www.freeroms.com/roms/nintendo_gamecube/rocky.htm
64.235.54.28301 Moved Permanently 162 B URL HTTP/1.1 www.freeroms.com/roms/nintendo_gamecube/rocky.htm
IP 64.235.54.28:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /roms/nintendo_gamecube/rocky.htm HTTP/1.1
Host: www.freeroms.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Tue, 25 Oct 2022 21:32:06 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://www.freeroms.com/roms/nintendo_gamecube/rocky.htm
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e36c852b5e145f2f09fe73111fb162e1
e439c6a462f86a3003d6464a8b9999b1c4d1e210
52a721168d0c41cb0854ff8c730fce3b79db2e804b383238e95ff1401922bd74
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "52A721168D0C41CB0854FF8C730FCE3B79DB2E804B383238E95FF1401922BD74"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10592
Expires: Wed, 26 Oct 2022 00:28:38 GMT
Date: Tue, 25 Oct 2022 21:32:06 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash c2bba4cad162918b17858b60e909e4d9
d9a1d4f7fb7635ab233ebbf776e6de1a2857032b
3a1d27ec3d034d6326b32f6054b6be46079a86a33e75d5a2a3796a0c4c5eadab
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1131
Cache-Control: max-age=130676
Content-Type: application/ocsp-response
Date: Tue, 25 Oct 2022 21:32:06 GMT
Etag: "6357acdf-1d7"
Expires: Thu, 27 Oct 2022 09:50:02 GMT
Last-Modified: Tue, 25 Oct 2022 09:31:11 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash c2bba4cad162918b17858b60e909e4d9
d9a1d4f7fb7635ab233ebbf776e6de1a2857032b
3a1d27ec3d034d6326b32f6054b6be46079a86a33e75d5a2a3796a0c4c5eadab
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4761
Cache-Control: max-age=134306
Content-Type: application/ocsp-response
Date: Tue, 25 Oct 2022 21:32:06 GMT
Etag: "6357acdf-1d7"
Expires: Thu, 27 Oct 2022 10:50:32 GMT
Last-Modified: Tue, 25 Oct 2022 09:31:11 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8db408c487f7d35bba323046736e8d3a
01b91e2dce7c6d3de9adfe6ff4d38f9b24ab7db0
9aeafc72c1a969243e1fc96f68ce18888034a749ee70582208bf814bd40b61a5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9AEAFC72C1A969243E1FC96F68CE18888034A749EE70582208BF814BD40B61A5"
Last-Modified: Tue, 25 Oct 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11750
Expires: Wed, 26 Oct 2022 00:47:56 GMT
Date: Tue, 25 Oct 2022 21:32:06 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 1K616+hFM24Mx/Ec/PuQYjCW9gzVmP1LWalWJ7acxK9tbFxIaETd5pg2tcJ7VklL6EK99Jz48cc=
x-amz-request-id: 19CGM23AEA1QWQCP
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 25 Oct 2022 20:38:56 GMT
age: 3190
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 25 Oct 2022 21:32:06 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.netsolssl.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 0fa24334fc12a7ae53e8775c1c688a28
308877be477bb5bbaff37039082f2812b63cbd07
ae46a5b0c514453caabf0d3c84e887301ec69343c1224368e381055be8a1cf0c
POST / HTTP/1.1
Host: ocsp.netsolssl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 25 Oct 2022 21:32:07 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 23 Oct 2022 06:55:43 GMT
Expires: Sun, 30 Oct 2022 06:55:42 GMT
Etag: "308877be477bb5bbaff37039082f2812b63cbd07"
Cache-Control: max-age=378814,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75fe101fed210afe-OSL
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 518ff04fd536958e285cf07aaf4a2786
fa5dad2391c2a9957340bd629f0462db4f412a5c
608c78964412d5dc7025e9cbfaef345d448a29eae0f11257c49a41f274917b9a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3638
Cache-Control: max-age=128119
Content-Type: application/ocsp-response
Date: Tue, 25 Oct 2022 21:32:07 GMT
Etag: "63579918-1d7"
Expires: Thu, 27 Oct 2022 09:07:26 GMT
Last-Modified: Tue, 25 Oct 2022 08:06:48 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
54.187.71.185101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.187.71.185:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 9nrxGBBjfZLQy3MLc9JzYQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: hOpDznS185KqVsvcJ7xyhQT+kdc=
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash f1ae675435a8f16bc0b04ec012c41979
182f87a81464c80b0b25fb524c59592cd40b0ef4
9191ced121d8740b4ed3af75db3033e72c0c44c0b45004abd714583deaa749a4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 25 Oct 2022 21:32:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=G-FH0L8EV0R0
142.250.74.168200 OK 77 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-FH0L8EV0R0
IP 142.250.74.168:0
File type ASCII text, with very long lines (21373)
Hash 1056d9b262c0f7370c59e8a58d912753
74aa8f67df256baaa1861c7190451ca4dcbc184e
eec1ecbc763947761facc3a8fb3a589b95c7d0977663d28ffc6e1a52a24bbfcc
GET /gtag/js?id=G-FH0L8EV0R0 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freeroms.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 25 Oct 2022 21:32:07 GMT
expires: Tue, 25 Oct 2022 21:32:07 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 76639
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash f1ae675435a8f16bc0b04ec012c41979
182f87a81464c80b0b25fb524c59592cd40b0ef4
9191ced121d8740b4ed3af75db3033e72c0c44c0b45004abd714583deaa749a4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 25 Oct 2022 21:32:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.freeroms.com/roms/nintendo_gamecube/rocky.htm
64.235.54.28200 OK 53 kB URL HTTP/2 www.freeroms.com/roms/nintendo_gamecube/rocky.htm
IP 64.235.54.28:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ISO-8859 text, with very long lines (59245)
Hash 296bc5c172005d899c970e533a6d122d
968b5fab2fcc250103b7920649cd8b0e2c0c3c88
87990929834decae90b4b94df669a7e6a60cbf96581e4fedfb87f464da5c10c8
GET /roms/nintendo_gamecube/rocky.htm HTTP/1.1
Host: www.freeroms.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 25 Oct 2022 21:32:07 GMT
content-type: text/html
last-modified: Tue, 25 Oct 2022 07:57:33 GMT
etag: W/"635796ed-28eb5"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
www.freeroms.com/images/logo.png
64.235.54.28200 OK 9.8 kB URL HTTP/2 www.freeroms.com/images/logo.png
IP 64.235.54.28:0
File type PNG image data, 215 x 40, 8-bit/color RGB, non-interlaced\012- data
Hash 14cd0a179797ca4b75eafccd97c8bb29
3b28b50481b500440e2d20df8acfba80d752a090
e94da94c103e98f78880e5458d6cd022cc20d1d6412b985ef8c0b3eeafd40f5c
GET /images/logo.png HTTP/1.1
Host: www.freeroms.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freeroms.com/roms/nintendo_gamecube/rocky.htm
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 25 Oct 2022 21:32:07 GMT
content-type: image/png
content-length: 9831
last-modified: Tue, 14 Jul 2015 01:10:45 GMT
etag: "55a46195-2667"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 20a7152770e4622580fa39952d2395de
41bb42ffe5ad179f84618ca9bf475c592b03bf9c
68a55a29582995cf0333d53437dd8b21e6e334937e2d040438bb27dda6eb560f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=96743
Content-Type: application/ocsp-response
Date: Tue, 25 Oct 2022 21:32:07 GMT
Etag: "63572cbe-117"
Expires: Thu, 27 Oct 2022 00:24:30 GMT
Last-Modified: Tue, 25 Oct 2022 00:24:30 GMT
Server: nginx
Content-Length: 279
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d0a2f2d6e38908d3093f18e1c2d7d7cb
561f5b54c4215444e24753338263d46e29d139ae
4f85f4fff67accca78c65117d303da6ae9ea785f05b98ef523dc8c5df3995a12
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4F85F4FFF67ACCCA78C65117D303DA6AE9EA785F05B98EF523DC8C5DF3995A12"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1762
Expires: Tue, 25 Oct 2022 22:01:30 GMT
Date: Tue, 25 Oct 2022 21:32:08 GMT
Connection: keep-alive
bindingguessingconfessed.com/c4/d5/3d/c4d53d21b4a90448b5012c00c5cfa5a2.js
173.233.137.52200 OK 13 kB URL HTTP/1.1 bindingguessingconfessed.com/c4/d5/3d/c4d53d21b4a90448b5012c00c5cfa5a2.js
IP 173.233.137.52:0
File type ASCII text, with very long lines (37126), with no line terminators
Hash f2f428c7549ce2b4a289df62ff770b15
6f61ce16bf571c3a121c204d9090e7897a3c8fd0
30f54185c5a06d9304cde0eb9eb818527c1936bb69c75a682aad52a9b0b3fb51
GET /c4/d5/3d/c4d53d21b4a90448b5012c00c5cfa5a2.js HTTP/1.1
Host: bindingguessingconfessed.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freeroms.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 25 Oct 2022 21:32:08 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 6a9b25263461ff5aba25fe2052123a31
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a968c7378f35e7ea49bc6f045e4212db
fd63962c9ad878f71ec77be2da4e5ce573454f0b
7ac19cd3a19183b8fcdec57a474a11f29eeea3a8f333fe04ea7d67455cf61f8f
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "7AC19CD3A19183B8FCDEC57A474A11F29EEEA3A8F333FE04EA7D67455CF61F8F"
Last-Modified: Sun, 23 Oct 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14179
Expires: Wed, 26 Oct 2022 01:28:27 GMT
Date: Tue, 25 Oct 2022 21:32:08 GMT
Connection: keep-alive
ocsp.sca1b.amazontrust.com/
54.230.245.118200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.118:0
Hash 787b1fc5d5f4cff91f5aee14f0cc2abf
a27036e3eeb9e273c9d9b5175237ff400b341c92
02cf018bf2716a3128a827ea3cc1daca23e98e0469c0dd24807e140af1a8f7b2
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=142597
Date: Tue, 25 Oct 2022 21:32:08 GMT
Etag: "6357d705-1d7"
Expires: Thu, 27 Oct 2022 13:08:45 GMT
Last-Modified: Tue, 25 Oct 2022 12:31:01 GMT
Server: ECS (nyb/1D20)
X-Cache: Miss from cloudfront
Via: 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 6eMPMYY8vI-N7pL1W-Y6Q7FueNMZzNXi2CM6WYlRpmF_jsXJBMjQ9Q==
Age: 2264
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c414c9d0324beb588d687b7f36f64498
7d9c77cb924ab347f1853545341ef793bf2a3966
4c5b7bf0f6fdada651e1c75357f229c25b396ca62f1da0524c3022ae195c20be
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4C5B7BF0F6FDADA651E1C75357F229C25B396CA62F1DA0524C3022AE195C20BE"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8916
Expires: Wed, 26 Oct 2022 00:00:44 GMT
Date: Tue, 25 Oct 2022 21:32:08 GMT
Connection: keep-alive
simplewebanalysis.com/stats
18.193.142.27200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 18.193.142.27:0
File type ASCII text, with no line terminators
Hash a1667d94a88432727f7c581725b83570
c26bc10d9f84ece7babd9a8e2476205345894924
db930f67c2ffbdbb2cca6a6acb99e5d74c57e00cb44371b8acbfd9e23b05416e
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.freeroms.com
Connection: keep-alive
Referer: https://www.freeroms.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 25 Oct 2022 21:32:08 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.freeroms.com
access-control-allow-credentials: true
set-cookie: uid_id2=0e273592-0a6c-403e-a998-fe08a6ed360e:3:1; expires=Fri, 22 Oct 2032 21:32:08 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
www.freeroms.com/roms/nintendo_gamecube/rocky.htm
64.235.54.28200 OK 0 B URL HTTP/2 www.freeroms.com/roms/nintendo_gamecube/rocky.htm
IP 64.235.54.28:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
HEAD /roms/nintendo_gamecube/rocky.htm HTTP/1.1
Host: www.freeroms.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freeroms.com/roms/nintendo_gamecube/rocky.htm
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 25 Oct 2022 21:32:08 GMT
content-type: text/html
x-accel-version: 0.01
last-modified: Tue, 25 Oct 2022 07:57:33 GMT
etag: "28eb5-5ebd742b75eae-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-powered-by: PleskLin
X-Firefox-Spdy: h2
www.freeroms.com/images/border.png
64.235.54.28200 OK 938 B URL HTTP/2 www.freeroms.com/images/border.png
IP 64.235.54.28:0
File type PNG image data, 2 x 23, 8-bit/color RGBA, non-interlaced\012- data
Hash a4de791940d86ff21226a978b905950e
bba1cc2559c7b67cb577f48118604b169a212239
c1ff6bcf530cc998882a66b1a1dafcff6869533caf5a6fea4e137497f0555269
GET /images/border.png HTTP/1.1
Host: www.freeroms.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freeroms.com/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 25 Oct 2022 21:32:08 GMT
content-type: image/png
content-length: 938
x-accel-version: 0.01
last-modified: Tue, 14 Jul 2015 01:10:48 GMT
etag: "3aa-51acb82299600"
accept-ranges: bytes
x-powered-by: PleskLin
X-Firefox-Spdy: h2
www.freeroms.com/images/circuit_main_top.gif
64.235.54.28200 OK 1.4 kB URL HTTP/2 www.freeroms.com/images/circuit_main_top.gif
IP 64.235.54.28:0
File type GIF image data, version 89a, 334 x 40\012- data
Hash 8ce66b9116fdb0a263fbbf0ec7299e1c
3f2868999529378d7e40c4acce440c0fdd0963bb
7ee186a06b35fc6499ca0fe10faa3f137fdee61cbfd4163aaba28414b8e65063
GET /images/circuit_main_top.gif HTTP/1.1
Host: www.freeroms.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freeroms.com/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 25 Oct 2022 21:32:08 GMT
content-type: image/gif
content-length: 1366
last-modified: Tue, 14 Jul 2015 01:10:55 GMT
etag: "55a4619f-556"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
www.freeroms.com/images/circuit_left.gif
64.235.54.28200 OK 3.0 kB URL HTTP/2 www.freeroms.com/images/circuit_left.gif
IP 64.235.54.28:0
File type GIF image data, version 89a, 12 x 320\012- data
Hash f84caa56ec89113941ed4823aecea88a
dd608663197ad5cf505e06c8a16fbd42f3001153
7925efc9e31cb712e156e1b0663846dea73debe1200b125ed73dfea95efc06f6
GET /images/circuit_left.gif HTTP/1.1
Host: www.freeroms.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freeroms.com/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 25 Oct 2022 21:32:08 GMT
content-type: image/gif
content-length: 3029
last-modified: Tue, 14 Jul 2015 01:10:52 GMT
etag: "55a4619c-bd5"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
www.freeroms.com/images/black.png
64.235.54.28200 OK 927 B URL HTTP/2 www.freeroms.com/images/black.png
IP 64.235.54.28:0
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced\012- data
Hash 6f78a7c9048c4843d819c2ab39b33b6c
99e314e4b9325f41d0d42512cbf8a4a636871ac4
486e08b2d63e05464d757f1fbf3952a74bff6ff29f9ccace92c478fe8b4e4119
GET /images/black.png HTTP/1.1
Host: www.freeroms.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freeroms.com/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 25 Oct 2022 21:32:08 GMT
content-type: image/png
content-length: 927
x-accel-version: 0.01
last-modified: Tue, 14 Jul 2015 01:10:48 GMT
etag: "39f-51acb82299600"
accept-ranges: bytes
x-powered-by: PleskLin
X-Firefox-Spdy: h2
www.freeroms.com/images/nav-strip.png
64.235.54.28200 OK 1.1 kB URL HTTP/2 www.freeroms.com/images/nav-strip.png
IP 64.235.54.28:0
File type PNG image data, 7 x 56, 8-bit/color RGB, non-interlaced\012- data
Hash 92f72da7215127fddf06584d40f1f67c
506dec643852f00b64b0a247d5ff68b1c3fe5c7e
d61ce2fb10db1c5814deedb8c6ca63ee220abba2ba29359cd053e28e84f22172
GET /images/nav-strip.png HTTP/1.1
Host: www.freeroms.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freeroms.com/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 25 Oct 2022 21:32:08 GMT
content-type: image/png
content-length: 1094
last-modified: Tue, 14 Jul 2015 01:10:45 GMT
etag: "55a46195-446"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
www.freeroms.com/images/rom.png
64.235.54.28200 OK 1.4 kB URL HTTP/2 www.freeroms.com/images/rom.png
IP 64.235.54.28:0
File type PNG image data, 28 x 25, 8-bit/color RGBA, non-interlaced\012- data
Hash 213bc22990ce0324b563a2714b22749d
514c1c91577fd3fa56b081a73b419015fcb2baf9
0465cb562ac7a714e9e90eb55764b1bc210b3378c5c01a465f8cdaa386f65349
GET /images/rom.png HTTP/1.1
Host: www.freeroms.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freeroms.com/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 25 Oct 2022 21:32:08 GMT
content-type: image/png
content-length: 1365
last-modified: Tue, 14 Jul 2015 01:10:46 GMT
etag: "55a46196-555"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
www.freeroms.com/images/default-arr.png
64.235.54.28200 OK 978 B URL HTTP/2 www.freeroms.com/images/default-arr.png
IP 64.235.54.28:0
File type PNG image data, 3 x 7, 8-bit/color RGBA, non-interlaced\012- data
Hash 0edc018ca2c25a655a9eeed4b31eab51
dba5918c2b540f28d9365ad1db47d658c2dd8f66
d82b013cdd3a3efcde2e7403046e96555f5f7446efef3f2a6879af699f868218
GET /images/default-arr.png HTTP/1.1
Host: www.freeroms.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freeroms.com/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 25 Oct 2022 21:32:08 GMT
content-type: image/png
content-length: 978
x-accel-version: 0.01
last-modified: Tue, 14 Jul 2015 01:10:55 GMT
etag: "3d2-51acb829465c0"
accept-ranges: bytes
x-powered-by: PleskLin
X-Firefox-Spdy: h2
www.freeroms.com/images/nav-hover.jpg
64.235.54.28200 OK 1.4 kB URL HTTP/2 www.freeroms.com/images/nav-hover.jpg
IP 64.235.54.28:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 2x27, components 3\012- data
Hash eb717b2848bfd323a7a56acb2000c30b
761b2d51d0ebd16d0fbec8c8bb9d3f9ec07cef1c
42b043aacc0907bd04c43941f5f809f38b932a2267465dd71560b52aadeba39c
GET /images/nav-hover.jpg HTTP/1.1
Host: www.freeroms.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freeroms.com/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 25 Oct 2022 21:32:08 GMT
content-type: image/jpeg
content-length: 1368
last-modified: Tue, 14 Jul 2015 01:10:45 GMT
etag: "55a46195-558"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
www.freeroms.com/images/white-arr.png
64.235.54.28200 OK 959 B URL HTTP/2 www.freeroms.com/images/white-arr.png
IP 64.235.54.28:0
File type PNG image data, 3 x 7, 8-bit/color RGBA, non-interlaced\012- data
Hash 903756d319facbf280d6218c8c0abd28
8e48f8a6e59a563309420d029a63d0bc94f52f71
f77ebade1d0c3b0e4b69b9a6156294ea756094286fe2ba171e78bd96b7b3bccb
GET /images/white-arr.png HTTP/1.1
Host: www.freeroms.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freeroms.com/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 25 Oct 2022 21:32:08 GMT
content-type: image/png
content-length: 959
x-accel-version: 0.01
last-modified: Wed, 25 Jan 2017 04:37:29 GMT
etag: "3bf-546e3ca4b3440"
accept-ranges: bytes
x-powered-by: PleskLin
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c414c9d0324beb588d687b7f36f64498
7d9c77cb924ab347f1853545341ef793bf2a3966
4c5b7bf0f6fdada651e1c75357f229c25b396ca62f1da0524c3022ae195c20be
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4C5B7BF0F6FDADA651E1C75357F229C25B396CA62F1DA0524C3022AE195C20BE"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11895
Expires: Wed, 26 Oct 2022 00:50:23 GMT
Date: Tue, 25 Oct 2022 21:32:08 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a968c7378f35e7ea49bc6f045e4212db
fd63962c9ad878f71ec77be2da4e5ce573454f0b
7ac19cd3a19183b8fcdec57a474a11f29eeea3a8f333fe04ea7d67455cf61f8f
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "7AC19CD3A19183B8FCDEC57A474A11F29EEEA3A8F333FE04EA7D67455CF61F8F"
Last-Modified: Sun, 23 Oct 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14179
Expires: Wed, 26 Oct 2022 01:28:27 GMT
Date: Tue, 25 Oct 2022 21:32:08 GMT
Connection: keep-alive
dacmaiss.com/tag.min.js
139.45.197.237200 OK 23 kB IP 139.45.197.237:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash a648aa212e840e023872d5c3410f9bc1
8caa7668e84a2f4bb891a0421a36665af3008db7
1c16281975effb99b47cd8c45e8fe39b0c25e0b3dbbdf4711bfcc42df0541bcf
Analyzer Verdict Alert quad9 Sinkholed
GET /tag.min.js HTTP/1.1
Host: dacmaiss.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freeroms.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 25 Oct 2022 21:32:08 GMT
content-type: text/javascript; charset=utf-8
content-length: 22986
content-encoding: br
x-trace-id: 77e4a3dbf317af37bb808c73a95d3d64
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
accept-ranges: bytes
last-modified: Thu, 20 Oct 2022 13:16:57 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
www.freeroms.com/images/circuit_main_bottom.gif
64.235.54.28200 OK 1.4 kB URL HTTP/2 www.freeroms.com/images/circuit_main_bottom.gif
IP 64.235.54.28:0
File type GIF image data, version 89a, 334 x 40\012- data
Hash 660833b77d6e64a7347b2536658f65d4
7ef5949aa50558090c53c9084bf4e01c8984f5c7
280a43318bfd40a4cf90a00f47e944e7c6ae6221aaed1e7fe23a1b39b79c3635
GET /images/circuit_main_bottom.gif HTTP/1.1
Host: www.freeroms.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freeroms.com/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 25 Oct 2022 21:32:08 GMT
content-type: image/gif
content-length: 1352
last-modified: Tue, 14 Jul 2015 01:10:54 GMT
etag: "55a4619e-548"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
webjscontent.com/dl.min.js
172.67.73.103200 OK 9.3 kB URL HTTP/2 webjscontent.com/dl.min.js
IP 172.67.73.103:0
File type ASCII text, with very long lines (18369)
Hash 6a281c39b0c32c0befeaaf4b1f9784be
42147290bc70e9ed8bcacfb655ee4aaef347b7d6
c426071e8c944b6e8fab825cbaa14d79b94b66cc739f9a6d4b47ce3339166a26
GET /dl.min.js HTTP/1.1
Host: webjscontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freeroms.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 25 Oct 2022 21:32:08 GMT
content-type: text/html; charset=UTF-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=674B6VSkMRDJlzdFW7q8H2VcdIS9mn%2Biq49rujH2qeMgR3AoaXlPdJ0Nnam7xizyrKqP%2BmGsz%2FyLUd5WOPCjMGOxuSaCgzONMidjpl6ewtxJ4BhU7R%2Fq5TjpgbwOzFECH9w%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75fe1025bad7b4fd-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.freeroms.com/images/circuit_main_right.gif
64.235.54.28200 OK 1.8 kB URL HTTP/2 www.freeroms.com/images/circuit_main_right.gif
IP 64.235.54.28:0
File type GIF image data, version 89a, 12 x 415\012- data
Hash ca8a951bdcdf29ca49cf66f5e2a963d1
514cdcb098f3e0716f94c53a33cf2fc9f41d40bf
089c688ad07d47949987f81f182752199bb7329fd5d443fa084342f6f9dc2953
GET /images/circuit_main_right.gif HTTP/1.1
Host: www.freeroms.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freeroms.com/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 25 Oct 2022 21:32:08 GMT
content-type: image/gif
content-length: 1849
last-modified: Tue, 14 Jul 2015 01:10:55 GMT
etag: "55a4619f-739"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
www.freeroms.com/images/download-ar.png
64.235.54.28200 OK 1.1 kB URL HTTP/2 www.freeroms.com/images/download-ar.png
IP 64.235.54.28:0
File type PNG image data, 11 x 17, 8-bit/color RGBA, non-interlaced\012- data
Hash 1f11769dabff5c8bab9b24e4aaf89b78
bbfa2c4db3bdc8efd7fd5f388e349d9de296f2df
4e4d8ee70a3d33d4d0d9e32dc90244f1b0f54b30f414e7a588adf9a7381e4c66
GET /images/download-ar.png HTTP/1.1
Host: www.freeroms.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freeroms.com/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 25 Oct 2022 21:32:08 GMT
content-type: image/png
content-length: 1110
last-modified: Tue, 14 Jul 2015 01:10:56 GMT
etag: "55a461a0-456"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
bindingguessingconfessed.com/ea/2d/5d/ea2d5d802b867cf417198fc84113161f.json
173.233.137.52200 OK 410 B URL HTTP/1.1 bindingguessingconfessed.com/ea/2d/5d/ea2d5d802b867cf417198fc84113161f.json
IP 173.233.137.52:0
File type JSON data\012- , ASCII text, with very long lines (410), with no line terminators
Hash 4af66618bfbca3c4b7e7d9f71ad6a295
ba95ae7680f8c4d3f21163cabbd49974f972b70c
6dfe3317a57412abce8e515530186245331c2a2dda89c745b2b993d4ffc94175
GET /ea/2d/5d/ea2d5d802b867cf417198fc84113161f.json HTTP/1.1
Host: bindingguessingconfessed.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.freeroms.com
Connection: keep-alive
Referer: https://www.freeroms.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 25 Oct 2022 21:32:08 GMT
Content-Type: application/json
Content-Length: 410
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 9cf760d586576fd02c8c338184f18ba0
Strict-Transport-Security: max-age=0; includeSubdomains
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 25db3ec642bd28388d8efc22dfee6db4
ebd0ff0724caf17559178709563621e0b5cad322
12bd1c8034f7ad8dc18b85e80e263406289b38fa8857d45e287dfeba439dc223
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "12BD1C8034F7AD8DC18B85E80E263406289B38FA8857D45E287DFEBA439DC223"
Last-Modified: Mon, 24 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2630
Expires: Tue, 25 Oct 2022 22:15:59 GMT
Date: Tue, 25 Oct 2022 21:32:09 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 358ecd0ec047d700042e2a62f9847199
7bf4c552f47536fe451dc6ccfb0930c592084ef9
e14317aace5d64e9901867578379dd4dd4252b059070d37722f82ebb2e649d27
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E14317AACE5D64E9901867578379DD4DD4252B059070D37722F82EBB2E649D27"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9932
Expires: Wed, 26 Oct 2022 00:17:41 GMT
Date: Tue, 25 Oct 2022 21:32:09 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 358ecd0ec047d700042e2a62f9847199
7bf4c552f47536fe451dc6ccfb0930c592084ef9
e14317aace5d64e9901867578379dd4dd4252b059070d37722f82ebb2e649d27
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E14317AACE5D64E9901867578379DD4DD4252B059070D37722F82EBB2E649D27"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9932
Expires: Wed, 26 Oct 2022 00:17:41 GMT
Date: Tue, 25 Oct 2022 21:32:09 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 358ecd0ec047d700042e2a62f9847199
7bf4c552f47536fe451dc6ccfb0930c592084ef9
e14317aace5d64e9901867578379dd4dd4252b059070d37722f82ebb2e649d27
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E14317AACE5D64E9901867578379DD4DD4252B059070D37722F82EBB2E649D27"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9932
Expires: Wed, 26 Oct 2022 00:17:41 GMT
Date: Tue, 25 Oct 2022 21:32:09 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a44b96f8229a8a43f67a2430d185c184
162180edc507ef6ace4b135637170e472b4647f0
dd46a2f81eb2b90107bf079e08a48647d1f02709e988ba8ad69d7870b644c3ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DD46A2F81EB2B90107BF079E08A48647D1F02709E988BA8AD69D7870B644C3BA"
Last-Modified: Sun, 23 Oct 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13829
Expires: Wed, 26 Oct 2022 01:22:38 GMT
Date: Tue, 25 Oct 2022 21:32:09 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fda327ff0-bd82-4034-a53b-e04d5c486276.jpeg
34.120.237.76200 OK 8.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fda327ff0-bd82-4034-a53b-e04d5c486276.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 531f350512ac7712d932234803aa4602
2fb4599ad3d513a160c1f29fefda27b45852c381
7a4da3420f736c098806676359b8ff80578a2e1e98fc0e20e45e2d6192e1d566
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fda327ff0-bd82-4034-a53b-e04d5c486276.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8090
x-amzn-requestid: a84a2888-e0eb-40d3-8377-9c1ea2af733c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aVb2oH2uoAMFueA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63520cf7-204870ee3f63ced427033eb5;Sampled=0
x-amzn-remapped-date: Fri, 21 Oct 2022 03:07:35 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: TkdgdFp1dXipnGokyVpkamtD5qLRUC7aNYJrX_OKkEujnQsplMsgXA==
via: 1.1 1de1880e08f1cae7d1aca174a29a5c1e.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google
date: Tue, 25 Oct 2022 04:35:17 GMT
age: 61012
etag: "2fb4599ad3d513a160c1f29fefda27b45852c381"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F21cfb8fe-4b68-43f0-a196-17c9a1dd3acb.png
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F21cfb8fe-4b68-43f0-a196-17c9a1dd3acb.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash af3d4b4d16ad8b30805be96afa6472e3
bceb257123711c43994e5a03e9caf22eeee16423
30d7fea8d87522ce3ba2abf2c47e0025af1b7c05d6b4ea9f26aaa1f06aff4a67
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F21cfb8fe-4b68-43f0-a196-17c9a1dd3acb.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10072
x-amzn-requestid: 2f26fcdb-0540-49ea-be46-83c00182fcc3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aelB0FKvoAMFVFg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6355b53e-1be524647e3db4a211e4c4ff;Sampled=0
x-amzn-remapped-date: Sun, 23 Oct 2022 21:42:22 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: qIaig80lS37eXqLXhX81EgBMPtoUU_bg-auKQ-WFpRNs_up3N2GmEA==
via: 1.1 e77661e211afe9242e85e573f12d5534.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Mon, 24 Oct 2022 21:56:13 GMT
age: 84956
etag: "bceb257123711c43994e5a03e9caf22eeee16423"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5d616770-e793-4da0-8ebe-826e806ececd.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5d616770-e793-4da0-8ebe-826e806ececd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 89448f1a52030b28e9ecfcdc190787d4
5080ba75c230fd2b303f29a9b64868c6e8771df8
10a736997d441e274a54e9689c349d407087fef7aa7c0f4d0a7a603e446fdabd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5d616770-e793-4da0-8ebe-826e806ececd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9209
x-amzn-requestid: 94dad7b4-9c12-4bda-9202-3b7427185182
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aLiElGzEIAMFnOg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634e16e9-3c79cd392d5bc4312a730cda;Sampled=0
x-amzn-remapped-date: Tue, 18 Oct 2022 03:00:57 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: c5_B2RXKJx7FHrQvHdCG50zcDFWUqaaZu0GYuCxEI8fpK019dSlD3Q==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Mon, 24 Oct 2022 22:32:19 GMT
age: 82790
etag: "5080ba75c230fd2b303f29a9b64868c6e8771df8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5799e548-737d-43a5-ae0b-3ccb8e2f1daf.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5799e548-737d-43a5-ae0b-3ccb8e2f1daf.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6977b5f01197ed4e914157b59ce56c2a
0c4bc06cb32bae6cdcbd61fde8b6289fa901a0c2
98ed9be1f79f4d1ff9acd3dc22aa64f7e0218d7c4854fc7cb71e70dd341dd7ed
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5799e548-737d-43a5-ae0b-3ccb8e2f1daf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8031
x-amzn-requestid: 39e6cba4-dc3b-4fe8-9f00-f9042b3dfb3a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ah3D7E2SoAMF_TA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6357054c-541d3ed176c9176913844804;Sampled=0
x-amzn-remapped-date: Mon, 24 Oct 2022 21:36:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: j3sV_Wswao5mW-vx2uno8kuZE0qTvTaJYVB8MeVi1dolnHblN_uYwQ==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Mon, 24 Oct 2022 21:45:49 GMT
etag: "0c4bc06cb32bae6cdcbd61fde8b6289fa901a0c2"
content-type: image/jpeg
age: 85580
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Facb7f3ea-1b51-4cac-a5ab-7201a12df641.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Facb7f3ea-1b51-4cac-a5ab-7201a12df641.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8502c90bf679dce29b1c2a87606bbb3e
7940c911dea3882ab8a7ff70240f4edc1b89a56d
ccc5ab3068b7f90276124148a812eb26951a95d7c146bdcf28a69a3d05f76ee2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Facb7f3ea-1b51-4cac-a5ab-7201a12df641.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8735
x-amzn-requestid: 51dfaabc-ee88-465f-8da7-fd6739cf7794
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aZSHjHeLIAMF8mQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635396fc-1e4ad2d647a7f07a094574be;Sampled=0
x-amzn-remapped-date: Sat, 22 Oct 2022 07:08:44 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: dgxcF8hXUOo_WqQwpd0yctMNPuB-IfmSRxD1_TRG7zuV3b5EbpVIig==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 91356d2137f5a7345e93da4516c49ec4.cloudfront.net (CloudFront), 1.1 google
date: Tue, 25 Oct 2022 07:24:03 GMT
age: 50886
etag: "7940c911dea3882ab8a7ff70240f4edc1b89a56d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
friendshipmale.com/sfp.js
172.64.109.35200 OK 31 kB URL HTTP/2 friendshipmale.com/sfp.js
IP 172.64.109.35:0
File type Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Hash fceecc00a50f56406582e59e171ce35a
9ca0335852058d96af37b75fd82107bc1402533c
9896ab66fe2a3c89b656edd0654bcf60fcb2f4a6367baefa21d385715564ca3c
Analyzer Verdict Alert quad9 Sinkholed
GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freeroms.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 25 Oct 2022 21:32:08 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 6b470501a669b5fc45dbe7a7bd91ee81
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Tue, 25 Oct 2022 21:32:08 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bjeiz1KnX2aH%2FWI4m3WjtzctslOhn2wGuwNKHsYz7NXM9OhgWQywfrGa0QixCWNU4bNdfXQDiZRfdPTpLSKSDA1EIz6KhawS8RyzIxjvyMjdUN1KoWyjWCgYuci67iR06MLzzLg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75fe1029fdb38e1e-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 13c51695bfc0986bc4e4efc19d0845f1
431a0175f4735f8fa8c0e54eba8d2515fcf22d76
a0b6128d03df09119f28ea616e0442d008b708922c173fdfc4824f86c11a8296
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "A0B6128D03DF09119F28EA616E0442D008B708922C173FDFC4824F86C11A8296"
Last-Modified: Mon, 24 Oct 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12829
Expires: Wed, 26 Oct 2022 01:05:58 GMT
Date: Tue, 25 Oct 2022 21:32:09 GMT
Connection: keep-alive
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash e4e9602f1062e692c3df5dc1eec489cb
ab47ab5548fed1ea1e145becb03a9885eacf7ddb
036e9d4e5c9e9bc75cbb78389fbcc4a5cdfa3463feddd5db8a11375b8c964af0
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 25 Oct 2022 21:32:09 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 24 Oct 2022 06:25:20 GMT
Expires: Mon, 31 Oct 2022 06:25:19 GMT
Etag: "ab47ab5548fed1ea1e145becb03a9885eacf7ddb"
Cache-Control: max-age=463389,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75fe102cebddb515-OSL
my.rtmark.net/gid.js?userId=fd2186606b544fb18120a1a6c49eee47
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?userId=fd2186606b544fb18120a1a6c49eee47
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash b9f999916f932c03322e558285477cec
d7df211682a81e82eca8018cff87a496e48aa8a1
dfe2da3584041e1135fd3c072ba7f88d8dcb4422d72ac1b2d3decd7b97c75555
GET /gid.js?userId=fd2186606b544fb18120a1a6c49eee47 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.freeroms.com
Connection: keep-alive
Referer: https://www.freeroms.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 25 Oct 2022 21:32:09 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://www.freeroms.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=fd2186606b544fb18120a1a6c49eee47; expires=Wed, 25 Oct 2023 21:32:09 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c0e2945cbd6f828b36c6a02b3e2b78ea
880add71f70f64a2d266696da3faa348901e8f1e
d05355feb68625f4e2b2302923a6943205505f56f900f84d94a373e3b1093529
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D05355FEB68625F4E2B2302923A6943205505F56F900F84D94A373E3B1093529"
Last-Modified: Mon, 24 Oct 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12199
Expires: Wed, 26 Oct 2022 00:55:28 GMT
Date: Tue, 25 Oct 2022 21:32:09 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 8e059d8d49dcce28bdc6706783226b34
6bda2e738ae8ecfb56b819b879d6c15244a37b5f
3df203a12145b66b41035aa23f7fb140f5965eb825156f5f324639867018c9d0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6217
Cache-Control: max-age=127823
Content-Type: application/ocsp-response
Date: Tue, 25 Oct 2022 21:32:09 GMT
Etag: "63578ddf-116"
Expires: Thu, 27 Oct 2022 09:02:32 GMT
Last-Modified: Tue, 25 Oct 2022 07:18:55 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 278
nanouwho.com/1?z=3056520
139.45.197.242200 OK 3.9 kB IP 139.45.197.242:0
Hash fb96d3fb24fc344acc7625ec054129ca
faefb762ae405e26a9c91f73aad8d78a0ad4fad6
fa48bec6be1dbc8d718ed29122e2ad2b42540a9997877fffd780ecbe6b4f2faa
Analyzer Verdict Alert quad9 Sinkholed
GET /1?z=3056520 HTTP/1.1
Host: nanouwho.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freeroms.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 25 Oct 2022 21:32:09 GMT
content-type: text/javascript
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: 7e5a3e54f8633b991476f242afac0eae
access-control-expose-headers: X-Sc
x-sc: gKYd9YDbpgQeXkQPTQRQnATH9PMa2BOpCAeK0oPqMnERys-B7YVNb06wFXqqBqVGI5JE_ukS9o2_Xbh-Qtojan7DWJo=
set-cookie: scm=1; expires=Wed, 25 Oct 2023 21:32:09 GMT; secure; SameSite=None
OAID=bca44e2e1bdc419ca0bf5d7211a062ae; expires=Wed, 25 Oct 2023 21:32:09 GMT; secure; SameSite=None
oaidts=1666733529; expires=Wed, 25 Oct 2023 21:32:09 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
nanouwho.com/27/b10314e887d309db18535b2593bd9514
139.45.197.242200 OK 123 kB URL HTTP/2 nanouwho.com/27/b10314e887d309db18535b2593bd9514
IP 139.45.197.242:0
File type ASCII text, with very long lines (65523)
Size 123 kB (122906 bytes)
Hash 28daa34464af040b0ba2945cb5ca0713
8563fabdb2378fe55e0a3e3a591999e2cc67e0d4
92f2f67e0c9d0f5642c5eab0db20f372b6a3201fcc949add5dfecf6a15fe2206
Analyzer Verdict Alert quad9 Sinkholed
GET /27/b10314e887d309db18535b2593bd9514 HTTP/1.1
Host: nanouwho.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freeroms.com/
Cookie: scm=1; OAID=bca44e2e1bdc419ca0bf5d7211a062ae; oaidts=1666733529
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 25 Oct 2022 21:32:09 GMT
content-type: application/javascript
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
cache-control: max-age:290304000, public
last-modified: Thu, 20 Oct 2022 04:50:21 GMT
expires: Thu, 19 Nov 2082 04:50:21 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 8e059d8d49dcce28bdc6706783226b34
6bda2e738ae8ecfb56b819b879d6c15244a37b5f
3df203a12145b66b41035aa23f7fb140f5965eb825156f5f324639867018c9d0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6112
Cache-Control: max-age=127718
Content-Type: application/ocsp-response
Date: Tue, 25 Oct 2022 21:32:09 GMT
Etag: "63578ddf-116"
Expires: Thu, 27 Oct 2022 09:00:47 GMT
Last-Modified: Tue, 25 Oct 2022 07:18:55 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 278
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f96b16481b22c5b0632ca43f92056c58
b940e0d74e9f60ec01008082f06441b34b3d6e80
a5d1c8b5b5af233b7ec63c1ecef4e044209ede7d173c6eb3277b890ebe4173b7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A5D1C8B5B5AF233B7EC63C1ECEF4E044209EDE7D173C6EB3277B890EBE4173B7"
Last-Modified: Mon, 24 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6244
Expires: Tue, 25 Oct 2022 23:16:13 GMT
Date: Tue, 25 Oct 2022 21:32:09 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1d9398b71a5f3981bae6fe3da6b00f3d
b0df0fe2298b5cb886c9151cb0728f86344dfb2e
5756ccec26df81f7844a3e33829ac4afae3b750199ef218447c5b45ee749fdc0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5756CCEC26DF81F7844A3E33829AC4AFAE3B750199EF218447C5B45EE749FDC0"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3115
Expires: Tue, 25 Oct 2022 22:24:04 GMT
Date: Tue, 25 Oct 2022 21:32:09 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1ba32ecbfae5af0d679b4ec45e0fa468
6a5ea8de933ccfc4c9dc34c2589034ace6f4d333
df165dd24099f02972768440ccfab74386f7b473fce13d1049ccf23b91bf0f79
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DF165DD24099F02972768440CCFAB74386F7B473FCE13D1049CCF23B91BF0F79"
Last-Modified: Sun, 23 Oct 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14218
Expires: Wed, 26 Oct 2022 01:29:07 GMT
Date: Tue, 25 Oct 2022 21:32:09 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c5c76f830ebf37152d2a4fefa1d09fb0
5eca7b384f8167bc2300c8fa9538ddb6716fe73b
3360f219c527bca6e98a9ebaa8dfe8d0be9edd0e2e81dc91076c5aae43aac7ad
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3360F219C527BCA6E98A9EBAA8DFE8D0BE9EDD0E2E81DC91076C5AAE43AAC7AD"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14355
Expires: Wed, 26 Oct 2022 01:31:24 GMT
Date: Tue, 25 Oct 2022 21:32:09 GMT
Connection: keep-alive
nanouwho.com/9?z=3056520&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww.freeroms.com%2Froms%2Fnintendo_gamecube%2Frocky.htm&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=2&sah=1002&drf=&hil=1&ist=0&oaid=fd2186606b544fb18120a1a6c49eee47
139.45.197.242204 No Content 0 B URL HTTP/2 nanouwho.com/9?z=3056520&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww.freeroms.com%2Froms%2Fnintendo_gamecube%2Frocky.htm&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=2&sah=1002&drf=&hil=1&ist=0&oaid=fd2186606b544fb18120a1a6c49eee47
IP 139.45.197.242:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
OPTIONS /9?z=3056520&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww.freeroms.com%2Froms%2Fnintendo_gamecube%2Frocky.htm&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=2&sah=1002&drf=&hil=1&ist=0&oaid=fd2186606b544fb18120a1a6c49eee47 HTTP/1.1
Host: nanouwho.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.freeroms.com/
Origin: https://www.freeroms.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Tue, 25 Oct 2022 21:32:09 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://www.freeroms.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
mightylottrembling.com/pixel/pure
173.233.137.60204 No Content 0 B URL HTTP/1.1 mightylottrembling.com/pixel/pure
IP 173.233.137.60:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
OPTIONS /pixel/pure HTTP/1.1
Host: mightylottrembling.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.freeroms.com/
Origin: https://www.freeroms.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx/1.19.5
Date: Tue, 25 Oct 2022 21:32:09 GMT
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 1728000
Content-Type: text/plain; charset=utf-8
Content-Length: 0
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 200f810456d445c33b9d15a8d04c62aa
fb3f931e6447d9c9ae2f27cb3c996598e93894ab
8c9e17c2721ace6e985ef7abc383e27c2e41881710e48e58c1ccc6eb8bfb3f60
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 25 Oct 2022 21:32:09 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 24 Oct 2022 00:52:21 GMT
Expires: Mon, 31 Oct 2022 00:52:20 GMT
Etag: "fb3f931e6447d9c9ae2f27cb3c996598e93894ab"
Cache-Control: max-age=443410,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 75fe10309fc4b515-OSL
clenchedyouthmatching.com/advertisers.js
142.0.197.108200 OK 0 B URL HTTP/1.1 clenchedyouthmatching.com/advertisers.js
IP 142.0.197.108:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /advertisers.js HTTP/1.1
Host: clenchedyouthmatching.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freeroms.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Tue, 25 Oct 2022 21:32:09 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
betotodilea.com/400/3601099
139.45.197.237200 OK 31 kB URL HTTP/2 betotodilea.com/400/3601099
IP 139.45.197.237:0
Hash 99cfcd34935cbacc432ef3d9d408e5be
f780da5207c05fbbad02f741574f49506dcf3dfb
1c528bfb0e05756c83f2f3249629e32efa2555b0e61b58e3536d09bd542700b3
GET /400/3601099 HTTP/1.1
Host: betotodilea.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freeroms.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 25 Oct 2022 21:32:09 GMT
content-type: application/javascript
x-trace-id: 2e2ada1c042e8d7a1fc37c62b43559a9
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=05e9542133b644f5a2f2a6262e69af1c; expires=Wed, 25 Oct 2023 21:32:09 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
upgulpinon.com/9?z=5030886&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww.freeroms.com%2Froms%2Fnintendo_gamecube%2Frocky.htm&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=2&sah=1002&drf=&hil=1&ist=0&oaid=fd2186606b544fb18120a1a6c49eee47
139.45.197.242204 No Content 0 B URL HTTP/2 upgulpinon.com/9?z=5030886&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww.freeroms.com%2Froms%2Fnintendo_gamecube%2Frocky.htm&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=2&sah=1002&drf=&hil=1&ist=0&oaid=fd2186606b544fb18120a1a6c49eee47
IP 139.45.197.242:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /9?z=5030886&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww.freeroms.com%2Froms%2Fnintendo_gamecube%2Frocky.htm&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=2&sah=1002&drf=&hil=1&ist=0&oaid=fd2186606b544fb18120a1a6c49eee47 HTTP/1.1
Host: upgulpinon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.freeroms.com/
Origin: https://www.freeroms.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Tue, 25 Oct 2022 21:32:09 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://www.freeroms.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
mightylottrembling.com/pixel/pure
173.233.137.60200 OK 0 B URL HTTP/1.1 mightylottrembling.com/pixel/pure
IP 173.233.137.60:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
POST /pixel/pure HTTP/1.1
Host: mightylottrembling.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 74
Origin: https://www.freeroms.com
Connection: keep-alive
Referer: https://www.freeroms.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 25 Oct 2022 21:32:09 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
nanouwho.com/11?rnd=367421437&z=3056520&b=15351299&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=cBAILAyLr2fJp5Sbr4KgjU9ASJfnSu7zXBlmjeZLDn6QeDI-S3DJuTiI4uPBeVHw9d8sDbca78u2zot94YtqK4aTkIXpyDqEOfi3yq9YkJ467npMNQUPfcx1icHgL9oS0Xdwrd7RxApwyhUzsFdpRkjylFYysfXU2KWldMMeKBqnykDJghRt90G7p3C7NYYZeGpLi-OU9iqOcsu9hw5YBF87pgHr6ba1yzOH_yusT9-JQB5akzKOY6cU-PdtHB3JcHPt6siN99-xS9EoYyrblcyNoBfUlq3zIuoxdH1_bvhxuTBLLow8F85U54vsgDcFgrqvHQbwh6-XCGyqauhy_PdcxICwV9T3DfM9pMoLIYcLZzcwNoTxwDdk2Wc3_NxiQHevKmjRS_jYv7iA4YoHIX4FBL7n7HBnzl6hYyVvK6lHBd50ldIisZj8aLG5jr5fyzQqmtWlP_5VzSXYKpoI0jolennxjl28rprKvE6oXPYNtZD3UeRky5BgTWX2aHNWYyySo7LromtaDN59huKEcfFgZcsJMClgYUREmGCYMIQEvDMoxI8RmR23_b-t7JLuUvQGy5VShUdiXmMs-YSRJVU7h8nj3jsSrYPvUQZRY79iBSAdmP62s-bRGgkaCJSFxkSLVKLc66zCTgYQ&ruid=7e5dc775-d915-4004-83c9-b95043decc9f&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww.freeroms.com%2Froms%2Fnintendo_gamecube%2Frocky.htm&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=2&sah=1002&drf=&hil=1&ist=0&ot=179
139.45.197.242200 OK 0 B URL HTTP/2 nanouwho.com/11?rnd=367421437&z=3056520&b=15351299&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=cBAILAyLr2fJp5Sbr4KgjU9ASJfnSu7zXBlmjeZLDn6QeDI-S3DJuTiI4uPBeVHw9d8sDbca78u2zot94YtqK4aTkIXpyDqEOfi3yq9YkJ467npMNQUPfcx1icHgL9oS0Xdwrd7RxApwyhUzsFdpRkjylFYysfXU2KWldMMeKBqnykDJghRt90G7p3C7NYYZeGpLi-OU9iqOcsu9hw5YBF87pgHr6ba1yzOH_yusT9-JQB5akzKOY6cU-PdtHB3JcHPt6siN99-xS9EoYyrblcyNoBfUlq3zIuoxdH1_bvhxuTBLLow8F85U54vsgDcFgrqvHQbwh6-XCGyqauhy_PdcxICwV9T3DfM9pMoLIYcLZzcwNoTxwDdk2Wc3_NxiQHevKmjRS_jYv7iA4YoHIX4FBL7n7HBnzl6hYyVvK6lHBd50ldIisZj8aLG5jr5fyzQqmtWlP_5VzSXYKpoI0jolennxjl28rprKvE6oXPYNtZD3UeRky5BgTWX2aHNWYyySo7LromtaDN59huKEcfFgZcsJMClgYUREmGCYMIQEvDMoxI8RmR23_b-t7JLuUvQGy5VShUdiXmMs-YSRJVU7h8nj3jsSrYPvUQZRY79iBSAdmP62s-bRGgkaCJSFxkSLVKLc66zCTgYQ&ruid=7e5dc775-d915-4004-83c9-b95043decc9f&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww.freeroms.com%2Froms%2Fnintendo_gamecube%2Frocky.htm&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=2&sah=1002&drf=&hil=1&ist=0&ot=179
IP 139.45.197.242:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /11?rnd=367421437&z=3056520&b=15351299&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=cBAILAyLr2fJp5Sbr4KgjU9ASJfnSu7zXBlmjeZLDn6QeDI-S3DJuTiI4uPBeVHw9d8sDbca78u2zot94YtqK4aTkIXpyDqEOfi3yq9YkJ467npMNQUPfcx1icHgL9oS0Xdwrd7RxApwyhUzsFdpRkjylFYysfXU2KWldMMeKBqnykDJghRt90G7p3C7NYYZeGpLi-OU9iqOcsu9hw5YBF87pgHr6ba1yzOH_yusT9-JQB5akzKOY6cU-PdtHB3JcHPt6siN99-xS9EoYyrblcyNoBfUlq3zIuoxdH1_bvhxuTBLLow8F85U54vsgDcFgrqvHQbwh6-XCGyqauhy_PdcxICwV9T3DfM9pMoLIYcLZzcwNoTxwDdk2Wc3_NxiQHevKmjRS_jYv7iA4YoHIX4FBL7n7HBnzl6hYyVvK6lHBd50ldIisZj8aLG5jr5fyzQqmtWlP_5VzSXYKpoI0jolennxjl28rprKvE6oXPYNtZD3UeRky5BgTWX2aHNWYyySo7LromtaDN59huKEcfFgZcsJMClgYUREmGCYMIQEvDMoxI8RmR23_b-t7JLuUvQGy5VShUdiXmMs-YSRJVU7h8nj3jsSrYPvUQZRY79iBSAdmP62s-bRGgkaCJSFxkSLVKLc66zCTgYQ&ruid=7e5dc775-d915-4004-83c9-b95043decc9f&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww.freeroms.com%2Froms%2Fnintendo_gamecube%2Frocky.htm&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=2&sah=1002&drf=&hil=1&ist=0&ot=179 HTTP/1.1
Host: nanouwho.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.freeroms.com
Connection: keep-alive
Referer: https://www.freeroms.com/
Cookie: scm=1; OAID=fd2186606b544fb18120a1a6c49eee47; oaidts=1666733529
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 25 Oct 2022 21:32:09 GMT
content-type: image/jpeg
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: https://www.freeroms.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: a6e43667db975083571ed9c5dc4fd2b4
access-control-expose-headers: X-Sc
set-cookie: OAID=fd2186606b544fb18120a1a6c49eee47; expires=Wed, 25 Oct 2023 21:32:09 GMT; secure; SameSite=None
oaidts=1666733529; expires=Wed, 25 Oct 2023 21:32:09 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 03663de7a3614fa93390c15946abc49d
2cb833bc3dee3f54c9a1ccb6e5563c6afbbedd1e
21cb3eaa412cd3b5051441a4226696cc4be453882374b960b6773ba98584ede7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "21CB3EAA412CD3B5051441A4226696CC4BE453882374B960B6773BA98584EDE7"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17941
Expires: Wed, 26 Oct 2022 02:31:10 GMT
Date: Tue, 25 Oct 2022 21:32:09 GMT
Connection: keep-alive
addresseepaper.com/sfp.js
172.64.193.5200 OK 158 kB URL HTTP/2 addresseepaper.com/sfp.js
IP 172.64.193.5:0
File type Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Size 158 kB (157935 bytes)
Hash 12c8ed73b0009929d0ac21b1ab15deec
9867bda68d7cc9a7ea886d81361f79679abc9c8d
2de6ac66b65589b5a03e3611f6a2d87126733426cce021237df2083332d89e45
GET /sfp.js HTTP/1.1
Host: addresseepaper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freeroms.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 25 Oct 2022 21:32:09 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 191599ee3c803ac284a280bc5ed0688d
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Tue, 25 Oct 2022 21:32:09 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vSm7Nd69EwaDnBP0e4pWXrPHgDgZeXbJr%2Bye9OPTiul7b2E4FGGZRg%2FPbpV373BWUtE7UyWEfld3kNRAuNto3iP6R4HrklHvKZqliwiKOUlq5pqmDHpURrF3QnXrWvw2ze32Z4M%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75fe102d7d54771d-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
upgulpinon.com/9?z=5030886&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww.freeroms.com%2Froms%2Fnintendo_gamecube%2Frocky.htm&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=2&sah=1002&drf=&hil=1&ist=0&oaid=fd2186606b544fb18120a1a6c49eee47
139.45.197.242200 OK 3.2 kB URL HTTP/2 upgulpinon.com/9?z=5030886&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww.freeroms.com%2Froms%2Fnintendo_gamecube%2Frocky.htm&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=2&sah=1002&drf=&hil=1&ist=0&oaid=fd2186606b544fb18120a1a6c49eee47
IP 139.45.197.242:0
Hash b417ea9fb2c10aab513a23bbf125125a
d9b6ac8a7c2c009697fafbeeb1a7468dc01e5d6a
9afbd7d9e514b3fd1d0613451ab496ca0b457673591e8c22f750fc2269aa9351
POST /9?z=5030886&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww.freeroms.com%2Froms%2Fnintendo_gamecube%2Frocky.htm&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=2&sah=1002&drf=&hil=1&ist=0&oaid=fd2186606b544fb18120a1a6c49eee47 HTTP/1.1
Host: upgulpinon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 254
Origin: https://www.freeroms.com
Connection: keep-alive
Referer: https://www.freeroms.com/
Cookie: scm=1; OAID=d8ac27fe02b0404c8a9f170f1226bf98; oaidts=1666733529
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 25 Oct 2022 21:32:09 GMT
content-type: application/json
access-control-allow-credentials: true
access-control-allow-origin: https://www.freeroms.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: 9f798e722ba8e5e0ca5a5e41fd3305e3
access-control-expose-headers: X-Sc
set-cookie: OAID=fd2186606b544fb18120a1a6c49eee47; expires=Wed, 25 Oct 2023 21:32:09 GMT; secure; SameSite=None
oaidts=1666733529; expires=Wed, 25 Oct 2023 21:32:09 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
upgulpinon.com/11?rnd=3243175086&z=5030886&b=15351282&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=PPdMAlbTnn-yc0eWZMgqIfLHnFLpuS9IiONt2ef9WdlIGrWPdRbebEax7Y81WfbFPXEpt8I4BGpcm5fDia4Io9Do4UGTAHZA2urIzbcQxugqzGvM8imr--PY7aW1NLDMozRWELJR5zRrCxuDshyphRWZumus0vxmyxzANZUIjH6iO9VvC4It2i2TjuzCrht1prUva7a8Ldkx1LK-DGS9icPmG3Gzac01C-1ZBlAQ0kZ22DRUKRtyEk0EJ1wLcNX9793-eAqEZtl2RbxpUy6ihWLAZaGNSjngYqHQ6xGO7jCjPPQW-er_yDmVgOfmZlosA6ctWRMHXAXT8UQzpJQ0sGDVgAHibVbNMxcUEZdjSjApMM-aKOHqFBazDiOqwEniIbjSSFPQQa_3GHpaQk1AJiJo_ozkyOOCleAKcsBX4tkEWT6oY3lgH0nvYC3XdZDGR_ttWrZyfQ3nK6u3CkFsB9QPh0V_3GvSRZgUieKwIBkvcHUCV8VuqExcxZ9oQzCCN_bEQsu5Oj5fhzQVHJb4Dr0EkH4-bA7SSIo3pZDuo35dVkwwycYmsq_0Ci-sx2Fh67HdDIc3uxNhLSJpEerp4HSyvawMNm9A6A74zwpmbnZ31WO7yshX9b4cqqLzIoh1UyunR1t-PN6BPoJK&ruid=a6b4acd5-bec6-4340-8d64-53f66a775a24&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww.freeroms.com%2Froms%2Fnintendo_gamecube%2Frocky.htm&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=2&sah=1002&drf=&hil=1&ist=0&ot=182
139.45.197.242200 OK 0 B URL HTTP/2 upgulpinon.com/11?rnd=3243175086&z=5030886&b=15351282&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=PPdMAlbTnn-yc0eWZMgqIfLHnFLpuS9IiONt2ef9WdlIGrWPdRbebEax7Y81WfbFPXEpt8I4BGpcm5fDia4Io9Do4UGTAHZA2urIzbcQxugqzGvM8imr--PY7aW1NLDMozRWELJR5zRrCxuDshyphRWZumus0vxmyxzANZUIjH6iO9VvC4It2i2TjuzCrht1prUva7a8Ldkx1LK-DGS9icPmG3Gzac01C-1ZBlAQ0kZ22DRUKRtyEk0EJ1wLcNX9793-eAqEZtl2RbxpUy6ihWLAZaGNSjngYqHQ6xGO7jCjPPQW-er_yDmVgOfmZlosA6ctWRMHXAXT8UQzpJQ0sGDVgAHibVbNMxcUEZdjSjApMM-aKOHqFBazDiOqwEniIbjSSFPQQa_3GHpaQk1AJiJo_ozkyOOCleAKcsBX4tkEWT6oY3lgH0nvYC3XdZDGR_ttWrZyfQ3nK6u3CkFsB9QPh0V_3GvSRZgUieKwIBkvcHUCV8VuqExcxZ9oQzCCN_bEQsu5Oj5fhzQVHJb4Dr0EkH4-bA7SSIo3pZDuo35dVkwwycYmsq_0Ci-sx2Fh67HdDIc3uxNhLSJpEerp4HSyvawMNm9A6A74zwpmbnZ31WO7yshX9b4cqqLzIoh1UyunR1t-PN6BPoJK&ruid=a6b4acd5-bec6-4340-8d64-53f66a775a24&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww.freeroms.com%2Froms%2Fnintendo_gamecube%2Frocky.htm&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=2&sah=1002&drf=&hil=1&ist=0&ot=182
IP 139.45.197.242:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /11?rnd=3243175086&z=5030886&b=15351282&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=PPdMAlbTnn-yc0eWZMgqIfLHnFLpuS9IiONt2ef9WdlIGrWPdRbebEax7Y81WfbFPXEpt8I4BGpcm5fDia4Io9Do4UGTAHZA2urIzbcQxugqzGvM8imr--PY7aW1NLDMozRWELJR5zRrCxuDshyphRWZumus0vxmyxzANZUIjH6iO9VvC4It2i2TjuzCrht1prUva7a8Ldkx1LK-DGS9icPmG3Gzac01C-1ZBlAQ0kZ22DRUKRtyEk0EJ1wLcNX9793-eAqEZtl2RbxpUy6ihWLAZaGNSjngYqHQ6xGO7jCjPPQW-er_yDmVgOfmZlosA6ctWRMHXAXT8UQzpJQ0sGDVgAHibVbNMxcUEZdjSjApMM-aKOHqFBazDiOqwEniIbjSSFPQQa_3GHpaQk1AJiJo_ozkyOOCleAKcsBX4tkEWT6oY3lgH0nvYC3XdZDGR_ttWrZyfQ3nK6u3CkFsB9QPh0V_3GvSRZgUieKwIBkvcHUCV8VuqExcxZ9oQzCCN_bEQsu5Oj5fhzQVHJb4Dr0EkH4-bA7SSIo3pZDuo35dVkwwycYmsq_0Ci-sx2Fh67HdDIc3uxNhLSJpEerp4HSyvawMNm9A6A74zwpmbnZ31WO7yshX9b4cqqLzIoh1UyunR1t-PN6BPoJK&ruid=a6b4acd5-bec6-4340-8d64-53f66a775a24&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww.freeroms.com%2Froms%2Fnintendo_gamecube%2Frocky.htm&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=2&sah=1002&drf=&hil=1&ist=0&ot=182 HTTP/1.1
Host: upgulpinon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.freeroms.com
Connection: keep-alive
Referer: https://www.freeroms.com/
Cookie: scm=1; OAID=fd2186606b544fb18120a1a6c49eee47; oaidts=1666733529
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 25 Oct 2022 21:32:09 GMT
content-type: image/jpeg
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: https://www.freeroms.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: 333fd576bea9aa4e65bb973a9d4b5c6d
access-control-expose-headers: X-Sc
set-cookie: OAID=fd2186606b544fb18120a1a6c49eee47; expires=Wed, 25 Oct 2023 21:32:09 GMT; secure; SameSite=None
oaidts=1666733529; expires=Wed, 25 Oct 2023 21:32:09 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
insistinestimable.com/sbar.json?key=c4d53d21b4a90448b5012c00c5cfa5a2&uuid=0e273592-0a6c-403e-a998-fe08a6ed360e%3A3%3A1
173.233.137.36200 OK 3.8 kB URL HTTP/1.1 insistinestimable.com/sbar.json?key=c4d53d21b4a90448b5012c00c5cfa5a2&uuid=0e273592-0a6c-403e-a998-fe08a6ed360e%3A3%3A1
IP 173.233.137.36:0
File type JSON data\012- , ASCII text, with very long lines (5727), with no line terminators
Hash b32a51a536d6f5a8545e903188ad651d
bd9e79fe7bbb0f87de13e81058081a272fa024a1
3ebd23bfbbe00bc5168ac0cd02780f3ccab8300ea10e2fb75f8ab59d395cd65b
Analyzer Verdict Alert quad9 Sinkholed
GET /sbar.json?key=c4d53d21b4a90448b5012c00c5cfa5a2&uuid=0e273592-0a6c-403e-a998-fe08a6ed360e%3A3%3A1 HTTP/1.1
Host: insistinestimable.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.freeroms.com
Connection: keep-alive
Referer: https://www.freeroms.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 25 Oct 2022 21:32:09 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.freeroms.com
Access-Control-Allow-Origin: https://www.freeroms.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=16560103; expires=Wed, 26 Oct 2022 21:32:09 GMT; secure; SameSite=None
uid_id2=0e273592-0a6c-403e-a998-fe08a6ed360e:3:1; expires=Tue, 01 Nov 2022 21:32:09 GMT; secure; SameSite=None
pdhtkv=true; expires=Wed, 26 Oct 2022 21:32:09 GMT; secure; SameSite=None
uncs=1; expires=Wed, 26 Oct 2022 21:32:09 GMT; secure; SameSite=None
pdhtkv29=true; expires=Wed, 26 Oct 2022 21:32:09 GMT; secure; SameSite=None
uncs29=1; expires=Wed, 26 Oct 2022 21:32:09 GMT; secure; SameSite=None
slecc4d53d21b4a90448b5012c00c5cfa5a2=[3364848]; expires=Tue, 25 Oct 2022 21:32:14 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 58541dfc2b14c28d50e211ba3f179167
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash fd169c0c72aaf47c5fb33ce7f975e124
1ae88308139be9f69d962efaa080aafa69885e87
74fa5ed03663690f2264056e90c3d07673593e6829aa8ab649875ccacca4d9fd
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6103
Cache-Control: max-age=101782
Content-Type: application/ocsp-response
Date: Tue, 25 Oct 2022 21:32:10 GMT
Etag: "63572899-117"
Expires: Thu, 27 Oct 2022 01:48:32 GMT
Last-Modified: Tue, 25 Oct 2022 00:06:49 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 279
offerimage.com/www/images/cabcac6e095dce559b438cd6f28d94e1.jpeg
172.67.22.216200 OK 13 kB URL HTTP/2 offerimage.com/www/images/cabcac6e095dce559b438cd6f28d94e1.jpeg
IP 172.67.22.216:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3\012- data
Hash cabcac6e095dce559b438cd6f28d94e1
c080c3000ffd7f1932df6755956e20182a6f9806
9544a129f64c359b7a429a8e5c2d906166a53153ec58b90f569ae9b0340249c6
GET /www/images/cabcac6e095dce559b438cd6f28d94e1.jpeg HTTP/1.1
Host: offerimage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freeroms.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 25 Oct 2022 21:32:10 GMT
content-type: image/jpeg
content-length: 13005
cache-control: max-age=86400
cf-bgj: h2pri
etag: "61cbe19d-32cd"
expires: Wed, 26 Oct 2022 00:55:34 GMT
last-modified: Wed, 29 Dec 2021 04:18:37 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 74196
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 75fe1032abc20afe-OSL
X-Firefox-Spdy: h2
dismantlepenantiterrorist.com/pxf.gif?uuid=0e273592-0a6c-403e-a998-fe08a6ed360e&eb=f7f733e10dbfb66931f79b4d6cd2ec08&te=3a754cebd09bb2f7570f96954fbfd43e&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.31&b_frame=0&pk=ea2d5d802b867cf417198fc84113161f&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=21
192.243.59.12200 OK 1 B URL HTTP/1.1 dismantlepenantiterrorist.com/pxf.gif?uuid=0e273592-0a6c-403e-a998-fe08a6ed360e&eb=f7f733e10dbfb66931f79b4d6cd2ec08&te=3a754cebd09bb2f7570f96954fbfd43e&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.31&b_frame=0&pk=ea2d5d802b867cf417198fc84113161f&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=21
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=0e273592-0a6c-403e-a998-fe08a6ed360e&eb=f7f733e10dbfb66931f79b4d6cd2ec08&te=3a754cebd09bb2f7570f96954fbfd43e&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.31&b_frame=0&pk=ea2d5d802b867cf417198fc84113161f&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=21 HTTP/1.1
Host: dismantlepenantiterrorist.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freeroms.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Tue, 25 Oct 2022 21:32:09 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 9cc7c6254635fd63244ddc1182f45758
Strict-Transport-Security: max-age=0; includeSubdomains
interstitial-07.com/contents/s/93/ec/54/2365aa63673f86a1fd1a1932ef/01001077251100.jpeg
139.45.197.154200 OK 16 kB URL HTTP/2 interstitial-07.com/contents/s/93/ec/54/2365aa63673f86a1fd1a1932ef/01001077251100.jpeg
IP 139.45.197.154:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 256x256, components 3\012- data
Hash 93ec542365aa63673f86a1fd1a1932ef
7b6ed708c1f8716458a32726027f9d809be3bed9
03339b6ebd56d333f8b95b4861280fa3768e7de676a273a76e68174c6d7fa10d
GET /contents/s/93/ec/54/2365aa63673f86a1fd1a1932ef/01001077251100.jpeg HTTP/1.1
Host: interstitial-07.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://interstitial-07.com/?l=ooGTd9XfuscJOwV&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fnanouwho.com%2F12%3Frnd%3D481281211%26z%3D3056520%26b%3D15351299%26c%3D6229390%26var%3D%26d%3Dhttps%253A%252F%252Fsingelstodate.com%252Fbase.php%253Fc%253D840%2526key%253D26b592c4e583237185feda23c0874e89%2526zoneid%253D%257Bzoneid%257D%2526cost%253D%257Bcost%257D%2526subid%253D%2524%257BSUBID%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3DcBAILAyLr2fJp5Sbr4KgjU9ASJfnSu7zXBlmjeZLDn6QeDI-S3DJuTiI4uPBeVHw9d8sDbca78u2zot94YtqK4aTkIXpyDqEOfi3yq9YkJ467npMNQUPfcx1icHgL9oS0Xdwrd7RxApwyhUzsFdpRkjylFYysfXU2KWldMMeKBqnykDJghRt90G7p3C7NYYZeGpLi-OU9iqOcsu9hw5YBF87pgHr6ba1yzOH_yusT9-JQB5akzKOY6cU-PdtHB3JcHPt6siN99-xS9EoYyrblcyNoBfUlq3zIuoxdH1_bvhxuTBLLow8F85U54vsgDcFgrqvHQbwh6-XCGyqauhy_PdcxICwV9T3DfM9pMoLIYcLZzcwNoTxwDdk2Wc3_NxiQHevKmjRS_jYv7iA4YoHIX4FBL7n7HBnzl6hYyVvK6lHBd50ldIisZj8aLG5jr5fyzQqmtWlP_5VzSXYKpoI0jolennxjl28rprKvE6oXPYNtZD3UeRky5BgTWX2aHNWYyySo7LromtaDN59huKEcfFgZcsJMClgYUREmGCYMIQEvDMoxI8RmR23_b-t7JLuUvQGy5VShUdiXmMs-YSRJVU7h8nj3jsSrYPvUQZRY79iBSAdmP62s-bRGgkaCJSFxkSLVKLc66zCTgYQ%26bag%3Dwmm3j4qvcl4KM6pE8WclYQ%3D%3D%26ruid%3D7e5dc775-d915-4004-83c9-b95043decc9f%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fwww.freeroms.com%252Froms%252Fnintendo_gamecube%252Frocky.htm%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1268%26wiw%3D1280%26wih%3D939%26wfc%3D2%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 25 Oct 2022 21:32:10 GMT
content-type: image/jpeg
content-length: 16007
last-modified: Tue, 22 Feb 2022 02:30:01 GMT
etag: "62144aa9-3e87"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash cd4b0660453080b151440c1e5db0f645
fd62517a07d200682bcc0abbbd35a8919b831509
2501fda8b10a60747bd934474d382f5e72d92639aa2c7eb61d6e52505be56bf5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2501FDA8B10A60747BD934474D382F5E72D92639AA2C7EB61D6E52505BE56BF5"
Last-Modified: Tue, 25 Oct 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3243
Expires: Tue, 25 Oct 2022 22:26:13 GMT
Date: Tue, 25 Oct 2022 21:32:10 GMT
Connection: keep-alive
dismantlepenantiterrorist.com/pxf.gif?uuid=0e273592-0a6c-403e-a998-fe08a6ed360e&eb=f7f733e10dbfb66931f79b4d6cd2ec08&te=3a754cebd09bb2f7570f96954fbfd43e&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.31&b_frame=0&pk=c4d53d21b4a90448b5012c00c5cfa5a2&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=21
192.243.59.12200 OK 1 B URL HTTP/1.1 dismantlepenantiterrorist.com/pxf.gif?uuid=0e273592-0a6c-403e-a998-fe08a6ed360e&eb=f7f733e10dbfb66931f79b4d6cd2ec08&te=3a754cebd09bb2f7570f96954fbfd43e&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.31&b_frame=0&pk=c4d53d21b4a90448b5012c00c5cfa5a2&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=21
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=0e273592-0a6c-403e-a998-fe08a6ed360e&eb=f7f733e10dbfb66931f79b4d6cd2ec08&te=3a754cebd09bb2f7570f96954fbfd43e&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.31&b_frame=0&pk=c4d53d21b4a90448b5012c00c5cfa5a2&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=21 HTTP/1.1
Host: dismantlepenantiterrorist.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freeroms.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Tue, 25 Oct 2022 21:32:10 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 5bff2ef2e0df0d0ffa2c52b61498b1ec
Strict-Transport-Security: max-age=0; includeSubdomains
interstitial-07.com/contents/s/d5/8f/0b/16b07b29fa87bf431f223011ae/0559983647539.jpeg
139.45.197.154200 OK 43 kB URL HTTP/2 interstitial-07.com/contents/s/d5/8f/0b/16b07b29fa87bf431f223011ae/0559983647539.jpeg
IP 139.45.197.154:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 492x328, components 3\012- data
Hash d58f0b16b07b29fa87bf431f223011ae
dc3e7abb37451953f9409f937e4219eaa41425e1
7e685526d11885fc19ad9324552525037bcdac955459c158e49f3b7d5428958a
GET /contents/s/d5/8f/0b/16b07b29fa87bf431f223011ae/0559983647539.jpeg HTTP/1.1
Host: interstitial-07.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://interstitial-07.com/?l=ooGTd9XfuscJOwV&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fnanouwho.com%2F12%3Frnd%3D481281211%26z%3D3056520%26b%3D15351299%26c%3D6229390%26var%3D%26d%3Dhttps%253A%252F%252Fsingelstodate.com%252Fbase.php%253Fc%253D840%2526key%253D26b592c4e583237185feda23c0874e89%2526zoneid%253D%257Bzoneid%257D%2526cost%253D%257Bcost%257D%2526subid%253D%2524%257BSUBID%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3DcBAILAyLr2fJp5Sbr4KgjU9ASJfnSu7zXBlmjeZLDn6QeDI-S3DJuTiI4uPBeVHw9d8sDbca78u2zot94YtqK4aTkIXpyDqEOfi3yq9YkJ467npMNQUPfcx1icHgL9oS0Xdwrd7RxApwyhUzsFdpRkjylFYysfXU2KWldMMeKBqnykDJghRt90G7p3C7NYYZeGpLi-OU9iqOcsu9hw5YBF87pgHr6ba1yzOH_yusT9-JQB5akzKOY6cU-PdtHB3JcHPt6siN99-xS9EoYyrblcyNoBfUlq3zIuoxdH1_bvhxuTBLLow8F85U54vsgDcFgrqvHQbwh6-XCGyqauhy_PdcxICwV9T3DfM9pMoLIYcLZzcwNoTxwDdk2Wc3_NxiQHevKmjRS_jYv7iA4YoHIX4FBL7n7HBnzl6hYyVvK6lHBd50ldIisZj8aLG5jr5fyzQqmtWlP_5VzSXYKpoI0jolennxjl28rprKvE6oXPYNtZD3UeRky5BgTWX2aHNWYyySo7LromtaDN59huKEcfFgZcsJMClgYUREmGCYMIQEvDMoxI8RmR23_b-t7JLuUvQGy5VShUdiXmMs-YSRJVU7h8nj3jsSrYPvUQZRY79iBSAdmP62s-bRGgkaCJSFxkSLVKLc66zCTgYQ%26bag%3Dwmm3j4qvcl4KM6pE8WclYQ%3D%3D%26ruid%3D7e5dc775-d915-4004-83c9-b95043decc9f%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fwww.freeroms.com%252Froms%252Fnintendo_gamecube%252Frocky.htm%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1268%26wiw%3D1280%26wih%3D939%26wfc%3D2%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 25 Oct 2022 21:32:10 GMT
content-type: image/jpeg
content-length: 42960
last-modified: Tue, 11 Jan 2022 17:05:41 GMT
etag: "61ddb8e5-a7d0"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash f142b94df21747dfbdfc3b6aaf702a3b
b27d5ca0c9f968f68cb427cfb1a2c1ed35378a41
7df07819035cf7a775d7abab7a54607efdebeda0b51c78830eb8ef4bec0f10ba
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5852
Cache-Control: max-age=163829
Content-Type: application/ocsp-response
Date: Tue, 25 Oct 2022 21:32:10 GMT
Etag: "63581bf3-117"
Expires: Thu, 27 Oct 2022 19:02:39 GMT
Last-Modified: Tue, 25 Oct 2022 17:25:07 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 279
interstitial-07.com/contents/s/65/a2/63/b9f772abe558a3f413f3ee8116/0269452192060.jpeg
139.45.197.154200 OK 31 kB URL HTTP/2 interstitial-07.com/contents/s/65/a2/63/b9f772abe558a3f413f3ee8116/0269452192060.jpeg
IP 139.45.197.154:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 256x256, components 3\012- data
Hash 65a263b9f772abe558a3f413f3ee8116
9cd441d4e508e7538f047e72a75dfb10c8e3f574
fdd7cbe3f909c6ecca718d1031bc86384f4f54162003e33ad9569098f38519ff
GET /contents/s/65/a2/63/b9f772abe558a3f413f3ee8116/0269452192060.jpeg HTTP/1.1
Host: interstitial-07.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://interstitial-07.com/?l=3uJghZzgN1jXioW&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fupgulpinon.com%2F12%3Frnd%3D2207017762%26z%3D5030886%26b%3D15351282%26c%3D6229385%26var%3D%26d%3Dhttp%253A%252F%252Ftryhardnow.com%252Fbase.php%253Fc%253D350%2526key%253D2c1f9aa01554345b3025ac0d005c7bea%2526zoneid%253D%257Bzoneid%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3DPPdMAlbTnn-yc0eWZMgqIfLHnFLpuS9IiONt2ef9WdlIGrWPdRbebEax7Y81WfbFPXEpt8I4BGpcm5fDia4Io9Do4UGTAHZA2urIzbcQxugqzGvM8imr--PY7aW1NLDMozRWELJR5zRrCxuDshyphRWZumus0vxmyxzANZUIjH6iO9VvC4It2i2TjuzCrht1prUva7a8Ldkx1LK-DGS9icPmG3Gzac01C-1ZBlAQ0kZ22DRUKRtyEk0EJ1wLcNX9793-eAqEZtl2RbxpUy6ihWLAZaGNSjngYqHQ6xGO7jCjPPQW-er_yDmVgOfmZlosA6ctWRMHXAXT8UQzpJQ0sGDVgAHibVbNMxcUEZdjSjApMM-aKOHqFBazDiOqwEniIbjSSFPQQa_3GHpaQk1AJiJo_ozkyOOCleAKcsBX4tkEWT6oY3lgH0nvYC3XdZDGR_ttWrZyfQ3nK6u3CkFsB9QPh0V_3GvSRZgUieKwIBkvcHUCV8VuqExcxZ9oQzCCN_bEQsu5Oj5fhzQVHJb4Dr0EkH4-bA7SSIo3pZDuo35dVkwwycYmsq_0Ci-sx2Fh67HdDIc3uxNhLSJpEerp4HSyvawMNm9A6A74zwpmbnZ31WO7yshX9b4cqqLzIoh1UyunR1t-PN6BPoJK%26bag%3DFWuOy7mVj9dFk3oo3jPRgA%3D%3D%26ruid%3Da6b4acd5-bec6-4340-8d64-53f66a775a24%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fwww.freeroms.com%252Froms%252Fnintendo_gamecube%252Frocky.htm%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1268%26wiw%3D1280%26wih%3D939%26wfc%3D2%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 25 Oct 2022 21:32:10 GMT
content-type: image/jpeg
content-length: 30644
last-modified: Thu, 14 Apr 2022 16:17:26 GMT
etag: "62584916-77b4"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
X-Firefox-Spdy: h2
interstitial-07.com/contents/s/f1/30/4d/d3e39c86522c8892959df3e74b/01516300732942.jpeg
139.45.197.154200 OK 74 kB URL HTTP/2 interstitial-07.com/contents/s/f1/30/4d/d3e39c86522c8892959df3e74b/01516300732942.jpeg
IP 139.45.197.154:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 492x328, components 3\012- data
Hash f1304dd3e39c86522c8892959df3e74b
f06abfa30203ff170f751f41eea204400fd570ee
e4e419f7b4af6b359e8dfdd25b0beb5b2bd1d5bafce9a095db342b9c97b35e24
GET /contents/s/f1/30/4d/d3e39c86522c8892959df3e74b/01516300732942.jpeg HTTP/1.1
Host: interstitial-07.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://interstitial-07.com/?l=3uJghZzgN1jXioW&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fupgulpinon.com%2F12%3Frnd%3D2207017762%26z%3D5030886%26b%3D15351282%26c%3D6229385%26var%3D%26d%3Dhttp%253A%252F%252Ftryhardnow.com%252Fbase.php%253Fc%253D350%2526key%253D2c1f9aa01554345b3025ac0d005c7bea%2526zoneid%253D%257Bzoneid%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3DPPdMAlbTnn-yc0eWZMgqIfLHnFLpuS9IiONt2ef9WdlIGrWPdRbebEax7Y81WfbFPXEpt8I4BGpcm5fDia4Io9Do4UGTAHZA2urIzbcQxugqzGvM8imr--PY7aW1NLDMozRWELJR5zRrCxuDshyphRWZumus0vxmyxzANZUIjH6iO9VvC4It2i2TjuzCrht1prUva7a8Ldkx1LK-DGS9icPmG3Gzac01C-1ZBlAQ0kZ22DRUKRtyEk0EJ1wLcNX9793-eAqEZtl2RbxpUy6ihWLAZaGNSjngYqHQ6xGO7jCjPPQW-er_yDmVgOfmZlosA6ctWRMHXAXT8UQzpJQ0sGDVgAHibVbNMxcUEZdjSjApMM-aKOHqFBazDiOqwEniIbjSSFPQQa_3GHpaQk1AJiJo_ozkyOOCleAKcsBX4tkEWT6oY3lgH0nvYC3XdZDGR_ttWrZyfQ3nK6u3CkFsB9QPh0V_3GvSRZgUieKwIBkvcHUCV8VuqExcxZ9oQzCCN_bEQsu5Oj5fhzQVHJb4Dr0EkH4-bA7SSIo3pZDuo35dVkwwycYmsq_0Ci-sx2Fh67HdDIc3uxNhLSJpEerp4HSyvawMNm9A6A74zwpmbnZ31WO7yshX9b4cqqLzIoh1UyunR1t-PN6BPoJK%26bag%3DFWuOy7mVj9dFk3oo3jPRgA%3D%3D%26ruid%3Da6b4acd5-bec6-4340-8d64-53f66a775a24%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fwww.freeroms.com%252Froms%252Fnintendo_gamecube%252Frocky.htm%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1268%26wiw%3D1280%26wih%3D939%26wfc%3D2%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 25 Oct 2022 21:32:10 GMT
content-type: image/jpeg
content-length: 74544
last-modified: Thu, 14 Apr 2022 16:17:25 GMT
etag: "62584915-12330"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
X-Firefox-Spdy: h2
unphionetor.com/fv.js?t=72747&cb=946155546
139.45.197.236200 OK 2.2 kB URL HTTP/2 unphionetor.com/fv.js?t=72747&cb=946155546
IP 139.45.197.236:0
File type ASCII text, with very long lines (5213), with no line terminators
Hash 0254fb1dad74628b7ad0f97d304fac92
35f7af13a08eb87023ec7df4d3c35c21b2cde79d
47fb6ce428ca80ea69b772e4f66e4e5c622a4005db601746033d04511bd27536
GET /fv.js?t=72747&cb=946155546 HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://interstitial-07.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 25 Oct 2022 21:32:10 GMT
content-type: text/javascript; charset=utf8
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: deee5077c27b260f5147a08b545695c3
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
unphionetor.com/vctx?t=72747
139.45.197.236204 No Content 0 B URL HTTP/2 unphionetor.com/vctx?t=72747
IP 139.45.197.236:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /vctx?t=72747 HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://interstitial-07.com
Connection: keep-alive
Referer: https://interstitial-07.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Tue, 25 Oct 2022 21:32:10 GMT
access-control-allow-origin: https://interstitial-07.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: fd332ba840b6e3997683ad9b5f4bc5bb
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
insistinestimable.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRitTlYQPBniIYIwBxEFd7a6Z6ZnxhyCMa4sbrIhMSQ3ra6qmS23uqup6p6e3YMsBiUgwuQ%2F6H2zmyW6%2BAO8GmQ2kMOCsONpDu7VqyLklIPMZHH0u3zv1XuHV6%2Fqy538hFDkbHLlqtlSWrOlRpVW3rzj%2BxcrqyrJ%2B5V%2BK%2Fw4rF%2Bs2N477bBK36p8IPmGWQqoT6lP%2FcqysrJj%2BktTESo9aPvVNq3Wg6rfqKNv%2F89d7sExD6J3Qs5BifHCY%2B88FB8hiX%2B4It1GZtK3349zzTJj0RP7t5KNxBQJ4jnsWA%2BdZP%2FUDeOOlx%2FBJHuzuDC9f42RGhPvySNEyf5pSES93VnOSEMmiMRLKHojSD2CYiNwcxdKHBOAC1xbQxI%2FuGZswTafq2yqjsnC07%2BhijFZ%2BP08kvi7y1r1KzeNzjNlEod%2Bp4Tqj6C6I6T5IbKtM1DFIXj2OZT4lSw9XUUS7645baDE5HUqg2at0Q4WKQv5Yp3W5CJrt1uLHUlbLJSiFlI5K0ipEVRnBC0HYO4scuchVx7yjoc89RCLSYX7vt%2BkgjPaanNeE00ZhYL6rNnxmU%2FDFnI%2BvcMAWToA1wNwu43UbmND3T9unIPNf4FbL%2BGEB5cR9ESJQhIUjqBgBIUiKDKColfuCe0CVz4Q2uWRf7qD010rhybr7rA9k3VlQnbSE%2FLyrLtn3%2F%2BBDTmp8Lpo1ETgR3XWpvV6K2pQP%2BCU8gbvsAYL4FQJ5c6AOQ9bakwuvKGQqjF54euvELFDOH0Irl4By18DK4bNgIKtD%2Bstiq3koGOltCZ2VW5iCFMizRaQbXo7%2BoRcmOWo3f4Tkh9d%2BiS6Ov7r4TNwWyK1JT5Vjwm6%2Bt7whinI7g1TOPLjWpqpWG2x6fvezFgmz37zodwsjBUrV9zg4bt8KkzhwUfSZassESrpOvLtZSWEtMvGckl%2BXnG3ZXQ9d%2BuXc5vk6er195ZX4tRK55RJRmBqTMiTI3A1Ji%2F%2BtDf7uq9%2B8RmUHcHmJeL8iJwOlDkET7fh0nl%2BZwisnnui1EORl0MbRPNDrQi0nHMWlXD%2F4dEc77h76FoPLLuLJC7RsyV6ugTTA7j87DBL7dGl32qzQaS9YaSttxtpq%2B8%2FL9epSaVZq1EWtht%2Bs8lkM6oHrU7oC8aCehiEIashc2N%2B59bkHwAAAP%2F%2FAQAA%2F%2F9vK8NQhQQAAA%3D%3D
173.233.137.36200 OK 7 B URL HTTP/1.1 insistinestimable.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRitTlYQPBniIYIwBxEFd7a6Z6ZnxhyCMa4sbrIhMSQ3ra6qmS23uqup6p6e3YMsBiUgwuQ%2F6H2zmyW6%2BAO8GmQ2kMOCsONpDu7VqyLklIPMZHH0u3zv1XuHV6%2Fqy538hFDkbHLlqtlSWrOlRpVW3rzj%2BxcrqyrJ%2B5V%2BK%2Fw4rF%2Bs2N477bBK36p8IPmGWQqoT6lP%2FcqysrJj%2BktTESo9aPvVNq3Wg6rfqKNv%2F89d7sExD6J3Qs5BifHCY%2B88FB8hiX%2B4It1GZtK3349zzTJj0RP7t5KNxBQJ4jnsWA%2BdZP%2FUDeOOlx%2FBJHuzuDC9f42RGhPvySNEyf5pSES93VnOSEMmiMRLKHojSD2CYiNwcxdKHBOAC1xbQxI%2FuGZswTafq2yqjsnC07%2BhijFZ%2BP08kvi7y1r1KzeNzjNlEod%2Bp4Tqj6C6I6T5IbKtM1DFIXj2OZT4lSw9XUUS7645baDE5HUqg2at0Q4WKQv5Yp3W5CJrt1uLHUlbLJSiFlI5K0ipEVRnBC0HYO4scuchVx7yjoc89RCLSYX7vt%2BkgjPaanNeE00ZhYL6rNnxmU%2FDFnI%2BvcMAWToA1wNwu43UbmND3T9unIPNf4FbL%2BGEB5cR9ESJQhIUjqBgBIUiKDKColfuCe0CVz4Q2uWRf7qD010rhybr7rA9k3VlQnbSE%2FLyrLtn3%2F%2BBDTmp8Lpo1ETgR3XWpvV6K2pQP%2BCU8gbvsAYL4FQJ5c6AOQ9bakwuvKGQqjF54euvELFDOH0Irl4By18DK4bNgIKtD%2Bstiq3koGOltCZ2VW5iCFMizRaQbXo7%2BoRcmOWo3f4Tkh9d%2BiS6Ov7r4TNwWyK1JT5Vjwm6%2Bt7whinI7g1TOPLjWpqpWG2x6fvezFgmz37zodwsjBUrV9zg4bt8KkzhwUfSZassESrpOvLtZSWEtMvGckl%2BXnG3ZXQ9d%2BuXc5vk6er195ZX4tRK55RJRmBqTMiTI3A1Ji%2F%2BtDf7uq9%2B8RmUHcHmJeL8iJwOlDkET7fh0nl%2BZwisnnui1EORl0MbRPNDrQi0nHMWlXD%2F4dEc77h76FoPLLuLJC7RsyV6ugTTA7j87DBL7dGl32qzQaS9YaSttxtpq%2B8%2FL9epSaVZq1EWtht%2Bs8lkM6oHrU7oC8aCehiEIashc2N%2B59bkHwAAAP%2F%2FAQAA%2F%2F9vK8NQhQQAAA%3D%3D
IP 173.233.137.36:0
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRitTlYQPBniIYIwBxEFd7a6Z6ZnxhyCMa4sbrIhMSQ3ra6qmS23uqup6p6e3YMsBiUgwuQ%2F6H2zmyW6%2BAO8GmQ2kMOCsONpDu7VqyLklIPMZHH0u3zv1XuHV6%2Fqy538hFDkbHLlqtlSWrOlRpVW3rzj%2BxcrqyrJ%2B5V%2BK%2Fw4rF%2Bs2N477bBK36p8IPmGWQqoT6lP%2FcqysrJj%2BktTESo9aPvVNq3Wg6rfqKNv%2F89d7sExD6J3Qs5BifHCY%2B88FB8hiX%2B4It1GZtK3349zzTJj0RP7t5KNxBQJ4jnsWA%2BdZP%2FUDeOOlx%2FBJHuzuDC9f42RGhPvySNEyf5pSES93VnOSEMmiMRLKHojSD2CYiNwcxdKHBOAC1xbQxI%2FuGZswTafq2yqjsnC07%2BhijFZ%2BP08kvi7y1r1KzeNzjNlEod%2Bp4Tqj6C6I6T5IbKtM1DFIXj2OZT4lSw9XUUS7645baDE5HUqg2at0Q4WKQv5Yp3W5CJrt1uLHUlbLJSiFlI5K0ipEVRnBC0HYO4scuchVx7yjoc89RCLSYX7vt%2BkgjPaanNeE00ZhYL6rNnxmU%2FDFnI%2BvcMAWToA1wNwu43UbmND3T9unIPNf4FbL%2BGEB5cR9ESJQhIUjqBgBIUiKDKColfuCe0CVz4Q2uWRf7qD010rhybr7rA9k3VlQnbSE%2FLyrLtn3%2F%2BBDTmp8Lpo1ETgR3XWpvV6K2pQP%2BCU8gbvsAYL4FQJ5c6AOQ9bakwuvKGQqjF54euvELFDOH0Irl4By18DK4bNgIKtD%2Bstiq3koGOltCZ2VW5iCFMizRaQbXo7%2BoRcmOWo3f4Tkh9d%2BiS6Ov7r4TNwWyK1JT5Vjwm6%2Bt7whinI7g1TOPLjWpqpWG2x6fvezFgmz37zodwsjBUrV9zg4bt8KkzhwUfSZassESrpOvLtZSWEtMvGckl%2BXnG3ZXQ9d%2BuXc5vk6er195ZX4tRK55RJRmBqTMiTI3A1Ji%2F%2BtDf7uq9%2B8RmUHcHmJeL8iJwOlDkET7fh0nl%2BZwisnnui1EORl0MbRPNDrQi0nHMWlXD%2F4dEc77h76FoPLLuLJC7RsyV6ugTTA7j87DBL7dGl32qzQaS9YaSttxtpq%2B8%2FL9epSaVZq1EWtht%2Bs8lkM6oHrU7oC8aCehiEIashc2N%2B59bkHwAAAP%2F%2FAQAA%2F%2F9vK8NQhQQAAA%3D%3D HTTP/1.1
Host: insistinestimable.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freeroms.com/
Cookie: u_pl=16560103; uid_id2=0e273592-0a6c-403e-a998-fe08a6ed360e:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecc4d53d21b4a90448b5012c00c5cfa5a2=[3364848]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 25 Oct 2022 21:32:10 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 83b59692c84614385c41989fd4734055
Strict-Transport-Security: max-age=0; includeSubdomains
www.freeroms.com/favicon.ico
64.235.54.28200 OK 1.2 kB URL HTTP/2 www.freeroms.com/favicon.ico
IP 64.235.54.28:0
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 66ccc38a036f42cb9555a65a8f0dd96d
de96c7f3b02ca03d5ab9dd57e7249e3af0a7469f
554982b40d0c899885675b5eb48e7d32b1068623e99c6d361f190427de2387f0
GET /favicon.ico HTTP/1.1
Host: www.freeroms.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freeroms.com/roms/nintendo_gamecube/rocky.htm
Cookie: _ga_FH0L8EV0R0=GS1.1.1666733526.1.0.1666733526.0.0.0; _ga=GA1.1.147655551.1666733526; dom3ic8zudi28v8lr6fgphwffqoz0j6c=0e273592-0a6c-403e-a998-fe08a6ed360e%3A3%3A1; sb_main_c4d53d21b4a90448b5012c00c5cfa5a2=1; sb_count_c4d53d21b4a90448b5012c00c5cfa5a2=1; ppu_main_ea2d5d802b867cf417198fc84113161f=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 25 Oct 2022 21:32:10 GMT
content-type: image/vnd.microsoft.icon
content-length: 1150
last-modified: Thu, 18 Dec 2014 11:03:18 GMT
etag: "5492b476-47e"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 828e18f94b117185ae1741950339f151
9e5be482e5cb0e4b214b064b936b15d2718d1c99
add008da2c5eff2e1e787e88d616cc7f3003c4ea5a5e81b9158dfa64ce290199
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "ADD008DA2C5EFF2E1E787E88D616CC7F3003C4EA5A5E81B9158DFA64CE290199"
Last-Modified: Mon, 24 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14441
Expires: Wed, 26 Oct 2022 01:32:51 GMT
Date: Tue, 25 Oct 2022 21:32:10 GMT
Connection: keep-alive
unphionetor.com/vbl?t=72747&bid=undefined&aid=undefined
139.45.197.236204 No Content 0 B URL HTTP/2 unphionetor.com/vbl?t=72747&bid=undefined&aid=undefined
IP 139.45.197.236:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /vbl?t=72747&bid=undefined&aid=undefined HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://interstitial-07.com
Connection: keep-alive
Referer: https://interstitial-07.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Tue, 25 Oct 2022 21:32:10 GMT
access-control-allow-origin: https://interstitial-07.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 60400fdf69b71d639a64d1ec74e823fb
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
insistinestimable.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.yourwebbars.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fsimple_bubbleicon%2F15%2Findex.html&l=2230&fd=54
173.233.137.36200 OK 0 B URL HTTP/1.1 insistinestimable.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.yourwebbars.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fsimple_bubbleicon%2F15%2Findex.html&l=2230&fd=54
IP 173.233.137.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.yourwebbars.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fsimple_bubbleicon%2F15%2Findex.html&l=2230&fd=54 HTTP/1.1
Host: insistinestimable.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freeroms.com/
Cookie: u_pl=16560103; uid_id2=0e273592-0a6c-403e-a998-fe08a6ed360e:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecc4d53d21b4a90448b5012c00c5cfa5a2=[3364848]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 25 Oct 2022 21:32:10 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
cdn.yourwebbars.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/index.html
104.26.6.19200 OK 596 B URL HTTP/2 cdn.yourwebbars.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/index.html
IP 104.26.6.19:0
File type HTML document, ASCII text
Hash 2bb74ed6057da5549215f27be9259978
29d846959f23ecc05066ff6d4a5a81ce43990c2c
3b13560546a94267cefba02c4ba81853c9de6e01d439c0f3550d0d712eff6717
GET /sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/index.html HTTP/1.1
Host: cdn.yourwebbars.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.freeroms.com
Connection: keep-alive
Referer: https://www.freeroms.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 25 Oct 2022 21:32:10 GMT
content-type: text/html
last-modified: Wed, 09 Feb 2022 14:12:53 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 21685
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GXyc8IXxfFkdHCwZQqjNeDB2rp5PHCC%2BYwRC%2FT2X%2Fu98BX9gKK6RL8SGoDLz7bE7GvCzlVIagvRroGsvzlZG3RD4AjyXPPrhdNUNYznZ6ZE7u%2BCX2HI0E2%2Bv%2Bp9e6CiYtel5g24%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75fe10336c9bb524-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 19132f29a8811a10f90eca2d81e5deb8
3b9e0bbf9f40f46b57dad5567b008e58b5770565
708aeab241760b108d60c1462b1979e59cf473242222e9270705ba70642b04f6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 25 Oct 2022 21:32:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/img/close.png
172.64.110.27200 OK 6.0 kB URL HTTP/2 cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/img/close.png
IP 172.64.110.27:0
File type PNG image data, 522 x 391, 8-bit/color RGBA, non-interlaced\012- data
Hash c489ce2c491a22ee37a55e26a92dfd73
2fa588ab09e94dd902e5bd24b48f98ad1949c9d6
1eed147c7d5de6291c25fbc5274830c12d5549262fb144271576d4e15966e5bd
GET /sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/img/close.png HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 25 Oct 2022 21:32:10 GMT
content-type: image/png
content-length: 5982
last-modified: Fri, 21 May 2021 10:10:48 GMT
etag: "60a78728-175e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 7212464
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3ZyIG%2B0Cc9aq4ysEH53AiQdudy0U4j1BjSO2IhH8G%2FI2QuNBCqyuDoFEFbWTvaCkR2XOxVZW3pHrhOzpMJw%2BCKPYbGRSSI%2BZS%2FNskCCzSzaM8Dpa3uPisgqlxm6fubX%2BAYM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75fe1034b8784083-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/img/number.png
172.64.110.27200 OK 1.1 kB URL HTTP/2 cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/img/number.png
IP 172.64.110.27:0
File type PNG image data, 43 x 43, 8-bit/color RGBA, non-interlaced\012- data
Hash 9e4414e85c588bf7db195e49c02ab2bb
09254e79b255f1b2dfe45adbbe44583a4b433782
0b977ec6e7cf5d35df03cd3a8041f5f523f5d4059ac67c152c0a7b613e20b762
GET /sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/img/number.png HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 25 Oct 2022 21:32:10 GMT
content-type: image/png
content-length: 1138
last-modified: Fri, 21 May 2021 10:10:48 GMT
etag: "60a78728-472"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 7212464
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EoIo0l76qgpKuSAbfsoHCqKpSpo4IDqvQStkaEz0RNyW1Vqhpf1EqTyTbsnisQcGgwqgpNNn0kcO%2BM06Tg0Se7MzDd%2BZjCMYLb%2Fnme8sXCx%2BjhUeTPP0MCLvNBg0%2B9ahy04%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75fe1034b87b4083-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/img/arrow.png
172.64.110.27200 OK 2.0 kB URL HTTP/2 cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/img/arrow.png
IP 172.64.110.27:0
File type PNG image data, 52 x 81, 8-bit/color RGBA, non-interlaced\012- data
Hash ef2bad0eceeff00bf615df0a433a5bff
a910af81d23d78c96283b46c241d3d9652562009
9c362044a93ac6919b7174a1620d4d82dbe1940a450aea1abca32a48fd160d40
GET /sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/img/arrow.png HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 25 Oct 2022 21:32:10 GMT
content-type: image/png
content-length: 2008
last-modified: Fri, 21 May 2021 10:10:48 GMT
etag: "60a78728-7d8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 7212464
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oMzmwFO16iku60cFI3Qsyksv1jxBY654VYrjJwfskYlYSCR2t4Po3LE9WkSX0%2Bb29%2Fjf6n319FMB8a90gVlLoB3ytMsFerxHCK0oGCRt9iE5kRlJPDVInOcd6wr8Qj57Ubo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75fe1034b87a4083-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/img/icon.png
172.64.110.27200 OK 157 kB URL HTTP/2 cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/img/icon.png
IP 172.64.110.27:0
File type PNG image data, 340 x 340, 8-bit/color RGB, non-interlaced\012- data
Size 157 kB (157252 bytes)
Hash 70ffdd6375de1144c67e71e385cedb80
6d5c9590fa9a156851435bcefc963949de13ceb1
18515abb1bfe26c5b54bbbdc24aac4e8a757f879eeaa9c0ad986dc0c8d5ca0af
GET /sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/img/icon.png HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 25 Oct 2022 21:32:10 GMT
content-type: image/png
content-length: 157252
last-modified: Tue, 08 Feb 2022 14:14:59 GMT
etag: "62027ae3-26644"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 7212464
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xkLwV47IEGKz2SgJ0dVCFU7GE%2F1bgE6xMlpXMKkqcKge2le4KHsZ8FTSPX9v19SiYwyTyCksn%2BV5N6QhMJjI0yekFZQHgYx3vCWiEX6gGOdNX9ipKB%2F2hN%2FrCqDMNEnUKMU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75fe1034b87d4083-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 828e18f94b117185ae1741950339f151
9e5be482e5cb0e4b214b064b936b15d2718d1c99
add008da2c5eff2e1e787e88d616cc7f3003c4ea5a5e81b9158dfa64ce290199
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "ADD008DA2C5EFF2E1E787E88D616CC7F3003C4EA5A5E81B9158DFA64CE290199"
Last-Modified: Mon, 24 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14441
Expires: Wed, 26 Oct 2022 01:32:51 GMT
Date: Tue, 25 Oct 2022 21:32:10 GMT
Connection: keep-alive
cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/css/style.css
172.64.110.27200 OK 2.7 kB URL HTTP/2 cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/css/style.css
IP 172.64.110.27:0
Hash b1c3bc3dfe24b5c49bd07ae159766bab
b93fbfa289e2ec9872b44119ba6c0e5f314af7dd
ccd36fb51bd830d35ce686f57d09e4f53c6a9a7453ffc28668abf0bae7e40a75
GET /sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/css/style.css HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.freeroms.com
Connection: keep-alive
Referer: https://www.freeroms.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 25 Oct 2022 21:32:10 GMT
content-type: text/css
last-modified: Mon, 31 Jan 2022 14:46:40 GMT
etag: W/"61f7f650-2516"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=381X6KfI1vQ%2FDU5cbk92BHe2nSqER8ClAsbzju3UiOOWwKOe%2FtkVnXYHDLPoF6kgPo9dr0EmxV9pdaqQ8LuTEXFeecqohtQvW8xssl5Pcw8SmRKm7v6nWrN3RwPIyy2GfXM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75fe103468154083-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
142.250.74.10200 OK 660 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
IP 142.250.74.10:0
Hash 5860c780c8e9daa4f852038f02b5bdc2
c75c8b4db36bffe075ce493f06d011f855d5541a
f11b9f8e851e15c0c6abd53a9994c6dcef78ceeebd0f0b8bbde610fec8332c85
GET /css?family=Roboto:300,400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 25 Oct 2022 21:32:10 GMT
date: Tue, 25 Oct 2022 21:32:10 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=www.freeroms.com
143.204.55.76200 OK 44 kB URL HTTP/2 quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=www.freeroms.com
IP 143.204.55.76:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 210f21cd0cdba23f4c24a6edfc45160d
bb6d25ba4ba20f77ad4ea23e00d6a2f399a6ee26
c1ad2641f674285b277fa439bdea7ba02618ec82f32b717a8250405cd0433e54
GET /tcfv2/cmp2.js?referer=www.freeroms.com HTTP/1.1
Host: quantcast.mgr.consensu.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freeroms.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/javascript;charset=UTF-8
access-control-max-age: 86400
last-modified: Wed, 14 Sep 2022 18:13:49 GMT
x-amz-server-side-encryption: AES256
x-amz-meta-qc-ineu: True
server: AmazonS3
access-control-allow-origin: *
access-control-allow-methods: GET
content-encoding: br
cache-control: max-age=3600
date: Tue, 25 Oct 2022 21:31:41 GMT
etag: W/"6d50b90bdafc3d438c55bd915fd5301d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: vInbcerCxk3n4jQx6xApEDQwapKF5dgyUakvDvH5snOLwgW0Pp71hg==
age: 30
X-Firefox-Spdy: h2
interstitial-07.com/?l=ooGTd9XfuscJOwV&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fnanouwho.com%2F12%3Frnd%3D481281211%26z%3D3056520%26b%3D15351299%26c%3D6229390%26var%3D%26d%3Dhttps%253A%252F%252Fsingelstodate.com%252Fbase.php%253Fc%253D840%2526key%253D26b592c4e583237185feda23c0874e89%2526zoneid%253D%257Bzoneid%257D%2526cost%253D%257Bcost%257D%2526subid%253D%2524%257BSUBID%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3DcBAILAyLr2fJp5Sbr4KgjU9ASJfnSu7zXBlmjeZLDn6QeDI-S3DJuTiI4uPBeVHw9d8sDbca78u2zot94YtqK4aTkIXpyDqEOfi3yq9YkJ467npMNQUPfcx1icHgL9oS0Xdwrd7RxApwyhUzsFdpRkjylFYysfXU2KWldMMeKBqnykDJghRt90G7p3C7NYYZeGpLi-OU9iqOcsu9hw5YBF87pgHr6ba1yzOH_yusT9-JQB5akzKOY6cU-PdtHB3JcHPt6siN99-xS9EoYyrblcyNoBfUlq3zIuoxdH1_bvhxuTBLLow8F85U54vsgDcFgrqvHQbwh6-XCGyqauhy_PdcxICwV9T3DfM9pMoLIYcLZzcwNoTxwDdk2Wc3_NxiQHevKmjRS_jYv7iA4YoHIX4FBL7n7HBnzl6hYyVvK6lHBd50ldIisZj8aLG5jr5fyzQqmtWlP_5VzSXYKpoI0jolennxjl28rprKvE6oXPYNtZD3UeRky5BgTWX2aHNWYyySo7LromtaDN59huKEcfFgZcsJMClgYUREmGCYMIQEvDMoxI8RmR23_b-t7JLuUvQGy5VShUdiXmMs-YSRJVU7h8nj3jsSrYPvUQZRY79iBSAdmP62s-bRGgkaCJSFxkSLVKLc66zCTgYQ%26bag%3Dwmm3j4qvcl4KM6pE8WclYQ%3D%3D%26ruid%3D7e5dc775-d915-4004-83c9-b95043decc9f%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fwww.freeroms.com%252Froms%252Fnintendo_gamecube%252Frocky.htm%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1268%26wiw%3D1280%26wih%3D939%26wfc%3D2%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
139.45.197.154200 OK 5.6 kB URL HTTP/2 interstitial-07.com/?l=ooGTd9XfuscJOwV&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fnanouwho.com%2F12%3Frnd%3D481281211%26z%3D3056520%26b%3D15351299%26c%3D6229390%26var%3D%26d%3Dhttps%253A%252F%252Fsingelstodate.com%252Fbase.php%253Fc%253D840%2526key%253D26b592c4e583237185feda23c0874e89%2526zoneid%253D%257Bzoneid%257D%2526cost%253D%257Bcost%257D%2526subid%253D%2524%257BSUBID%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3DcBAILAyLr2fJp5Sbr4KgjU9ASJfnSu7zXBlmjeZLDn6QeDI-S3DJuTiI4uPBeVHw9d8sDbca78u2zot94YtqK4aTkIXpyDqEOfi3yq9YkJ467npMNQUPfcx1icHgL9oS0Xdwrd7RxApwyhUzsFdpRkjylFYysfXU2KWldMMeKBqnykDJghRt90G7p3C7NYYZeGpLi-OU9iqOcsu9hw5YBF87pgHr6ba1yzOH_yusT9-JQB5akzKOY6cU-PdtHB3JcHPt6siN99-xS9EoYyrblcyNoBfUlq3zIuoxdH1_bvhxuTBLLow8F85U54vsgDcFgrqvHQbwh6-XCGyqauhy_PdcxICwV9T3DfM9pMoLIYcLZzcwNoTxwDdk2Wc3_NxiQHevKmjRS_jYv7iA4YoHIX4FBL7n7HBnzl6hYyVvK6lHBd50ldIisZj8aLG5jr5fyzQqmtWlP_5VzSXYKpoI0jolennxjl28rprKvE6oXPYNtZD3UeRky5BgTWX2aHNWYyySo7LromtaDN59huKEcfFgZcsJMClgYUREmGCYMIQEvDMoxI8RmR23_b-t7JLuUvQGy5VShUdiXmMs-YSRJVU7h8nj3jsSrYPvUQZRY79iBSAdmP62s-bRGgkaCJSFxkSLVKLc66zCTgYQ%26bag%3Dwmm3j4qvcl4KM6pE8WclYQ%3D%3D%26ruid%3D7e5dc775-d915-4004-83c9-b95043decc9f%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fwww.freeroms.com%252Froms%252Fnintendo_gamecube%252Frocky.htm%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1268%26wiw%3D1280%26wih%3D939%26wfc%3D2%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
IP 139.45.197.154:0
Hash cdd68682bae90f190dcb8daeefa36a81
b6f2e2d76c3e58099d838790817a37a7e5396a01
e316fa598c55539211d1f4e0408a0f4ab6c8e425f6cbe24cf73941c9776b53d2
GET /?l=ooGTd9XfuscJOwV&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fnanouwho.com%2F12%3Frnd%3D481281211%26z%3D3056520%26b%3D15351299%26c%3D6229390%26var%3D%26d%3Dhttps%253A%252F%252Fsingelstodate.com%252Fbase.php%253Fc%253D840%2526key%253D26b592c4e583237185feda23c0874e89%2526zoneid%253D%257Bzoneid%257D%2526cost%253D%257Bcost%257D%2526subid%253D%2524%257BSUBID%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3DcBAILAyLr2fJp5Sbr4KgjU9ASJfnSu7zXBlmjeZLDn6QeDI-S3DJuTiI4uPBeVHw9d8sDbca78u2zot94YtqK4aTkIXpyDqEOfi3yq9YkJ467npMNQUPfcx1icHgL9oS0Xdwrd7RxApwyhUzsFdpRkjylFYysfXU2KWldMMeKBqnykDJghRt90G7p3C7NYYZeGpLi-OU9iqOcsu9hw5YBF87pgHr6ba1yzOH_yusT9-JQB5akzKOY6cU-PdtHB3JcHPt6siN99-xS9EoYyrblcyNoBfUlq3zIuoxdH1_bvhxuTBLLow8F85U54vsgDcFgrqvHQbwh6-XCGyqauhy_PdcxICwV9T3DfM9pMoLIYcLZzcwNoTxwDdk2Wc3_NxiQHevKmjRS_jYv7iA4YoHIX4FBL7n7HBnzl6hYyVvK6lHBd50ldIisZj8aLG5jr5fyzQqmtWlP_5VzSXYKpoI0jolennxjl28rprKvE6oXPYNtZD3UeRky5BgTWX2aHNWYyySo7LromtaDN59huKEcfFgZcsJMClgYUREmGCYMIQEvDMoxI8RmR23_b-t7JLuUvQGy5VShUdiXmMs-YSRJVU7h8nj3jsSrYPvUQZRY79iBSAdmP62s-bRGgkaCJSFxkSLVKLc66zCTgYQ%26bag%3Dwmm3j4qvcl4KM6pE8WclYQ%3D%3D%26ruid%3D7e5dc775-d915-4004-83c9-b95043decc9f%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fwww.freeroms.com%252Froms%252Fnintendo_gamecube%252Frocky.htm%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1268%26wiw%3D1280%26wih%3D939%26wfc%3D2%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0 HTTP/1.1
Host: interstitial-07.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freeroms.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 25 Oct 2022 21:32:09 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.4.24
set-cookie: reverse=wk0ErCJuktQUAUxuahmssbKTkUH0JV_dB1b_uL8c8Sg; expires=Tue, 25-Oct-2022 22:32:09 GMT; Max-Age=3600; path=/
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/js/script.js
172.64.110.27200 OK 10 kB URL HTTP/2 cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/js/script.js
IP 172.64.110.27:0
Hash 5c1b35c5494d50cfe20118dd344375e4
d63bd05e4e7671d21e562460ea924f76661d800b
7595a55987d8b29e6b8281a94dd31317a6d9d071b536c1d800820427f3ed986d
GET /sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/js/script.js HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.freeroms.com
Connection: keep-alive
Referer: https://www.freeroms.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 25 Oct 2022 21:32:10 GMT
content-type: application/javascript
last-modified: Fri, 21 May 2021 10:10:50 GMT
etag: W/"60a7872a-2c7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bYjZmAufL3O%2FmzmX6YHVSYRj2Ec0JPPNy94m7eHLZ1IG6Cc5yJDV9KIYwFK3j2nYbpWA0aMlK6TtxvipCUVUImooH2fj1MKSiD%2Bn4ihu3J7hETZbN2I%2Bo%2BLJ4oYuAezMxUQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75fe1035697e4083-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
insistinestimable.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fsimple_bubbleicon%2F15%2Fjs%2Fscript.js&l=711&fd=247
173.233.137.36200 OK 0 B URL HTTP/1.1 insistinestimable.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fsimple_bubbleicon%2F15%2Fjs%2Fscript.js&l=711&fd=247
IP 173.233.137.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.sb4you1.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2FProgamerage%2Fsimple_bubbleicon%2F15%2Fjs%2Fscript.js&l=711&fd=247 HTTP/1.1
Host: insistinestimable.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freeroms.com/
Cookie: u_pl=16560103; uid_id2=0e273592-0a6c-403e-a998-fe08a6ed360e:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecc4d53d21b4a90448b5012c00c5cfa5a2=[3364848]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 25 Oct 2022 21:32:11 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
secure.quantserve.com/quant.js
91.228.74.206200 OK 10 kB URL HTTP/2 secure.quantserve.com/quant.js
IP 91.228.74.206:0
Hash cba4bcb819b55cd6cdcf96727fb82a2c
badcd04260ab356cc62de7dbb559beccf711506d
4bf45d28c664c58d4ea6683dac0c786a4a4ba59e3ee61e9f397f0788c16fac5e
GET /quant.js HTTP/1.1
Host: secure.quantserve.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freeroms.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 25 Oct 2022 21:32:10 GMT
content-type: application/javascript
accept-ranges: bytes
cache-control: private, max-age=604800
content-encoding: gzip
etag: "bLcVTDhl2t9kvw7/36cOxA=="
expires: Tue, 01 Nov 2022 21:32:10 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
audit-tcfv2.cmp.quantcast.com/?log=%7B%22accountId%22%3A%226JvC9xkUEfXYY%22%2C%22domain%22%3A%22www.freeroms.com%22%2C%22publisher%22%3A%22FreeROMS%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.44%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%22SflKcnZjT32PEJo7sVOMXg%22%2C%22tagVersion%22%3A%22V2%22%2C%22clientTimestamp%22%3A1666733528267%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-2s3t4pnehzol20qxm41g%22%7D
18.193.50.159200 OK 2 B URL HTTP/2 audit-tcfv2.cmp.quantcast.com/?log=%7B%22accountId%22%3A%226JvC9xkUEfXYY%22%2C%22domain%22%3A%22www.freeroms.com%22%2C%22publisher%22%3A%22FreeROMS%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.44%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%22SflKcnZjT32PEJo7sVOMXg%22%2C%22tagVersion%22%3A%22V2%22%2C%22clientTimestamp%22%3A1666733528267%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-2s3t4pnehzol20qxm41g%22%7D
IP 18.193.50.159:0
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
GET /?log=%7B%22accountId%22%3A%226JvC9xkUEfXYY%22%2C%22domain%22%3A%22www.freeroms.com%22%2C%22publisher%22%3A%22FreeROMS%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.44%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%22SflKcnZjT32PEJo7sVOMXg%22%2C%22tagVersion%22%3A%22V2%22%2C%22clientTimestamp%22%3A1666733528267%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-2s3t4pnehzol20qxm41g%22%7D HTTP/1.1
Host: audit-tcfv2.cmp.quantcast.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.freeroms.com
Connection: keep-alive
Referer: https://www.freeroms.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 25 Oct 2022 21:32:11 GMT
content-type: text/plain; charset=utf-8
content-length: 2
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash e4f7139b125683bac76c2b5638a1a643
2f84ea7104d659754e5962f88f504a7189f6f914
c9c550489201a92e8bbe162bca49d4aa6b21fa22b254a6a29502186423b3b579
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 25 Oct 2022 21:32:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash e4f7139b125683bac76c2b5638a1a643
2f84ea7104d659754e5962f88f504a7189f6f914
c9c550489201a92e8bbe162bca49d4aa6b21fa22b254a6a29502186423b3b579
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 25 Oct 2022 21:32:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.freeroms.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 19 Oct 2022 19:34:08 GMT
expires: Thu, 19 Oct 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 525483
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.freeroms.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 19 Oct 2022 19:34:08 GMT
expires: Thu, 19 Oct 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 525483
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
insistinestimable.com/pixel/sbs?c=1
173.233.137.36200 OK 0 B URL HTTP/1.1 insistinestimable.com/pixel/sbs?c=1
IP 173.233.137.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbs?c=1 HTTP/1.1
Host: insistinestimable.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freeroms.com/
Cookie: u_pl=16560103; uid_id2=0e273592-0a6c-403e-a998-fe08a6ed360e:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecc4d53d21b4a90448b5012c00c5cfa5a2=[3364848]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 25 Oct 2022 21:32:11 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash e4f7139b125683bac76c2b5638a1a643
2f84ea7104d659754e5962f88f504a7189f6f914
c9c550489201a92e8bbe162bca49d4aa6b21fa22b254a6a29502186423b3b579
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 25 Oct 2022 21:32:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
insistinestimable.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSzYscRRytTlYQPBniIYIwBxEFd7Z6vsccgjGuBDcfJIbkpvXVk3Kru5qq7unJHmQxKAERJv9B75vdLNHFD%2FBqkNlADgvCjqc5uFevipBTDjKTxdHf5fdevXd49aq%2B3MqPCEXOphcu2Q1tDFtpVmnlzVtheLayppN8UBl0Wh%2B3Gmcrrv9Ot1Wlb1U%2BUGLdrtRoSGlIw8qqdiqyg5WZCJ3udcNql1YbtWrYbGDg%2Fs99HsCzALJ%2FRE5By8nS4%2BA0tBgjiX%2B4oPx6ZtO3349zwzLr0Je7N5L1xBYJ4gWMXIAo2T12w%2FrD1Uewyc48Lmz%2FXyPXExI8eQSe7B6HBO9vz3NyA5WAy5dQ9MdQZgzNxhD2LrQ8JICQuHwFSfzgsnUFu%2FNcZTN1Qpae%2Fg1dTMjS76eRxN%2BdN3pQuW5NnmmbeAyiEnowhu6Nkeb7yDZOQBf7ENnn0PJXsvJ0DUm8fcUbCy2nr1NVa9eb3doyZS2x3KB1tcy63c5ypGiHtZSst6iaF6T1GDoaw6ghmD%2BJ3AfIdYA8CpCnAWI5rYgwDNtUCkY7XSHqsq14S9KQtaOQhbTVQS5mdxgiS4cQZgjhNpG6Tazr%2B4fNU3D5L%2FC3S3gZwGcEfVmiUASFJygYQaEJioyg6Jc70viaLx9I43MeHu%2Fa8a6XI5v1ttiOzXoqIVvpEXl53t2z7%2F%2FAuppWREM267IW8gbr0kajw5s0rAlKRVNErMlq8LqE9ifAfIANPSFn3tBI9YS88PVX4Gwf3uxD6FfA8tfAilG7RsFujxodio1kL3JKORv7qrAxpC2RZkvI7gRb5oicmeeo3%2FwTShyc%2B4Rfmvz18BmEK5G6Ep%2FqxwQ9c290zRZk%2B5otPPnxSprpWG%2Bw2ftez1imTn7zobpTWCcvXvDDh%2B%2BKmTCDex8pn62xROqk58m357WUyq1aJxT5%2BaK%2FqfjV3N8%2Bn7skT9euvrd6MU6d8l7bZAymJ4Q8OYDQE%2FLiTzvzr%2FvqF59BuzFcXiLOD8jxQNt9iHQTPl3k95bAmYWHpwGKvBy5Gl8cGk1g1IIzXsL%2Fh%2FMF3vL30HMBWHYXSVyi70r0TQlmhvD5yVGWuoNzv9XnA26CETcu2ObGmfvPy%2FV6WqlT2eYqUm2uGs1GpITkzSanIhK8LjsdgcxPxK0b038AAAD%2F%2FwEAAP%2F%2F7%2F8WuIUEAAA%3D
173.233.137.36200 OK 7 B URL HTTP/1.1 insistinestimable.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSzYscRRytTlYQPBniIYIwBxEFd7Z6vsccgjGuBDcfJIbkpvXVk3Kru5qq7unJHmQxKAERJv9B75vdLNHFD%2FBqkNlADgvCjqc5uFevipBTDjKTxdHf5fdevXd49aq%2B3MqPCEXOphcu2Q1tDFtpVmnlzVtheLayppN8UBl0Wh%2B3Gmcrrv9Ot1Wlb1U%2BUGLdrtRoSGlIw8qqdiqyg5WZCJ3udcNql1YbtWrYbGDg%2Fs99HsCzALJ%2FRE5By8nS4%2BA0tBgjiX%2B4oPx6ZtO3349zwzLr0Je7N5L1xBYJ4gWMXIAo2T12w%2FrD1Uewyc48Lmz%2FXyPXExI8eQSe7B6HBO9vz3NyA5WAy5dQ9MdQZgzNxhD2LrQ8JICQuHwFSfzgsnUFu%2FNcZTN1Qpae%2Fg1dTMjS76eRxN%2BdN3pQuW5NnmmbeAyiEnowhu6Nkeb7yDZOQBf7ENnn0PJXsvJ0DUm8fcUbCy2nr1NVa9eb3doyZS2x3KB1tcy63c5ypGiHtZSst6iaF6T1GDoaw6ghmD%2BJ3AfIdYA8CpCnAWI5rYgwDNtUCkY7XSHqsq14S9KQtaOQhbTVQS5mdxgiS4cQZgjhNpG6Tazr%2B4fNU3D5L%2FC3S3gZwGcEfVmiUASFJygYQaEJioyg6Jc70viaLx9I43MeHu%2Fa8a6XI5v1ttiOzXoqIVvpEXl53t2z7%2F%2FAuppWREM267IW8gbr0kajw5s0rAlKRVNErMlq8LqE9ifAfIANPSFn3tBI9YS88PVX4Gwf3uxD6FfA8tfAilG7RsFujxodio1kL3JKORv7qrAxpC2RZkvI7gRb5oicmeeo3%2FwTShyc%2B4Rfmvz18BmEK5G6Ep%2FqxwQ9c290zRZk%2B5otPPnxSprpWG%2Bw2ftez1imTn7zobpTWCcvXvDDh%2B%2BKmTCDex8pn62xROqk58m357WUyq1aJxT5%2BaK%2FqfjV3N8%2Bn7skT9euvrd6MU6d8l7bZAymJ4Q8OYDQE%2FLiTzvzr%2FvqF59BuzFcXiLOD8jxQNt9iHQTPl3k95bAmYWHpwGKvBy5Gl8cGk1g1IIzXsL%2Fh%2FMF3vL30HMBWHYXSVyi70r0TQlmhvD5yVGWuoNzv9XnA26CETcu2ObGmfvPy%2FV6WqlT2eYqUm2uGs1GpITkzSanIhK8LjsdgcxPxK0b038AAAD%2F%2FwEAAP%2F%2F7%2F8WuIUEAAA%3D
IP 173.233.137.36:0
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSzYscRRytTlYQPBniIYIwBxEFd7Z6vsccgjGuBDcfJIbkpvXVk3Kru5qq7unJHmQxKAERJv9B75vdLNHFD%2FBqkNlADgvCjqc5uFevipBTDjKTxdHf5fdevXd49aq%2B3MqPCEXOphcu2Q1tDFtpVmnlzVtheLayppN8UBl0Wh%2B3Gmcrrv9Ot1Wlb1U%2BUGLdrtRoSGlIw8qqdiqyg5WZCJ3udcNql1YbtWrYbGDg%2Fs99HsCzALJ%2FRE5By8nS4%2BA0tBgjiX%2B4oPx6ZtO3349zwzLr0Je7N5L1xBYJ4gWMXIAo2T12w%2FrD1Uewyc48Lmz%2FXyPXExI8eQSe7B6HBO9vz3NyA5WAy5dQ9MdQZgzNxhD2LrQ8JICQuHwFSfzgsnUFu%2FNcZTN1Qpae%2Fg1dTMjS76eRxN%2BdN3pQuW5NnmmbeAyiEnowhu6Nkeb7yDZOQBf7ENnn0PJXsvJ0DUm8fcUbCy2nr1NVa9eb3doyZS2x3KB1tcy63c5ypGiHtZSst6iaF6T1GDoaw6ghmD%2BJ3AfIdYA8CpCnAWI5rYgwDNtUCkY7XSHqsq14S9KQtaOQhbTVQS5mdxgiS4cQZgjhNpG6Tazr%2B4fNU3D5L%2FC3S3gZwGcEfVmiUASFJygYQaEJioyg6Jc70viaLx9I43MeHu%2Fa8a6XI5v1ttiOzXoqIVvpEXl53t2z7%2F%2FAuppWREM267IW8gbr0kajw5s0rAlKRVNErMlq8LqE9ifAfIANPSFn3tBI9YS88PVX4Gwf3uxD6FfA8tfAilG7RsFujxodio1kL3JKORv7qrAxpC2RZkvI7gRb5oicmeeo3%2FwTShyc%2B4Rfmvz18BmEK5G6Ep%2FqxwQ9c290zRZk%2B5otPPnxSprpWG%2Bw2ftez1imTn7zobpTWCcvXvDDh%2B%2BKmTCDex8pn62xROqk58m357WUyq1aJxT5%2BaK%2FqfjV3N8%2Bn7skT9euvrd6MU6d8l7bZAymJ4Q8OYDQE%2FLiTzvzr%2FvqF59BuzFcXiLOD8jxQNt9iHQTPl3k95bAmYWHpwGKvBy5Gl8cGk1g1IIzXsL%2Fh%2FMF3vL30HMBWHYXSVyi70r0TQlmhvD5yVGWuoNzv9XnA26CETcu2ObGmfvPy%2FV6WqlT2eYqUm2uGs1GpITkzSanIhK8LjsdgcxPxK0b038AAAD%2F%2FwEAAP%2F%2F7%2F8WuIUEAAA%3D HTTP/1.1
Host: insistinestimable.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freeroms.com/
Cookie: u_pl=16560103; uid_id2=0e273592-0a6c-403e-a998-fe08a6ed360e:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecc4d53d21b4a90448b5012c00c5cfa5a2=[3364848]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 25 Oct 2022 21:32:11 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 674bf21a37b648f9a8155aeefa4ed331
Strict-Transport-Security: max-age=0; includeSubdomains
nanouwho.com/11?rnd=367421437&z=3056520&b=15351299&var=&rqtdbc=0&rcvdbc=0&btp=7&rb=cBAILAyLr2fJp5Sbr4KgjU9ASJfnSu7zXBlmjeZLDn6QeDI-S3DJuTiI4uPBeVHw9d8sDbca78u2zot94YtqK4aTkIXpyDqEOfi3yq9YkJ467npMNQUPfcx1icHgL9oS0Xdwrd7RxApwyhUzsFdpRkjylFYysfXU2KWldMMeKBqnykDJghRt90G7p3C7NYYZeGpLi-OU9iqOcsu9hw5YBF87pgHr6ba1yzOH_yusT9-JQB5akzKOY6cU-PdtHB3JcHPt6siN99-xS9EoYyrblcyNoBfUlq3zIuoxdH1_bvhxuTBLLow8F85U54vsgDcFgrqvHQbwh6-XCGyqauhy_PdcxICwV9T3DfM9pMoLIYcLZzcwNoTxwDdk2Wc3_NxiQHevKmjRS_jYv7iA4YoHIX4FBL7n7HBnzl6hYyVvK6lHBd50ldIisZj8aLG5jr5fyzQqmtWlP_5VzSXYKpoI0jolennxjl28rprKvE6oXPYNtZD3UeRky5BgTWX2aHNWYyySo7LromtaDN59huKEcfFgZcsJMClgYUREmGCYMIQEvDMoxI8RmR23_b-t7JLuUvQGy5VShUdiXmMs-YSRJVU7h8nj3jsSrYPvUQZRY79iBSAdmP62s-bRGgkaCJSFxkSLVKLc66zCTgYQ&ruid=7e5dc775-d915-4004-83c9-b95043decc9f&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww.freeroms.com%2Froms%2Fnintendo_gamecube%2Frocky.htm&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=2&sah=1002&drf=&hil=1&ist=0&ri=1&wvd=0&wvr=1.0000&isions=1
139.45.197.242200 OK 0 B URL HTTP/2 nanouwho.com/11?rnd=367421437&z=3056520&b=15351299&var=&rqtdbc=0&rcvdbc=0&btp=7&rb=cBAILAyLr2fJp5Sbr4KgjU9ASJfnSu7zXBlmjeZLDn6QeDI-S3DJuTiI4uPBeVHw9d8sDbca78u2zot94YtqK4aTkIXpyDqEOfi3yq9YkJ467npMNQUPfcx1icHgL9oS0Xdwrd7RxApwyhUzsFdpRkjylFYysfXU2KWldMMeKBqnykDJghRt90G7p3C7NYYZeGpLi-OU9iqOcsu9hw5YBF87pgHr6ba1yzOH_yusT9-JQB5akzKOY6cU-PdtHB3JcHPt6siN99-xS9EoYyrblcyNoBfUlq3zIuoxdH1_bvhxuTBLLow8F85U54vsgDcFgrqvHQbwh6-XCGyqauhy_PdcxICwV9T3DfM9pMoLIYcLZzcwNoTxwDdk2Wc3_NxiQHevKmjRS_jYv7iA4YoHIX4FBL7n7HBnzl6hYyVvK6lHBd50ldIisZj8aLG5jr5fyzQqmtWlP_5VzSXYKpoI0jolennxjl28rprKvE6oXPYNtZD3UeRky5BgTWX2aHNWYyySo7LromtaDN59huKEcfFgZcsJMClgYUREmGCYMIQEvDMoxI8RmR23_b-t7JLuUvQGy5VShUdiXmMs-YSRJVU7h8nj3jsSrYPvUQZRY79iBSAdmP62s-bRGgkaCJSFxkSLVKLc66zCTgYQ&ruid=7e5dc775-d915-4004-83c9-b95043decc9f&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww.freeroms.com%2Froms%2Fnintendo_gamecube%2Frocky.htm&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=2&sah=1002&drf=&hil=1&ist=0&ri=1&wvd=0&wvr=1.0000&isions=1
IP 139.45.197.242:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /11?rnd=367421437&z=3056520&b=15351299&var=&rqtdbc=0&rcvdbc=0&btp=7&rb=cBAILAyLr2fJp5Sbr4KgjU9ASJfnSu7zXBlmjeZLDn6QeDI-S3DJuTiI4uPBeVHw9d8sDbca78u2zot94YtqK4aTkIXpyDqEOfi3yq9YkJ467npMNQUPfcx1icHgL9oS0Xdwrd7RxApwyhUzsFdpRkjylFYysfXU2KWldMMeKBqnykDJghRt90G7p3C7NYYZeGpLi-OU9iqOcsu9hw5YBF87pgHr6ba1yzOH_yusT9-JQB5akzKOY6cU-PdtHB3JcHPt6siN99-xS9EoYyrblcyNoBfUlq3zIuoxdH1_bvhxuTBLLow8F85U54vsgDcFgrqvHQbwh6-XCGyqauhy_PdcxICwV9T3DfM9pMoLIYcLZzcwNoTxwDdk2Wc3_NxiQHevKmjRS_jYv7iA4YoHIX4FBL7n7HBnzl6hYyVvK6lHBd50ldIisZj8aLG5jr5fyzQqmtWlP_5VzSXYKpoI0jolennxjl28rprKvE6oXPYNtZD3UeRky5BgTWX2aHNWYyySo7LromtaDN59huKEcfFgZcsJMClgYUREmGCYMIQEvDMoxI8RmR23_b-t7JLuUvQGy5VShUdiXmMs-YSRJVU7h8nj3jsSrYPvUQZRY79iBSAdmP62s-bRGgkaCJSFxkSLVKLc66zCTgYQ&ruid=7e5dc775-d915-4004-83c9-b95043decc9f&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww.freeroms.com%2Froms%2Fnintendo_gamecube%2Frocky.htm&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=2&sah=1002&drf=&hil=1&ist=0&ri=1&wvd=0&wvr=1.0000&isions=1 HTTP/1.1
Host: nanouwho.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.freeroms.com
Connection: keep-alive
Referer: https://www.freeroms.com/
Cookie: scm=1; OAID=fd2186606b544fb18120a1a6c49eee47; oaidts=1666733529
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 25 Oct 2022 21:32:14 GMT
content-type: image/jpeg
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: https://www.freeroms.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: 606f9657e5d99fb28507d592b64c28c9
access-control-expose-headers: X-Sc
set-cookie: OAID=fd2186606b544fb18120a1a6c49eee47; expires=Wed, 25 Oct 2023 21:32:14 GMT; secure; SameSite=None
oaidts=1666733529; expires=Wed, 25 Oct 2023 21:32:14 GMT; secure; SameSite=None
oaidvc=1; expires=Wed, 25 Oct 2023 21:32:14 GMT; secure; SameSite=None
CNT=1_v1_Az7qAAEAAABaSwAA; expires=Tue, 25 Oct 2022 22:32:14 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
www.freeroms.com/roms/nintendo_gamecube/rocky.htm
64.235.54.28200 OK 0 B URL HTTP/2 www.freeroms.com/roms/nintendo_gamecube/rocky.htm
IP 64.235.54.28:0
GET /roms/nintendo_gamecube/rocky.htm HTTP/1.1
Host: www.freeroms.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
date: Tue, 25 Oct 2022 21:32:07 GMT
content-type: text/html
last-modified: Tue, 25 Oct 2022 07:57:33 GMT
etag: W/"635796ed-28eb5"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
cmp.quantcast.com/choice/6JvC9xkUEfXYY/www.freeroms.com/choice.js?tag_version=V2
143.204.55.76200 OK 0 B URL HTTP/2 cmp.quantcast.com/choice/6JvC9xkUEfXYY/www.freeroms.com/choice.js?tag_version=V2
IP 143.204.55.76:0
GET /choice/6JvC9xkUEfXYY/www.freeroms.com/choice.js?tag_version=V2 HTTP/1.1
Host: cmp.quantcast.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freeroms.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Mon, 07 Mar 2022 13:38:13 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
cross-origin-resource-policy: cross-origin
content-encoding: br
cache-control: max-age=900
date: Tue, 25 Oct 2022 21:32:11 GMT
etag: W/"8903112fe1b05cb89d49d106b04c0b73"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: lMfzEvgYZawOUm-v371oc-8jQX-EEdOHTuWPUFSpa4ZP3W-E1-T2Dw==
X-Firefox-Spdy: h2
cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/js/jquery.min.js
172.64.110.27200 OK 0 B URL HTTP/2 cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/js/jquery.min.js
IP 172.64.110.27:0
GET /sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/js/jquery.min.js HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 25 Oct 2022 21:32:10 GMT
content-type: application/javascript
last-modified: Fri, 21 May 2021 10:10:50 GMT
etag: W/"60a7872a-15d94"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 7212464
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5aHIYtvbMcY4Py4K7XMoqqficF0A3WUTGAQltfxmeBF9NlhVIHxMLfVMCSxCaRiAKRk4QttOVeVzQ4vWfWAQChdtxo%2B9IydJPRPLuTQPujPymgE%2FRtuSHLTJ3AB1wZq1pEM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75fe1034b8814083-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
upgulpinon.com/1?z=5030886
139.45.197.242200 OK 0 B URL HTTP/2 upgulpinon.com/1?z=5030886
IP 139.45.197.242:0
Analyzer Verdict Alert fortinet Malware
GET /1?z=5030886 HTTP/1.1
Host: upgulpinon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freeroms.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 25 Oct 2022 21:32:09 GMT
content-type: text/javascript
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: 8e7e02540d7eb2284d9583573923d0ec
access-control-expose-headers: X-Sc
x-sc: 01oA5cYJp_HP3843PoulKqXCkU9QmRLLXugPnVcdxhj_-ULdUtJ-5U253IGgmIvcRR--V8hr3DIE9EdwIAI4dFiUmSo=
set-cookie: scm=1; expires=Wed, 25 Oct 2023 21:32:09 GMT; secure; SameSite=None
OAID=d8ac27fe02b0404c8a9f170f1226bf98; expires=Wed, 25 Oct 2023 21:32:09 GMT; secure; SameSite=None
oaidts=1666733529; expires=Wed, 25 Oct 2023 21:32:09 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
www.freeroms.com/css/style.css
64.235.54.28200 OK 0 B URL HTTP/2 www.freeroms.com/css/style.css
IP 64.235.54.28:0
GET /css/style.css HTTP/1.1
Host: www.freeroms.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freeroms.com/roms/nintendo_gamecube/rocky.htm
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 25 Oct 2022 21:32:07 GMT
content-type: text/css
last-modified: Mon, 28 Mar 2022 13:57:56 GMT
etag: W/"6241bee4-6b2f"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
www.freeroms.com/js/jquery.min.js
64.235.54.28200 OK 0 B URL HTTP/2 www.freeroms.com/js/jquery.min.js
IP 64.235.54.28:0
GET /js/jquery.min.js HTTP/1.1
Host: www.freeroms.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freeroms.com/roms/nintendo_gamecube/rocky.htm
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 25 Oct 2022 21:32:07 GMT
content-type: application/javascript
last-modified: Tue, 28 Jul 2015 06:50:01 GMT
etag: W/"55b72619-176d5"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/css/animate.css
172.64.110.27200 OK 0 B URL HTTP/2 cdn.sb4you1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/css/animate.css
IP 172.64.110.27:0
GET /sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/15/css/animate.css HTTP/1.1
Host: cdn.sb4you1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.freeroms.com
Connection: keep-alive
Referer: https://www.freeroms.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 25 Oct 2022 21:32:10 GMT
content-type: text/css
last-modified: Fri, 21 May 2021 10:10:46 GMT
etag: W/"60a78726-13591"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5mm%2BmOHG3pO1BarV10HTseRloAD0MeSvKjKrnFeI%2F%2B0j1WrEhH4mVtjRJDQQkfgBFc4CfZsaQRAbQl8zEOyf515GgtISd%2FoBmbkRF%2FXxj3Volsvlo4gNJfK2mam873p4MdY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75fe103468214083-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
dacmaiss.com/5/2881944/?oo=1&aab=1
139.45.197.237200 OK 0 B URL HTTP/2 dacmaiss.com/5/2881944/?oo=1&aab=1
IP 139.45.197.237:0
Analyzer Verdict Alert quad9 Sinkholed
GET /5/2881944/?oo=1&aab=1 HTTP/1.1
Host: dacmaiss.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.freeroms.com
Connection: keep-alive
Referer: https://www.freeroms.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 25 Oct 2022 21:32:08 GMT
content-type: application/json
x-trace-id: e2054fde1d088bde1ce4cf9242596432
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: https://www.freeroms.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=fd2186606b544fb18120a1a6c49eee47; expires=Wed, 25 Oct 2023 21:32:08 GMT; path=/; secure; SameSite=None
oaidts=1666733528; expires=Wed, 25 Oct 2023 21:32:08 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
betotodilea.com/500/3601099?excludes=&oaid=fd2186606b544fb18120a1a6c49eee47&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=2&pl=https%3A%2F%2Fwww.freeroms.com%2Froms%2Fnintendo_gamecube%2Frocky.htm&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.237200 OK 0 B URL HTTP/2 betotodilea.com/500/3601099?excludes=&oaid=fd2186606b544fb18120a1a6c49eee47&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=2&pl=https%3A%2F%2Fwww.freeroms.com%2Froms%2Fnintendo_gamecube%2Frocky.htm&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.237:0
GET /500/3601099?excludes=&oaid=fd2186606b544fb18120a1a6c49eee47&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=2&pl=https%3A%2F%2Fwww.freeroms.com%2Froms%2Fnintendo_gamecube%2Frocky.htm&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: betotodilea.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://www.freeroms.com
Connection: keep-alive
Referer: https://www.freeroms.com/
Cookie: OAID=05e9542133b644f5a2f2a6262e69af1c
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 25 Oct 2022 21:32:09 GMT
content-type: application/javascript
x-trace-id: 1d8685af8c1e4a2d90cbbb57124931ef
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://www.freeroms.com
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=fd2186606b544fb18120a1a6c49eee47; expires=Wed, 25 Oct 2023 21:32:09 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
interstitial-07.com/?l=3uJghZzgN1jXioW&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fupgulpinon.com%2F12%3Frnd%3D2207017762%26z%3D5030886%26b%3D15351282%26c%3D6229385%26var%3D%26d%3Dhttp%253A%252F%252Ftryhardnow.com%252Fbase.php%253Fc%253D350%2526key%253D2c1f9aa01554345b3025ac0d005c7bea%2526zoneid%253D%257Bzoneid%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3DPPdMAlbTnn-yc0eWZMgqIfLHnFLpuS9IiONt2ef9WdlIGrWPdRbebEax7Y81WfbFPXEpt8I4BGpcm5fDia4Io9Do4UGTAHZA2urIzbcQxugqzGvM8imr--PY7aW1NLDMozRWELJR5zRrCxuDshyphRWZumus0vxmyxzANZUIjH6iO9VvC4It2i2TjuzCrht1prUva7a8Ldkx1LK-DGS9icPmG3Gzac01C-1ZBlAQ0kZ22DRUKRtyEk0EJ1wLcNX9793-eAqEZtl2RbxpUy6ihWLAZaGNSjngYqHQ6xGO7jCjPPQW-er_yDmVgOfmZlosA6ctWRMHXAXT8UQzpJQ0sGDVgAHibVbNMxcUEZdjSjApMM-aKOHqFBazDiOqwEniIbjSSFPQQa_3GHpaQk1AJiJo_ozkyOOCleAKcsBX4tkEWT6oY3lgH0nvYC3XdZDGR_ttWrZyfQ3nK6u3CkFsB9QPh0V_3GvSRZgUieKwIBkvcHUCV8VuqExcxZ9oQzCCN_bEQsu5Oj5fhzQVHJb4Dr0EkH4-bA7SSIo3pZDuo35dVkwwycYmsq_0Ci-sx2Fh67HdDIc3uxNhLSJpEerp4HSyvawMNm9A6A74zwpmbnZ31WO7yshX9b4cqqLzIoh1UyunR1t-PN6BPoJK%26bag%3DFWuOy7mVj9dFk3oo3jPRgA%3D%3D%26ruid%3Da6b4acd5-bec6-4340-8d64-53f66a775a24%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fwww.freeroms.com%252Froms%252Fnintendo_gamecube%252Frocky.htm%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1268%26wiw%3D1280%26wih%3D939%26wfc%3D2%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
139.45.197.154200 OK 0 B URL HTTP/2 interstitial-07.com/?l=3uJghZzgN1jXioW&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fupgulpinon.com%2F12%3Frnd%3D2207017762%26z%3D5030886%26b%3D15351282%26c%3D6229385%26var%3D%26d%3Dhttp%253A%252F%252Ftryhardnow.com%252Fbase.php%253Fc%253D350%2526key%253D2c1f9aa01554345b3025ac0d005c7bea%2526zoneid%253D%257Bzoneid%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3DPPdMAlbTnn-yc0eWZMgqIfLHnFLpuS9IiONt2ef9WdlIGrWPdRbebEax7Y81WfbFPXEpt8I4BGpcm5fDia4Io9Do4UGTAHZA2urIzbcQxugqzGvM8imr--PY7aW1NLDMozRWELJR5zRrCxuDshyphRWZumus0vxmyxzANZUIjH6iO9VvC4It2i2TjuzCrht1prUva7a8Ldkx1LK-DGS9icPmG3Gzac01C-1ZBlAQ0kZ22DRUKRtyEk0EJ1wLcNX9793-eAqEZtl2RbxpUy6ihWLAZaGNSjngYqHQ6xGO7jCjPPQW-er_yDmVgOfmZlosA6ctWRMHXAXT8UQzpJQ0sGDVgAHibVbNMxcUEZdjSjApMM-aKOHqFBazDiOqwEniIbjSSFPQQa_3GHpaQk1AJiJo_ozkyOOCleAKcsBX4tkEWT6oY3lgH0nvYC3XdZDGR_ttWrZyfQ3nK6u3CkFsB9QPh0V_3GvSRZgUieKwIBkvcHUCV8VuqExcxZ9oQzCCN_bEQsu5Oj5fhzQVHJb4Dr0EkH4-bA7SSIo3pZDuo35dVkwwycYmsq_0Ci-sx2Fh67HdDIc3uxNhLSJpEerp4HSyvawMNm9A6A74zwpmbnZ31WO7yshX9b4cqqLzIoh1UyunR1t-PN6BPoJK%26bag%3DFWuOy7mVj9dFk3oo3jPRgA%3D%3D%26ruid%3Da6b4acd5-bec6-4340-8d64-53f66a775a24%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fwww.freeroms.com%252Froms%252Fnintendo_gamecube%252Frocky.htm%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1268%26wiw%3D1280%26wih%3D939%26wfc%3D2%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
IP 139.45.197.154:0
GET /?l=3uJghZzgN1jXioW&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fupgulpinon.com%2F12%3Frnd%3D2207017762%26z%3D5030886%26b%3D15351282%26c%3D6229385%26var%3D%26d%3Dhttp%253A%252F%252Ftryhardnow.com%252Fbase.php%253Fc%253D350%2526key%253D2c1f9aa01554345b3025ac0d005c7bea%2526zoneid%253D%257Bzoneid%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3DPPdMAlbTnn-yc0eWZMgqIfLHnFLpuS9IiONt2ef9WdlIGrWPdRbebEax7Y81WfbFPXEpt8I4BGpcm5fDia4Io9Do4UGTAHZA2urIzbcQxugqzGvM8imr--PY7aW1NLDMozRWELJR5zRrCxuDshyphRWZumus0vxmyxzANZUIjH6iO9VvC4It2i2TjuzCrht1prUva7a8Ldkx1LK-DGS9icPmG3Gzac01C-1ZBlAQ0kZ22DRUKRtyEk0EJ1wLcNX9793-eAqEZtl2RbxpUy6ihWLAZaGNSjngYqHQ6xGO7jCjPPQW-er_yDmVgOfmZlosA6ctWRMHXAXT8UQzpJQ0sGDVgAHibVbNMxcUEZdjSjApMM-aKOHqFBazDiOqwEniIbjSSFPQQa_3GHpaQk1AJiJo_ozkyOOCleAKcsBX4tkEWT6oY3lgH0nvYC3XdZDGR_ttWrZyfQ3nK6u3CkFsB9QPh0V_3GvSRZgUieKwIBkvcHUCV8VuqExcxZ9oQzCCN_bEQsu5Oj5fhzQVHJb4Dr0EkH4-bA7SSIo3pZDuo35dVkwwycYmsq_0Ci-sx2Fh67HdDIc3uxNhLSJpEerp4HSyvawMNm9A6A74zwpmbnZ31WO7yshX9b4cqqLzIoh1UyunR1t-PN6BPoJK%26bag%3DFWuOy7mVj9dFk3oo3jPRgA%3D%3D%26ruid%3Da6b4acd5-bec6-4340-8d64-53f66a775a24%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fwww.freeroms.com%252Froms%252Fnintendo_gamecube%252Frocky.htm%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1268%26wiw%3D1280%26wih%3D939%26wfc%3D2%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0 HTTP/1.1
Host: interstitial-07.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.freeroms.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 25 Oct 2022 21:32:10 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.4.26
set-cookie: reverse=hoGqHKzhN2-txI_6FQqPILNDmaCUFVlGoN2cIEt6uf8; expires=Tue, 25-Oct-2022 22:32:10 GMT; Max-Age=3600; path=/
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-encoding: gzip
X-Firefox-Spdy: h2
cmp.quantcast.com/GVL-v2/vendor-list-trimmed-v1.json
143.204.55.76200 OK 0 B URL HTTP/2 cmp.quantcast.com/GVL-v2/vendor-list-trimmed-v1.json
IP 143.204.55.76:0
GET /GVL-v2/vendor-list-trimmed-v1.json HTTP/1.1
Host: cmp.quantcast.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.freeroms.com
Connection: keep-alive
Referer: https://www.freeroms.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
access-control-max-age: 3000
cache-control: max-age=172800
date: Tue, 25 Oct 2022 03:00:56 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-credentials: true
last-modified: Tue, 25 Oct 2022 03:00:33 GMT
etag: W/"392d83cf316029d4698dc55bfdbd0c90"
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: br
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 162RfWT8f_Rut_LPw3vIE3JZnOuMQDPcIIcYu28Xzu2O4Tmo8Rv5mg==
age: 66675
X-Firefox-Spdy: h2