www.freeroms.com/roms/gba/need_for_speed_underground_2.htm
64.235.54.28301 Moved Permanently 162 B URL HTTP/1.1 www.freeroms.com/roms/gba/need_for_speed_underground_2.htm
IP 64.235.54.28:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
Analyzer Verdict Alert fortinet Malware
GET /roms/gba/need_for_speed_underground_2.htm HTTP/1.1
Host: www.freeroms.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 26 Jan 2023 22:43:44 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://www.freeroms.com/roms/gba/need_for_speed_underground_2.htm
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 2405562765b49b2782ebd2e2994851d5
be7ac8e558f7875bb1fb86ab5ec674424a5ff269
422cfa907461cb7b93b9089d600052f9e94951e5e0c93d97651905002e48ad3e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "422CFA907461CB7B93B9089D600052F9E94951E5E0C93D97651905002E48AD3E"
Last-Modified: Thu, 26 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7972
Expires: Fri, 27 Jan 2023 00:56:36 GMT
Date: Thu, 26 Jan 2023 22:43:44 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 5fe582397f3003b225cb9058e02c2190
68174a54a8f6c4de9247ccea2dcae3c9b76bdb9f
238a2ef5b61d56353d0a5e97ec3092b8f2792cde7cecf40e1a858f8c129d3a9d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "238A2EF5B61D56353D0A5E97EC3092B8F2792CDE7CECF40E1A858F8C129D3A9D"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17491
Expires: Fri, 27 Jan 2023 03:35:15 GMT
Date: Thu, 26 Jan 2023 22:43:44 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 26 Jan 2023 22:42:56 GMT
content-type: application/json
age: 48
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 69f73ac59327cd9ad7d99816ccfcc03e
c54844f82dbee0d5ee4c8ce344eb0139373e6c6b
e81c685b2d8f0e31b89e5cfc911a2c5a99a556646830ac5a8468d991b5e871a3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E81C685B2D8F0E31B89E5CFC911A2C5A99A556646830AC5A8468D991B5E871A3"
Last-Modified: Thu, 26 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10078
Expires: Fri, 27 Jan 2023 01:31:42 GMT
Date: Thu, 26 Jan 2023 22:43:44 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: X16nAmNSsFZvIQctvBnetoGRixjuDUO00JKLk6lz1nJVaqm+uqd0HSjBd/0ewtcpED/TZdI//6c=
x-amz-request-id: NSJZVN9YY0B8CJ9S
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 26 Jan 2023 21:49:09 GMT
age: 3275
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 22:43:44 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.netsolssl.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 195699b7f18de327649161380c8bd636
c61b5f753bf593c333e8a3b3e8a92bef2130cbd6
e7f8c8d68e954b25d1535f4588bcece89142549c53dd2a807f7922bd0b1a2b34
POST / HTTP/1.1
Host: ocsp.netsolssl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 22:43:45 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 25 Jan 2023 18:55:42 GMT
Expires: Wed, 01 Feb 2023 18:55:41 GMT
Etag: "c61b5f753bf593c333e8a3b3e8a92bef2130cbd6"
Cache-Control: max-age=504115,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78fcc4efaab4b4e8-OSL
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Last-Modified, Pragma, ETag, Retry-After, Content-Type, Content-Length, Expires, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 26 Jan 2023 22:41:40 GMT
age: 125
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 1e2970e1480a4759282d63bb213051e4
ed5194d4d25dfc199821129be5d74be0ce49197d
18e19ea4c9c262cb9a94f89172eef2604222e779346589d470bf2e95ea295563
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "18E19EA4C9C262CB9A94F89172EEF2604222E779346589D470BF2E95EA295563"
Last-Modified: Tue, 24 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16495
Expires: Fri, 27 Jan 2023 03:18:40 GMT
Date: Thu, 26 Jan 2023 22:43:45 GMT
Connection: keep-alive
push.services.mozilla.com/
54.148.238.232101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.148.238.232:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: laOMUp0WYZvQV4AkbC/8IQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: hazx5OEI6v93sReQIddJPQyDxeA=
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 82e3abc4a7b17efedca67cf215f4bb60
e20e55d87591af7db3a4bcfc429048f85e389b85
df8901d4d87686fb11e17986f5d53cf513f675b4dd71f0a2e35c7ffbefa7fb9e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 22:43:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=G-FH0L8EV0R0
142.250.74.40200 OK 78 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-FH0L8EV0R0
IP 142.250.74.40:0
File type ASCII text, with very long lines (21849)
Hash 858d66dcd6a60ca529e7cde046813f11
db20f2b31cfd17bab4a757b1bb51a38e4de46be0
4cace6123d30610d792d13e50a82dde4e288356f43edbec4265eb22f06490ae5
GET /gtag/js?id=G-FH0L8EV0R0 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freeroms.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 26 Jan 2023 22:43:46 GMT
expires: Thu, 26 Jan 2023 22:43:46 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 77788
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 82e3abc4a7b17efedca67cf215f4bb60
e20e55d87591af7db3a4bcfc429048f85e389b85
df8901d4d87686fb11e17986f5d53cf513f675b4dd71f0a2e35c7ffbefa7fb9e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 22:43:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.freeroms.com/js/front-script.js
64.235.54.28200 OK 295 B URL HTTP/2 www.freeroms.com/js/front-script.js
IP 64.235.54.28:0
Hash a174c795cabe8885e66e5dd9b4cfc1d8
eb1b7d6a2f298c3245b3b2d4f399a85b09e4797b
35484d5bbcbe3298d6c046bf77a34aa128a4311d7c82c5566a8f0dbfc53c409b
GET /js/front-script.js HTTP/1.1
Host: www.freeroms.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freeroms.com/roms/gba/need_for_speed_underground_2.htm
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 22:43:46 GMT
content-type: application/javascript
content-length: 295
x-accel-version: 0.01
last-modified: Mon, 09 Jan 2017 06:39:35 GMT
etag: "223-545a3a17f17c0-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-powered-by: PleskLin
X-Firefox-Spdy: h2
www.freeroms.com/images/logo.png
64.235.54.28200 OK 9.8 kB URL HTTP/2 www.freeroms.com/images/logo.png
IP 64.235.54.28:0
File type PNG image data, 215 x 40, 8-bit/color RGB, non-interlaced\012- data
Hash 14cd0a179797ca4b75eafccd97c8bb29
3b28b50481b500440e2d20df8acfba80d752a090
e94da94c103e98f78880e5458d6cd022cc20d1d6412b985ef8c0b3eeafd40f5c
GET /images/logo.png HTTP/1.1
Host: www.freeroms.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freeroms.com/roms/gba/need_for_speed_underground_2.htm
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 22:43:46 GMT
content-type: image/png
content-length: 9831
last-modified: Tue, 14 Jul 2015 01:10:45 GMT
etag: "55a46195-2667"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
www.freeroms.com/roms/gba/need_for_speed_underground_2.htm
64.235.54.28200 OK 90 kB URL HTTP/2 www.freeroms.com/roms/gba/need_for_speed_underground_2.htm
IP 64.235.54.28:0
Hash dade3a45408365bc42723b02a8f76ea8
c533dc9abd1078646892a5e97cea08bcc2df55e0
326bb13c66688fc1373459c4032dbd81aa0de2195722bd56e24ae5cc63c1192b
Analyzer Verdict Alert fortinet Malware
GET /roms/gba/need_for_speed_underground_2.htm HTTP/1.1
Host: www.freeroms.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 22:43:45 GMT
content-type: text/html
last-modified: Thu, 26 Jan 2023 09:00:21 GMT
etag: W/"63d24125-28b01"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
www.freeroms.com/images/circuit_main_top.gif
64.235.54.28200 OK 1.4 kB URL HTTP/2 www.freeroms.com/images/circuit_main_top.gif
IP 64.235.54.28:0
File type GIF image data, version 89a, 334 x 40\012- data
Hash 8ce66b9116fdb0a263fbbf0ec7299e1c
3f2868999529378d7e40c4acce440c0fdd0963bb
7ee186a06b35fc6499ca0fe10faa3f137fdee61cbfd4163aaba28414b8e65063
GET /images/circuit_main_top.gif HTTP/1.1
Host: www.freeroms.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freeroms.com/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 22:43:46 GMT
content-type: image/gif
content-length: 1366
last-modified: Tue, 14 Jul 2015 01:10:55 GMT
etag: "55a4619f-556"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
www.freeroms.com/images/circuit_left.gif
64.235.54.28200 OK 3.0 kB URL HTTP/2 www.freeroms.com/images/circuit_left.gif
IP 64.235.54.28:0
File type GIF image data, version 89a, 12 x 320\012- data
Hash f84caa56ec89113941ed4823aecea88a
dd608663197ad5cf505e06c8a16fbd42f3001153
7925efc9e31cb712e156e1b0663846dea73debe1200b125ed73dfea95efc06f6
GET /images/circuit_left.gif HTTP/1.1
Host: www.freeroms.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freeroms.com/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 22:43:46 GMT
content-type: image/gif
content-length: 3029
last-modified: Tue, 14 Jul 2015 01:10:52 GMT
etag: "55a4619c-bd5"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
www.freeroms.com/images/black.png
64.235.54.28200 OK 927 B URL HTTP/2 www.freeroms.com/images/black.png
IP 64.235.54.28:0
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash 6f78a7c9048c4843d819c2ab39b33b6c
99e314e4b9325f41d0d42512cbf8a4a636871ac4
486e08b2d63e05464d757f1fbf3952a74bff6ff29f9ccace92c478fe8b4e4119
GET /images/black.png HTTP/1.1
Host: www.freeroms.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freeroms.com/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 22:43:46 GMT
content-type: image/png
content-length: 927
x-accel-version: 0.01
last-modified: Tue, 14 Jul 2015 01:10:48 GMT
etag: "39f-51acb82299600"
accept-ranges: bytes
x-powered-by: PleskLin
X-Firefox-Spdy: h2
www.freeroms.com/images/nav-strip.png
64.235.54.28200 OK 1.1 kB URL HTTP/2 www.freeroms.com/images/nav-strip.png
IP 64.235.54.28:0
File type PNG image data, 7 x 56, 8-bit/color RGB, non-interlaced\012- data
Hash 92f72da7215127fddf06584d40f1f67c
506dec643852f00b64b0a247d5ff68b1c3fe5c7e
d61ce2fb10db1c5814deedb8c6ca63ee220abba2ba29359cd053e28e84f22172
GET /images/nav-strip.png HTTP/1.1
Host: www.freeroms.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freeroms.com/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 22:43:46 GMT
content-type: image/png
content-length: 1094
last-modified: Tue, 14 Jul 2015 01:10:45 GMT
etag: "55a46195-446"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
www.freeroms.com/images/nav-hover.jpg
64.235.54.28200 OK 1.4 kB URL HTTP/2 www.freeroms.com/images/nav-hover.jpg
IP 64.235.54.28:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 2x27, components 3\012- data
Hash eb717b2848bfd323a7a56acb2000c30b
761b2d51d0ebd16d0fbec8c8bb9d3f9ec07cef1c
42b043aacc0907bd04c43941f5f809f38b932a2267465dd71560b52aadeba39c
GET /images/nav-hover.jpg HTTP/1.1
Host: www.freeroms.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freeroms.com/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 22:43:46 GMT
content-type: image/jpeg
content-length: 1368
last-modified: Tue, 14 Jul 2015 01:10:45 GMT
etag: "55a46195-558"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
www.freeroms.com/images/border.png
64.235.54.28200 OK 938 B URL HTTP/2 www.freeroms.com/images/border.png
IP 64.235.54.28:0
File type PNG image data, 2 x 23, 8-bit/color RGBA, non-interlaced\012- data
Hash a4de791940d86ff21226a978b905950e
bba1cc2559c7b67cb577f48118604b169a212239
c1ff6bcf530cc998882a66b1a1dafcff6869533caf5a6fea4e137497f0555269
GET /images/border.png HTTP/1.1
Host: www.freeroms.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freeroms.com/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 22:43:46 GMT
content-type: image/png
content-length: 938
x-accel-version: 0.01
last-modified: Tue, 14 Jul 2015 01:10:48 GMT
etag: "3aa-51acb82299600"
accept-ranges: bytes
x-powered-by: PleskLin
X-Firefox-Spdy: h2
www.freeroms.com/images/rom.png
64.235.54.28200 OK 1.4 kB URL HTTP/2 www.freeroms.com/images/rom.png
IP 64.235.54.28:0
File type PNG image data, 28 x 25, 8-bit/color RGBA, non-interlaced\012- data
Hash 213bc22990ce0324b563a2714b22749d
514c1c91577fd3fa56b081a73b419015fcb2baf9
0465cb562ac7a714e9e90eb55764b1bc210b3378c5c01a465f8cdaa386f65349
GET /images/rom.png HTTP/1.1
Host: www.freeroms.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freeroms.com/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 22:43:46 GMT
content-type: image/png
content-length: 1365
last-modified: Tue, 14 Jul 2015 01:10:46 GMT
etag: "55a46196-555"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
www.freeroms.com/images/default-arr.png
64.235.54.28200 OK 978 B URL HTTP/2 www.freeroms.com/images/default-arr.png
IP 64.235.54.28:0
File type PNG image data, 3 x 7, 8-bit/color RGBA, non-interlaced\012- data
Hash 0edc018ca2c25a655a9eeed4b31eab51
dba5918c2b540f28d9365ad1db47d658c2dd8f66
d82b013cdd3a3efcde2e7403046e96555f5f7446efef3f2a6879af699f868218
GET /images/default-arr.png HTTP/1.1
Host: www.freeroms.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freeroms.com/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 22:43:46 GMT
content-type: image/png
content-length: 978
x-accel-version: 0.01
last-modified: Tue, 14 Jul 2015 01:10:55 GMT
etag: "3d2-51acb829465c0"
accept-ranges: bytes
x-powered-by: PleskLin
X-Firefox-Spdy: h2
www.freeroms.com/images/white-arr.png
64.235.54.28200 OK 959 B URL HTTP/2 www.freeroms.com/images/white-arr.png
IP 64.235.54.28:0
File type PNG image data, 3 x 7, 8-bit/color RGBA, non-interlaced\012- data
Hash 903756d319facbf280d6218c8c0abd28
8e48f8a6e59a563309420d029a63d0bc94f52f71
f77ebade1d0c3b0e4b69b9a6156294ea756094286fe2ba171e78bd96b7b3bccb
GET /images/white-arr.png HTTP/1.1
Host: www.freeroms.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freeroms.com/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 22:43:46 GMT
content-type: image/png
content-length: 959
x-accel-version: 0.01
last-modified: Wed, 25 Jan 2017 04:37:29 GMT
etag: "3bf-546e3ca4b3440"
accept-ranges: bytes
x-powered-by: PleskLin
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 46dc30387c4c80980565842526bb5efe
cbfbdd770260e40b3bde38f51af261e045be0c1a
50e46738faffc76b52c2634d5fb8a9d67f4e58d7f21541d37a9325e81dacd3e1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "50E46738FAFFC76B52C2634D5FB8A9D67F4E58D7F21541D37A9325E81DACD3E1"
Last-Modified: Thu, 26 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16591
Expires: Fri, 27 Jan 2023 03:20:17 GMT
Date: Thu, 26 Jan 2023 22:43:46 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 46dc30387c4c80980565842526bb5efe
cbfbdd770260e40b3bde38f51af261e045be0c1a
50e46738faffc76b52c2634d5fb8a9d67f4e58d7f21541d37a9325e81dacd3e1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "50E46738FAFFC76B52C2634D5FB8A9D67F4E58D7F21541D37A9325E81DACD3E1"
Last-Modified: Thu, 26 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16701
Expires: Fri, 27 Jan 2023 03:22:07 GMT
Date: Thu, 26 Jan 2023 22:43:46 GMT
Connection: keep-alive
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash 0e0794742d318d830bb70192940d1ea6
23cf49def92a0b062bcdccbbf61383fb22d58ba0
5078277491858b6974d34d56c4c966210a37ad970bc165a08d9bb6e2510874de
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=143789
Date: Thu, 26 Jan 2023 22:43:46 GMT
Etag: "63d28099-1d7"
Expires: Sat, 28 Jan 2023 14:40:15 GMT
Last-Modified: Thu, 26 Jan 2023 13:31:05 GMT
Server: ECS (bsa/EB13)
X-Cache: Miss from cloudfront
Via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: kQOocI75Wy79AYXTLXpKUFCJLtNKVZb0Zb4Fl192iwWncrwM-KvuIw==
Age: 4150
simplewebanalysis.com/stats
3.120.47.42200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 3.120.47.42:0
File type ASCII text, with no line terminators
Hash 5aa890c46c5760af6fa359afac608c26
db8a2eb4ce799dd39b4fa70e71ce8c4bb8d1e346
165c85a21f1bebaa354ab116e0d8f3e433fdd36119c397165f9254819b9185f3
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.freeroms.com
Connection: keep-alive
Referer: https://www.freeroms.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 26 Jan 2023 22:43:46 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.freeroms.com
access-control-allow-credentials: true
set-cookie: uid_id2=98832bb1-3221-4f73-ba71-6c3f0755d8ac:3:1; expires=Sun, 23 Jan 2033 22:43:46 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
dacmaiss.com/tag.min.js
139.45.197.237200 OK 24 kB IP 139.45.197.237:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash c4908e29d4b2ee5bb96790e426d7f232
57d500deb5757bcde65cf9d61df9514367d33837
769dd1240d0a52a9547bc6618ca0e7d274591768ce9aa919e3c3868c0045dc48
Analyzer Verdict Alert quad9 Sinkholed
GET /tag.min.js HTTP/1.1
Host: dacmaiss.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freeroms.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 22:43:46 GMT
content-type: text/javascript; charset=utf-8
content-length: 23678
content-encoding: br
x-trace-id: c5338899bbcb29c8b80949405eeffa40
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
accept-ranges: bytes
last-modified: Mon, 23 Jan 2023 15:51:55 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
www.freeroms.com/images/circuit_main_bottom.gif
64.235.54.28200 OK 1.4 kB URL HTTP/2 www.freeroms.com/images/circuit_main_bottom.gif
IP 64.235.54.28:0
File type GIF image data, version 89a, 334 x 40\012- data
Hash 660833b77d6e64a7347b2536658f65d4
7ef5949aa50558090c53c9084bf4e01c8984f5c7
280a43318bfd40a4cf90a00f47e944e7c6ae6221aaed1e7fe23a1b39b79c3635
GET /images/circuit_main_bottom.gif HTTP/1.1
Host: www.freeroms.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freeroms.com/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 22:43:46 GMT
content-type: image/gif
content-length: 1352
last-modified: Tue, 14 Jul 2015 01:10:54 GMT
etag: "55a4619e-548"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
www.freeroms.com/images/circuit_main_right.gif
64.235.54.28200 OK 1.8 kB URL HTTP/2 www.freeroms.com/images/circuit_main_right.gif
IP 64.235.54.28:0
File type GIF image data, version 89a, 12 x 415\012- data
Hash ca8a951bdcdf29ca49cf66f5e2a963d1
514cdcb098f3e0716f94c53a33cf2fc9f41d40bf
089c688ad07d47949987f81f182752199bb7329fd5d443fa084342f6f9dc2953
GET /images/circuit_main_right.gif HTTP/1.1
Host: www.freeroms.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freeroms.com/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 22:43:46 GMT
content-type: image/gif
content-length: 1849
last-modified: Tue, 14 Jul 2015 01:10:55 GMT
etag: "55a4619f-739"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
www.freeroms.com/images/download-ar.png
64.235.54.28200 OK 1.1 kB URL HTTP/2 www.freeroms.com/images/download-ar.png
IP 64.235.54.28:0
File type PNG image data, 11 x 17, 8-bit/color RGBA, non-interlaced\012- data
Hash 1f11769dabff5c8bab9b24e4aaf89b78
bbfa2c4db3bdc8efd7fd5f388e349d9de296f2df
4e4d8ee70a3d33d4d0d9e32dc90244f1b0f54b30f414e7a588adf9a7381e4c66
GET /images/download-ar.png HTTP/1.1
Host: www.freeroms.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freeroms.com/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 22:43:46 GMT
content-type: image/png
content-length: 1110
last-modified: Tue, 14 Jul 2015 01:10:56 GMT
etag: "55a461a0-456"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
www.freeroms.com/images/cart.png
64.235.54.28200 OK 2.3 kB URL HTTP/2 www.freeroms.com/images/cart.png
IP 64.235.54.28:0
File type PNG image data, 30 x 113, 8-bit/color RGBA, non-interlaced\012- data
Hash ac6530f6d006d66152cd747ff83bd3c6
8c061d59551994caa61bb65e4bc640b6c6a2cf1c
53493e7170c444e398dea7abdcbfb0a842e9129bcbce4254c17ad3e3f6caa363
GET /images/cart.png HTTP/1.1
Host: www.freeroms.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freeroms.com/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 22:43:46 GMT
content-type: image/png
content-length: 2278
last-modified: Tue, 14 Jul 2015 01:10:48 GMT
etag: "55a46198-8e6"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 2fd3b5487710791cafa87110d681647a
6f3de59c79cf8f93c3312d917e9bb225a8bb25f9
35c24aa8f70e97185a0a18761f04b283cefecdce3abcd2261ccc6377077730c5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35C24AA8F70E97185A0A18761F04B283CEFECDCE3ABCD2261CCC6377077730C5"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2149
Expires: Thu, 26 Jan 2023 23:19:35 GMT
Date: Thu, 26 Jan 2023 22:43:46 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash d84f383ade441229a3b8c3bdb440dec1
1a3fe5fbdb453238fd1bba1698ab7e42cc964455
00f8082421d59df44b61e96c4cdf71aec562e572fd3fbebfb2f1c5aa5fa22c6f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "00F8082421D59DF44B61E96C4CDF71AEC562E572FD3FBEBFB2F1C5AA5FA22C6F"
Last-Modified: Thu, 26 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2280
Expires: Thu, 26 Jan 2023 23:21:46 GMT
Date: Thu, 26 Jan 2023 22:43:46 GMT
Connection: keep-alive
my.rtmark.net/gid.js?userId=b0e353cd95e04579a882e88466795384
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?userId=b0e353cd95e04579a882e88466795384
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash 08c335ca5745a6b39f0d7834884bd87f
99998aff805e15f56f74d6df09a82c8561062917
66751a976f496769e829180ad616d6807cb64d13d956ce4011fc5635e36c87dc
GET /gid.js?userId=b0e353cd95e04579a882e88466795384 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.freeroms.com
Connection: keep-alive
Referer: https://www.freeroms.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 22:43:46 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://www.freeroms.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=b0e353cd95e04579a882e88466795384; expires=Fri, 26 Jan 2024 22:43:46 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
betotodilea.com/400/3601099
139.45.197.237403 Forbidden 22 B URL HTTP/2 betotodilea.com/400/3601099
IP 139.45.197.237:0
File type ASCII text, with no line terminators
Hash b5e50d07b6b24e1e105e6e4fceb97bf6
95d7e8119b8befc7153b44b4c7be59f26bd6ad33
61c3148fba3befcce5b4636c4209a440913a136138bf62005df97386827f2ae2
Analyzer Verdict Alert quad9 Sinkholed
GET /400/3601099 HTTP/1.1
Host: betotodilea.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freeroms.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
server: nginx
date: Thu, 26 Jan 2023 22:43:46 GMT
content-type: text/plain; charset=utf-8
content-length: 22
x-trace-id: 56c9aedf5f283a415f7a5c2a4689748a
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
timing-allow-origin: *
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 03201e381b6ad1cd03f4805d1512987b
4383185a3b03d13e37fb0378fc1e74edfa688b29
6287bdb027538b227d0857f8f9122946aa6f05c64b61f452a0ef192d9c6316b6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6287BDB027538B227D0857F8F9122946AA6F05C64B61F452A0EF192D9C6316B6"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12203
Expires: Fri, 27 Jan 2023 02:07:09 GMT
Date: Thu, 26 Jan 2023 22:43:46 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash f0a4098f041b32de6aeac7e8919dfb93
d3dd3d384e3bc4454b58f48c878261b5d165c2bd
1a2e07af32d611f5b897d8f26ba1ba7008bdbb7814bc749dc3f6992167ed6d64
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1A2E07AF32D611F5B897D8F26BA1BA7008BDBB7814BC749DC3F6992167ED6D64"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13588
Expires: Fri, 27 Jan 2023 02:30:14 GMT
Date: Thu, 26 Jan 2023 22:43:46 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash eabe4b311c1a4e5f9a3bffc76f0d6571
87409b39f1a04ea9502662b2c8f8aebf803087d9
4253b2a9c4892e6ed3c41adcdb7c9724f7634e54f94c1ceb60630fe5fda7493b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4253B2A9C4892E6ED3C41ADCDB7C9724F7634E54F94C1CEB60630FE5FDA7493B"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6695
Expires: Fri, 27 Jan 2023 00:35:21 GMT
Date: Thu, 26 Jan 2023 22:43:46 GMT
Connection: keep-alive
banquetunarmedgrater.com/advertisers.js
192.243.61.225200 OK 0 B URL HTTP/1.1 banquetunarmedgrater.com/advertisers.js
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /advertisers.js HTTP/1.1
Host: banquetunarmedgrater.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freeroms.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 26 Jan 2023 22:43:46 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: b56479bdf7772a294d7904033f305813
Strict-Transport-Security: max-age=0; includeSubdomains
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 9209d3c1d4b62a4510ff6e0d1a878e9f
bfb0e868a6485c61e3fff131bcbe0e6f96661e80
cec4cefcb1d68a7c78549ecaa3185e3d3d198726f7f0720d15430c2d64d62a6e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CEC4CEFCB1D68A7C78549ECAA3185E3D3D198726F7F0720D15430C2D64D62A6E"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5935
Expires: Fri, 27 Jan 2023 00:22:42 GMT
Date: Thu, 26 Jan 2023 22:43:47 GMT
Connection: keep-alive
combatbaskstationery.com/ea/2d/5d/ea2d5d802b867cf417198fc84113161f.json
173.233.137.36200 OK 405 B URL HTTP/1.1 combatbaskstationery.com/ea/2d/5d/ea2d5d802b867cf417198fc84113161f.json
IP 173.233.137.36:0
File type JSON data\012- , ASCII text, with very long lines (405), with no line terminators
Hash dcfbc7880d3b33fd1f5fc445eb57eaa9
c577177487a79869971acf3d08b881a6d583e2ef
03d04277739ee49668fdb55d6d19a9521fd0eeb45873530229fd2920831834ef
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /ea/2d/5d/ea2d5d802b867cf417198fc84113161f.json HTTP/1.1
Host: combatbaskstationery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.freeroms.com
Connection: keep-alive
Referer: https://www.freeroms.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 26 Jan 2023 22:43:46 GMT
Content-Type: application/json
Content-Length: 405
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 7ce8e7665b3abcb189180b93c7f3def4
Strict-Transport-Security: max-age=0; includeSubdomains
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 2e21811f62c077f45a93d7c3b543998d
3e890a73bb51d9dd1021d5339271aa40833ba258
c6b77371a50390fd68d44ff05e080f064c16c3095df8856b330ab0c6685cd3d1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C6B77371A50390FD68D44FF05E080F064C16C3095DF8856B330AB0C6685CD3D1"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6568
Expires: Fri, 27 Jan 2023 00:33:15 GMT
Date: Thu, 26 Jan 2023 22:43:47 GMT
Connection: keep-alive
nanouwho.com/1?z=3056520
139.45.197.242200 OK 137 kB IP 139.45.197.242:0
Size 137 kB (137356 bytes)
Hash c0adfc3abc6e3ee9caab7d35eafc13fc
c39622861cd0ff91426d571c2b2eb52b9400b406
08834e3d34a19068d14c31a8d83e666fbd3a548490981670cadbaa40a5d98854
Analyzer Verdict Alert quad9 Sinkholed
GET /1?z=3056520 HTTP/1.1
Host: nanouwho.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freeroms.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 22:43:46 GMT
content-type: text/javascript
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID
x-trace-id: c7c3ef492bfee357975c4190434d8b29
access-control-expose-headers: X-Sc
x-sc: E-fff96BEk1EDLCW2tkw-lhbgApDMjLik-PwFylplU0k4Z9Any-QIN3OBFLXvL_dFYUUNAkhwVuIjrJj8aD1_aTMV8k=
set-cookie: scm=1; expires=Fri, 26 Jan 2024 22:43:46 GMT; secure; SameSite=None
OAID=536b5a0d6c724ffeb6025891818d3033; expires=Fri, 26 Jan 2024 22:43:46 GMT; secure; SameSite=None
oaidts=1674773026; expires=Fri, 26 Jan 2024 22:43:46 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb781854-72d1-4a71-a095-0416f886f570.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb781854-72d1-4a71-a095-0416f886f570.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 131eb343c5abd61939457d69bd371348
ffb2035cf64fc83f01db5c6f26ffa264b6aac95b
8486eb9dc6325018f8721bc6f37408f260b6e652b145280f2d778d860d3ec2d5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb781854-72d1-4a71-a095-0416f886f570.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7538
x-amzn-requestid: 113924cc-a196-4dbd-91d9-68c213265afe
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e3fobF-ZoAMFjjA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c61302-6b24941a642b22cf21e47dc0;Sampled=0
x-amzn-remapped-date: Tue, 17 Jan 2023 03:16:18 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 2P09wOtKPDHjxxAuzcLFMQJwmGN1zNJcH9LA6IJpeaGiaPVRF4y-TA==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 07:15:25 GMT
age: 55702
etag: "ffb2035cf64fc83f01db5c6f26ffa264b6aac95b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5623b111-3a93-4843-8a40-550089a3d3eb.jpeg
34.120.237.76200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5623b111-3a93-4843-8a40-550089a3d3eb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a5de6b54196befa95e9291a051c645d0
e3100707a4e9b1d5c30223d31f58cd6ee8ad010b
5bcc3dd7011df4e17d7ef86d892fedeca14b0d0eabbe782fecf35c9a82b25e40
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5623b111-3a93-4843-8a40-550089a3d3eb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7804
x-amzn-requestid: f2bfdd54-e6bf-449f-9731-087e4e848e2e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fUmhfF4MoAMFquw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d1b7a2-3a06fc0b3cd076b23c947d99;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 23:13:38 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: CVD5IG2xp8meHr_xgY1KgY8PPejuUnKuXPqDpbd6NQv6U1kKVvK0Vg==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 08:45:17 GMT
age: 50310
etag: "e3100707a4e9b1d5c30223d31f58cd6ee8ad010b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F73f08a17-fd76-4130-b0e4-891c4a522ac4.jpeg
34.120.237.76200 OK 5.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F73f08a17-fd76-4130-b0e4-891c4a522ac4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 540b084166fb1ad476a2b816848004ac
d10694af4ff8fbdf58896085611b4614a7353eda
b5ce9c01e4ac5a634ab858787c69fe4bf1f297df92b1258f0de6e1461329154b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F73f08a17-fd76-4130-b0e4-891c4a522ac4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5567
x-amzn-requestid: 07346e30-a195-4e30-80ed-09bc2844c64d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fORCGGMGIAMFmWg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cf2eda-266bd30056d9d09c009ac086;Sampled=0
x-amzn-remapped-date: Tue, 24 Jan 2023 01:05:30 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: hzKkOH7fa9SswL-wobMieXmxjHSOamr-rogXw8H8SLW5_G_BhBOkjA==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 16:31:35 GMT
age: 22332
etag: "d10694af4ff8fbdf58896085611b4614a7353eda"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2f238e33-a6e3-479a-920f-92a9c7bf1a06.jpeg
34.120.237.76200 OK 6.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2f238e33-a6e3-479a-920f-92a9c7bf1a06.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a3d856f57bcfd0bb18253cd77dd6541b
9d9680fb1a9232bb2b42b824dc11633666bfa31a
f2a03384e72a4d3350ee6addc49d6a507837eb195647016ea001e846eaccb0e3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2f238e33-a6e3-479a-920f-92a9c7bf1a06.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6055
x-amzn-requestid: dd44b3ab-6248-419a-995a-f3aaf59dae77
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fLRhMFPYIAMF91g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cdfc6d-4df410b022dbbb55297e6ac7;Sampled=0
x-amzn-remapped-date: Mon, 23 Jan 2023 03:18:05 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: c02qyu1rphr_LpUAQQRaTxlNGeEl-yKmVpshfKoWlsfKWiiciJURAw==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 08:45:22 GMT
age: 50305
etag: "9d9680fb1a9232bb2b42b824dc11633666bfa31a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb887e5-87fa-4855-b0ee-712d39779fa0.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb887e5-87fa-4855-b0ee-712d39779fa0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b7a0759c043594fbe85af422b59b8227
a05cfaad16078f42218dae233da38f6f5dff8487
e898d6ef1b3998fb9322a8fc190069ec5f7b3582bfe8397a2367497d84a27549
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb887e5-87fa-4855-b0ee-712d39779fa0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11568
x-amzn-requestid: 2e85f75e-ab9d-4d45-adad-7313950a9647
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fSWbxGwnoAMFejw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d0d117-68f1a9e71a07a0453311fd32;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 06:49:59 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: dbz3wXGNaetf6xvRE98rshyHy-FVfDo8co-4VDL0a4Qe3E4U8A82Og==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 18:35:59 GMT
etag: "a05cfaad16078f42218dae233da38f6f5dff8487"
content-type: image/jpeg
age: 14868
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d91ae98-1f78-4bbd-98ab-6e6d92c7fef2.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d91ae98-1f78-4bbd-98ab-6e6d92c7fef2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7364957de1b4c82a923bd947f0cce750
d8aa55b64a65757e043b4b1b63efd93c8261d275
f1f7059968d08adfa1c775c906ecb6e5b752210af0bcdcebfa77c2ba6f15bbf4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d91ae98-1f78-4bbd-98ab-6e6d92c7fef2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7573
x-amzn-requestid: 2946b91b-1d7e-4eba-966d-600ae368cd3f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fLzVxGw1oAMF-xQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ce328b-04037751257e13ca156eee8d;Sampled=0
x-amzn-remapped-date: Mon, 23 Jan 2023 07:08:59 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 4TidB2H164ziAxKhEORFw4BBF0FB2pkkwNq3iMQfS4t7yObXCA59Pw==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 14:49:11 GMT
age: 28476
etag: "d8aa55b64a65757e043b4b1b63efd93c8261d275"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
region1.google-analytics.com/g/collect?v=2&tid=G-FH0L8EV0R0>m=2oe1p0&_p=1009928411&cid=1178319333.1674773026&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1674773026&sct=1&seg=0&dl=https%3A%2F%2Fwww.freeroms.com%2Froms%2Fgba%2Fneed_for_speed_underground_2.htm&dt=Need%20For%20Speed%20Underground%202%20ROM%20Download%20for%20Gameboy%20Advance&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
216.239.32.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-FH0L8EV0R0>m=2oe1p0&_p=1009928411&cid=1178319333.1674773026&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1674773026&sct=1&seg=0&dl=https%3A%2F%2Fwww.freeroms.com%2Froms%2Fgba%2Fneed_for_speed_underground_2.htm&dt=Need%20For%20Speed%20Underground%202%20ROM%20Download%20for%20Gameboy%20Advance&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-FH0L8EV0R0>m=2oe1p0&_p=1009928411&cid=1178319333.1674773026&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1674773026&sct=1&seg=0&dl=https%3A%2F%2Fwww.freeroms.com%2Froms%2Fgba%2Fneed_for_speed_underground_2.htm&dt=Need%20For%20Speed%20Underground%202%20ROM%20Download%20for%20Gameboy%20Advance&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.freeroms.com
Connection: keep-alive
Referer: https://www.freeroms.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://www.freeroms.com
date: Thu, 26 Jan 2023 22:43:47 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
upgulpinon.com/1?z=5030886
139.45.197.242200 OK 8.2 kB URL HTTP/2 upgulpinon.com/1?z=5030886
IP 139.45.197.242:0
Hash 1c9bf752ce4c7a529a923d64354b94d6
6443df52d2f8d7a2ce7e63e1c8fb7081cf63a621
b73ff436c76c0d0dda7f9123fd80cec321fc1584820affc2b846b3f3de2c4747
GET /1?z=5030886 HTTP/1.1
Host: upgulpinon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freeroms.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 22:43:47 GMT
content-type: text/javascript
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID
x-trace-id: b928b4eefecf36775bc5e116cfaaf30e
access-control-expose-headers: X-Sc
x-sc: 4EuZDqYyAWmI0IplZSYNkL_1ANrDRZ9-X0g8pmOR0RILKrcClM_pn2-ANHsZixa3GgR2vhGGVlFqMSIoZC2bK6vvyHQ=
set-cookie: scm=1; expires=Fri, 26 Jan 2024 22:43:47 GMT; secure; SameSite=None
OAID=fd30ad20cbbc4014bb859e2a9f663bfa; expires=Fri, 26 Jan 2024 22:43:47 GMT; secure; SameSite=None
oaidts=1674773027; expires=Fri, 26 Jan 2024 22:43:47 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 8842ce0e8a7ade68a541b843fd4cdde3
af08cd580c467949030f86fc17132a11843bce26
c1ee92c539f729fff35e9c9814569b46ed36d9f3de13c348daefc46816d6fbda
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4053
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 22:43:47 GMT
Last-Modified: Thu, 26 Jan 2023 21:36:14 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
nanouwho.com/9?z=3056520&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww.freeroms.com%2Froms%2Fgba%2Fneed_for_speed_underground_2.htm&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=2&sah=1002&drf=&hil=1&ist=0&oaid=b0e353cd95e04579a882e88466795384
139.45.197.242204 No Content 0 B URL HTTP/2 nanouwho.com/9?z=3056520&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww.freeroms.com%2Froms%2Fgba%2Fneed_for_speed_underground_2.htm&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=2&sah=1002&drf=&hil=1&ist=0&oaid=b0e353cd95e04579a882e88466795384
IP 139.45.197.242:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
OPTIONS /9?z=3056520&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww.freeroms.com%2Froms%2Fgba%2Fneed_for_speed_underground_2.htm&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=2&sah=1002&drf=&hil=1&ist=0&oaid=b0e353cd95e04579a882e88466795384 HTTP/1.1
Host: nanouwho.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.freeroms.com/
Origin: https://www.freeroms.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Thu, 26 Jan 2023 22:43:47 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://www.freeroms.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
upgulpinon.com/9?z=5030886&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww.freeroms.com%2Froms%2Fgba%2Fneed_for_speed_underground_2.htm&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=2&sah=1002&drf=&hil=1&ist=0&oaid=b0e353cd95e04579a882e88466795384
139.45.197.242204 No Content 0 B URL HTTP/2 upgulpinon.com/9?z=5030886&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww.freeroms.com%2Froms%2Fgba%2Fneed_for_speed_underground_2.htm&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=2&sah=1002&drf=&hil=1&ist=0&oaid=b0e353cd95e04579a882e88466795384
IP 139.45.197.242:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /9?z=5030886&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww.freeroms.com%2Froms%2Fgba%2Fneed_for_speed_underground_2.htm&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=2&sah=1002&drf=&hil=1&ist=0&oaid=b0e353cd95e04579a882e88466795384 HTTP/1.1
Host: upgulpinon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.freeroms.com/
Origin: https://www.freeroms.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Thu, 26 Jan 2023 22:43:47 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://www.freeroms.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
cmp.quantcast.com/GVL-v2/vendor-list-trimmed-v1.json
54.230.111.39200 OK 43 kB URL HTTP/2 cmp.quantcast.com/GVL-v2/vendor-list-trimmed-v1.json
IP 54.230.111.39:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (65512), with no line terminators
Hash f8294bdc61889aea06825c46595db209
7e02536c11b957caa2b45c465ac1d3910e6b6030
b2c6c6d54ecc9323c270c6deb85c12e3e271e96857bd42c89cf2adb7e3067789
GET /GVL-v2/vendor-list-trimmed-v1.json HTTP/1.1
Host: cmp.quantcast.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.freeroms.com
Connection: keep-alive
Referer: https://www.freeroms.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
access-control-max-age: 3000
cache-control: max-age=172800
date: Thu, 26 Jan 2023 03:00:45 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-credentials: true
last-modified: Thu, 26 Jan 2023 03:00:33 GMT
etag: W/"d8958d8a32b832568208a5001942bb68"
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: br
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Uy43pUmF5Mu92frxFgFq5AtSmfbPvtk4nY7eCbHR2R1p8y1iKrc-2w==
age: 70983
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash b2aafdafa11867a6d8cdb983186b122e
a5271d7ffd840a1a85c92f57a4afb2679546d420
f2b57d3bfecd984e2b90744a287788533ea75ef9e5b87b1c80526f6ef50a968f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F2B57D3BFECD984E2B90744A287788533EA75EF9E5B87B1C80526F6EF50A968F"
Last-Modified: Thu, 26 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10169
Expires: Fri, 27 Jan 2023 01:33:16 GMT
Date: Thu, 26 Jan 2023 22:43:47 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 19e4588d58d51de33385e9732a761856
3b4531235582139915d57c1259361a6ccc1bc923
dfcf8c58a963c5749d1cd921f9089d8bcd4a11717f3403f04c9865200decb466
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DFCF8C58A963C5749D1CD921F9089D8BCD4A11717F3403F04C9865200DECB466"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1049
Expires: Thu, 26 Jan 2023 23:01:16 GMT
Date: Thu, 26 Jan 2023 22:43:47 GMT
Connection: keep-alive
rules.quantcount.com/rules-p-6JvC9xkUEfXYY.js
54.230.111.33200 OK 160 B URL HTTP/2 rules.quantcount.com/rules-p-6JvC9xkUEfXYY.js
IP 54.230.111.33:0
Hash f1d42e658b42f72b88abdb871d0c2a71
f3c256dc0a9ff39789b9f2ea4c75c032704149b8
35126b4d43af6b059d7ef0f56d9374e8aa794d73f8d2c1dabaf1477129142724
GET /rules-p-6JvC9xkUEfXYY.js HTTP/1.1
Host: rules.quantcount.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freeroms.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 160
last-modified: Thu, 13 Oct 2022 15:10:32 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
access-control-allow-methods: GET
date: Thu, 26 Jan 2023 22:43:47 GMT
cache-control: max-age=3600
etag: "f1d42e658b42f72b88abdb871d0c2a71"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: UqXUDfxcN1YAqNDvLhMSOr1RJwJj3wiTGwvG49sA9XjcnpMjNFooAA==
age: 1422
X-Firefox-Spdy: h2
upgulpinon.com/11?rnd=1409448708&z=5030886&b=16536118&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=Oy8d5fTVDILPB8BdpCJSqaAn4uhmFRv1vGGxKTHTRsJlLkbjSSjUhh88D4q3aQe3wSGpBn5qBRZLty2c85q0AeuEIzg0e2DAvwerIlDSm25JRSptkRP_3-7z8s5U7dONJOYp_rEPtY7tpwKT7o99M1CmUB5PfCZY40wdSHB47iUk97GU1qZb57JVdtJKlogyemRcXQIafp4O0vXCb4I3hkMn81XWJWL2fgZOmTQ60IBp8BSveZC68EKNOqVR1IqnfX8TcdOb0khuelwenCUpOWTXf-kCjR8oaZ1b-svQhWCdydBHpIr-ddGZhK4RcUCi8_Uz5YUYs5fVeCuPC6w0lbHRvHlrssIkEFiq4yfyMUevlQhoFT6efsO3QWaszEtlUQmdQ3oGVMLVRCWXmhzY9pTf1mqxwaEQ4Vl4vDvD0UPf9sjLJUtyKZRR5jY1iNgqm3fOpbRLDv1uhO4Mr-YJr_HAmllceqwZdFiYSi8avxZv0n_doU8XIIC2E2tHvXHO6NMZ7y46p6G8jWVpEWduPeycaKjR62mCH6w3PtNdEGZQIAGllD7Xsiw72Hyal6eTrwmu7ZFVUgTuDn7vlAEDRoD7HkTkmdG9Ncmx62u9byleP_aA3_-h8yI-jbkKeOm0RUmREExFBVaMwrPjkGg4ng==&ruid=2235666a-5a78-4b2e-aa76-7acd85f8fe77&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww.freeroms.com%2Froms%2Fgba%2Fneed_for_speed_underground_2.htm&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=2&sah=1002&drf=&hil=1&ist=0&ot=220
139.45.197.242200 OK 0 B URL HTTP/2 upgulpinon.com/11?rnd=1409448708&z=5030886&b=16536118&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=Oy8d5fTVDILPB8BdpCJSqaAn4uhmFRv1vGGxKTHTRsJlLkbjSSjUhh88D4q3aQe3wSGpBn5qBRZLty2c85q0AeuEIzg0e2DAvwerIlDSm25JRSptkRP_3-7z8s5U7dONJOYp_rEPtY7tpwKT7o99M1CmUB5PfCZY40wdSHB47iUk97GU1qZb57JVdtJKlogyemRcXQIafp4O0vXCb4I3hkMn81XWJWL2fgZOmTQ60IBp8BSveZC68EKNOqVR1IqnfX8TcdOb0khuelwenCUpOWTXf-kCjR8oaZ1b-svQhWCdydBHpIr-ddGZhK4RcUCi8_Uz5YUYs5fVeCuPC6w0lbHRvHlrssIkEFiq4yfyMUevlQhoFT6efsO3QWaszEtlUQmdQ3oGVMLVRCWXmhzY9pTf1mqxwaEQ4Vl4vDvD0UPf9sjLJUtyKZRR5jY1iNgqm3fOpbRLDv1uhO4Mr-YJr_HAmllceqwZdFiYSi8avxZv0n_doU8XIIC2E2tHvXHO6NMZ7y46p6G8jWVpEWduPeycaKjR62mCH6w3PtNdEGZQIAGllD7Xsiw72Hyal6eTrwmu7ZFVUgTuDn7vlAEDRoD7HkTkmdG9Ncmx62u9byleP_aA3_-h8yI-jbkKeOm0RUmREExFBVaMwrPjkGg4ng==&ruid=2235666a-5a78-4b2e-aa76-7acd85f8fe77&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww.freeroms.com%2Froms%2Fgba%2Fneed_for_speed_underground_2.htm&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=2&sah=1002&drf=&hil=1&ist=0&ot=220
IP 139.45.197.242:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /11?rnd=1409448708&z=5030886&b=16536118&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=Oy8d5fTVDILPB8BdpCJSqaAn4uhmFRv1vGGxKTHTRsJlLkbjSSjUhh88D4q3aQe3wSGpBn5qBRZLty2c85q0AeuEIzg0e2DAvwerIlDSm25JRSptkRP_3-7z8s5U7dONJOYp_rEPtY7tpwKT7o99M1CmUB5PfCZY40wdSHB47iUk97GU1qZb57JVdtJKlogyemRcXQIafp4O0vXCb4I3hkMn81XWJWL2fgZOmTQ60IBp8BSveZC68EKNOqVR1IqnfX8TcdOb0khuelwenCUpOWTXf-kCjR8oaZ1b-svQhWCdydBHpIr-ddGZhK4RcUCi8_Uz5YUYs5fVeCuPC6w0lbHRvHlrssIkEFiq4yfyMUevlQhoFT6efsO3QWaszEtlUQmdQ3oGVMLVRCWXmhzY9pTf1mqxwaEQ4Vl4vDvD0UPf9sjLJUtyKZRR5jY1iNgqm3fOpbRLDv1uhO4Mr-YJr_HAmllceqwZdFiYSi8avxZv0n_doU8XIIC2E2tHvXHO6NMZ7y46p6G8jWVpEWduPeycaKjR62mCH6w3PtNdEGZQIAGllD7Xsiw72Hyal6eTrwmu7ZFVUgTuDn7vlAEDRoD7HkTkmdG9Ncmx62u9byleP_aA3_-h8yI-jbkKeOm0RUmREExFBVaMwrPjkGg4ng==&ruid=2235666a-5a78-4b2e-aa76-7acd85f8fe77&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww.freeroms.com%2Froms%2Fgba%2Fneed_for_speed_underground_2.htm&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=2&sah=1002&drf=&hil=1&ist=0&ot=220 HTTP/1.1
Host: upgulpinon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.freeroms.com
Connection: keep-alive
Referer: https://www.freeroms.com/
Cookie: scm=1; OAID=b0e353cd95e04579a882e88466795384; oaidts=1674773027
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 22:43:47 GMT
content-type: image/jpeg
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: https://www.freeroms.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID
x-trace-id: e8edbd5c43d5c5074aa1f3335f78d878
access-control-expose-headers: X-Sc
set-cookie: OAID=b0e353cd95e04579a882e88466795384; expires=Fri, 26 Jan 2024 22:43:47 GMT; secure; SameSite=None
oaidts=1674773027; expires=Fri, 26 Jan 2024 22:43:47 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
unseenreport.com/pxf.gif?uuid=98832bb1-3221-4f73-ba71-6c3f0755d8ac&eb=f7f733e10dbfb66931f79b4d6cd2ec08&te=3a754cebd09bb2f7570f96954fbfd43e&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=13.1055&b_frame=0&pk=ea2d5d802b867cf417198fc84113161f&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=22
192.243.61.227200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=98832bb1-3221-4f73-ba71-6c3f0755d8ac&eb=f7f733e10dbfb66931f79b4d6cd2ec08&te=3a754cebd09bb2f7570f96954fbfd43e&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=13.1055&b_frame=0&pk=ea2d5d802b867cf417198fc84113161f&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=22
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=98832bb1-3221-4f73-ba71-6c3f0755d8ac&eb=f7f733e10dbfb66931f79b4d6cd2ec08&te=3a754cebd09bb2f7570f96954fbfd43e&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=13.1055&b_frame=0&pk=ea2d5d802b867cf417198fc84113161f&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=22 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freeroms.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 26 Jan 2023 22:43:47 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 726ca87daf150a51ea6d808b63ba394e
Strict-Transport-Security: max-age=0; includeSubdomains
interstitial-07.com/?l=nfepD2DCD0Ch0je&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fnanouwho.com%2F12%3Frnd%3D3736239736%26z%3D3056520%26b%3D16536117%26c%3D6560718%26var%3D%26d%3Dhttps%253A%252F%252Fsingelstodate.com%252Fbase.php%253Fc%253D1499%2526key%253D078e8e1696ef5f705a04995394169693%2526zoneid%253D%257Bzoneid%257D%2526cost%253D%257Bcost%257D%2526subid%253D%2524%257BSUBID%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3DwwmAyVKHdyXCWs5DGa3pNGPn0Q5wHhPw2kuhat2v-TL0PwrrReFZzkqoW5KW0EDkPeptztAyNQUB5JDCxHY5tmBJqB6xGT8Y7TmqdbXDFRGQXzIeQRJripVyrzKEZzpswXfkufjdUsm6i_0icIt7WeJkgsdhqeLvHzNXdPKIXAeDBIEYoULkuetTLWLsbedAyhE8LHLTHWntjfOcb5XfXqZLtw0C_vbHp21uqQ8zYGkUuAn8O9WKFQ_9ArLmfmKQD2UmRrtfVlj3uuVTSOmw4yqWV_acgjptp_8SStHSHCqPUSqpOmJm2GGSbCVR7iRaBH2JeAQdpF5pNKVVB_dulzG_Qx2PVUB2_aGJgY69FvGNujPGk04RTZKGSo-4LJUll-fxygwjpspVA_RbhIfM9AjXIK_CBSM-PTQBrnleIVXzfA-bRlrMw9Mapjle04SmLYj2lpqK9P97Pnrs6ZEmk4qJhnrAmjn1zlKPHE1ZI309T-chheP_UXM5IR1U43uIjfuYLGnaB3OLJ1S6qb0DSCQYJ8iN4sXyhn70G7444ac_HCPq97JE1_7SC10ZdFn6VqqUpvq6RoGe_uxvvLV6siLy2qKxkFaOPpPgTmTomthx_NYWck1yqYylo56KXYwvvPLo_efbBgkwVWFUaNqY78QTOsM%3D%26bag%3DmtlVseJPZwq8MrL-yExcig%3D%3D%26ruid%3D60a12d1c-90d2-4c91-b8dc-c96d2c28be29%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fwww.freeroms.com%252Froms%252Fgba%252Fneed_for_speed_underground_2.htm%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1268%26wiw%3D1280%26wih%3D939%26wfc%3D2%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
139.45.197.152200 OK 23 kB URL HTTP/2 interstitial-07.com/?l=nfepD2DCD0Ch0je&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fnanouwho.com%2F12%3Frnd%3D3736239736%26z%3D3056520%26b%3D16536117%26c%3D6560718%26var%3D%26d%3Dhttps%253A%252F%252Fsingelstodate.com%252Fbase.php%253Fc%253D1499%2526key%253D078e8e1696ef5f705a04995394169693%2526zoneid%253D%257Bzoneid%257D%2526cost%253D%257Bcost%257D%2526subid%253D%2524%257BSUBID%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3DwwmAyVKHdyXCWs5DGa3pNGPn0Q5wHhPw2kuhat2v-TL0PwrrReFZzkqoW5KW0EDkPeptztAyNQUB5JDCxHY5tmBJqB6xGT8Y7TmqdbXDFRGQXzIeQRJripVyrzKEZzpswXfkufjdUsm6i_0icIt7WeJkgsdhqeLvHzNXdPKIXAeDBIEYoULkuetTLWLsbedAyhE8LHLTHWntjfOcb5XfXqZLtw0C_vbHp21uqQ8zYGkUuAn8O9WKFQ_9ArLmfmKQD2UmRrtfVlj3uuVTSOmw4yqWV_acgjptp_8SStHSHCqPUSqpOmJm2GGSbCVR7iRaBH2JeAQdpF5pNKVVB_dulzG_Qx2PVUB2_aGJgY69FvGNujPGk04RTZKGSo-4LJUll-fxygwjpspVA_RbhIfM9AjXIK_CBSM-PTQBrnleIVXzfA-bRlrMw9Mapjle04SmLYj2lpqK9P97Pnrs6ZEmk4qJhnrAmjn1zlKPHE1ZI309T-chheP_UXM5IR1U43uIjfuYLGnaB3OLJ1S6qb0DSCQYJ8iN4sXyhn70G7444ac_HCPq97JE1_7SC10ZdFn6VqqUpvq6RoGe_uxvvLV6siLy2qKxkFaOPpPgTmTomthx_NYWck1yqYylo56KXYwvvPLo_efbBgkwVWFUaNqY78QTOsM%3D%26bag%3DmtlVseJPZwq8MrL-yExcig%3D%3D%26ruid%3D60a12d1c-90d2-4c91-b8dc-c96d2c28be29%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fwww.freeroms.com%252Froms%252Fgba%252Fneed_for_speed_underground_2.htm%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1268%26wiw%3D1280%26wih%3D939%26wfc%3D2%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
IP 139.45.197.152:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1532)
Hash 097e274432b44f9f960b65c03cd040a6
a692eaaf555239636c71f54ec619843771889ed3
de823e9361a8c47790b59715e17efa7417371f930658a1015e907821f75cd7ab
GET /?l=nfepD2DCD0Ch0je&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fnanouwho.com%2F12%3Frnd%3D3736239736%26z%3D3056520%26b%3D16536117%26c%3D6560718%26var%3D%26d%3Dhttps%253A%252F%252Fsingelstodate.com%252Fbase.php%253Fc%253D1499%2526key%253D078e8e1696ef5f705a04995394169693%2526zoneid%253D%257Bzoneid%257D%2526cost%253D%257Bcost%257D%2526subid%253D%2524%257BSUBID%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3DwwmAyVKHdyXCWs5DGa3pNGPn0Q5wHhPw2kuhat2v-TL0PwrrReFZzkqoW5KW0EDkPeptztAyNQUB5JDCxHY5tmBJqB6xGT8Y7TmqdbXDFRGQXzIeQRJripVyrzKEZzpswXfkufjdUsm6i_0icIt7WeJkgsdhqeLvHzNXdPKIXAeDBIEYoULkuetTLWLsbedAyhE8LHLTHWntjfOcb5XfXqZLtw0C_vbHp21uqQ8zYGkUuAn8O9WKFQ_9ArLmfmKQD2UmRrtfVlj3uuVTSOmw4yqWV_acgjptp_8SStHSHCqPUSqpOmJm2GGSbCVR7iRaBH2JeAQdpF5pNKVVB_dulzG_Qx2PVUB2_aGJgY69FvGNujPGk04RTZKGSo-4LJUll-fxygwjpspVA_RbhIfM9AjXIK_CBSM-PTQBrnleIVXzfA-bRlrMw9Mapjle04SmLYj2lpqK9P97Pnrs6ZEmk4qJhnrAmjn1zlKPHE1ZI309T-chheP_UXM5IR1U43uIjfuYLGnaB3OLJ1S6qb0DSCQYJ8iN4sXyhn70G7444ac_HCPq97JE1_7SC10ZdFn6VqqUpvq6RoGe_uxvvLV6siLy2qKxkFaOPpPgTmTomthx_NYWck1yqYylo56KXYwvvPLo_efbBgkwVWFUaNqY78QTOsM%3D%26bag%3DmtlVseJPZwq8MrL-yExcig%3D%3D%26ruid%3D60a12d1c-90d2-4c91-b8dc-c96d2c28be29%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fwww.freeroms.com%252Froms%252Fgba%252Fneed_for_speed_underground_2.htm%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1268%26wiw%3D1280%26wih%3D939%26wfc%3D2%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0 HTTP/1.1
Host: interstitial-07.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freeroms.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 22:43:47 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.4.25
set-cookie: reverse=wNC53E2fev2vrgNhN47mjedp1Li32qh8yGP9jsoTn_w; expires=Thu, 26-Jan-2023 23:43:47 GMT; Max-Age=3600; path=/
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-encoding: br
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 86a25231794bbfd3f276118a68cf20f4
ee94ff69230178aa9294348bfe638acce39bda73
8aa3357c026c54209085411a849df78cd14f155d4991330fbd6ad039f8262985
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8AA3357C026C54209085411A849DF78CD14F155D4991330FBD6AD039F8262985"
Last-Modified: Thu, 26 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8004
Expires: Fri, 27 Jan 2023 00:57:11 GMT
Date: Thu, 26 Jan 2023 22:43:47 GMT
Connection: keep-alive
interstitial-07.com/contents/s/4d/4d/44/8b8d067fbb8dd5bd371f76aa3f/0124434927299.jpeg
139.45.197.152200 OK 48 kB URL HTTP/2 interstitial-07.com/contents/s/4d/4d/44/8b8d067fbb8dd5bd371f76aa3f/0124434927299.jpeg
IP 139.45.197.152:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 492x328, components 3\012- data
Hash 4d4d448b8d067fbb8dd5bd371f76aa3f
ac126e854681a30faeeec1b07871640015003743
2d544292185300921204a178010fef7d3a94d27e6f8358ef09be4cada4187a5e
GET /contents/s/4d/4d/44/8b8d067fbb8dd5bd371f76aa3f/0124434927299.jpeg HTTP/1.1
Host: interstitial-07.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://interstitial-07.com/?l=nfepD2DCD0Ch0je&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fnanouwho.com%2F12%3Frnd%3D3736239736%26z%3D3056520%26b%3D16536117%26c%3D6560718%26var%3D%26d%3Dhttps%253A%252F%252Fsingelstodate.com%252Fbase.php%253Fc%253D1499%2526key%253D078e8e1696ef5f705a04995394169693%2526zoneid%253D%257Bzoneid%257D%2526cost%253D%257Bcost%257D%2526subid%253D%2524%257BSUBID%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3DwwmAyVKHdyXCWs5DGa3pNGPn0Q5wHhPw2kuhat2v-TL0PwrrReFZzkqoW5KW0EDkPeptztAyNQUB5JDCxHY5tmBJqB6xGT8Y7TmqdbXDFRGQXzIeQRJripVyrzKEZzpswXfkufjdUsm6i_0icIt7WeJkgsdhqeLvHzNXdPKIXAeDBIEYoULkuetTLWLsbedAyhE8LHLTHWntjfOcb5XfXqZLtw0C_vbHp21uqQ8zYGkUuAn8O9WKFQ_9ArLmfmKQD2UmRrtfVlj3uuVTSOmw4yqWV_acgjptp_8SStHSHCqPUSqpOmJm2GGSbCVR7iRaBH2JeAQdpF5pNKVVB_dulzG_Qx2PVUB2_aGJgY69FvGNujPGk04RTZKGSo-4LJUll-fxygwjpspVA_RbhIfM9AjXIK_CBSM-PTQBrnleIVXzfA-bRlrMw9Mapjle04SmLYj2lpqK9P97Pnrs6ZEmk4qJhnrAmjn1zlKPHE1ZI309T-chheP_UXM5IR1U43uIjfuYLGnaB3OLJ1S6qb0DSCQYJ8iN4sXyhn70G7444ac_HCPq97JE1_7SC10ZdFn6VqqUpvq6RoGe_uxvvLV6siLy2qKxkFaOPpPgTmTomthx_NYWck1yqYylo56KXYwvvPLo_efbBgkwVWFUaNqY78QTOsM%3D%26bag%3DmtlVseJPZwq8MrL-yExcig%3D%3D%26ruid%3D60a12d1c-90d2-4c91-b8dc-c96d2c28be29%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fwww.freeroms.com%252Froms%252Fgba%252Fneed_for_speed_underground_2.htm%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1268%26wiw%3D1280%26wih%3D939%26wfc%3D2%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 22:43:47 GMT
content-type: image/jpeg
content-length: 48518
last-modified: Wed, 14 Dec 2022 16:39:29 GMT
vary: Accept-Encoding
etag: "6399fc41-bd86"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
X-Firefox-Spdy: h2
www.freeroms.com/images/logo.png?qc-size=215,40
64.235.54.28200 OK 9.8 kB URL HTTP/2 www.freeroms.com/images/logo.png?qc-size=215,40
IP 64.235.54.28:0
File type PNG image data, 215 x 40, 8-bit/color RGB, non-interlaced\012- data
Hash 14cd0a179797ca4b75eafccd97c8bb29
3b28b50481b500440e2d20df8acfba80d752a090
e94da94c103e98f78880e5458d6cd022cc20d1d6412b985ef8c0b3eeafd40f5c
GET /images/logo.png?qc-size=215,40 HTTP/1.1
Host: www.freeroms.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freeroms.com/roms/gba/need_for_speed_underground_2.htm
Cookie: _ga_FH0L8EV0R0=GS1.1.1674773026.1.0.1674773026.0.0.0; _ga=GA1.1.1178319333.1674773026; dom3ic8zudi28v8lr6fgphwffqoz0j6c=98832bb1-3221-4f73-ba71-6c3f0755d8ac%3A3%3A1; prefetchAd_2881944=true; ppu_main_ea2d5d802b867cf417198fc84113161f=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 22:43:47 GMT
content-type: image/png
content-length: 9831
last-modified: Tue, 14 Jul 2015 01:10:45 GMT
etag: "55a46195-2667"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
interstitial-07.com/contents/s/d6/57/d0/b45c722c9203953e7fbb92fc33/01117258015882.jpeg
139.45.197.152200 OK 20 kB URL HTTP/2 interstitial-07.com/contents/s/d6/57/d0/b45c722c9203953e7fbb92fc33/01117258015882.jpeg
IP 139.45.197.152:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 256x256, components 3\012- data
Hash d657d0b45c722c9203953e7fbb92fc33
e1ff29e4b8f1ea03d163e6a3c8f4d381cae5a3e2
40785963d6afef460b6d58db44d00d3bbed11a81f88e64e6a1b91d317b220d40
GET /contents/s/d6/57/d0/b45c722c9203953e7fbb92fc33/01117258015882.jpeg HTTP/1.1
Host: interstitial-07.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://interstitial-07.com/?l=yig0C7r9tE92Gj6&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fupgulpinon.com%2F12%3Frnd%3D1602705480%26z%3D5030886%26b%3D16536118%26c%3D6560718%26var%3D%26d%3Dhttps%253A%252F%252Fsingelstodate.com%252Fbase.php%253Fc%253D1499%2526key%253D078e8e1696ef5f705a04995394169693%2526zoneid%253D%257Bzoneid%257D%2526cost%253D%257Bcost%257D%2526subid%253D%2524%257BSUBID%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3DOy8d5fTVDILPB8BdpCJSqaAn4uhmFRv1vGGxKTHTRsJlLkbjSSjUhh88D4q3aQe3wSGpBn5qBRZLty2c85q0AeuEIzg0e2DAvwerIlDSm25JRSptkRP_3-7z8s5U7dONJOYp_rEPtY7tpwKT7o99M1CmUB5PfCZY40wdSHB47iUk97GU1qZb57JVdtJKlogyemRcXQIafp4O0vXCb4I3hkMn81XWJWL2fgZOmTQ60IBp8BSveZC68EKNOqVR1IqnfX8TcdOb0khuelwenCUpOWTXf-kCjR8oaZ1b-svQhWCdydBHpIr-ddGZhK4RcUCi8_Uz5YUYs5fVeCuPC6w0lbHRvHlrssIkEFiq4yfyMUevlQhoFT6efsO3QWaszEtlUQmdQ3oGVMLVRCWXmhzY9pTf1mqxwaEQ4Vl4vDvD0UPf9sjLJUtyKZRR5jY1iNgqm3fOpbRLDv1uhO4Mr-YJr_HAmllceqwZdFiYSi8avxZv0n_doU8XIIC2E2tHvXHO6NMZ7y46p6G8jWVpEWduPeycaKjR62mCH6w3PtNdEGZQIAGllD7Xsiw72Hyal6eTrwmu7ZFVUgTuDn7vlAEDRoD7HkTkmdG9Ncmx62u9byleP_aA3_-h8yI-jbkKeOm0RUmREExFBVaMwrPjkGg4ng%3D%3D%26bag%3DmtlVseJPZwq8MrL-yExcig%3D%3D%26ruid%3D2235666a-5a78-4b2e-aa76-7acd85f8fe77%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fwww.freeroms.com%252Froms%252Fgba%252Fneed_for_speed_underground_2.htm%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1268%26wiw%3D1280%26wih%3D939%26wfc%3D2%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 22:43:47 GMT
content-type: image/jpeg
content-length: 19879
last-modified: Wed, 05 Oct 2022 17:04:55 GMT
vary: Accept-Encoding
etag: "633db937-4da7"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
X-Firefox-Spdy: h2
interstitial-07.com/contents/s/9b/2c/29/3f4695bb8f89f5bdc53f2634e2/01175794239723.jpeg
139.45.197.152200 OK 63 kB URL HTTP/2 interstitial-07.com/contents/s/9b/2c/29/3f4695bb8f89f5bdc53f2634e2/01175794239723.jpeg
IP 139.45.197.152:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 492x328, components 3\012- data
Hash 9b2c293f4695bb8f89f5bdc53f2634e2
fda95c173965012fa72bd0386a0f1e4f0e5220fa
f7090a9b5e00f32721b1d83183b54e836e4237f6d407186327f7835caf3c265a
GET /contents/s/9b/2c/29/3f4695bb8f89f5bdc53f2634e2/01175794239723.jpeg HTTP/1.1
Host: interstitial-07.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://interstitial-07.com/?l=yig0C7r9tE92Gj6&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fupgulpinon.com%2F12%3Frnd%3D1602705480%26z%3D5030886%26b%3D16536118%26c%3D6560718%26var%3D%26d%3Dhttps%253A%252F%252Fsingelstodate.com%252Fbase.php%253Fc%253D1499%2526key%253D078e8e1696ef5f705a04995394169693%2526zoneid%253D%257Bzoneid%257D%2526cost%253D%257Bcost%257D%2526subid%253D%2524%257BSUBID%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3DOy8d5fTVDILPB8BdpCJSqaAn4uhmFRv1vGGxKTHTRsJlLkbjSSjUhh88D4q3aQe3wSGpBn5qBRZLty2c85q0AeuEIzg0e2DAvwerIlDSm25JRSptkRP_3-7z8s5U7dONJOYp_rEPtY7tpwKT7o99M1CmUB5PfCZY40wdSHB47iUk97GU1qZb57JVdtJKlogyemRcXQIafp4O0vXCb4I3hkMn81XWJWL2fgZOmTQ60IBp8BSveZC68EKNOqVR1IqnfX8TcdOb0khuelwenCUpOWTXf-kCjR8oaZ1b-svQhWCdydBHpIr-ddGZhK4RcUCi8_Uz5YUYs5fVeCuPC6w0lbHRvHlrssIkEFiq4yfyMUevlQhoFT6efsO3QWaszEtlUQmdQ3oGVMLVRCWXmhzY9pTf1mqxwaEQ4Vl4vDvD0UPf9sjLJUtyKZRR5jY1iNgqm3fOpbRLDv1uhO4Mr-YJr_HAmllceqwZdFiYSi8avxZv0n_doU8XIIC2E2tHvXHO6NMZ7y46p6G8jWVpEWduPeycaKjR62mCH6w3PtNdEGZQIAGllD7Xsiw72Hyal6eTrwmu7ZFVUgTuDn7vlAEDRoD7HkTkmdG9Ncmx62u9byleP_aA3_-h8yI-jbkKeOm0RUmREExFBVaMwrPjkGg4ng%3D%3D%26bag%3DmtlVseJPZwq8MrL-yExcig%3D%3D%26ruid%3D2235666a-5a78-4b2e-aa76-7acd85f8fe77%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fwww.freeroms.com%252Froms%252Fgba%252Fneed_for_speed_underground_2.htm%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1268%26wiw%3D1280%26wih%3D939%26wfc%3D2%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 22:43:47 GMT
content-type: image/jpeg
content-length: 63121
last-modified: Wed, 05 Oct 2022 17:04:52 GMT
vary: Accept-Encoding
etag: "633db934-f691"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
X-Firefox-Spdy: h2
interstitial-07.com/?l=yig0C7r9tE92Gj6&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fupgulpinon.com%2F12%3Frnd%3D1602705480%26z%3D5030886%26b%3D16536118%26c%3D6560718%26var%3D%26d%3Dhttps%253A%252F%252Fsingelstodate.com%252Fbase.php%253Fc%253D1499%2526key%253D078e8e1696ef5f705a04995394169693%2526zoneid%253D%257Bzoneid%257D%2526cost%253D%257Bcost%257D%2526subid%253D%2524%257BSUBID%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3DOy8d5fTVDILPB8BdpCJSqaAn4uhmFRv1vGGxKTHTRsJlLkbjSSjUhh88D4q3aQe3wSGpBn5qBRZLty2c85q0AeuEIzg0e2DAvwerIlDSm25JRSptkRP_3-7z8s5U7dONJOYp_rEPtY7tpwKT7o99M1CmUB5PfCZY40wdSHB47iUk97GU1qZb57JVdtJKlogyemRcXQIafp4O0vXCb4I3hkMn81XWJWL2fgZOmTQ60IBp8BSveZC68EKNOqVR1IqnfX8TcdOb0khuelwenCUpOWTXf-kCjR8oaZ1b-svQhWCdydBHpIr-ddGZhK4RcUCi8_Uz5YUYs5fVeCuPC6w0lbHRvHlrssIkEFiq4yfyMUevlQhoFT6efsO3QWaszEtlUQmdQ3oGVMLVRCWXmhzY9pTf1mqxwaEQ4Vl4vDvD0UPf9sjLJUtyKZRR5jY1iNgqm3fOpbRLDv1uhO4Mr-YJr_HAmllceqwZdFiYSi8avxZv0n_doU8XIIC2E2tHvXHO6NMZ7y46p6G8jWVpEWduPeycaKjR62mCH6w3PtNdEGZQIAGllD7Xsiw72Hyal6eTrwmu7ZFVUgTuDn7vlAEDRoD7HkTkmdG9Ncmx62u9byleP_aA3_-h8yI-jbkKeOm0RUmREExFBVaMwrPjkGg4ng%3D%3D%26bag%3DmtlVseJPZwq8MrL-yExcig%3D%3D%26ruid%3D2235666a-5a78-4b2e-aa76-7acd85f8fe77%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fwww.freeroms.com%252Froms%252Fgba%252Fneed_for_speed_underground_2.htm%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1268%26wiw%3D1280%26wih%3D939%26wfc%3D2%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
139.45.197.152200 OK 4.8 kB URL HTTP/2 interstitial-07.com/?l=yig0C7r9tE92Gj6&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fupgulpinon.com%2F12%3Frnd%3D1602705480%26z%3D5030886%26b%3D16536118%26c%3D6560718%26var%3D%26d%3Dhttps%253A%252F%252Fsingelstodate.com%252Fbase.php%253Fc%253D1499%2526key%253D078e8e1696ef5f705a04995394169693%2526zoneid%253D%257Bzoneid%257D%2526cost%253D%257Bcost%257D%2526subid%253D%2524%257BSUBID%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3DOy8d5fTVDILPB8BdpCJSqaAn4uhmFRv1vGGxKTHTRsJlLkbjSSjUhh88D4q3aQe3wSGpBn5qBRZLty2c85q0AeuEIzg0e2DAvwerIlDSm25JRSptkRP_3-7z8s5U7dONJOYp_rEPtY7tpwKT7o99M1CmUB5PfCZY40wdSHB47iUk97GU1qZb57JVdtJKlogyemRcXQIafp4O0vXCb4I3hkMn81XWJWL2fgZOmTQ60IBp8BSveZC68EKNOqVR1IqnfX8TcdOb0khuelwenCUpOWTXf-kCjR8oaZ1b-svQhWCdydBHpIr-ddGZhK4RcUCi8_Uz5YUYs5fVeCuPC6w0lbHRvHlrssIkEFiq4yfyMUevlQhoFT6efsO3QWaszEtlUQmdQ3oGVMLVRCWXmhzY9pTf1mqxwaEQ4Vl4vDvD0UPf9sjLJUtyKZRR5jY1iNgqm3fOpbRLDv1uhO4Mr-YJr_HAmllceqwZdFiYSi8avxZv0n_doU8XIIC2E2tHvXHO6NMZ7y46p6G8jWVpEWduPeycaKjR62mCH6w3PtNdEGZQIAGllD7Xsiw72Hyal6eTrwmu7ZFVUgTuDn7vlAEDRoD7HkTkmdG9Ncmx62u9byleP_aA3_-h8yI-jbkKeOm0RUmREExFBVaMwrPjkGg4ng%3D%3D%26bag%3DmtlVseJPZwq8MrL-yExcig%3D%3D%26ruid%3D2235666a-5a78-4b2e-aa76-7acd85f8fe77%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fwww.freeroms.com%252Froms%252Fgba%252Fneed_for_speed_underground_2.htm%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1268%26wiw%3D1280%26wih%3D939%26wfc%3D2%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
IP 139.45.197.152:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1530)
Hash e7e200850e4826d7103336ace0db19e2
69f6ec6797eeae6f5135a26519e8bf9d542da2dc
50aa0962fb9d5e5a78ae26b21f0ad0537139f11ba5766a1e4556e03fb95d0215
GET /?l=yig0C7r9tE92Gj6&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fupgulpinon.com%2F12%3Frnd%3D1602705480%26z%3D5030886%26b%3D16536118%26c%3D6560718%26var%3D%26d%3Dhttps%253A%252F%252Fsingelstodate.com%252Fbase.php%253Fc%253D1499%2526key%253D078e8e1696ef5f705a04995394169693%2526zoneid%253D%257Bzoneid%257D%2526cost%253D%257Bcost%257D%2526subid%253D%2524%257BSUBID%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3DOy8d5fTVDILPB8BdpCJSqaAn4uhmFRv1vGGxKTHTRsJlLkbjSSjUhh88D4q3aQe3wSGpBn5qBRZLty2c85q0AeuEIzg0e2DAvwerIlDSm25JRSptkRP_3-7z8s5U7dONJOYp_rEPtY7tpwKT7o99M1CmUB5PfCZY40wdSHB47iUk97GU1qZb57JVdtJKlogyemRcXQIafp4O0vXCb4I3hkMn81XWJWL2fgZOmTQ60IBp8BSveZC68EKNOqVR1IqnfX8TcdOb0khuelwenCUpOWTXf-kCjR8oaZ1b-svQhWCdydBHpIr-ddGZhK4RcUCi8_Uz5YUYs5fVeCuPC6w0lbHRvHlrssIkEFiq4yfyMUevlQhoFT6efsO3QWaszEtlUQmdQ3oGVMLVRCWXmhzY9pTf1mqxwaEQ4Vl4vDvD0UPf9sjLJUtyKZRR5jY1iNgqm3fOpbRLDv1uhO4Mr-YJr_HAmllceqwZdFiYSi8avxZv0n_doU8XIIC2E2tHvXHO6NMZ7y46p6G8jWVpEWduPeycaKjR62mCH6w3PtNdEGZQIAGllD7Xsiw72Hyal6eTrwmu7ZFVUgTuDn7vlAEDRoD7HkTkmdG9Ncmx62u9byleP_aA3_-h8yI-jbkKeOm0RUmREExFBVaMwrPjkGg4ng%3D%3D%26bag%3DmtlVseJPZwq8MrL-yExcig%3D%3D%26ruid%3D2235666a-5a78-4b2e-aa76-7acd85f8fe77%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fwww.freeroms.com%252Froms%252Fgba%252Fneed_for_speed_underground_2.htm%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1268%26wiw%3D1280%26wih%3D939%26wfc%3D2%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0 HTTP/1.1
Host: interstitial-07.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freeroms.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 22:43:47 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.4.25
set-cookie: reverse=iLofdHSkx6eyEe4j7I_ABA3DQx4EaGvtr0qiLPwOzbI; expires=Thu, 26-Jan-2023 23:43:47 GMT; Max-Age=3600; path=/
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-encoding: br
X-Firefox-Spdy: h2
unphionetor.com/fv.js?t=72747&cb=1330997739
139.45.197.236200 OK 2.2 kB URL HTTP/2 unphionetor.com/fv.js?t=72747&cb=1330997739
IP 139.45.197.236:0
File type ASCII text, with very long lines (5213), with no line terminators
Hash 0254fb1dad74628b7ad0f97d304fac92
35f7af13a08eb87023ec7df4d3c35c21b2cde79d
47fb6ce428ca80ea69b772e4f66e4e5c622a4005db601746033d04511bd27536
Analyzer Verdict Alert quad9 Sinkholed
GET /fv.js?t=72747&cb=1330997739 HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://interstitial-07.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 22:43:47 GMT
content-type: text/javascript; charset=utf8
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 670d65cb0f2dadd9fdb708c76de45a14
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
unphionetor.com/vbl?t=72747&bid=undefined&aid=undefined
139.45.197.236204 No Content 0 B URL HTTP/2 unphionetor.com/vbl?t=72747&bid=undefined&aid=undefined
IP 139.45.197.236:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
POST /vbl?t=72747&bid=undefined&aid=undefined HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://interstitial-07.com
Connection: keep-alive
Referer: https://interstitial-07.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Thu, 26 Jan 2023 22:43:48 GMT
access-control-allow-origin: https://interstitial-07.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 0f0afe4939ce970d29a86df56b4e2953
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
unphionetor.com/vbl?t=72747&bid=undefined&aid=undefined
139.45.197.236204 No Content 0 B URL HTTP/2 unphionetor.com/vbl?t=72747&bid=undefined&aid=undefined
IP 139.45.197.236:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
POST /vbl?t=72747&bid=undefined&aid=undefined HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://interstitial-07.com
Connection: keep-alive
Referer: https://interstitial-07.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Thu, 26 Jan 2023 22:43:48 GMT
access-control-allow-origin: https://interstitial-07.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: efe614de1a9165668700dbf4d4680261
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
audit-tcfv2.cmp.quantcast.com/?log=%7B%22accountId%22%3A%226JvC9xkUEfXYY%22%2C%22domain%22%3A%22www.freeroms.com%22%2C%22publisher%22%3A%22FreeROMS%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.45%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%22SflKcnZjT32PEJo7sVOMXg%22%2C%22tagVersion%22%3A%22V2%22%2C%22clientTimestamp%22%3A1674773027636%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-ldhjum2p22ydwyj08tlh%22%7D
3.72.156.146200 OK 2 B URL HTTP/2 audit-tcfv2.cmp.quantcast.com/?log=%7B%22accountId%22%3A%226JvC9xkUEfXYY%22%2C%22domain%22%3A%22www.freeroms.com%22%2C%22publisher%22%3A%22FreeROMS%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.45%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%22SflKcnZjT32PEJo7sVOMXg%22%2C%22tagVersion%22%3A%22V2%22%2C%22clientTimestamp%22%3A1674773027636%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-ldhjum2p22ydwyj08tlh%22%7D
IP 3.72.156.146:0
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
GET /?log=%7B%22accountId%22%3A%226JvC9xkUEfXYY%22%2C%22domain%22%3A%22www.freeroms.com%22%2C%22publisher%22%3A%22FreeROMS%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.45%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%22SflKcnZjT32PEJo7sVOMXg%22%2C%22tagVersion%22%3A%22V2%22%2C%22clientTimestamp%22%3A1674773027636%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-ldhjum2p22ydwyj08tlh%22%7D HTTP/1.1
Host: audit-tcfv2.cmp.quantcast.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.freeroms.com
Connection: keep-alive
Referer: https://www.freeroms.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 26 Jan 2023 22:43:48 GMT
content-type: text/plain; charset=utf-8
content-length: 2
access-control-allow-origin: *
X-Firefox-Spdy: h2
nanouwho.com/11?rnd=1361915427&z=3056520&b=16536117&var=&rqtdbc=0&rcvdbc=0&btp=7&rb=wwmAyVKHdyXCWs5DGa3pNGPn0Q5wHhPw2kuhat2v-TL0PwrrReFZzkqoW5KW0EDkPeptztAyNQUB5JDCxHY5tmBJqB6xGT8Y7TmqdbXDFRGQXzIeQRJripVyrzKEZzpswXfkufjdUsm6i_0icIt7WeJkgsdhqeLvHzNXdPKIXAeDBIEYoULkuetTLWLsbedAyhE8LHLTHWntjfOcb5XfXqZLtw0C_vbHp21uqQ8zYGkUuAn8O9WKFQ_9ArLmfmKQD2UmRrtfVlj3uuVTSOmw4yqWV_acgjptp_8SStHSHCqPUSqpOmJm2GGSbCVR7iRaBH2JeAQdpF5pNKVVB_dulzG_Qx2PVUB2_aGJgY69FvGNujPGk04RTZKGSo-4LJUll-fxygwjpspVA_RbhIfM9AjXIK_CBSM-PTQBrnleIVXzfA-bRlrMw9Mapjle04SmLYj2lpqK9P97Pnrs6ZEmk4qJhnrAmjn1zlKPHE1ZI309T-chheP_UXM5IR1U43uIjfuYLGnaB3OLJ1S6qb0DSCQYJ8iN4sXyhn70G7444ac_HCPq97JE1_7SC10ZdFn6VqqUpvq6RoGe_uxvvLV6siLy2qKxkFaOPpPgTmTomthx_NYWck1yqYylo56KXYwvvPLo_efbBgkwVWFUaNqY78QTOsM=&ruid=60a12d1c-90d2-4c91-b8dc-c96d2c28be29&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww.freeroms.com%2Froms%2Fgba%2Fneed_for_speed_underground_2.htm&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=2&sah=1002&drf=&hil=1&ist=0&ri=1&wvd=0&wvr=1.0000&isions=1
139.45.197.242200 OK 0 B URL HTTP/2 nanouwho.com/11?rnd=1361915427&z=3056520&b=16536117&var=&rqtdbc=0&rcvdbc=0&btp=7&rb=wwmAyVKHdyXCWs5DGa3pNGPn0Q5wHhPw2kuhat2v-TL0PwrrReFZzkqoW5KW0EDkPeptztAyNQUB5JDCxHY5tmBJqB6xGT8Y7TmqdbXDFRGQXzIeQRJripVyrzKEZzpswXfkufjdUsm6i_0icIt7WeJkgsdhqeLvHzNXdPKIXAeDBIEYoULkuetTLWLsbedAyhE8LHLTHWntjfOcb5XfXqZLtw0C_vbHp21uqQ8zYGkUuAn8O9WKFQ_9ArLmfmKQD2UmRrtfVlj3uuVTSOmw4yqWV_acgjptp_8SStHSHCqPUSqpOmJm2GGSbCVR7iRaBH2JeAQdpF5pNKVVB_dulzG_Qx2PVUB2_aGJgY69FvGNujPGk04RTZKGSo-4LJUll-fxygwjpspVA_RbhIfM9AjXIK_CBSM-PTQBrnleIVXzfA-bRlrMw9Mapjle04SmLYj2lpqK9P97Pnrs6ZEmk4qJhnrAmjn1zlKPHE1ZI309T-chheP_UXM5IR1U43uIjfuYLGnaB3OLJ1S6qb0DSCQYJ8iN4sXyhn70G7444ac_HCPq97JE1_7SC10ZdFn6VqqUpvq6RoGe_uxvvLV6siLy2qKxkFaOPpPgTmTomthx_NYWck1yqYylo56KXYwvvPLo_efbBgkwVWFUaNqY78QTOsM=&ruid=60a12d1c-90d2-4c91-b8dc-c96d2c28be29&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww.freeroms.com%2Froms%2Fgba%2Fneed_for_speed_underground_2.htm&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=2&sah=1002&drf=&hil=1&ist=0&ri=1&wvd=0&wvr=1.0000&isions=1
IP 139.45.197.242:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /11?rnd=1361915427&z=3056520&b=16536117&var=&rqtdbc=0&rcvdbc=0&btp=7&rb=wwmAyVKHdyXCWs5DGa3pNGPn0Q5wHhPw2kuhat2v-TL0PwrrReFZzkqoW5KW0EDkPeptztAyNQUB5JDCxHY5tmBJqB6xGT8Y7TmqdbXDFRGQXzIeQRJripVyrzKEZzpswXfkufjdUsm6i_0icIt7WeJkgsdhqeLvHzNXdPKIXAeDBIEYoULkuetTLWLsbedAyhE8LHLTHWntjfOcb5XfXqZLtw0C_vbHp21uqQ8zYGkUuAn8O9WKFQ_9ArLmfmKQD2UmRrtfVlj3uuVTSOmw4yqWV_acgjptp_8SStHSHCqPUSqpOmJm2GGSbCVR7iRaBH2JeAQdpF5pNKVVB_dulzG_Qx2PVUB2_aGJgY69FvGNujPGk04RTZKGSo-4LJUll-fxygwjpspVA_RbhIfM9AjXIK_CBSM-PTQBrnleIVXzfA-bRlrMw9Mapjle04SmLYj2lpqK9P97Pnrs6ZEmk4qJhnrAmjn1zlKPHE1ZI309T-chheP_UXM5IR1U43uIjfuYLGnaB3OLJ1S6qb0DSCQYJ8iN4sXyhn70G7444ac_HCPq97JE1_7SC10ZdFn6VqqUpvq6RoGe_uxvvLV6siLy2qKxkFaOPpPgTmTomthx_NYWck1yqYylo56KXYwvvPLo_efbBgkwVWFUaNqY78QTOsM=&ruid=60a12d1c-90d2-4c91-b8dc-c96d2c28be29&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww.freeroms.com%2Froms%2Fgba%2Fneed_for_speed_underground_2.htm&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=2&sah=1002&drf=&hil=1&ist=0&ri=1&wvd=0&wvr=1.0000&isions=1 HTTP/1.1
Host: nanouwho.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.freeroms.com
Connection: keep-alive
Referer: https://www.freeroms.com/
Cookie: scm=1; OAID=b0e353cd95e04579a882e88466795384; oaidts=1674773026
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 22:43:52 GMT
content-type: image/jpeg
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: https://www.freeroms.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID
x-trace-id: 20b318dcca5285817ee9a3640fcc9264
access-control-expose-headers: X-Sc
set-cookie: OAID=b0e353cd95e04579a882e88466795384; expires=Fri, 26 Jan 2024 22:43:52 GMT; secure; SameSite=None
oaidts=1674773026; expires=Fri, 26 Jan 2024 22:43:52 GMT; secure; SameSite=None
oaidvc=1; expires=Fri, 26 Jan 2024 22:43:52 GMT; secure; SameSite=None
CNT=1_v1_NVL8AAEAAAC3SwAA; expires=Thu, 26 Jan 2023 23:43:52 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
www.freeroms.com/images/bg-gredient.png
64.235.54.28200 OK 977 B URL HTTP/2 www.freeroms.com/images/bg-gredient.png
IP 64.235.54.28:0
File type PNG image data, 1 x 30, 8-bit/color RGB, non-interlaced\012- data
Hash 0f7b68eb840d4bf25b729a043992ffb0
59bdf7375e1912edc2349af5004a48409f28f3e8
8396a05bded4668001d0aebbdafc6e5575a2a627ed3a0abee2dbd8510ccf2459
GET /images/bg-gredient.png HTTP/1.1
Host: www.freeroms.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freeroms.com/css/style.css
Cookie: _ga_FH0L8EV0R0=GS1.1.1674773026.1.0.1674773026.0.0.0; _ga=GA1.1.1178319333.1674773026; dom3ic8zudi28v8lr6fgphwffqoz0j6c=98832bb1-3221-4f73-ba71-6c3f0755d8ac%3A3%3A1; prefetchAd_2881944=true; ppu_main_ea2d5d802b867cf417198fc84113161f=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 22:43:53 GMT
content-type: image/png
content-length: 977
x-accel-version: 0.01
last-modified: Tue, 14 Jul 2015 01:10:47 GMT
etag: "3d1-51acb821a53c0"
accept-ranges: bytes
x-powered-by: PleskLin
X-Firefox-Spdy: h2
dacmaiss.com/?rb=suhE3dkHE2H25mYQKkZ2BVC3idHSrGq4IS1vTydOo-hgbLyUS5c08iup71RmwWGc4tXrjiUIKiWC8s-5rPtxM04eCYPMik6-rb0kIF8knu3nFmmd8eMi_SH22ywRxhI7cljwQUZmANoBdnEq1D_IDFD10XXg3v0K_ZqwxiZQxpSABxNCu5A_3ljVyTjP2eDvlJcKDdIvUuVVMWyMKJ5629IW7Zp33iDJoSxvqfRV76o%3D&request_ab2=0&zoneid=2881944&js_build=iclick-v1.473.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=2&pl=https%3A%2F%2Fwww.freeroms.com%2Froms%2Fgba%2Fneed_for_speed_underground_2.htm&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.473.0&bs=70c632ec-bc66-41bb-a12f-2bfea46ac887&userId=b0e353cd95e04579a882e88466795384&m=link
139.45.197.237200 OK 0 B URL HTTP/2 dacmaiss.com/?rb=suhE3dkHE2H25mYQKkZ2BVC3idHSrGq4IS1vTydOo-hgbLyUS5c08iup71RmwWGc4tXrjiUIKiWC8s-5rPtxM04eCYPMik6-rb0kIF8knu3nFmmd8eMi_SH22ywRxhI7cljwQUZmANoBdnEq1D_IDFD10XXg3v0K_ZqwxiZQxpSABxNCu5A_3ljVyTjP2eDvlJcKDdIvUuVVMWyMKJ5629IW7Zp33iDJoSxvqfRV76o%3D&request_ab2=0&zoneid=2881944&js_build=iclick-v1.473.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=2&pl=https%3A%2F%2Fwww.freeroms.com%2Froms%2Fgba%2Fneed_for_speed_underground_2.htm&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.473.0&bs=70c632ec-bc66-41bb-a12f-2bfea46ac887&userId=b0e353cd95e04579a882e88466795384&m=link
IP 139.45.197.237:0
Analyzer Verdict Alert quad9 Sinkholed
GET /?rb=suhE3dkHE2H25mYQKkZ2BVC3idHSrGq4IS1vTydOo-hgbLyUS5c08iup71RmwWGc4tXrjiUIKiWC8s-5rPtxM04eCYPMik6-rb0kIF8knu3nFmmd8eMi_SH22ywRxhI7cljwQUZmANoBdnEq1D_IDFD10XXg3v0K_ZqwxiZQxpSABxNCu5A_3ljVyTjP2eDvlJcKDdIvUuVVMWyMKJ5629IW7Zp33iDJoSxvqfRV76o%3D&request_ab2=0&zoneid=2881944&js_build=iclick-v1.473.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=2&pl=https%3A%2F%2Fwww.freeroms.com%2Froms%2Fgba%2Fneed_for_speed_underground_2.htm&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.473.0&bs=70c632ec-bc66-41bb-a12f-2bfea46ac887&userId=b0e353cd95e04579a882e88466795384&m=link HTTP/1.1
Host: dacmaiss.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.freeroms.com/
Origin: https://www.freeroms.com
Connection: keep-alive
Cookie: OAID=b0e353cd95e04579a882e88466795384; oaidts=1674773026
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 22:43:46 GMT
content-type: application/json
x-trace-id: a184d639ad0c253f51df0a9fcb127ae6
access-control-allow-origin: https://www.freeroms.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=b0e353cd95e04579a882e88466795384; expires=Fri, 26 Jan 2024 22:43:46 GMT; path=/; secure; SameSite=None
oaidts=1674773026; expires=Fri, 26 Jan 2024 22:43:46 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Thu, 02 Feb 2023 22:43:46 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
test.cmp.quantcast.com/GVL-v2/cmp-list.json
54.230.111.116200 OK 0 B URL HTTP/2 test.cmp.quantcast.com/GVL-v2/cmp-list.json
IP 54.230.111.116:0
GET /GVL-v2/cmp-list.json HTTP/1.1
Host: test.cmp.quantcast.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.freeroms.com
Connection: keep-alive
Referer: https://www.freeroms.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json
access-control-max-age: 86400
cache-control: max-age=172800
date: Thu, 26 Jan 2023 03:00:36 GMT
last-modified: Sat, 14 Jan 2023 19:52:29 GMT
etag: W/"16f9ea1cc7a71cfed1d4482a599ccd27"
x-amz-server-side-encryption: AES256
x-amz-version-id: POuYi4.QbUYhHN4p2tbIMulQrwaf1j8L
server: AmazonS3
access-control-allow-origin: *
access-control-allow-methods: GET
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: TV-XVMP2i2ijOSesVoRWkG2ZlvVOwo-oNs5dZ20I94oxUl42aUm52w==
age: 70991
X-Firefox-Spdy: h2
cmp.quantcast.com/choice/6JvC9xkUEfXYY/www.freeroms.com/choice.js?tag_version=V2
54.230.111.39200 OK 0 B URL HTTP/2 cmp.quantcast.com/choice/6JvC9xkUEfXYY/www.freeroms.com/choice.js?tag_version=V2
IP 54.230.111.39:0
GET /choice/6JvC9xkUEfXYY/www.freeroms.com/choice.js?tag_version=V2 HTTP/1.1
Host: cmp.quantcast.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freeroms.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Mon, 07 Mar 2022 13:38:13 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
cross-origin-resource-policy: cross-origin
content-encoding: gzip
cache-control: max-age=3600
date: Thu, 26 Jan 2023 22:43:01 GMT
etag: W/"8903112fe1b05cb89d49d106b04c0b73"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 52zcu8H0QjGxdGaojSZ783KhwPBds4KWYfmJilIWncncjNrcLMLwbg==
age: 46
X-Firefox-Spdy: h2
nanouwho.com/9?z=3056520&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww.freeroms.com%2Froms%2Fgba%2Fneed_for_speed_underground_2.htm&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=2&sah=1002&drf=&hil=1&ist=0&oaid=b0e353cd95e04579a882e88466795384
139.45.197.242200 OK 0 B URL HTTP/2 nanouwho.com/9?z=3056520&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww.freeroms.com%2Froms%2Fgba%2Fneed_for_speed_underground_2.htm&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=2&sah=1002&drf=&hil=1&ist=0&oaid=b0e353cd95e04579a882e88466795384
IP 139.45.197.242:0
Analyzer Verdict Alert quad9 Sinkholed
POST /9?z=3056520&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww.freeroms.com%2Froms%2Fgba%2Fneed_for_speed_underground_2.htm&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=2&sah=1002&drf=&hil=1&ist=0&oaid=b0e353cd95e04579a882e88466795384 HTTP/1.1
Host: nanouwho.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 374
Origin: https://www.freeroms.com
Connection: keep-alive
Referer: https://www.freeroms.com/
Cookie: scm=1; OAID=536b5a0d6c724ffeb6025891818d3033; oaidts=1674773026
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 22:43:47 GMT
content-type: application/json
access-control-allow-credentials: true
access-control-allow-origin: https://www.freeroms.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID
x-trace-id: 95b8c812dfe1263035edcc285ccb5028
access-control-expose-headers: X-Sc
set-cookie: OAID=b0e353cd95e04579a882e88466795384; expires=Fri, 26 Jan 2024 22:43:47 GMT; secure; SameSite=None
oaidts=1674773026; expires=Fri, 26 Jan 2024 22:43:47 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
cmp.quantcast.com/tcfv2/google-atp-list.json
54.230.111.39200 OK 0 B URL HTTP/2 cmp.quantcast.com/tcfv2/google-atp-list.json
IP 54.230.111.39:0
GET /tcfv2/google-atp-list.json HTTP/1.1
Host: cmp.quantcast.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.freeroms.com
Connection: keep-alive
Referer: https://www.freeroms.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
access-control-max-age: 3000
cache-control: max-age=172800
date: Thu, 26 Jan 2023 03:01:32 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-credentials: true
last-modified: Thu, 26 Jan 2023 03:01:30 GMT
etag: W/"1dbfd79d4ea7f69c0c42a2f6065532e7"
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: br
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: tDJbgi2WSNdf_d7iydPdRBkV7gZbCx2vBSSgFp4eP0om-bHnxQBV2Q==
age: 70936
X-Firefox-Spdy: h2
www.freeroms.com/js/jquery.min.js
64.235.54.28200 OK 0 B URL HTTP/2 www.freeroms.com/js/jquery.min.js
IP 64.235.54.28:0
GET /js/jquery.min.js HTTP/1.1
Host: www.freeroms.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freeroms.com/roms/gba/need_for_speed_underground_2.htm
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 22:43:46 GMT
content-type: application/javascript
last-modified: Tue, 28 Jul 2015 06:50:01 GMT
etag: W/"55b72619-176d5"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
upgulpinon.com/27/f0e85569ebf902c5568035fe1b0a0004
139.45.197.242200 OK 0 B URL HTTP/2 upgulpinon.com/27/f0e85569ebf902c5568035fe1b0a0004
IP 139.45.197.242:0
GET /27/f0e85569ebf902c5568035fe1b0a0004 HTTP/1.1
Host: upgulpinon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freeroms.com/
Cookie: scm=1; OAID=fd30ad20cbbc4014bb859e2a9f663bfa; oaidts=1674773027
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 22:43:47 GMT
content-type: application/javascript
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID
cache-control: max-age:290304000, public
last-modified: Thu, 26 Jan 2023 04:44:45 GMT
expires: Thu, 25 Feb 2083 04:44:45 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2