Report - rule34.xyz/pinkbobatoo

Report Overview

Submitted URL
rule34.xyz/pinkbobatoo
IP
31.222.238.177
ASN
#43624 Pq Hosting S.r.l.
Submitted
2022-12-20 21:56:58
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
6

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
stats.g.doubleclick.net	96	2013-06-10T22:21:11Z	2023-03-09T07:43:12Z	595 B	704 B	64.233.164.154
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-09T11:52:10Z	341 B	797 B	93.184.220.29
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-09T05:09:13Z	606 B	127 B	44.237.93.5
r-34.xyz	unknown			407 B	42 kB	5.252.21.52
fonts.gstatic.com	unknown	2014-09-09T02:40:21Z	2023-03-09T10:01:47Z	1.4 kB	153 kB	216.58.207.227
ocsp.sectigo.com	487	2019-11-29T12:50:24Z	2023-03-09T11:25:06Z	340 B	964 B	104.18.32.68
www.google-analytics.com	40	2012-10-03T03:04:21Z	2023-03-09T13:53:17Z	366 B	21 kB	142.250.74.110
bg4nxu2u5t.com	unknown	2022-07-26T18:26:59Z	2023-03-09T11:36:33Z	1.3 kB	29 kB	62.122.171.6
www.google.com	7	2015-05-10T13:11:19Z	2023-03-09T13:38:50Z	512 B	694 B	216.58.211.4
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-09T05:09:05Z	3.4 kB	8.9 kB	23.36.76.226
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-09T05:09:18Z	782 B	2.4 kB	35.241.9.150
www.googletagmanager.com	75	2013-05-22T04:07:37Z	2023-03-09T13:40:16Z	375 B	40 kB	172.217.21.168
www.google.no	25607	2016-04-05T21:50:59Z	2023-03-09T09:24:51Z	511 B	694 B	142.250.74.163
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-09T10:04:36Z	3.2 kB	56 kB	34.120.237.76
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-09T05:09:49Z	413 B	5.8 kB	34.160.144.191
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-09T05:09:50Z	4.1 kB	8.4 kB	142.250.74.131
rule34xyz.b-cdn.net	unknown	2021-04-09T15:49:21Z	2022-09-26T21:31:47Z	412 B	6.0 kB	185.59.220.198
region1.google-analytics.com	unknown	2022-03-17T12:26:33Z	2023-03-09T05:09:40Z	642 B	556 B	216.239.34.36
rule34.xyz	84497	2019-04-10T03:28:35Z	2023-02-02T11:21:11Z	7.9 kB	1.8 MB	31.222.238.177
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-09T05:09:48Z	333 B	391 B	34.117.237.239

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-12-20	medium	bg4nxu2u5t.com	Sinkholed
2022-12-20	medium	bg4nxu2u5t.com	Sinkholed
2022-12-20	medium	bg4nxu2u5t.com	Sinkholed

JavaScript (10)

	URL	Size	First Seen	Last Seen
	www.google-analytics.com/analytics.js	50 kB	2023-03-08	2024-04-26
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.110 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:22:31 Last Seen2024-04-26 00:32:39 Times Seen1530 Hash fda30e8a22c9bcd954fd8d0fadd0e77c ae47cd34cbde081a48d7f92fc80aaf06a1381193 b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719 Loading...

	bg4nxu2u5t.com/aas/r45d/vki/1780566/03f48f81.js	68 kB	2023-03-09	2023-03-09
Pretty URL bg4nxu2u5t.com/aas/r45d/vki/1780566/03f48f81.js IP 62.122.171.6 ASN #50245 Serverel Inc. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 23:39:26 Last Seen2023-03-09 23:39:26 Times Seen1 Hash 77660f14c7f2ecbf19ba43e493aaa84e 8b9f2fa0fdb662f395c879d1410fc7002461d0e8 49c05b36d698c7d9e2e96943fbe04775ce5fd713ea1b8588980efc0853e48381 Loading...

	bg4nxu2u5t.com/get/1780566?zoneid=1780566&jp=_clzz1hyvu3uaguam1imkhr&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=4894622839649013	2.6 kB	2023-03-09	2023-03-09
Pretty URL bg4nxu2u5t.com/get/1780566?zoneid=1780566&jp=_clzz1hyvu3uaguam1imkhr&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=4894622839649013 IP 62.122.171.6 ASN #50245 Serverel Inc. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 23:39:26 Last Seen2023-03-09 23:39:26 Times Seen1 Hash 7ccc2cc9232faa9f270e5a50f4296115 ee99e5236fb418c325fb3721d986a8a93d2e5172 ade63d84fd5ed118780ccde77d8b996d334ddf6c5655f84c58a4539de6a7606d Loading...

	rule34.xyz/pinkbobatoo	349 B	2023-03-07	2023-12-12
Pretty URL rule34.xyz/pinkbobatoo IP 31.222.238.177 ASN #43624 Pq Hosting S.r.l. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 21:58:40 Last Seen2023-12-12 16:16:35 Times Seen7 Hash 4edc304205f9436d72b2ff9a0743a81b 6b44498f2a358d08c7d3a669354f6746b0cc545d f734f5da3b22c00dd3fcca0758ce05beebb465617d3934b805a970d9239c001d Loading...

	rule34.xyz/polyfills-es2015.10f5ef413ad7eb91b554.js	37 kB	2023-03-07	2023-12-12
Pretty URL rule34.xyz/polyfills-es2015.10f5ef413ad7eb91b554.js IP 31.222.238.177 ASN #43624 Pq Hosting S.r.l. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 21:58:40 Last Seen2023-12-12 16:16:59 Times Seen50 Hash 3126d8f9e8eeb3f382e3ff4b4f2f3371 b2b42c137c7f033fd6640629368b3a5d31f3b6f4 8c5b43165c2c034f9496624b4ed3342570c367b9a7ef9db96ae66a6f786ab277 Loading...

	unknown	0 B	2023-03-07	2024-04-26
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-26 02:52:52 Times Seen37081854 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	www.googletagmanager.com/gtag/js?id=G-R4GRY2G49W&l=dataLayer&cx=c	218 kB	2023-03-09	2023-03-09
Pretty URL www.googletagmanager.com/gtag/js?id=G-R4GRY2G49W&l=dataLayer&cx=c IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 23:39:27 Last Seen2023-03-09 23:39:27 Times Seen1 Hash 46e625547274176f3a4711213b44a61c 3af7d8e91f97284d8ff198c01e73111188d8c8a2 a2e8dfbb2ff9931d58cf9b57e1257991bf1cafb869f1a735ae2d8e1721a49df3 Loading...

	rule34.xyz/pinkbobatoo	532 B	2023-03-07	2023-12-12
Pretty URL rule34.xyz/pinkbobatoo IP 31.222.238.177 ASN #43624 Pq Hosting S.r.l. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 21:58:40 Last Seen2023-12-12 16:16:59 Times Seen7 Hash c0736df5bc2d804a8452871c3cd295d2 1d06a43c6714336cb341d991d6f9779a53d24f61 7b396328ab1bc186ad2b0dce0f0b70a6eb8b067f2e65920537a0509eaff8c6a2 Loading...

	rule34.xyz/runtime-es2015.8c1dfa218bbfed4f8c2a.js	2.5 kB	2023-03-07	2023-12-12
Pretty URL rule34.xyz/runtime-es2015.8c1dfa218bbfed4f8c2a.js IP 31.222.238.177 ASN #43624 Pq Hosting S.r.l. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 21:58:40 Last Seen2023-12-12 16:16:59 Times Seen41 Hash fa306a5cf5db76555fa629c28df96834 cfc58ebc5375edece30a9a37922369dd6bf4b80a 27fe677a858739be13c63a7b3fcbfa1d77728e8ad9900fa39677a57203a463b9 Loading...

	www.googletagmanager.com/gtm.js?id=GTM-TFMCMS4	100 kB	2023-03-09	2023-03-09
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-TFMCMS4 IP 172.217.21.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 23:39:27 Last Seen2023-03-09 23:39:27 Times Seen1 Hash 56f58042d4ab19cc761ad4b50e5fa6b4 dcd3dff0c66859668c25ec22174e1ad001c1a457 42d6a6f6574176e8aae0ff19430efcb6107002b15705dbd4f32c8a22feb82325 Loading...

HTTP Transactions (71)

URL IP Response Size

rule34.xyz/pinkbobatoo

31.222.238.177

200 OK

22 kB

URL HTTP/1.1
rule34.xyz/pinkbobatoo
IP
31.222.238.177:0
ASN
#43624 Pq Hosting S.r.l.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (7721)
Size
22 kB (22050 bytes)
Hash
3ba0c7467c43212219c11eca10e34d2f
b8a19de6a2f9faa471f8addc31954ec643d2f7b9
4773aab09f3944c17c1a1dde03e6d87df16747524d86d6b118602ac53c8a62eb

HTTP Headers

GET /pinkbobatoo HTTP/1.1
Host: rule34.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Connection: keep-alive
Date: Tue, 20 Dec 2022 21:56:47 GMT
Content-Type: text/html; charset=utf-8
Server: Kestrel
Keep-Alive: timeout=5
Transfer-Encoding: chunked
Content-Encoding: gzip
ETag: W/"248f2-Yw/dKHU9b1Xa5mPh5th2qaQilaE"
Vary: Accept-Encoding
X-Powered-By: Express

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bbea1550fedd5eb9c265712fab75b137
2c2f981747898a380265f766345f2bb9c8c983fd
c728286e38c31a4d3f7a39702e0a5f69c14bf69e01a88bc4479714953fbda278

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C728286E38C31A4D3F7A39702E0A5F69C14BF69E01A88BC4479714953FBDA278"
Last-Modified: Tue, 20 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8832
Expires: Wed, 21 Dec 2022 00:23:59 GMT
Date: Tue, 20 Dec 2022 21:56:47 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b8fbcd7ca1a893d05677318a8a198e7a
0851654c21f6e3741887e7deab8098c1dc56f33c
edbade5913ace2fcbb932922e9af69acb2e8759474a2eeaec216307247fea361

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EDBADE5913ACE2FCBB932922E9AF69ACB2E8759474A2EEAEC216307247FEA361"
Last-Modified: Tue, 20 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3167
Expires: Tue, 20 Dec 2022 22:49:34 GMT
Date: Tue, 20 Dec 2022 21:56:47 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
cf03270e3476f7482a2cc7ddc6a9e857
ab70d5ee87b01e0601f8e518bf36f97c8ceeba9a
43a4e796860a1481636dac103488cadc68c261d13cfe835d273efc368e569f97

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "43A4E796860A1481636DAC103488CADC68C261D13CFE835D273EFC368E569F97"
Last-Modified: Sun, 18 Dec 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8853
Expires: Wed, 21 Dec 2022 00:24:20 GMT
Date: Tue, 20 Dec 2022 21:56:47 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
b44c4b5daa307a355e7bab1c83c1ca82
dbd14cd873f1dd4502f277b3f51cb7bc8da0c080
fd4604461cfa002c8a261bb14eb8dda56817db231b9012b2eb38d6dbc2674df5

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Alert, Retry-After, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 20 Dec 2022 21:34:30 GMT
content-type: application/json
age: 1337
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: 6vr244f9bJUy0UY7DNy6LqjmvhfGKMF0hEiKhQX++UfCeTk3xzIp6oyV/K4c1qJ0Dc1oFhNC2hM=
x-amz-request-id: 2E717N3XK408KNVM
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 20 Dec 2022 21:55:08 GMT
age: 99
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

rule34.xyz/runtime-es2015.8c1dfa218bbfed4f8c2a.js

31.222.238.177

200 OK

2.5 kB

URL HTTP/1.1
rule34.xyz/runtime-es2015.8c1dfa218bbfed4f8c2a.js
IP
31.222.238.177:0
ASN
#43624 Pq Hosting S.r.l.

File type
ASCII text, with very long lines (2473), with no line terminators
Size
2.5 kB (2473 bytes)
Hash
fa306a5cf5db76555fa629c28df96834
cfc58ebc5375edece30a9a37922369dd6bf4b80a
27fe677a858739be13c63a7b3fcbfa1d77728e8ad9900fa39677a57203a463b9

HTTP Headers

GET /runtime-es2015.8c1dfa218bbfed4f8c2a.js HTTP/1.1
Host: rule34.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rule34.xyz/pinkbobatoo

HTTP/1.1 200 OK
Date: Tue, 20 Dec 2022 21:56:47 GMT
Content-Type: application/javascript
Server: Kestrel
Content-Length: 2473
Cache-Control: public,max-age=31536000
Last-Modified: Tue, 20 Dec 2022 21:20:06 GMT
Accept-Ranges: bytes
ETag: "1d914b8d4bf8ea9"

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 20 Dec 2022 21:56:47 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

rule34.xyz/polyfills-es2015.10f5ef413ad7eb91b554.js

31.222.238.177

200 OK

37 kB

URL HTTP/1.1
rule34.xyz/polyfills-es2015.10f5ef413ad7eb91b554.js
IP
31.222.238.177:0
ASN
#43624 Pq Hosting S.r.l.

File type
ASCII text, with very long lines (36973), with no line terminators
Size
37 kB (36973 bytes)
Hash
3126d8f9e8eeb3f382e3ff4b4f2f3371
b2b42c137c7f033fd6640629368b3a5d31f3b6f4
8c5b43165c2c034f9496624b4ed3342570c367b9a7ef9db96ae66a6f786ab277

HTTP Headers

GET /polyfills-es2015.10f5ef413ad7eb91b554.js HTTP/1.1
Host: rule34.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rule34.xyz/pinkbobatoo

HTTP/1.1 200 OK
Date: Tue, 20 Dec 2022 21:56:47 GMT
Content-Type: application/javascript
Server: Kestrel
Content-Length: 36973
Cache-Control: public,max-age=31536000
Last-Modified: Tue, 20 Dec 2022 21:20:06 GMT
Accept-Ranges: bytes
ETag: "1d914b8d4bf176d"

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
12c4b636c5b418990b7b92b48b71edf0
1a4f58d5ff768154feb6aa4379ac0e0b83d2b027
4a4452ab280b71a11684985cce66f5c51061810049488584b3874ee9db3b1f8f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A4452AB280B71A11684985CCE66F5C51061810049488584B3874EE9DB3B1F8F"
Last-Modified: Tue, 20 Dec 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4316
Expires: Tue, 20 Dec 2022 23:08:43 GMT
Date: Tue, 20 Dec 2022 21:56:47 GMT
Connection: keep-alive

rule34.xyz/styles.0551c7465b0cc99fa3c6.css

31.222.238.177

200 OK

345 kB

URL HTTP/1.1
rule34.xyz/styles.0551c7465b0cc99fa3c6.css
IP
31.222.238.177:0
ASN
#43624 Pq Hosting S.r.l.

File type
ASCII text, with very long lines (55435)
Size
345 kB (344877 bytes)
Hash
6364a642aaef90d2b01a784342ad6bea
bcf22dc32e9a2920b3e926297d6d69165b798499
bede92f15609cfc8a070c3217494987365f99eb877e6d45689b0fcea55a5a681

HTTP Headers

GET /styles.0551c7465b0cc99fa3c6.css HTTP/1.1
Host: rule34.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rule34.xyz/pinkbobatoo

HTTP/1.1 200 OK
Date: Tue, 20 Dec 2022 21:56:47 GMT
Content-Type: text/css
Server: Kestrel
Content-Length: 344877
Cache-Control: public,max-age=31536000
Last-Modified: Tue, 20 Dec 2022 21:20:06 GMT
Accept-Ranges: bytes
ETag: "1d914b8d4bac42d"

rule34.xyz/assets/images/flags/en.png

31.222.238.177

200 OK

4.8 kB

URL HTTP/1.1
rule34.xyz/assets/images/flags/en.png
IP
31.222.238.177:0
ASN
#43624 Pq Hosting S.r.l.

File type
PNG image data, 256 x 171, 8-bit/color RGBA, non-interlaced\012- data
Size
4.8 kB (4849 bytes)
Hash
dda9cec7d5c5f13201b0f59e83ad74a2
99797780c3381911facf4a7f725795d44b4ced88
7a7a13c54037d440227c51cdd42501d095a43cf6cc1c6f34150224d68b57317b

HTTP Headers

GET /assets/images/flags/en.png HTTP/1.1
Host: rule34.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rule34.xyz/pinkbobatoo

HTTP/1.1 200 OK
Date: Tue, 20 Dec 2022 21:56:47 GMT
Content-Type: image/png
Server: Kestrel
Content-Length: 4849
Cache-Control: public,max-age=31536000
Last-Modified: Tue, 20 Dec 2022 21:20:06 GMT
Accept-Ranges: bytes
ETag: "1d914b8d4bf95f1"

rule34.xyz/assets/images/twitter.png

31.222.238.177

200 OK

1.3 kB

URL HTTP/1.1
rule34.xyz/assets/images/twitter.png
IP
31.222.238.177:0
ASN
#43624 Pq Hosting S.r.l.

File type
PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Size
1.3 kB (1317 bytes)
Hash
501d6dfa0f9f66cc740e95fc952dbb68
4b0f77b1f2f45866f554a9349a10d19ce5191057
ab5f3e319577d3bcc1c2db4fadddb215b7b16976cd780881ca785221b34c3434

HTTP Headers

GET /assets/images/twitter.png HTTP/1.1
Host: rule34.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rule34.xyz/pinkbobatoo

HTTP/1.1 200 OK
Date: Tue, 20 Dec 2022 21:56:47 GMT
Content-Type: image/png
Server: Kestrel
Content-Length: 1317
Cache-Control: public,max-age=31536000
Last-Modified: Tue, 20 Dec 2022 21:20:06 GMT
Accept-Ranges: bytes
ETag: "1d914b8d4bf8225"

rule34.xyz/assets/images/discord_32.png

31.222.238.177

200 OK

833 B

URL HTTP/1.1
rule34.xyz/assets/images/discord_32.png
IP
31.222.238.177:0
ASN
#43624 Pq Hosting S.r.l.

File type
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Size
833 B (833 bytes)
Hash
a9670c588d6d7b07ccfb3d125173de21
fad6bb4af7258dacca5412cf3ced4ac1f984ee69
214077b40659aa214c997cf921ead8a4952fa16ba3f64d7953c369ae03e648f8

HTTP Headers

GET /assets/images/discord_32.png HTTP/1.1
Host: rule34.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rule34.xyz/pinkbobatoo

HTTP/1.1 200 OK
Date: Tue, 20 Dec 2022 21:56:47 GMT
Content-Type: image/png
Server: Kestrel
Content-Length: 833
Cache-Control: public,max-age=31536000
Last-Modified: Tue, 20 Dec 2022 21:20:06 GMT
Accept-Ranges: bytes
ETag: "1d914b8d4bf8441"

r-34.xyz/posts/96/96493/96493.thumbnail.jpg

5.252.21.52

200 OK

42 kB

URL HTTP/2
r-34.xyz/posts/96/96493/96493.thumbnail.jpg
IP
5.252.21.52:0
ASN
#0

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 384x384, components 3\012- data
Size
42 kB (41979 bytes)
Hash
52f7371d9e3286e3391ab415559d21ef
ea9bb7ba04e491da5f5fff3dfaf9f3f33300c4e1
d3b94de031aa115b05ae0d1f4848c4b65d5f44b55105718bc050777171acea65

HTTP Headers

GET /posts/96/96493/96493.thumbnail.jpg HTTP/1.1
Host: r-34.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://rule34.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
date: Tue, 20 Dec 2022 19:05:23 GMT
server: Kestrel
accept-ranges: bytes
etag: "1d90f03faba1a7b"
last-modified: Tue, 13 Dec 2022 15:02:55 GMT
content-length: 41979
strict-transport-security: max-age=2592000
X-Firefox-Spdy: h2

rule34.xyz/main-es2015.9f70647c7ad4078cc37e.js

31.222.238.177

200 OK

1.3 MB

URL HTTP/1.1
rule34.xyz/main-es2015.9f70647c7ad4078cc37e.js
IP
31.222.238.177:0
ASN
#43624 Pq Hosting S.r.l.

File type
ASCII text, with very long lines (65536), with no line terminators
Size
1.3 MB (1281583 bytes)
Hash
0952c52896acad0a9e342625bf47166d
34e88dfa1c9786628d98644a24af734790cc5019
768d9e5d0a37ed79e8d01a4aa1822079941dba335c71eb147e5e6a5999c3b002

HTTP Headers

GET /main-es2015.9f70647c7ad4078cc37e.js HTTP/1.1
Host: rule34.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rule34.xyz/pinkbobatoo

HTTP/1.1 200 OK
Date: Tue, 20 Dec 2022 21:56:47 GMT
Content-Type: application/javascript
Server: Kestrel
Content-Length: 1281583
Cache-Control: public,max-age=31536000
Last-Modified: Tue, 20 Dec 2022 21:20:06 GMT
Accept-Ranges: bytes
ETag: "1d914b8d4ac092f"

rule34.xyz/posts/3549/3549278/3549278.pic256avif.avif

31.222.238.177

200 OK

7.7 kB

URL HTTP/1.1
rule34.xyz/posts/3549/3549278/3549278.pic256avif.avif
IP
31.222.238.177:0
ASN
#43624 Pq Hosting S.r.l.

File type
ISO Media, HEIF Image\012- data
Size
7.7 kB (7689 bytes)
Hash
5a32e9fd287b038ce122fcfb61d47708
77c94ca2d1791d34ab5de9d790811f9c282c771a
85bbf91b0e33829e1e0393840d52d271662310151cc2fdd9561c03a40c50e5da

HTTP Headers

GET /posts/3549/3549278/3549278.pic256avif.avif HTTP/1.1
Host: rule34.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rule34.xyz/pinkbobatoo

HTTP/1.1 200 OK
Date: Tue, 20 Dec 2022 21:56:47 GMT
Content-Type: image/avif
Server: Kestrel
Content-Length: 7689
Cache-Control: public,max-age=31536000
Last-Modified: Sat, 17 Dec 2022 19:29:20 GMT
Accept-Ranges: bytes
ETag: "1d9124ddc2f3609"

rule34.xyz/posts/3549/3549447/3549447.pic256avif.avif

31.222.238.177

200 OK

5.2 kB

URL HTTP/1.1
rule34.xyz/posts/3549/3549447/3549447.pic256avif.avif
IP
31.222.238.177:0
ASN
#43624 Pq Hosting S.r.l.

File type
ISO Media, HEIF Image\012- data
Size
5.2 kB (5229 bytes)
Hash
498e9c6c44164353a7c6277d880d2003
76b8e2c120a318f9e452d8d3e7a6e9d76258e64d
1af0504c2eba27d4362a1619e81e205f716d2b6b008d7e887e46f5a76c19f99f

HTTP Headers

GET /posts/3549/3549447/3549447.pic256avif.avif HTTP/1.1
Host: rule34.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rule34.xyz/pinkbobatoo

HTTP/1.1 200 OK
Date: Tue, 20 Dec 2022 21:56:47 GMT
Content-Type: image/avif
Server: Kestrel
Content-Length: 5229
Cache-Control: public,max-age=31536000
Last-Modified: Sun, 18 Dec 2022 02:17:23 GMT
Accept-Ranges: bytes
ETag: "1d91286dd306fed"

rule34.xyz/posts/3536/3536951/3536951.pic256avif.avif

31.222.238.177

200 OK

3.4 kB

URL HTTP/1.1
rule34.xyz/posts/3536/3536951/3536951.pic256avif.avif
IP
31.222.238.177:0
ASN
#43624 Pq Hosting S.r.l.

File type
ISO Media, HEIF Image\012- data
Size
3.4 kB (3365 bytes)
Hash
5f1810f8624f21e97135736bce094d69
30394c5dcc6c31e7a4428e6c22fb1f54882f4801
2321f9839911e619475e9b19dab1bc9832b388b1f062175cbfd8db4725cc6542

HTTP Headers

GET /posts/3536/3536951/3536951.pic256avif.avif HTTP/1.1
Host: rule34.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rule34.xyz/pinkbobatoo

HTTP/1.1 200 OK
Date: Tue, 20 Dec 2022 21:56:47 GMT
Content-Type: image/avif
Server: Kestrel
Content-Length: 3365
Cache-Control: public,max-age=31536000
Last-Modified: Fri, 25 Nov 2022 04:46:14 GMT
Accept-Ranges: bytes
ETag: "1d90088d8faa225"

rule34.xyz/posts/3547/3547390/3547390.pic256avif.avif

31.222.238.177

200 OK

12 kB

URL HTTP/1.1
rule34.xyz/posts/3547/3547390/3547390.pic256avif.avif
IP
31.222.238.177:0
ASN
#43624 Pq Hosting S.r.l.

File type
ISO Media, HEIF Image\012- data
Size
12 kB (11454 bytes)
Hash
33a44a37914000274014e2bd935b36e7
52b61d0decd91bb65a16b57768dc57efa2fbb494
ef906b90946e64bd99e2cfc47f6bd01a385e82365a81ca2c36135fb49e1c57b6

HTTP Headers

GET /posts/3547/3547390/3547390.pic256avif.avif HTTP/1.1
Host: rule34.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rule34.xyz/pinkbobatoo

HTTP/1.1 200 OK
Date: Tue, 20 Dec 2022 21:56:47 GMT
Content-Type: image/avif
Server: Kestrel
Content-Length: 11454
Cache-Control: public,max-age=31536000
Last-Modified: Wed, 14 Dec 2022 00:53:53 GMT
Accept-Ranges: bytes
ETag: "1d90f5689580a3e"

rule34.xyz/posts/3538/3538553/3538553.pic256avif.avif

31.222.238.177

200 OK

6.1 kB

URL HTTP/1.1
rule34.xyz/posts/3538/3538553/3538553.pic256avif.avif
IP
31.222.238.177:0
ASN
#43624 Pq Hosting S.r.l.

File type
ISO Media, HEIF Image\012- data
Size
6.1 kB (6102 bytes)
Hash
d4bd94e9855eb4ac018ca91a7800aec6
4ada1151509970ad6e575b14cd7fff343537f823
c09682e97ef6a733fabd98ea166ce9569a064afddb83a28a106660d2273b3272

HTTP Headers

GET /posts/3538/3538553/3538553.pic256avif.avif HTTP/1.1
Host: rule34.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rule34.xyz/pinkbobatoo

HTTP/1.1 200 OK
Date: Tue, 20 Dec 2022 21:56:47 GMT
Content-Type: image/avif
Server: Kestrel
Content-Length: 6102
Cache-Control: public,max-age=31536000
Last-Modified: Sun, 27 Nov 2022 22:06:20 GMT
Accept-Ranges: bytes
ETag: "1d902ac7aae01d6"

rule34.xyz/posts/3534/3534581/3534581.pic256avif.avif

31.222.238.177

200 OK

6.6 kB

URL HTTP/1.1
rule34.xyz/posts/3534/3534581/3534581.pic256avif.avif
IP
31.222.238.177:0
ASN
#43624 Pq Hosting S.r.l.

File type
ISO Media, HEIF Image\012- data
Size
6.6 kB (6607 bytes)
Hash
accb1a5f0eb79f373cabb5404e6ee324
552c7b2d256e051149d56158229b1a11569eee0b
a5957504bd59df59760197c6c8cc77f3b83bae52bb466fb49a31ba2486a54447

HTTP Headers

GET /posts/3534/3534581/3534581.pic256avif.avif HTTP/1.1
Host: rule34.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rule34.xyz/pinkbobatoo

HTTP/1.1 200 OK
Date: Tue, 20 Dec 2022 21:56:47 GMT
Content-Type: image/avif
Server: Kestrel
Content-Length: 6607
Cache-Control: public,max-age=31536000
Last-Modified: Sun, 20 Nov 2022 21:41:18 GMT
Accept-Ranges: bytes
ETag: "1d8fd28d286cacf"

rule34.xyz/posts/3534/3534481/3534481.pic256avif.avif

31.222.238.177

200 OK

6.7 kB

URL HTTP/1.1
rule34.xyz/posts/3534/3534481/3534481.pic256avif.avif
IP
31.222.238.177:0
ASN
#43624 Pq Hosting S.r.l.

File type
ISO Media, HEIF Image\012- data
Size
6.7 kB (6687 bytes)
Hash
731f7a7a77af5984545d1a7f36233a25
d92e210416ce29b06f602083043915592ffadcb3
8184c888596a76d6821c4351bc501cae848a2bdbf424a3e54fae94bef5d9ead3

HTTP Headers

GET /posts/3534/3534481/3534481.pic256avif.avif HTTP/1.1
Host: rule34.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rule34.xyz/pinkbobatoo

HTTP/1.1 200 OK
Date: Tue, 20 Dec 2022 21:56:47 GMT
Content-Type: image/avif
Server: Kestrel
Content-Length: 6687
Cache-Control: public,max-age=31536000
Last-Modified: Sun, 20 Nov 2022 18:17:29 GMT
Accept-Ranges: bytes
ETag: "1d8fd0c5979989f"

rule34.xyz/posts/3534/3534472/3534472.pic256avif.avif

31.222.238.177

200 OK

7.3 kB

URL HTTP/1.1
rule34.xyz/posts/3534/3534472/3534472.pic256avif.avif
IP
31.222.238.177:0
ASN
#43624 Pq Hosting S.r.l.

File type
ISO Media, HEIF Image\012- data
Size
7.3 kB (7328 bytes)
Hash
83ee5ac94d48e474c958506bd50ccaff
d8c691e4fd9c10d1e24f40d9006902b6df35e991
0191bac8c4fc823f6139dcabe72e702e3dea766644b66863f34703fe231b15db

HTTP Headers

GET /posts/3534/3534472/3534472.pic256avif.avif HTTP/1.1
Host: rule34.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rule34.xyz/pinkbobatoo

HTTP/1.1 200 OK
Date: Tue, 20 Dec 2022 21:56:47 GMT
Content-Type: image/avif
Server: Kestrel
Content-Length: 7328
Cache-Control: public,max-age=31536000
Last-Modified: Sun, 20 Nov 2022 18:11:07 GMT
Accept-Ranges: bytes
ETag: "1d8fd0b75c8f320"

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
eadadfec0a65bce69128230cfa49f936
1ae7fbb4969315fc2d13cf0a63d1909c499147db
bbd8831dd832214747d09faca8a7092b1e72dbaec35ee513bf6663caaea3e488

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Dec 2022 21:56:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

rule34.xyz/posts/3532/3532692/3532692.pic256avif.avif

31.222.238.177

200 OK

7.1 kB

URL HTTP/1.1
rule34.xyz/posts/3532/3532692/3532692.pic256avif.avif
IP
31.222.238.177:0
ASN
#43624 Pq Hosting S.r.l.

File type
ISO Media, HEIF Image\012- data
Size
7.1 kB (7066 bytes)
Hash
33e7dfff4fd846456781e2845473dd16
5d94c24e8c07d6d71fc8f16b5894a00a90d83147
eeb2608fd8495a179468e402dfbfb5778444ffa6e97f3b6c758c11936536390f

HTTP Headers

GET /posts/3532/3532692/3532692.pic256avif.avif HTTP/1.1
Host: rule34.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rule34.xyz/pinkbobatoo

HTTP/1.1 200 OK
Date: Tue, 20 Dec 2022 21:56:47 GMT
Content-Type: image/avif
Server: Kestrel
Content-Length: 7066
Cache-Control: public,max-age=31536000
Last-Modified: Thu, 17 Nov 2022 11:45:45 GMT
Accept-Ranges: bytes
ETag: "1d8fa7a20c2611a"

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
eadadfec0a65bce69128230cfa49f936
1ae7fbb4969315fc2d13cf0a63d1909c499147db
bbd8831dd832214747d09faca8a7092b1e72dbaec35ee513bf6663caaea3e488

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Dec 2022 21:56:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
eadadfec0a65bce69128230cfa49f936
1ae7fbb4969315fc2d13cf0a63d1909c499147db
bbd8831dd832214747d09faca8a7092b1e72dbaec35ee513bf6663caaea3e488

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Dec 2022 21:56:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
c92a63593449265941bccd2401ec3927
09bd5c279a11c5067d75300053d70e4e678d7140
a137e34a2d19637a6fe63ba801ce97be1ded72584f8a90798b4c0910526a4429

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Dec 2022 21:56:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/materialicons/v139/flUhRq6tzZclQEJ-Vdg-IuiaDsNcIhQ8tQ.woff2

216.58.207.227

200 OK

128 kB

URL HTTP/2
fonts.gstatic.com/s/materialicons/v139/flUhRq6tzZclQEJ-Vdg-IuiaDsNcIhQ8tQ.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 128360, version 1.0\012- data
Size
128 kB (128360 bytes)
Hash
393b5d8b3fd798486652801f3ee8c6ea
979383e09be691921a211f5fc4ef97fc4406e4dd
83be7b2f504af2c948c5106fa907dc4224380a7b75a993a7bff52cd71ec8c7d3

HTTP Headers

GET /s/materialicons/v139/flUhRq6tzZclQEJ-Vdg-IuiaDsNcIhQ8tQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://rule34.xyz
Connection: keep-alive
Referer: http://rule34.xyz/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 128360
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 16 Dec 2022 13:33:12 GMT
expires: Sat, 16 Dec 2023 13:33:12 GMT
cache-control: public, max-age=31536000
age: 375816
last-modified: Thu, 25 Aug 2022 00:09:15 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

216.58.207.227

200 OK

11 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 11028, version 1.0\012- data
Size
11 kB (11028 bytes)
Hash
1f6d3cf6d38f25d83d95f5a800b8cac3
279f300ca2cbbdf9f5036ef2f438607fbf377daa
796de064b8d80eba7ccacb8ba67d77fdbcdf4b385c844645d452c24537b3108f

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://rule34.xyz
Connection: keep-alive
Referer: http://rule34.xyz/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11028
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 16 Dec 2022 13:33:13 GMT
expires: Sat, 16 Dec 2023 13:33:13 GMT
cache-control: public, max-age=31536000
age: 375815
last-modified: Wed, 11 May 2022 19:24:50 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Last-Modified, Retry-After, Content-Type, Alert, Pragma, ETag, Cache-Control, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 20 Dec 2022 21:33:24 GMT
age: 1404
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2

216.58.207.227

200 OK

11 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 11072, version 1.0\012- data
Size
11 kB (11072 bytes)
Hash
e7df3d0942815909add8f9d0c40d00d9
cf5032eea3399a58870e8a05e629b006a8c7c3c7
bce2f309470952b7affa62ff4d91b454334c68cefa541429b502904d20696875

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://rule34.xyz
Connection: keep-alive
Referer: http://rule34.xyz/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11072
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Dec 2022 19:34:00 GMT
expires: Thu, 14 Dec 2023 19:34:00 GMT
cache-control: public, max-age=31536000
age: 526968
last-modified: Wed, 11 May 2022 19:24:53 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.googletagmanager.com/gtm.js?id=GTM-TFMCMS4

172.217.21.168

200 OK

39 kB

URL HTTP/2
www.googletagmanager.com/gtm.js?id=GTM-TFMCMS4
IP
172.217.21.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1921)
Size
39 kB (39151 bytes)
Hash
322f436e8fa9dd56095efa61d355c6ed
7f17edeeb5cb893ef94913d23eae8a6456d0e8b2
e478882b6e75c82571636bdd815ea8f66e47daf06efe1b2fd02eacee1a8529a3

HTTP Headers

GET /gtm.js?id=GTM-TFMCMS4 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://rule34.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 20 Dec 2022 21:56:48 GMT
expires: Tue, 20 Dec 2022 21:56:48 GMT
cache-control: private, max-age=900
last-modified: Tue, 20 Dec 2022 21:17:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 39151
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
eadadfec0a65bce69128230cfa49f936
1ae7fbb4969315fc2d13cf0a63d1909c499147db
bbd8831dd832214747d09faca8a7092b1e72dbaec35ee513bf6663caaea3e488

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Dec 2022 21:56:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.sectigo.com/

104.18.32.68

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
fc98b292975e2b116be4c8ef5c73d223
ffded4b10c4882205ec1af4fd7bd31f629ce0e75
cbeb54b24948beac148ab815fa7412086d3e0b0a782e32c4ab0ffdfa89ae2293

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 20 Dec 2022 21:56:48 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 20 Dec 2022 02:30:35 GMT
Expires: Tue, 27 Dec 2022 02:30:34 GMT
Etag: "ffded4b10c4882205ec1af4fd7bd31f629ce0e75"
Cache-Control: max-age=534225,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77cba1488de00af6-OSL

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
c92a63593449265941bccd2401ec3927
09bd5c279a11c5067d75300053d70e4e678d7140
a137e34a2d19637a6fe63ba801ce97be1ded72584f8a90798b4c0910526a4429

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Dec 2022 21:56:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

rule34.xyz/api/r/posts/negotiate?negotiateVersion=1

31.222.238.177

200 OK

205 B

URL HTTP/1.1
rule34.xyz/api/r/posts/negotiate?negotiateVersion=1
IP
31.222.238.177:0
ASN
#43624 Pq Hosting S.r.l.

File type
JSON data\012- , ASCII text, with very long lines (316), with no line terminators
Size
205 B (205 bytes)
Hash
17813d37ca11ca2c87bdb068abe19e52
4686197928dffb440aafad7003f35993da2f3812
aec750921094521405b8fe4fc5186ae30f733e3a9b4bd9a93b445bede5444d76

HTTP Headers

POST /api/r/posts/negotiate?negotiateVersion=1 HTTP/1.1
Host: rule34.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://rule34.xyz/pinkbobatoo
Content-Type: text/plain;charset=UTF-8
X-Requested-With: XMLHttpRequest
X-SignalR-User-Agent: Microsoft SignalR/5.0 (5.0.13; Unknown OS; Browser; Unknown Runtime Version)
Origin: http://rule34.xyz
Content-Length: 0
Connection: keep-alive

HTTP/1.1 200 OK
Date: Tue, 20 Dec 2022 21:56:47 GMT
Content-Type: application/json
Server: Kestrel
Transfer-Encoding: chunked
Content-Encoding: gzip
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: http://rule34.xyz

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
d0c2b6760f2b58f445446dd2276d5af4
aeedf417b1ebde86ce837ca02ba934abb938b1a4
8fe72d0ce839150559da5ddf46bf87d26b6b9cbe34d09641b29a53be24997c81

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2631
Cache-Control: max-age=129234
Content-Type: application/ocsp-response
Date: Tue, 20 Dec 2022 21:56:48 GMT
Etag: "63a17b2b-1d7"
Expires: Thu, 22 Dec 2022 09:50:42 GMT
Last-Modified: Tue, 20 Dec 2022 09:06:51 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
215f179e613370c655bf93bd419f20a1
95088c5b683ea359b14725c9c9a240bcd4aba454
84e63de1c1974bff3446830c48979c67eaff95649c6c8ecce7748691684606f9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "84E63DE1C1974BFF3446830C48979C67EAFF95649C6C8ECCE7748691684606F9"
Last-Modified: Tue, 20 Dec 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19146
Expires: Wed, 21 Dec 2022 03:15:54 GMT
Date: Tue, 20 Dec 2022 21:56:48 GMT
Connection: keep-alive

rule34xyz.b-cdn.net/posts/3526/3526144/3526144.pic256avif.avif

185.59.220.198

200 OK

5.4 kB

URL HTTP/2
rule34xyz.b-cdn.net/posts/3526/3526144/3526144.pic256avif.avif
IP
185.59.220.198:0
ASN
#60068 Datacamp Limited

File type
ISO Media, HEIF Image\012- data
Size
5.4 kB (5372 bytes)
Hash
c7e7ca122af180dc6fce6b911332258f
d4c675875e1ff938e36aff9802958b8d9e315b09
d769cf3b2d468ccaeff88b17f10ff34324745ab67940a15e2911fd565f16af8a

HTTP Headers

GET /posts/3526/3526144/3526144.pic256avif.avif HTTP/1.1
Host: rule34xyz.b-cdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://rule34.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 20 Dec 2022 21:56:48 GMT
content-type: application/octet-stream
content-length: 5372
server: BunnyCDN-DE1-723
cdn-pullzone: 294263
cdn-uid: 66d6ad83-3f00-4738-b738-db341e02bfab
cdn-requestcountrycode: NO
cache-control: public, max-age=2592000
last-modified: Sat, 05 Nov 2022 15:30:45 GMT
cdn-storageserver: DE-167
cdn-fileserver: 512
cdn-proxyver: 1.03
cdn-requestpullsuccess: True
cdn-requestpullcode: 206
cdn-cachedat: 12/09/2022 14:12:48
cdn-edgestorageid: 863
cdn-status: 200
cdn-requestid: c9f56cffd547da320a321022d6478460
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

rule34.xyz/ads2.json?v=12T0956

31.222.238.177

200 OK

106 B

URL HTTP/2
rule34.xyz/ads2.json?v=12T0956
IP
31.222.238.177:0
ASN
#43624 Pq Hosting S.r.l.

File type
JSON data\012- , ASCII text
Size
106 B (106 bytes)
Hash
a6ffac3ddaa9269ead51ec3cda35d4d7
d72804f4cd3a0e1b500382fb1517ac8f93ccf7d9
9c0f755ae93dcc7cdce985f208c4a068de18249aa229b31284ccb25bdd76224d

HTTP Headers

GET /ads2.json?v=12T0956 HTTP/1.1
Host: rule34.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://rule34.xyz
Connection: keep-alive
Referer: http://rule34.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 20 Dec 2022 21:56:47 GMT
content-type: application/json
last-modified: Sat, 24 Sep 2022 13:07:14 GMT
accept-ranges: bytes
etag: "1d8d01690862d6a"
server: Kestrel
access-control-allow-credentials: true
access-control-allow-origin: http://rule34.xyz
content-length: 106
strict-transport-security: max-age=2592000
X-Firefox-Spdy: h2

www.google-analytics.com/analytics.js

142.250.74.110

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.110:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1325)
Size
20 kB (20039 bytes)
Hash
47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://rule34.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Tue, 20 Dec 2022 20:41:08 GMT
expires: Tue, 20 Dec 2022 22:41:08 GMT
cache-control: public, max-age=7200
age: 4540
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

push.services.mozilla.com/

44.237.93.5

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
44.237.93.5:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: LoYZYmpuwBVqzauLivdUZQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: uQw6LUL3Y6lJ/vm8MsPQs+KO8Bs=

rule34.xyz/assets/images/flags/ru.png

31.222.238.177

200 OK

726 B

URL HTTP/2
rule34.xyz/assets/images/flags/ru.png
IP
31.222.238.177:0
ASN
#43624 Pq Hosting S.r.l.

File type
PNG image data, 256 x 171, 8-bit/color RGBA, non-interlaced\012- data
Size
726 B (726 bytes)
Hash
878b1c39221fd18c8288f25a81078e54
fdbc80bbe6fdfde300c6d059f02d7f3b51004c92
1271ce7f3b45a1197ce14d0f66a15e31465c16ff2b9711c00d69c44a26434d9a

HTTP Headers

GET /assets/images/flags/ru.png HTTP/1.1
Host: rule34.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://rule34.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
cache-control: public,max-age=31536000
date: Tue, 20 Dec 2022 21:56:48 GMT
content-type: image/png
last-modified: Tue, 20 Dec 2022 21:20:06 GMT
accept-ranges: bytes
etag: "1d914b8d4bf85d6"
server: Kestrel
content-length: 726
strict-transport-security: max-age=2592000
X-Firefox-Spdy: h2

bg4nxu2u5t.com/aas/r45d/vki/1780566/03f48f81.js

62.122.171.6

200 OK

26 kB

URL HTTP/1.1
bg4nxu2u5t.com/aas/r45d/vki/1780566/03f48f81.js
IP
62.122.171.6:0
ASN
#50245 Serverel Inc.

File type
ASCII text, with very long lines (65530)
Size
26 kB (26434 bytes)
Hash
d65276d72b3b02cfe672152ed58be4c8
69d0be6ed81b29c7cd5274d087dc4f889b83470f
27e1e252d099ad86365ec1ead8bfec78dad5a5deb99c10d698782cb8fdfdeb44

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /aas/r45d/vki/1780566/03f48f81.js HTTP/1.1
Host: bg4nxu2u5t.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rule34.xyz/

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 20 Dec 2022 21:56:48 GMT
Content-Type: application/javascript
Last-Modified: Tue, 13 Dec 2022 13:00:27 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6398776b-10bb2"
Timing-Allow-Origin: *
Accept-CH: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
Content-Encoding: gzip

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
9280942f48b6d8af0882ac1f9a684dae
1998f517eb03d75b98b81b8fcc3de69b57faaad9
43e916ba35470cee4a823db0332214b20948fedd09350f83aa0376d902a4926b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Dec 2022 21:56:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

rule34.xyz/api/r/posts?id=7OYGeLwHHkvc2hj1F7U6sg

31.222.238.177

101 Switching Protocols

0 B

URL HTTP/1.1
rule34.xyz/api/r/posts?id=7OYGeLwHHkvc2hj1F7U6sg
IP
31.222.238.177:0
ASN
#43624 Pq Hosting S.r.l.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /api/r/posts?id=7OYGeLwHHkvc2hj1F7U6sg HTTP/1.1
Host: rule34.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: http://rule34.xyz
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: PJnotz08wT6ce8hUOCb8Ig==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
TE: trailers

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Date: Tue, 20 Dec 2022 21:56:48 GMT
Server: Kestrel
Upgrade: websocket
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: http://rule34.xyz
Strict-Transport-Security: max-age=2592000
Sec-WebSocket-Accept: uTCXC90yXAFUwISXf0smNHoVdF0=

stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-114324981-1&cid=1755751361.1671573418&jid=2067117437&gjid=1492020894&_gid=1038790275.1671573418&_u=IEBAAEAAAAAAACAAI~&z=482007854

64.233.164.154

200 OK

4 B

URL HTTP/2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-114324981-1&cid=1755751361.1671573418&jid=2067117437&gjid=1492020894&_gid=1038790275.1671573418&_u=IEBAAEAAAAAAACAAI~&z=482007854
IP
64.233.164.154:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
4 B (4 bytes)
Hash
48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a

HTTP Headers

POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-114324981-1&cid=1755751361.1671573418&jid=2067117437&gjid=1492020894&_gid=1038790275.1671573418&_u=IEBAAEAAAAAAACAAI~&z=482007854 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: http://rule34.xyz
Connection: keep-alive
Referer: http://rule34.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: http://rule34.xyz
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 20 Dec 2022 21:56:48 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

rule34.xyz/favicon.rule34xyz.ico

31.222.238.177

200 OK

22 kB

URL HTTP/2
rule34.xyz/favicon.rule34xyz.ico
IP
31.222.238.177:0
ASN
#43624 Pq Hosting S.r.l.

File type
MS Windows icon resource - 1 icon, 72x72, 32 bits/pixel\012- data
Size
22 kB (21662 bytes)
Hash
8af3931693c34a541ca0364bdd32940b
fe181a319195d6f133a73f9a232896c5369a1638
e5226fb838325cb0e7ddf30c89f4a0d0afd3f89d7936f5189f028fac8e1e5e77

HTTP Headers

GET /favicon.rule34xyz.ico HTTP/1.1
Host: rule34.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://rule34.xyz/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
cache-control: public,max-age=31536000
date: Tue, 20 Dec 2022 21:56:48 GMT
content-type: image/x-icon
last-modified: Tue, 20 Dec 2022 21:20:06 GMT
accept-ranges: bytes
etag: "1d914b8d4bfd39e"
server: Kestrel
content-length: 21662
strict-transport-security: max-age=2592000
X-Firefox-Spdy: h2

bg4nxu2u5t.com/solid.gif?z=1780566&abvar=0

62.122.171.6

200 OK

43 B

URL HTTP/2
bg4nxu2u5t.com/solid.gif?z=1780566&abvar=0
IP
62.122.171.6:0
ASN
#50245 Serverel Inc.

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
28e463819a210071de3b45ebe7633613
6dccd571828ec0912629119cf7eabfea9f33ddbc
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

POST /solid.gif?z=1780566&abvar=0 HTTP/1.1
Host: bg4nxu2u5t.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://rule34.xyz
Connection: keep-alive
Referer: http://rule34.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 200 OK
server: nginx
date: Tue, 20 Dec 2022 21:56:48 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.tag.loaded
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
9280942f48b6d8af0882ac1f9a684dae
1998f517eb03d75b98b81b8fcc3de69b57faaad9
43e916ba35470cee4a823db0332214b20948fedd09350f83aa0376d902a4926b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Dec 2022 21:56:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
0b3a38d8057f8c59aa4db5a405d1004c
3c25e79903c1854f482800c6649da26764730a90
910fbf0b154d2cb38f02f87065f7e94f0aa98a11ffd1c87b04eecf80975d4a51

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Dec 2022 21:56:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
44d1b97ebc6772b76319806ff504cf27
e7e520951d9f34cfc991932a62b0bd8cf390b1f7
b30398f6056dcc04122b413d78c632ea15df7cff07471850a1603a121efba20d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Dec 2022 21:56:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-114324981-1&cid=1755751361.1671573418&jid=2067117437&_u=IEBAAEAAAAAAACAAI~&z=1946064244

216.58.211.4

200 OK

42 B

URL HTTP/2
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-114324981-1&cid=1755751361.1671573418&jid=2067117437&_u=IEBAAEAAAAAAACAAI~&z=1946064244
IP
216.58.211.4:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-114324981-1&cid=1755751361.1671573418&jid=2067117437&_u=IEBAAEAAAAAAACAAI~&z=1946064244 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://rule34.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 20 Dec 2022 21:56:49 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-114324981-1&cid=1755751361.1671573418&jid=2067117437&_u=IEBAAEAAAAAAACAAI~&z=1946064244

142.250.74.163

200 OK

42 B

URL HTTP/2
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-114324981-1&cid=1755751361.1671573418&jid=2067117437&_u=IEBAAEAAAAAAACAAI~&z=1946064244
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-114324981-1&cid=1755751361.1671573418&jid=2067117437&_u=IEBAAEAAAAAAACAAI~&z=1946064244 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://rule34.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 20 Dec 2022 21:56:49 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
44d1b97ebc6772b76319806ff504cf27
e7e520951d9f34cfc991932a62b0bd8cf390b1f7
b30398f6056dcc04122b413d78c632ea15df7cff07471850a1603a121efba20d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Dec 2022 21:56:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
97216d9347c0d3c1bab297df919688d5
61eca83749fd58d5ce753bf65419435d522c2ce5
7277b81f23f6516aa706c00202e0705421837431095d5b1f7fb0f283ab5736ff

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 20 Dec 2022 21:56:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

region1.google-analytics.com/g/collect?v=2&tid=G-R4GRY2G49W&gtm=2oebu0&_p=57743424&cid=1755751361.1671573418&ul=en-us&sr=1280x1024&_s=1&sid=1671573418&sct=1&seg=0&dl=http%3A%2F%2Frule34.xyz%2Fpinkbobatoo&dt=Rule%2034%20XYZ%20%2F%20pinkbobatoo&en=page_view&_fv=1&_ss=1

216.239.34.36

204 No Content

0 B

URL HTTP/2
region1.google-analytics.com/g/collect?v=2&tid=G-R4GRY2G49W&gtm=2oebu0&_p=57743424&cid=1755751361.1671573418&ul=en-us&sr=1280x1024&_s=1&sid=1671573418&sct=1&seg=0&dl=http%3A%2F%2Frule34.xyz%2Fpinkbobatoo&dt=Rule%2034%20XYZ%20%2F%20pinkbobatoo&en=page_view&_fv=1&_ss=1
IP
216.239.34.36:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-R4GRY2G49W&gtm=2oebu0&_p=57743424&cid=1755751361.1671573418&ul=en-us&sr=1280x1024&_s=1&sid=1671573418&sct=1&seg=0&dl=http%3A%2F%2Frule34.xyz%2Fpinkbobatoo&dt=Rule%2034%20XYZ%20%2F%20pinkbobatoo&en=page_view&_fv=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://rule34.xyz
Connection: keep-alive
Referer: http://rule34.xyz/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: http://rule34.xyz
date: Tue, 20 Dec 2022 21:56:49 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
746409a88b1342fe7b570306c302c71e
e08a7bf55e08a498f2eed6a35b90107fc0bdb303
9352308fd047bafceddfaf2a9a6eab650593f16ff5632330a4bf745750704650

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9352308FD047BAFCEDDFAF2A9A6EAB650593F16FF5632330A4BF745750704650"
Last-Modified: Tue, 20 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9945
Expires: Wed, 21 Dec 2022 00:42:34 GMT
Date: Tue, 20 Dec 2022 21:56:49 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
746409a88b1342fe7b570306c302c71e
e08a7bf55e08a498f2eed6a35b90107fc0bdb303
9352308fd047bafceddfaf2a9a6eab650593f16ff5632330a4bf745750704650

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9352308FD047BAFCEDDFAF2A9A6EAB650593F16FF5632330A4BF745750704650"
Last-Modified: Tue, 20 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9945
Expires: Wed, 21 Dec 2022 00:42:34 GMT
Date: Tue, 20 Dec 2022 21:56:49 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
746409a88b1342fe7b570306c302c71e
e08a7bf55e08a498f2eed6a35b90107fc0bdb303
9352308fd047bafceddfaf2a9a6eab650593f16ff5632330a4bf745750704650

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9352308FD047BAFCEDDFAF2A9A6EAB650593F16FF5632330A4BF745750704650"
Last-Modified: Tue, 20 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9945
Expires: Wed, 21 Dec 2022 00:42:34 GMT
Date: Tue, 20 Dec 2022 21:56:49 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
746409a88b1342fe7b570306c302c71e
e08a7bf55e08a498f2eed6a35b90107fc0bdb303
9352308fd047bafceddfaf2a9a6eab650593f16ff5632330a4bf745750704650

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9352308FD047BAFCEDDFAF2A9A6EAB650593F16FF5632330A4BF745750704650"
Last-Modified: Tue, 20 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9945
Expires: Wed, 21 Dec 2022 00:42:34 GMT
Date: Tue, 20 Dec 2022 21:56:49 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
746409a88b1342fe7b570306c302c71e
e08a7bf55e08a498f2eed6a35b90107fc0bdb303
9352308fd047bafceddfaf2a9a6eab650593f16ff5632330a4bf745750704650

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9352308FD047BAFCEDDFAF2A9A6EAB650593F16FF5632330A4BF745750704650"
Last-Modified: Tue, 20 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9945
Expires: Wed, 21 Dec 2022 00:42:34 GMT
Date: Tue, 20 Dec 2022 21:56:49 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2ded193-0301-4ad3-a888-72c52212ad95.jpeg

34.120.237.76

200 OK

5.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2ded193-0301-4ad3-a888-72c52212ad95.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.2 kB (5185 bytes)
Hash
bfd0e913579b4ff2f511223d70cb01fb
497e0ffef816e100e6ddc221ec17d5f389c1142a
bee68ae1a938a5111a32dab4ec4f6964994e6c39143eac9ab94d6c5e29999372

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2ded193-0301-4ad3-a888-72c52212ad95.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5185
x-amzn-requestid: 3087af97-3f2d-4848-b297-eba8d84f10c5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dT10YHv8oAMF2sg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639e3682-7527022d4bd9c15518fe75cc;Sampled=0
x-amzn-remapped-date: Sat, 17 Dec 2022 21:37:06 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: _WKAnv-iFrsEA9lFq4adBmRVdSk9-FQVF_cFCDhpM1_LMDdt_vPwhQ==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Dec 2022 21:37:09 GMT
age: 1180
etag: "497e0ffef816e100e6ddc221ec17d5f389c1142a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd309904d-b04d-4ea5-a08f-18c679152ad0.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.9 kB (9893 bytes)
Hash
93c59f175466e2f77cec141a40cf3587
2f3c4bad2a69184f567f74c814b59b53aa777029
974563dd61f2afb6e26bb5516244d16ed1e76124cc6b500a2039e1d255d8945d

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd309904d-b04d-4ea5-a08f-18c679152ad0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9893
x-amzn-requestid: b6a76f15-7dc0-43e6-968c-3c228b9aece7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dabr3FHXIAMF2tg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a0d97e-7dab8e9d620fa4323a19ebfc;Sampled=0
x-amzn-remapped-date: Mon, 19 Dec 2022 21:37:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: Mj3_rysMTC6_pR79kGD8zI7lnnqcU0sWT-TOYfX-NCRmPrTDi4aDNQ==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 ef8f66c83aecd87910ce2e1153544a20.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Dec 2022 08:35:02 GMT
age: 48107
etag: "2f3c4bad2a69184f567f74c814b59b53aa777029"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb2f35059-99cc-477d-9e68-c3a035d125df.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.3 kB (9265 bytes)
Hash
bba7c67bdc57d1fe2870ebd4ee9fd5c9
127850560e258665ca8074757c1b66f680d2bd78
9edd765e65644edfe4221352225cb89ebe98fa451d9528b8b614d594a20e100d

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb2f35059-99cc-477d-9e68-c3a035d125df.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9265
x-amzn-requestid: d84f905b-7faf-409a-b188-4b8cf06b9e4f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: da4KJGx9oAMFrQg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a1070d-43152d9651bcb4a15ffe1cfa;Sampled=0
x-amzn-remapped-date: Tue, 20 Dec 2022 00:51:25 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: uGYoskcC2ev3JFxsBZGglmBiCCWmjo5Xg2zqe5925zArdzRk5QtuTQ==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 c5c7edc18be1805f007e0576da02e554.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Dec 2022 01:24:18 GMT
age: 73951
etag: "127850560e258665ca8074757c1b66f680d2bd78"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F82b028aa-d0e3-4082-a385-1385bc5c6e06.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.2 kB (9216 bytes)
Hash
045f016fb66e6e0d1da1fb742d9b19a7
8f98bf2cedfccfce71464a733e2fd37482fd71c2
593cf38d1c2c315ff23fcda60e41141caa0266874f36a0c517554ca01ea51f12

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F82b028aa-d0e3-4082-a385-1385bc5c6e06.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9216
x-amzn-requestid: 460a95bf-5724-4bea-b6c1-f6ce263da5e7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dabq8FXboAMFwCQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a0d979-70340469247cdcf952a98c3e;Sampled=0
x-amzn-remapped-date: Mon, 19 Dec 2022 21:36:57 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: utr-CdnBX5-MjBHX3PW6rdC06JzmIvfrj9FOrQtOUDd91_Fo4wVzGg==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 a3b5bb90516201e5ddd137696b7b0f50.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Dec 2022 21:48:33 GMT
age: 496
etag: "8f98bf2cedfccfce71464a733e2fd37482fd71c2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1e977b0b-6e7d-42dd-9743-5064708ab1e0.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.9 kB (7876 bytes)
Hash
b5da803c751be159f0f5b3c2f65bd2b6
39139480cfc2ed0781b51745bfaabed4490aa0db
920ee464843101c638327866fbfcc9c7f00fc19b7cdbc8948fbe53d2b6fb4ed3

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1e977b0b-6e7d-42dd-9743-5064708ab1e0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7876
x-amzn-requestid: 668c95f2-a1b1-4abd-9f4e-23d05c4998a5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: da270EFlIAMFR5A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a10518-56d6db4f4cff1b4e08b87046;Sampled=0
x-amzn-remapped-date: Tue, 20 Dec 2022 00:43:04 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: Hy6G0TSJc89Fyo8X3mLQ4nY4Y-2Xva9gqcLLAZH_T61Kk-6cMmhqQQ==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 cca7d60248a961ff8fc8c5640024b652.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Dec 2022 01:08:39 GMT
age: 74890
etag: "39139480cfc2ed0781b51745bfaabed4490aa0db"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d762722-a130-4c65-99b1-2f6fb91155e5.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.5 kB (8450 bytes)
Hash
c7ac0b5738bab6b4ed770c26ca922250
e56fd4ee2f5354a54a6271db2be528f98eecd3d7
5997d5be6bbeb189ef08af2f6c6dd5bb0cfa70ad7b40daab8712efe5adc2c6e1

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d762722-a130-4c65-99b1-2f6fb91155e5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8450
x-amzn-requestid: a9f11c68-8327-46ba-9075-e316a2f9fdbb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dabr3FoSIAMFdtQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a0d97e-61b788f5675fe0e815e1e967;Sampled=0
x-amzn-remapped-date: Mon, 19 Dec 2022 21:37:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: EFtrPmVeBdwlINxF0wQq0671EksYsi6nsyFd5E4SCSH4_bQyGaNQHQ==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 a06140ffee86972bad90c57fc682df36.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Dec 2022 07:53:50 GMT
age: 50579
etag: "e56fd4ee2f5354a54a6271db2be528f98eecd3d7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

bg4nxu2u5t.com/get/1780566?zoneid=1780566&jp=_clzz1hyvu3uaguam1imkhr&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=4894622839649013

62.122.171.6

200 OK

0 B

URL HTTP/2
bg4nxu2u5t.com/get/1780566?zoneid=1780566&jp=_clzz1hyvu3uaguam1imkhr&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=4894622839649013
IP
62.122.171.6:0
ASN
#50245 Serverel Inc.

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /get/1780566?zoneid=1780566&jp=_clzz1hyvu3uaguam1imkhr&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=4894622839649013 HTTP/1.1
Host: bg4nxu2u5t.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://rule34.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 20 Dec 2022 21:56:48 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-route-id: config
set-cookie: UID=221220165678afbe9eafb34a97bf0c29abd5; Path=/; Expires=Wed, 20 Dec 2023 21:56:48 GMT; HttpOnly; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (10)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP