2Fonepiecean.com%2F%25D9%2585%25D8%25A7%25D9%2586%25D8%25AC%25D8%25A7-%25D9%2588%25D9%2586-%25D8%25A8%25D9%258A%25D8%25B3-%25D9%2581%25D8%25B5%25D9%2584-1075%2F&dt=%D9%85%D8%A7%D9%86%D8%AC%D8%A7%20%D9%88%D9%86%20%D8%A8%D9%8A%D8%B3%20%D9%81%D8%B5%D9%84%201075%20%7C%20Manga%20One%20Piece&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.forceSSL=true&ep.link_attribution=true
216.239.34.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-HC57ZV9X5S>m=45je32f0&_p=1331150184&gdid=dZGIzZG&cid=1086149170.1676504595&ul=en-us&sr=1280x1024&_s=1&sid=1676504595&sct=1&seg=0&dl=https%3A%2F%2Fonepiecean.com%2F%25D9%2585%25D8%25A7%25D9%2586%25D8%25AC%25D8%25A7-%25D9%2588%25D9%2586-%25D8%25A8%25D9%258A%25D8%25B3-%25D9%2581%25D8%25B5%25D9%2584-1075%2F&dt=%D9%85%D8%A7%D9%86%D8%AC%D8%A7%20%D9%88%D9%86%20%D8%A8%D9%8A%D8%B3%20%D9%81%D8%B5%D9%84%201075%20%7C%20Manga%20One%20Piece&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.forceSSL=true&ep.link_attribution=true
IP 216.239.34.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-HC57ZV9X5S>m=45je32f0&_p=1331150184&gdid=dZGIzZG&cid=1086149170.1676504595&ul=en-us&sr=1280x1024&_s=1&sid=1676504595&sct=1&seg=0&dl=https%3A%2F%2Fonepiecean.com%2F%25D9%2585%25D8%25A7%25D9%2586%25D8%25AC%25D8%25A7-%25D9%2588%25D9%2586-%25D8%25A8%25D9%258A%25D8%25B3-%25D9%2581%25D8%25B5%25D9%2584-1075%2F&dt=%D9%85%D8%A7%D9%86%D8%AC%D8%A7%20%D9%88%D9%86%20%D8%A8%D9%8A%D8%B3%20%D9%81%D8%B5%D9%84%201075%20%7C%20Manga%20One%20Piece&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.forceSSL=true&ep.link_attribution=true HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://onepiecean.com
Connection: keep-alive
Referer: https://onepiecean.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://onepiecean.com
date: Wed, 15 Feb 2023 23:43:16 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
glizauvo.net/500/5643867?excludes=&oaid=5f7bef3400c5445ca127d577339c9a23&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=4&pl=https%3A%2F%2Fonepiecean.com%2F%25D9%2585%25D8%25A7%25D9%2586%25D8%25AC%25D8%25A7-%25D9%2588%25D9%2586-%25D8%25A8%25D9%258A%25D8%25B3-%25D9%2581%25D8%25B5%25D9%2584-1075%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.236200 OK 1.4 kB URL HTTP/2 glizauvo.net/500/5643867?excludes=&oaid=5f7bef3400c5445ca127d577339c9a23&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=4&pl=https%3A%2F%2Fonepiecean.com%2F%25D9%2585%25D8%25A7%25D9%2586%25D8%25AC%25D8%25A7-%25D9%2588%25D9%2586-%25D8%25A8%25D9%258A%25D8%25B3-%25D9%2581%25D8%25B5%25D9%2584-1075%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.236:0
Hash 6dd5c8a41b7894499f6f6d051af130b9
329e4bb162b40b7afed803e89befc2f7e6cd5ad9
df645e16b7753d9ed24f363bbb9ef4d796b67c7aa18da40c875759d9b16bf3c9
GET /500/5643867?excludes=&oaid=5f7bef3400c5445ca127d577339c9a23&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=4&pl=https%3A%2F%2Fonepiecean.com%2F%25D9%2585%25D8%25A7%25D9%2586%25D8%25AC%25D8%25A7-%25D9%2588%25D9%2586-%25D8%25A8%25D9%258A%25D8%25B3-%25D9%2581%25D8%25B5%25D9%2584-1075%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: glizauvo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://onepiecean.com
Connection: keep-alive
Referer: https://onepiecean.com/
Cookie: OAID=3e7e1e8dbf0041729bcd909442d098e1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 15 Feb 2023 23:43:16 GMT
content-type: application/javascript
x-trace-id: 7279d6a4c5864a67d53adb80533cf16f
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://onepiecean.com
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=5f7bef3400c5445ca127d577339c9a23; expires=Thu, 15 Feb 2024 23:43:16 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
139.45.195.254200 OK 12 B URL HTTP/1.1 fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
IP 139.45.195.254:0
File type JSON data\012- , ASCII text, with no line terminators
Hash adb4650bfc9d2a73d4dd69583b0ceb14
1ce399d6e936232aaf2192cd7903a279c5015f22
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed
Analyzer Verdict Alert quad9 Sinkholed
POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f HTTP/1.1
Host: fleraprt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1563
Origin: https://onepiecean.com
Connection: keep-alive
Referer: https://onepiecean.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Wed, 15 Feb 2023 23:43:28 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://onepiecean.com
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
offerimage.com/www/images/34757823996c75a3978147cb52ae6f23.png
104.22.33.172200 OK 90 kB URL HTTP/2 offerimage.com/www/images/34757823996c75a3978147cb52ae6f23.png
IP 104.22.33.172:0
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash 34757823996c75a3978147cb52ae6f23
bc6041caa21317788c153e75fd4a1a2c5ed93865
dd8f7440e0c9032568f351080a40a73a6ef1f900d80065988209e02cac8522d9
GET /www/images/34757823996c75a3978147cb52ae6f23.png HTTP/1.1
Host: offerimage.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://onepiecean.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 15 Feb 2023 23:43:16 GMT
content-type: image/png
content-length: 90500
last-modified: Thu, 05 May 2022 19:53:35 GMT
etag: "62742b3f-16184"
expires: Thu, 16 Feb 2023 20:37:30 GMT
cache-control: max-age=86400
timing-allow-origin: *
cf-cache-status: HIT
age: 11139
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 79a1e79e7c5c2e0f-ARN
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c9333ebd8634e6b287e0b58265edf328
6ea57e1529609f015e198c72d2455c758f5b45ab
6bc07733856e4fbefbb42e5ad6423539ccbc855c66cf4279bf515997ea8933d2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6BC07733856E4FBEFBB42E5AD6423539CCBC855C66CF4279BF515997EA8933D2"
Last-Modified: Tue, 14 Feb 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15688
Expires: Thu, 16 Feb 2023 04:04:44 GMT
Date: Wed, 15 Feb 2023 23:43:16 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c9333ebd8634e6b287e0b58265edf328
6ea57e1529609f015e198c72d2455c758f5b45ab
6bc07733856e4fbefbb42e5ad6423539ccbc855c66cf4279bf515997ea8933d2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6BC07733856E4FBEFBB42E5AD6423539CCBC855C66CF4279BF515997EA8933D2"
Last-Modified: Tue, 14 Feb 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15688
Expires: Thu, 16 Feb 2023 04:04:44 GMT
Date: Wed, 15 Feb 2023 23:43:16 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c9333ebd8634e6b287e0b58265edf328
6ea57e1529609f015e198c72d2455c758f5b45ab
6bc07733856e4fbefbb42e5ad6423539ccbc855c66cf4279bf515997ea8933d2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6BC07733856E4FBEFBB42E5AD6423539CCBC855C66CF4279BF515997EA8933D2"
Last-Modified: Tue, 14 Feb 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15688
Expires: Thu, 16 Feb 2023 04:04:44 GMT
Date: Wed, 15 Feb 2023 23:43:16 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c9333ebd8634e6b287e0b58265edf328
6ea57e1529609f015e198c72d2455c758f5b45ab
6bc07733856e4fbefbb42e5ad6423539ccbc855c66cf4279bf515997ea8933d2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6BC07733856E4FBEFBB42E5AD6423539CCBC855C66CF4279BF515997EA8933D2"
Last-Modified: Tue, 14 Feb 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15688
Expires: Thu, 16 Feb 2023 04:04:44 GMT
Date: Wed, 15 Feb 2023 23:43:16 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c9333ebd8634e6b287e0b58265edf328
6ea57e1529609f015e198c72d2455c758f5b45ab
6bc07733856e4fbefbb42e5ad6423539ccbc855c66cf4279bf515997ea8933d2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6BC07733856E4FBEFBB42E5AD6423539CCBC855C66CF4279BF515997EA8933D2"
Last-Modified: Tue, 14 Feb 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15688
Expires: Thu, 16 Feb 2023 04:04:44 GMT
Date: Wed, 15 Feb 2023 23:43:16 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F088042eb-8368-43cc-87ea-092286978e94.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F088042eb-8368-43cc-87ea-092286978e94.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ebf2b034739bd071054ebf80a1ff595d
7e4585aeab4a996e3fbfd37968bb02931da854a9
d6a6c170482ba37606716f8ef9c6edcbc8b77f3105459b1c5d65687ac1371c16
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F088042eb-8368-43cc-87ea-092286978e94.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10755
x-amzn-requestid: 2f618b25-3ded-41b9-bccc-342418ee044f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AZmNwFUjIAMFvoQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ed50be-44bde92d5eb1132233a6b160;Sampled=0
x-amzn-remapped-date: Wed, 15 Feb 2023 21:38:06 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: bmiv1bevUuK-iqhxFkFwOWWFkG281vjBZG2tY8_9_NINkaLZW7Pl4g==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 15 Feb 2023 21:55:01 GMT
age: 6495
etag: "7e4585aeab4a996e3fbfd37968bb02931da854a9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F89ef5d48-1788-42ed-8783-74786ed5e58e.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F89ef5d48-1788-42ed-8783-74786ed5e58e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b4b987ea3c521e264bfd29dadb0e54af
81489568b473d2595e4bf13195eaf02c743db411
c0f2bc87d33a95bafa287a33c2845447c3f4a53e193231880f799df72c894985
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F89ef5d48-1788-42ed-8783-74786ed5e58e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10754
x-amzn-requestid: d752ab38-bca4-4314-87cf-b7b4d6c14edd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AZmNwGtgoAMFveg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ed50be-00692d922fe8e97e27cbc02a;Sampled=0
x-amzn-remapped-date: Wed, 15 Feb 2023 21:38:06 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 1Ajm2cr1EE6NunZgOJVg5RXfyjeu0TsLbUxNelYgM4JjdCZDhBtNSg==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Wed, 15 Feb 2023 21:38:53 GMT
etag: "81489568b473d2595e4bf13195eaf02c743db411"
content-type: image/jpeg
age: 7463
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd78992f4-af2d-45e5-8f91-abdaeac88916.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd78992f4-af2d-45e5-8f91-abdaeac88916.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d40b5d56eb9e9c4fca362f56423387bc
4c568483387863398921826b5727bca298cb97d7
e950b83e1c775e27413b3e5ce9581ed31d53b0e4e187d1fcdc7642900e7271d3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd78992f4-af2d-45e5-8f91-abdaeac88916.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7451
x-amzn-requestid: 7d5675ec-acfc-47b8-bd98-694bfc73469e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AZmVKGh_oAMF1Fg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ed50ed-4517a3be510c1a14777cf621;Sampled=0
x-amzn-remapped-date: Wed, 15 Feb 2023 21:38:53 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 8JyyG-H5MJK2p0nyAovs7JJQlEZcdAQ9dGabP50_uiEZitnTXfDINg==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 15 Feb 2023 22:06:35 GMT
age: 5801
etag: "4c568483387863398921826b5727bca298cb97d7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9fe38f96-4b04-43d2-9644-5b2f7cd0c0c9.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9fe38f96-4b04-43d2-9644-5b2f7cd0c0c9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 504b69ec2b6350345c36777959b0765a
c302824325b8f0839c7de54af9c5bd02541e4269
6e3a5b1cd7d17a9f448b8189d5683567269b3b3d461838770482283898008f39
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9fe38f96-4b04-43d2-9644-5b2f7cd0c0c9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14477
x-amzn-requestid: 2544b5cc-3fb0-4536-88ec-8cb9044fb612
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ANtsXFBYoAMF6tA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e88fe8-452901f67af9f5d95ccc61c3;Sampled=0
x-amzn-remapped-date: Sun, 12 Feb 2023 07:06:16 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 18cnMMCsvwUvJVsvM8s2v0k3P6WL1kzo4S9dOvsskdYEBk748cj3Cw==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Wed, 15 Feb 2023 05:17:43 GMT
age: 66333
etag: "c302824325b8f0839c7de54af9c5bd02541e4269"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F03d8b9db-4d74-4d37-9579-bc1defd9c23d.jpeg
34.120.237.76200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F03d8b9db-4d74-4d37-9579-bc1defd9c23d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f605d750b4f6c765d827527cc6846627
64e73779243684555e7835698e53a50352071ad6
707d1050736f19c06a88abac85c5a4e17dc12ba09618a5bbc67bbd416a6d2b25
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F03d8b9db-4d74-4d37-9579-bc1defd9c23d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4253
x-amzn-requestid: c62459f6-3b6a-4ef8-a1db-79857cd60196
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AZlzeGo9IAMFtoQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ed5015-0be365d62e47063b1341b454;Sampled=0
x-amzn-remapped-date: Wed, 15 Feb 2023 21:35:18 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: cUKqMz9rzrodOzMj2-uTW-k_G3_6zIheZjofTH1ZguFHGC38iu6Uag==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 15 Feb 2023 21:39:03 GMT
etag: "64e73779243684555e7835698e53a50352071ad6"
content-type: image/jpeg
age: 7453
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33b1c914-808f-4087-bb21-b717b26f3496.jpeg
34.120.237.76200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33b1c914-808f-4087-bb21-b717b26f3496.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a4e84c4a1c0ed65e3bf372657fd7e496
e38c5908a977b024db07283a627c865988a1ed19
0fcfe03ec49c359f171162e3fca564bb105e50f191ed73fc79d54a71ca560410
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33b1c914-808f-4087-bb21-b717b26f3496.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5697
x-amzn-requestid: 72be2345-9c59-4845-95eb-25df25ec9717
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AZlzzHc8IAMFRMQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ed5018-3ce084a057dfb9a8400c743b;Sampled=0
x-amzn-remapped-date: Wed, 15 Feb 2023 21:35:20 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XE6c9P_jyohdKOZ_iwMTKI1V1Si2UQ8qznV7u4PfAbzjyq7qMxj-gA==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 15 Feb 2023 21:59:59 GMT
age: 6197
etag: "e38c5908a977b024db07283a627c865988a1ed19"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8decfe6f47ddd4421eb00d7731af23d5
f2df64f41f6a49fd6e63aeb08af82d21d77b255a
53d0129924b37f1be9b45827a7c6dc6ff5d66b343e8160e54586e85680294bd2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "53D0129924B37F1BE9B45827A7C6DC6FF5D66B343E8160E54586E85680294BD2"
Last-Modified: Wed, 15 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17997
Expires: Thu, 16 Feb 2023 04:43:13 GMT
Date: Wed, 15 Feb 2023 23:43:16 GMT
Connection: keep-alive
www.nbfcs.org/
23.254.229.241200 OK 6.0 kB IP 23.254.229.241:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (21931), with no line terminators
Hash 49263d0004f2e6858752fe9029d7ee7b
aaaf10885f9991f1f16f0beb2bcba902b226dfc4
dadddff633c84119fe14e6ef143dd3428f08f156f0ee13ad8da2cea816c3e865
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: www.nbfcs.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 15 Feb 2023 23:43:16 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Next.js
ETag: "tkyu9ib1w3gx7"
Vary: Accept-Encoding
Content-Encoding: gzip
www.nbfcs.org/_next/static/css/684b39f62cded0db.css
23.254.229.241200 OK 6.4 kB URL HTTP/1.1 www.nbfcs.org/_next/static/css/684b39f62cded0db.css
IP 23.254.229.241:0
File type ASCII text, with very long lines (27619), with CRLF line terminators
Hash 8f6f8eb3b0994d1acbfa31c204f97cb0
c7f5a98f4889e4ebf3ef7fca1084ebf9c60eab96
31c04ae070593e8623484bbde04e4b844c9d0f96140a00dade6ac4ccf43935a6
GET /_next/static/css/684b39f62cded0db.css HTTP/1.1
Host: www.nbfcs.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nbfcs.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 15 Feb 2023 23:43:16 GMT
Content-Type: text/css; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: public, max-age=31536000, immutable
Accept-Ranges: bytes
Last-Modified: Tue, 07 Feb 2023 16:48:08 GMT
ETag: W/"6c23-1862cc70e46"
Vary: Accept-Encoding
Content-Encoding: gzip
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
142.250.74.35200 OK 31 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Hash ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.nbfcs.org
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 15 Feb 2023 13:02:36 GMT
expires: Thu, 15 Feb 2024 13:02:36 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
age: 38440
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.nbfcs.org/_next/static/chunks/webpack-eeb1e4a6befe36e1.js
23.254.229.241200 OK 1.1 kB URL HTTP/1.1 www.nbfcs.org/_next/static/chunks/webpack-eeb1e4a6befe36e1.js
IP 23.254.229.241:0
File type ASCII text, with very long lines (2294), with no line terminators
Hash 7cfbabf34c73cf6212b4a24cd18e99ed
75f97eac124cf440762aca188bc7ae55d89b360d
ea54e1f54320f35ca88d4b844b40b303defdd4b28dfe7eacf0a48f43887c4a32
Analyzer Verdict Alert fortinet Phishing
GET /_next/static/chunks/webpack-eeb1e4a6befe36e1.js HTTP/1.1
Host: www.nbfcs.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nbfcs.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 15 Feb 2023 23:43:16 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: public, max-age=31536000, immutable
Accept-Ranges: bytes
Last-Modified: Tue, 07 Feb 2023 16:48:08 GMT
ETag: W/"8f6-1862cc70e52"
Vary: Accept-Encoding
Content-Encoding: gzip
www.nbfcs.org/_next/static/chunks/framework-4556c45dd113b893.js
23.254.229.241200 OK 45 kB URL HTTP/1.1 www.nbfcs.org/_next/static/chunks/framework-4556c45dd113b893.js
IP 23.254.229.241:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 828d2085295ecc1a26daac2042176dd3
1321a70d7499f927489b164a3a7ba3d49c5ef066
5347335eb87a340da6f347359ca03c7bfc9e2135448556ac64e17c83c051ba13
Analyzer Verdict Alert fortinet Phishing
GET /_next/static/chunks/framework-4556c45dd113b893.js HTTP/1.1
Host: www.nbfcs.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nbfcs.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 15 Feb 2023 23:43:16 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: public, max-age=31536000, immutable
Accept-Ranges: bytes
Last-Modified: Tue, 07 Feb 2023 16:48:08 GMT
ETag: W/"22682-1862cc70e52"
Vary: Accept-Encoding
Content-Encoding: gzip
www.nbfcs.org/_next/static/chunks/510-95033bf0c5e8ae7d.js
23.254.229.241200 OK 9.1 kB URL HTTP/1.1 www.nbfcs.org/_next/static/chunks/510-95033bf0c5e8ae7d.js
IP 23.254.229.241:0
File type ASCII text, with very long lines (24507), with no line terminators
Hash c9afdcc5726812a6e53924c2cc3dd308
8dc7e80ae881c27e629a5964ada697f1d50a21e1
556d4c3ca6ce59f3c07aa84b6a1a89dc7cae412d8e91cd61107bf6d42aadc645
Analyzer Verdict Alert fortinet Phishing
GET /_next/static/chunks/510-95033bf0c5e8ae7d.js HTTP/1.1
Host: www.nbfcs.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nbfcs.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 15 Feb 2023 23:43:16 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: public, max-age=31536000, immutable
Accept-Ranges: bytes
Last-Modified: Tue, 07 Feb 2023 16:48:08 GMT
ETag: W/"5fbb-1862cc70e56"
Vary: Accept-Encoding
Content-Encoding: gzip
www.nbfcs.org/_next/static/chunks/675-b73f41980c39ec6a.js
23.254.229.241200 OK 4.0 kB URL HTTP/1.1 www.nbfcs.org/_next/static/chunks/675-b73f41980c39ec6a.js
IP 23.254.229.241:0
File type ASCII text, with very long lines (9695), with no line terminators
Hash b3c02e1fad26ce52b2c668a7a4d28cee
569685ce3b8247f5129b1c919c3a053c6ddc5dd9
c29babbe1453bd1bc3dc66e5d57024e097bf3826119f6e7347af63503907cfe2
Analyzer Verdict Alert fortinet Phishing
GET /_next/static/chunks/675-b73f41980c39ec6a.js HTTP/1.1
Host: www.nbfcs.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nbfcs.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 15 Feb 2023 23:43:16 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: public, max-age=31536000, immutable
Accept-Ranges: bytes
Last-Modified: Tue, 07 Feb 2023 16:48:08 GMT
ETag: W/"25df-1862cc70e56"
Vary: Accept-Encoding
Content-Encoding: gzip
www.nbfcs.org/_next/static/chunks/554-a15bed86500e700e.js
23.254.229.241200 OK 6.4 kB URL HTTP/1.1 www.nbfcs.org/_next/static/chunks/554-a15bed86500e700e.js
IP 23.254.229.241:0
File type ASCII text, with very long lines (28817), with no line terminators
Hash 2447a1cd655ee7d6c6e5c70f13c348ec
50ed129edc1a9ceffaf90dad25095adc08a77004
3fa8dd315d8d383c1e0c3bb257055eff554e064298b16a2d6a1e8039181322b9
Analyzer Verdict Alert fortinet Phishing
GET /_next/static/chunks/554-a15bed86500e700e.js HTTP/1.1
Host: www.nbfcs.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nbfcs.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 15 Feb 2023 23:43:16 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: public, max-age=31536000, immutable
Accept-Ranges: bytes
Last-Modified: Tue, 07 Feb 2023 16:48:08 GMT
ETag: W/"7091-1862cc70e5a"
Vary: Accept-Encoding
Content-Encoding: gzip
www.nbfcs.org/_next/static/chunks/142-4eeb76513e56b47d.js
23.254.229.241200 OK 4.1 kB URL HTTP/1.1 www.nbfcs.org/_next/static/chunks/142-4eeb76513e56b47d.js
IP 23.254.229.241:0
File type ASCII text, with very long lines (11209), with no line terminators
Hash a6de8a29c8a2d58309f2b9f5636a74d4
f47d921080dc687019f6d7e7ea9468312fc4dd43
b32c259c08e464c37a1d8ceb19eebbd748469d1d201e2f23e3b70ca3bcb40ee4
Analyzer Verdict Alert fortinet Phishing
GET /_next/static/chunks/142-4eeb76513e56b47d.js HTTP/1.1
Host: www.nbfcs.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nbfcs.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 15 Feb 2023 23:43:16 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: public, max-age=31536000, immutable
Accept-Ranges: bytes
Last-Modified: Tue, 07 Feb 2023 16:48:08 GMT
ETag: W/"2bc9-1862cc70e5a"
Vary: Accept-Encoding
Content-Encoding: gzip
www.nbfcs.org/_next/static/chunks/main-9bf4c2cf7c353ef0.js
23.254.229.241200 OK 35 kB URL HTTP/1.1 www.nbfcs.org/_next/static/chunks/main-9bf4c2cf7c353ef0.js
IP 23.254.229.241:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash ec75f4a553ad6ba12bd1a09ccb06fe0f
72ea52608d3768bf396189607b7a374a60992a84
9180ad39779c801c05be91b1df046e8712b6325e1404fa691e9053ddfbfcb883
Analyzer Verdict Alert fortinet Phishing
GET /_next/static/chunks/main-9bf4c2cf7c353ef0.js HTTP/1.1
Host: www.nbfcs.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nbfcs.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 15 Feb 2023 23:43:16 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: public, max-age=31536000, immutable
Accept-Ranges: bytes
Last-Modified: Tue, 07 Feb 2023 16:48:08 GMT
ETag: W/"1ce12-1862cc70e46"
Vary: Accept-Encoding
Content-Encoding: gzip
www.nbfcs.org/_next/static/kRFWxnHs1WR7XRjNOd32S/_ssgManifest.js
23.254.229.241200 OK 77 B URL HTTP/1.1 www.nbfcs.org/_next/static/kRFWxnHs1WR7XRjNOd32S/_ssgManifest.js
IP 23.254.229.241:0
File type ASCII text, with no line terminators
Hash b6652df95db52feb4daf4eca35380933
65451d110137761b318c82d9071c042db80c4036
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
Analyzer Verdict Alert fortinet Phishing
GET /_next/static/kRFWxnHs1WR7XRjNOd32S/_ssgManifest.js HTTP/1.1
Host: www.nbfcs.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nbfcs.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 15 Feb 2023 23:43:16 GMT
Content-Type: application/javascript; charset=UTF-8
Content-Length: 77
Connection: keep-alive
Cache-Control: public, max-age=31536000, immutable
Accept-Ranges: bytes
Last-Modified: Tue, 07 Feb 2023 16:48:08 GMT
ETag: W/"4d-1862cc70e46"
Vary: Accept-Encoding
www.nbfcs.org/_next/static/chunks/pages/index-589a5b726bd00ac1.js
23.254.229.241200 OK 18 kB URL HTTP/1.1 www.nbfcs.org/_next/static/chunks/pages/index-589a5b726bd00ac1.js
IP 23.254.229.241:0
File type ASCII text, with very long lines (57776), with no line terminators
Hash f7e0d9cfa746ffe1b27f45a530aca577
d647653a0819b464abc95b7e12e95b381d04434e
904a70c7a5526c04be45733283bdf74088890b156108ae441529f489bfa5adbc
Analyzer Verdict Alert fortinet Phishing
GET /_next/static/chunks/pages/index-589a5b726bd00ac1.js HTTP/1.1
Host: www.nbfcs.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nbfcs.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 15 Feb 2023 23:43:16 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: public, max-age=31536000, immutable
Accept-Ranges: bytes
Last-Modified: Tue, 07 Feb 2023 16:48:08 GMT
ETag: W/"e1b0-1862cc70e52"
Vary: Accept-Encoding
Content-Encoding: gzip
www.nbfcs.org/_next/static/chunks/pages/_app-5a5c4413a32c48e1.js
23.254.229.241200 OK 112 kB URL HTTP/1.1 www.nbfcs.org/_next/static/chunks/pages/_app-5a5c4413a32c48e1.js
IP 23.254.229.241:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 112 kB (111515 bytes)
Hash 16a366f3cabd55655b6cc380c6c461c0
a1905119c10a3971af21adbfe2ab7fd0a352aa7d
b2d437222fca7c9ef3420dccf373def971d64dbcf6dcec25a55653f2d222ed54
Analyzer Verdict Alert fortinet Phishing
GET /_next/static/chunks/pages/_app-5a5c4413a32c48e1.js HTTP/1.1
Host: www.nbfcs.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nbfcs.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 15 Feb 2023 23:43:16 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: public, max-age=31536000, immutable
Accept-Ranges: bytes
Last-Modified: Tue, 07 Feb 2023 16:48:08 GMT
ETag: W/"59123-1862cc70e4a"
Vary: Accept-Encoding
Content-Encoding: gzip
www.nbfcs.org/api/authUser
23.254.229.241200 OK 2 B URL HTTP/1.1 www.nbfcs.org/api/authUser
IP 23.254.229.241:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Analyzer Verdict Alert fortinet Phishing
GET /api/authUser HTTP/1.1
Host: www.nbfcs.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.nbfcs.org/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 15 Feb 2023 23:43:17 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 2
Connection: keep-alive
X-Powered-By: Express
ETag: W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
www.nbfcs.org/_next/image?url=%2F_next%2Fstatic%2Fmedia%2FhandPhone.d82b3fd5.png&w=1200&q=75
23.254.229.241200 OK 40 kB URL HTTP/1.1 www.nbfcs.org/_next/image?url=%2F_next%2Fstatic%2Fmedia%2FhandPhone.d82b3fd5.png&w=1200&q=75
IP 23.254.229.241:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash e24657bc88acc8111b1443af4d752a13
282f580ad16532d884b6c0907d111f7adc2c0b14
ead1ea2f745599bcba0220b0818ee6147e20d9d50759c76edf112f3a5d1b9a48
GET /_next/image?url=%2F_next%2Fstatic%2Fmedia%2FhandPhone.d82b3fd5.png&w=1200&q=75 HTTP/1.1
Host: www.nbfcs.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nbfcs.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 15 Feb 2023 23:43:17 GMT
Content-Type: image/webp
Content-Length: 40358
Connection: keep-alive
Vary: Accept
Cache-Control: public, max-age=315360000, immutable
ETag: 6tHqL3RVmby6AiCwgY7mFH4g2dUHWcdu3xEvOl0bmkg=
Content-Disposition: inline; filename="handPhone.webp"
Content-Security-Policy: script-src 'none'; frame-src 'none'; sandbox;
X-Nextjs-Cache: HIT
www.nbfcs.org/_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fform.e5986808.png&w=640&q=75
23.254.229.241200 OK 8.9 kB URL HTTP/1.1 www.nbfcs.org/_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fform.e5986808.png&w=640&q=75
IP 23.254.229.241:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 18293f3c0452895c1c3a222f65f87bc1
518b919779481eab098c975a0e1d327d13e18077
3ca64d58b362f06f982c2bafa478478ca36713375b2fc4542394fcc413e40f35
GET /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fform.e5986808.png&w=640&q=75 HTTP/1.1
Host: www.nbfcs.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nbfcs.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 15 Feb 2023 23:43:17 GMT
Content-Type: image/webp
Content-Length: 8854
Connection: keep-alive
Vary: Accept
Cache-Control: public, max-age=315360000, immutable
ETag: PKZNWLNi8G+YLCuvpHhHjKNnEzdbL8RUI5T8xBPkDzU=
Content-Disposition: inline; filename="form.webp"
Content-Security-Policy: script-src 'none'; frame-src 'none'; sandbox;
X-Nextjs-Cache: HIT
fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2
142.250.74.35200 OK 46 kB URL HTTP/2 fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 46524, version 1.0\012- data
Hash c1fd378f54921c75e4ae1821e7b8fff6
2ce96e97783b2f154d07f4464ca6f8eb2469f2c1
405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826
GET /s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.nbfcs.org
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 46524
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 15 Feb 2023 03:37:24 GMT
expires: Thu, 15 Feb 2024 03:37:24 GMT
cache-control: public, max-age=31536000
age: 72353
last-modified: Mon, 18 Jul 2022 19:58:01 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.nbfcs.org/_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fworld.c12e01af.png&w=1200&q=75
23.254.229.241200 OK 37 kB URL HTTP/1.1 www.nbfcs.org/_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fworld.c12e01af.png&w=1200&q=75
IP 23.254.229.241:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 76341a391d7dab85dd7d219410e9718b
5e4be2c4616b9893339a0e19d1e1765e34fcc8c4
99b87290fdd4a0692eb23a380eb2c7c4e40ca3fc5f5e7702bdb41e9018b56b74
GET /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fworld.c12e01af.png&w=1200&q=75 HTTP/1.1
Host: www.nbfcs.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nbfcs.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 15 Feb 2023 23:43:17 GMT
Content-Type: image/webp
Content-Length: 37200
Connection: keep-alive
Vary: Accept
Cache-Control: public, max-age=315360000, immutable
ETag: mbhykP3UoGkusjo4DrLHxOQMo-xfXncCvbQekBi1a3Q=
Content-Disposition: inline; filename="world.webp"
Content-Security-Policy: script-src 'none'; frame-src 'none'; sandbox;
X-Nextjs-Cache: HIT
www.nbfcs.org/_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fus.2cafd197.png&w=750&q=75
23.254.229.241200 OK 32 kB URL HTTP/1.1 www.nbfcs.org/_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fus.2cafd197.png&w=750&q=75
IP 23.254.229.241:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 746x478, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 975d5adf70ce77384e3238bf72f00e96
0e188e26a0bb4ca0b5d2748ce0704d9b2e814714
df49b0eb8da8fbc1ac0b6d7e4773e6299d8e242dd3b18101bab092661cd870aa
GET /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fus.2cafd197.png&w=750&q=75 HTTP/1.1
Host: www.nbfcs.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.nbfcs.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 15 Feb 2023 23:43:17 GMT
Content-Type: image/webp
Content-Length: 32380
Connection: keep-alive
Vary: Accept
Cache-Control: public, max-age=315360000, immutable
ETag: 30mw642o+8GsC21+R3PmKZ2OJC3TsYEBurCSZhzYcKo=
Content-Disposition: inline; filename="us.webp"
Content-Security-Policy: script-src 'none'; frame-src 'none'; sandbox;
X-Nextjs-Cache: HIT
glizauvo.net/impression/CbGhqgKt4-WvkPgEWN0OU3ljJYKawGn_XInvOumH_CM-xpFw3YFKLV_4F-L7V8g-Z1ep8yGtHCXozAWzrmoHifXov6WBx3tFTlIKGl2W0UPAqq2YJe3Ea2zxr145yk9pyO7xpKJu6MZGvOzmqlS9XHZ1QNBbB7Phs5UnfMeE57-PW8Y9gUzlw7N_LLeLEtCGb4LFgJ7E57zYUMNxp6MC4bEICGIxWTLC9eJF5NGMowsgLzvqFu8TvBUOv6W6MXzlaDarqlwASVnmg5ydGOG40LA9cJPQ1DtsfgE5f2p8VoJNVkEB8TBdMr-Ez46gRcLURDtSJ-VDFlccsUkXPQYNg1-nC4hW5U5l47xsk46Zf7CGsD4G4rCTQzgBxGgy0LYIUgiYRlDAivAzz2_1610TsB3OA3n0rFXsW4Z6Eyzid58G8QYWvqJyodPT97Y-geCBCFiY-eD1wqKk9YKyyusiFMuNJSrG-N0gZp1tnBv87_ohAH35s6s8aAONL-f_EXjfFHwxsuxiRQGVlkiGCC0KIfxtryekmg8qe3BJWwZq6FS4JWclcP2VYG214rS11PY2XYggYZ8bwHGyMHq3FNicXJuRl8dCJRafpr4kRZy-uN6uN2p6sVuU8E7Zm0rD8fTYSxPUQX-KmKSbQL_mGQk_6tbEjdw=?_z=5643867&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=5&pl=https%3A%2F%2Fonepiecean.com%2F%25D9%2585%25D8%25A7%25D9%2586%25D8%25AC%25D8%25A7-%25D9%2588%25D9%2586-%25D8%25A8%25D9%258A%25D8%25B3-%25D9%2581%25D8%25B5%25D9%2584-1075%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.236200 OK 43 B URL HTTP/2 glizauvo.net/impression/CbGhqgKt4-WvkPgEWN0OU3ljJYKawGn_XInvOumH_CM-xpFw3YFKLV_4F-L7V8g-Z1ep8yGtHCXozAWzrmoHifXov6WBx3tFTlIKGl2W0UPAqq2YJe3Ea2zxr145yk9pyO7xpKJu6MZGvOzmqlS9XHZ1QNBbB7Phs5UnfMeE57-PW8Y9gUzlw7N_LLeLEtCGb4LFgJ7E57zYUMNxp6MC4bEICGIxWTLC9eJF5NGMowsgLzvqFu8TvBUOv6W6MXzlaDarqlwASVnmg5ydGOG40LA9cJPQ1DtsfgE5f2p8VoJNVkEB8TBdMr-Ez46gRcLURDtSJ-VDFlccsUkXPQYNg1-nC4hW5U5l47xsk46Zf7CGsD4G4rCTQzgBxGgy0LYIUgiYRlDAivAzz2_1610TsB3OA3n0rFXsW4Z6Eyzid58G8QYWvqJyodPT97Y-geCBCFiY-eD1wqKk9YKyyusiFMuNJSrG-N0gZp1tnBv87_ohAH35s6s8aAONL-f_EXjfFHwxsuxiRQGVlkiGCC0KIfxtryekmg8qe3BJWwZq6FS4JWclcP2VYG214rS11PY2XYggYZ8bwHGyMHq3FNicXJuRl8dCJRafpr4kRZy-uN6uN2p6sVuU8E7Zm0rD8fTYSxPUQX-KmKSbQL_mGQk_6tbEjdw=?_z=5643867&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=5&pl=https%3A%2F%2Fonepiecean.com%2F%25D9%2585%25D8%25A7%25D9%2586%25D8%25AC%25D8%25A7-%25D9%2588%25D9%2586-%25D8%25A8%25D9%258A%25D8%25B3-%25D9%2581%25D8%25B5%25D9%2584-1075%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.236:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /impression/CbGhqgKt4-WvkPgEWN0OU3ljJYKawGn_XInvOumH_CM-xpFw3YFKLV_4F-L7V8g-Z1ep8yGtHCXozAWzrmoHifXov6WBx3tFTlIKGl2W0UPAqq2YJe3Ea2zxr145yk9pyO7xpKJu6MZGvOzmqlS9XHZ1QNBbB7Phs5UnfMeE57-PW8Y9gUzlw7N_LLeLEtCGb4LFgJ7E57zYUMNxp6MC4bEICGIxWTLC9eJF5NGMowsgLzvqFu8TvBUOv6W6MXzlaDarqlwASVnmg5ydGOG40LA9cJPQ1DtsfgE5f2p8VoJNVkEB8TBdMr-Ez46gRcLURDtSJ-VDFlccsUkXPQYNg1-nC4hW5U5l47xsk46Zf7CGsD4G4rCTQzgBxGgy0LYIUgiYRlDAivAzz2_1610TsB3OA3n0rFXsW4Z6Eyzid58G8QYWvqJyodPT97Y-geCBCFiY-eD1wqKk9YKyyusiFMuNJSrG-N0gZp1tnBv87_ohAH35s6s8aAONL-f_EXjfFHwxsuxiRQGVlkiGCC0KIfxtryekmg8qe3BJWwZq6FS4JWclcP2VYG214rS11PY2XYggYZ8bwHGyMHq3FNicXJuRl8dCJRafpr4kRZy-uN6uN2p6sVuU8E7Zm0rD8fTYSxPUQX-KmKSbQL_mGQk_6tbEjdw=?_z=5643867&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=5&pl=https%3A%2F%2Fonepiecean.com%2F%25D9%2585%25D8%25A7%25D9%2586%25D8%25AC%25D8%25A7-%25D9%2588%25D9%2586-%25D8%25A8%25D9%258A%25D8%25B3-%25D9%2581%25D8%25B5%25D9%2584-1075%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: glizauvo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://onepiecean.com/
Cookie: OAID=5f7bef3400c5445ca127d577339c9a23
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 15 Feb 2023 23:43:20 GMT
content-type: image/gif
content-length: 43
x-trace-id: 1e9d2b4c957b5ec36f004b5a026a8c19
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
arsnivyr.com/27/90f7f588ad5892e2821c323c80d6c1b6
139.45.197.242200 OK 0 B URL HTTP/2 arsnivyr.com/27/90f7f588ad5892e2821c323c80d6c1b6
IP 139.45.197.242:0
GET /27/90f7f588ad5892e2821c323c80d6c1b6 HTTP/1.1
Host: arsnivyr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://onepiecean.com/
Cookie: scm=1; OAID=8b775ad94091401aadc8587cea4bc209; oaidts=1676504594
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 15 Feb 2023 23:43:14 GMT
content-type: application/javascript
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID
cache-control: max-age:290304000, public
last-modified: Wed, 08 Feb 2023 07:51:08 GMT
expires: Wed, 10 Mar 2083 07:51:08 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
fonts.googleapis.com/earlyaccess/droidarabickufi.css?ver=6.1.1
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/earlyaccess/droidarabickufi.css?ver=6.1.1
IP 142.250.74.106:0
GET /earlyaccess/droidarabickufi.css?ver=6.1.1 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://onepiecean.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
expires: Wed, 15 Feb 2023 23:43:14 GMT
date: Wed, 15 Feb 2023 23:43:14 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
c0.wp.com/c/6.1.1/wp-includes/js/jquery/ui/core.min.js
192.0.77.37200 OK 0 B URL HTTP/2 c0.wp.com/c/6.1.1/wp-includes/js/jquery/ui/core.min.js
IP 192.0.77.37:0
GET /c/6.1.1/wp-includes/js/jquery/ui/core.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://onepiecean.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 15 Feb 2023 23:43:14 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Fri, 23 Sep 2022 19:55:30 GMT
content-encoding: br
expires: Thu, 15 Feb 2024 23:43:14 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap&ver=6.1.1
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap&ver=6.1.1
IP 142.250.74.106:0
GET /css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap&ver=6.1.1 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://onepiecean.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 15 Feb 2023 23:43:14 GMT
date: Wed, 15 Feb 2023 23:43:14 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
c0.wp.com/c/6.1.1/wp-includes/css/dist/block-editor/style-rtl.min.css
192.0.77.37200 OK 0 B URL HTTP/2 c0.wp.com/c/6.1.1/wp-includes/css/dist/block-editor/style-rtl.min.css
IP 192.0.77.37:0
GET /c/6.1.1/wp-includes/css/dist/block-editor/style-rtl.min.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://onepiecean.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 15 Feb 2023 23:43:14 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Fri, 11 Nov 2022 14:56:45 GMT
content-encoding: br
expires: Thu, 15 Feb 2024 23:43:14 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
c0.wp.com/c/6.1.1/wp-includes/js/underscore.min.js
192.0.77.37200 OK 0 B URL HTTP/2 c0.wp.com/c/6.1.1/wp-includes/js/underscore.min.js
IP 192.0.77.37:0
GET /c/6.1.1/wp-includes/js/underscore.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://onepiecean.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 15 Feb 2023 23:43:14 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 27 Sep 2022 15:18:25 GMT
content-encoding: br
expires: Thu, 15 Feb 2024 23:43:14 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
c0.wp.com/c/6.1.1/wp-includes/js/wp-util.min.js
192.0.77.37200 OK 0 B URL HTTP/2 c0.wp.com/c/6.1.1/wp-includes/js/wp-util.min.js
IP 192.0.77.37:0
GET /c/6.1.1/wp-includes/js/wp-util.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://onepiecean.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 15 Feb 2023 23:43:14 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 20 Sep 2022 03:52:10 GMT
content-encoding: br
expires: Thu, 15 Feb 2024 23:43:14 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto%3A400%2C400i%2C500%2C500i%2C700%2C700i%7CMuli%3A400%2C400i%2C600%2C600i%2C700%2C700i%2C800%2C800i&subset=latin%2Clatin-ext&ver=6.1.1
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto%3A400%2C400i%2C500%2C500i%2C700%2C700i%7CMuli%3A400%2C400i%2C600%2C600i%2C700%2C700i%2C800%2C800i&subset=latin%2Clatin-ext&ver=6.1.1
IP 142.250.74.106:0
GET /css?family=Roboto%3A400%2C400i%2C500%2C500i%2C700%2C700i%7CMuli%3A400%2C400i%2C600%2C600i%2C700%2C700i%2C800%2C800i&subset=latin%2Clatin-ext&ver=6.1.1 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://onepiecean.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 15 Feb 2023 23:43:14 GMT
date: Wed, 15 Feb 2023 23:43:14 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
c0.wp.com/c/6.1.1/wp-includes/js/jquery/jquery.min.js
192.0.77.37200 OK 0 B URL HTTP/2 c0.wp.com/c/6.1.1/wp-includes/js/jquery/jquery.min.js
IP 192.0.77.37:0
GET /c/6.1.1/wp-includes/js/jquery/jquery.min.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://onepiecean.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 15 Feb 2023 23:43:14 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Mon, 19 Sep 2022 14:16:24 GMT
content-encoding: br
expires: Thu, 15 Feb 2024 23:43:14 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
asleavannychan.com/pfe/current/universal.min.js?v=3.1.418
139.45.197.250200 OK 0 B URL HTTP/2 asleavannychan.com/pfe/current/universal.min.js?v=3.1.418
IP 139.45.197.250:0
Analyzer Verdict Alert quad9 Sinkholed
GET /pfe/current/universal.min.js?v=3.1.418 HTTP/1.1
Host: asleavannychan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://onepiecean.com/
Origin: https://onepiecean.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 15 Feb 2023 23:43:14 GMT
content-type: application/javascript
last-modified: Tue, 07 Feb 2023 14:32:43 GMT
etag: W/"63e2610b-19082"
access-control-allow-origin: https://onepiecean.com
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
fonts.googleapis.com/earlyaccess/notokufiarabic.css?ver=6.1.1
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/earlyaccess/notokufiarabic.css?ver=6.1.1
IP 142.250.74.106:0
GET /earlyaccess/notokufiarabic.css?ver=6.1.1 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://onepiecean.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 15 Feb 2023 23:43:14 GMT
date: Wed, 15 Feb 2023 23:43:14 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.googleapis.com/earlyaccess/droidarabicnaskh.css?ver=6.1.1
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/earlyaccess/droidarabicnaskh.css?ver=6.1.1
IP 142.250.74.106:0
GET /earlyaccess/droidarabicnaskh.css?ver=6.1.1 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://onepiecean.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
expires: Wed, 15 Feb 2023 23:43:14 GMT
date: Wed, 15 Feb 2023 23:43:14 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
punoocke.com/500/5643483?excludes=&oaid=5f7bef3400c5445ca127d577339c9a23&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=4&pl=https%3A%2F%2Fonepiecean.com%2F%25D9%2585%25D8%25A7%25D9%2586%25D8%25AC%25D8%25A7-%25D9%2588%25D9%2586-%25D8%25A8%25D9%258A%25D8%25B3-%25D9%2581%25D8%25B5%25D9%2584-1075%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.236200 OK 0 B URL HTTP/2 punoocke.com/500/5643483?excludes=&oaid=5f7bef3400c5445ca127d577339c9a23&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=4&pl=https%3A%2F%2Fonepiecean.com%2F%25D9%2585%25D8%25A7%25D9%2586%25D8%25AC%25D8%25A7-%25D9%2588%25D9%2586-%25D8%25A8%25D9%258A%25D8%25B3-%25D9%2581%25D8%25B5%25D9%2584-1075%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.236:0
GET /500/5643483?excludes=&oaid=5f7bef3400c5445ca127d577339c9a23&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=4&pl=https%3A%2F%2Fonepiecean.com%2F%25D9%2585%25D8%25A7%25D9%2586%25D8%25AC%25D8%25A7-%25D9%2588%25D9%2586-%25D8%25A8%25D9%258A%25D8%25B3-%25D9%2581%25D8%25B5%25D9%2584-1075%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: punoocke.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://onepiecean.com
Connection: keep-alive
Referer: https://onepiecean.com/
Cookie: OAID=7f9ab7a305c847a6b0d3be033c7915f6
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 15 Feb 2023 23:43:16 GMT
content-type: application/javascript
x-trace-id: 785310715a3f7f74d22c81d5fee0425d
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
vary: Origin
access-control-allow-origin: https://onepiecean.com
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=5f7bef3400c5445ca127d577339c9a23; expires=Thu, 15 Feb 2024 23:43:16 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
c0.wp.com/c/6.1.1/wp-includes/css/dashicons.min.css
192.0.77.37200 OK 0 B URL HTTP/2 c0.wp.com/c/6.1.1/wp-includes/css/dashicons.min.css
IP 192.0.77.37:0
GET /c/6.1.1/wp-includes/css/dashicons.min.css HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://onepiecean.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 15 Feb 2023 23:43:14 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Wed, 03 Mar 2021 21:16:22 GMT
content-encoding: br
expires: Thu, 15 Feb 2024 23:43:14 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
arsnivyr.com/1?z=5645957
139.45.197.242200 OK 0 B IP 139.45.197.242:0
GET /1?z=5645957 HTTP/1.1
Host: arsnivyr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://onepiecean.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 15 Feb 2023 23:43:14 GMT
content-type: text/javascript
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID
x-trace-id: 455099784acf3871c755163f410bce35
access-control-expose-headers: X-Sc
x-sc: BIQpVtkvQlqJiA6ul1nFJliSZHomkXW6Hg3cMrfmcTmwJC7ydIJigacl4pVCtwoyxHws4ecaYqdLh98VJdJU783ysYE=
set-cookie: scm=1; expires=Thu, 15 Feb 2024 23:43:14 GMT; secure; SameSite=None
OAID=8b775ad94091401aadc8587cea4bc209; expires=Thu, 15 Feb 2024 23:43:14 GMT; secure; SameSite=None
oaidts=1676504594; expires=Thu, 15 Feb 2024 23:43:14 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
arsnivyr.com/9?z=5645957&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fonepiecean.com%2F%25D9%2585%25D8%25A7%25D9%2586%25D8%25AC%25D8%25A7-%25D9%2588%25D9%2586-%25D8%25A8%25D9%258A%25D8%25B3-%25D9%2581%25D8%25B5%25D9%2584-1075%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=4&sah=1002&drf=&hil=1&ist=0&oaid=5f7bef3400c5445ca127d577339c9a23
139.45.197.242200 OK 0 B URL HTTP/2 arsnivyr.com/9?z=5645957&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fonepiecean.com%2F%25D9%2585%25D8%25A7%25D9%2586%25D8%25AC%25D8%25A7-%25D9%2588%25D9%2586-%25D8%25A8%25D9%258A%25D8%25B3-%25D9%2581%25D8%25B5%25D9%2584-1075%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=4&sah=1002&drf=&hil=1&ist=0&oaid=5f7bef3400c5445ca127d577339c9a23
IP 139.45.197.242:0
POST /9?z=5645957&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fonepiecean.com%2F%25D9%2585%25D8%25A7%25D9%2586%25D8%25AC%25D8%25A7-%25D9%2588%25D9%2586-%25D8%25A8%25D9%258A%25D8%25B3-%25D9%2581%25D8%25B5%25D9%2584-1075%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=4&sah=1002&drf=&hil=1&ist=0&oaid=5f7bef3400c5445ca127d577339c9a23 HTTP/1.1
Host: arsnivyr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 286
Origin: https://onepiecean.com
Connection: keep-alive
Referer: https://onepiecean.com/
Cookie: scm=1; OAID=8b775ad94091401aadc8587cea4bc209; oaidts=1676504594
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 15 Feb 2023 23:43:15 GMT
content-type: application/json
access-control-allow-credentials: true
access-control-allow-origin: https://onepiecean.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID
x-trace-id: 8a592529a2edccdbaf4991b3da75c204
access-control-expose-headers: X-Sc
set-cookie: OAID=5f7bef3400c5445ca127d577339c9a23; expires=Thu, 15 Feb 2024 23:43:15 GMT; secure; SameSite=None
oaidts=1676504594; expires=Thu, 15 Feb 2024 23:43:15 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
c0.wp.com/p/jetpack/11.8/modules/contact-form/js/form-styles.js
192.0.77.37200 OK 0 B URL HTTP/2 c0.wp.com/p/jetpack/11.8/modules/contact-form/js/form-styles.js
IP 192.0.77.37:0
GET /p/jetpack/11.8/modules/contact-form/js/form-styles.js HTTP/1.1
Host: c0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://onepiecean.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 15 Feb 2023 23:43:14 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Mon, 16 Jan 2023 20:35:43 GMT
content-encoding: br
expires: Thu, 15 Feb 2024 23:43:14 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
x-nc: HIT arn 2
timing-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
X-Firefox-Spdy: h2
asleavannychan.com/ntfc.php?p=5643824
139.45.197.250200 OK 0 B URL HTTP/2 asleavannychan.com/ntfc.php?p=5643824
IP 139.45.197.250:0
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /ntfc.php?p=5643824 HTTP/1.1
Host: asleavannychan.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://onepiecean.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 15 Feb 2023 23:43:14 GMT
content-type: application/javascript
last-modified: Tue, 07 Feb 2023 14:32:43 GMT
etag: W/"63e2610b-37f4"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
punoocke.com/400/5643483
139.45.197.236200 OK 0 B IP 139.45.197.236:0
GET /400/5643483 HTTP/1.1
Host: punoocke.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://onepiecean.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 15 Feb 2023 23:43:14 GMT
content-type: application/javascript
x-trace-id: 8e2285330a70b601f086577b027d6435
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=7f9ab7a305c847a6b0d3be033c7915f6; expires=Thu, 15 Feb 2024 23:43:14 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2